4 See also this page @ref{Новости, on russian}.
11 @command{nncp-cfgdir} does not require @code{self} section existence in
15 Ability to act as Yggdrasil network client, using online protocol on top of it.
20 @section Release 8.0.2
24 Fixed sending ability to areas.
29 @section Release 8.0.1
33 Fixed incorrect @code{freq.chunked} value calculation. If it missed,
34 then anyway chunked transfer mode was forcefully turned on.
37 Fixed incorrect full file's size calculation in @file{.nncp.meta}.
42 @section Release 8.0.0
46 @strong{Incompatible} encrypted packet format change: payload and pad
47 sizes are sent in-bound in the encrypted stream. That gives ability to
48 streamingly create encrypted packets, without knowing sizes in advance,
49 without creating temporary file or buffer data in memory.
52 Proper encrypted packet padding verification is done now. This is not
53 critical issue, but previously neither padding value, nor its size were
54 authenticated, giving ability to iteratively strip trailing bytes and
55 determine payload's size by observing the reaction of the encrypted
59 @command{nncp-exec} loses its @option{-use-tmp} option, because of
60 streaming-compatible encrypted packets format.
63 @command{nncp-file} and @command{nncp-exec} commands have
64 @option{-maxsize} option, limiting maximal resulting encrypted packet's
65 maximal size (returning error if it is exceeded). Could be useful,
66 because no payload size could be known in advance.
71 @section Release 7.7.0
75 Experimental @code{kqueue} and @code{inotify} based notifications
76 support about spool directory changes, for reducing their often reading
80 @file{.seen} and @file{.hdr} files moved to @file{seen/} and @file{hdr/}
81 subdirectories, for faster scanning of spool directories.
82 Current files migration required:
85 $ find $NNCPSPOOL -type f -name "*.hdr" -exec rm @{@} +
87 $ find $NNCPSPOOL -type d -name rx | while read rx ; do
90 find . -type f -name "*.seen" | while read fn ; do
91 mv $fn seen/$@{fn%.seen@}
95 $ find $NNCPSPOOL -type d -name area | while read area ; do
96 find $area -type f -name "*.seen" | while read fn ; do
105 @section Release 7.6.0
109 Logging may be done to specified opened file descriptor
110 (@env{$NNCPLOG=FD:5} for example).
111 That is friendly to use under @command{daemontools}.
114 Added additional checks of public keys existence in configuration file,
115 preventing some commands from failing.
120 @section Release 7.5.1
124 NNCP builds on NetBSD.
129 @section Release 7.5.0
133 @command{nncp-daemon} is compatible with UCSPI-TCP interface, so log
134 will contain remote side's address (when running under appropriate
135 utility). @option{-ucspi} option should be used instead of @option{-inetd}.
138 @command{nncp-call} can be UCSPI-TCP client, using @option{-ucspi} option.
141 Do not exit if some of MCD network interfaces can not be listened --
142 only warn about that.
147 @section Release 7.4.0
151 Fixed simultaneous @command{nncp-daemon} and @command{nncp-caller} MCD work.
156 @section Release 7.3.2
160 @command{hjson-cli} utility builds in vendor-mode now.
165 @section Release 7.3.1
169 Fixed possibly left opened file descriptor in online commands.
172 Severely decreased memory usage of MTH hashing.
177 @section Release 7.3.0
181 Fixed some workability problems on 32-bit systems with big files.
184 Ability to use directory with a bunch of files as a configuration.
185 @command{nncp-cfgdir} command appeared.
190 @section Release 7.2.1
194 Small optimizations in online commands.
199 @section Release 7.2.0
203 @command{nncp-trns} command appeared for manual transition packets creation.
206 If destination node of transitional packet has non empty @option{via}
207 route, then do not ignore, but use it.
210 Do not relay multicast packet to area message's originator, that
211 obviously has seen its own packet.
214 Much less memory usage during MTH hashing when offset is zero: when
215 packet is not resumed, but for example checked with @command{nncp-check}
221 @section Release 7.1.1
225 Fixed failing directories fsync after @file{.seen} file creation.
230 @section Release 7.1.0
234 Multicasting areas feature appeared. Implemented merely by an additional
235 plain packet type with @command{nncp-toss}, @command{nncp-file} and
236 @command{nncp-exec} commands modification.
239 Fixed workability of @command{nncp-file} and @command{nncp-exec}
240 commands, that use temporary file (stdin and @option{-use-tmp}).
243 Fixed disappearing bad return code in @command{nncp-exec} command.
246 Fixed invalid @file{.hdr} generation when transitional packets are used.
249 @option{-all} option appeared in @command{nncp-rm} command, applying to
250 all the nodes at once.
253 @option{-cycle} option appeared in @command{nncp-check} command, looping
254 the check in infinite cycle.
257 @command{nncp-rm} command can take node alias name.
260 @command{nncp-pkt} can parse @file{.hdr} files.
265 @section Release 7.0.0
269 Minimal required Go version 1.13.
272 Merkle Tree-based Hashing with BLAKE3 (MTH) is used instead of BLAKE2b.
273 Because of that, there are backward @strong{incompatible} changes of
274 encrypted files (everything laying in the spool directory) and
275 @file{.meta} files of chunked transfer.
277 Current implementation is far from being optimal: it lacks
278 parallelizable calculations and has higher memory consumption: nearly
279 512 KiB for each 1 GiB of file's data. Future performance and memory
280 size optimizations should not lead to packet's format change. But it is
281 still several times faster than BLAKE2b.
284 Resumed online downloads, because of MTH, require reading only of the
285 preceding part of file, not the whole one as was before.
288 @command{nncp-hash} utility appeared for calculating file's MTH hash.
291 BLAKE2 KDF and XOF functions are replaced with BLAKE3 in encrypted
292 packets. Lowering number of used primitives. Also, its encrypted
293 packet's header is used as an associated data during encryption.
296 MultiCast Discovery uses
297 @verb{|ff02::4e4e:4350|} address instead of @verb{|ff02::1|}.
300 @command{nncp-cfgenc} mistakenly asked passphrase three times during encryption.
303 @command{nncp-stat} reports about partly downloaded packets.
306 Updated dependencies.
311 @section Release 6.6.0
315 @command{nncp-daemon}, @command{nncp-call} and @command{nncp-caller}
316 commands wait for all background checksummers completion after
317 connection is finished.
320 Added possibility of address determining through multicast announcement
321 in local area network, so called MCD (MultiCast Discovery).
326 @section Release 6.5.0
330 Fixed segfault in @command{nncp-daemon} when SP handshake did not succeed.
333 Fixed possible bad return code ignoring in automatic tosser.
336 Fixed race during file descriptors closing when online protocol call is
337 finished, that could lead to write error of received packet fragment.
340 Kill all packet transmission progress bars in @command{nncp-daemon},
341 @command{nncp-call} and @command{nncp-caller} when call is finished.
346 @section Release 6.4.0
350 Fixed possible race in online protocol, that lead to panic.
355 @section Release 6.3.0
359 Fixed possible panic while showing progress during online protocol.
364 @section Release 6.2.1
368 Three places in logs contained excess @code{%s}.
373 @section Release 6.2.0
377 Returned @command{nncp-caller}'s @option{-autotoss*} options workability.
380 Yet another logging refactoring and simplification.
381 Should be no visible differences to the end user.
386 @section Release 6.1.0
390 Optimization: most commands do not keep opened file descriptors now.
391 Previously you can exceed maximal number of opened files if you have got
392 many packets in the spool directory.
395 Optimization: do not close file descriptor of the file we download
396 online. Previously each chunk lead to expensive open/close calls.
399 Online downloaded files are saved with @file{.nock} (non-checksummed)
400 suffix, waiting either for @command{nncp-check}, or online daemons to
401 perform integrity check.
404 Optimization: files, that are not resumed, are checksummed immediately
405 during the online download, skipping @file{.nock}-intermediate step.
408 Ability to store encrypted packet's header in @file{.hdr} file, close to
409 the packet itself. That can greatly increase performance of packets
410 listing on filesystems with big block's size.
415 @section Release 6.0.0
419 Log uses human readable and easy machine parseable
420 @url{https://www.gnu.org/software/recutils/, recfile} format for the
421 records, instead of structured RFC 3339 lines. Old logs are not readable
422 by @command{nncp-log} anymore.
425 @option{-autotoss*} option workability with @command{nncp-daemon}'s
426 @option{-inetd} mode.
429 Call's @option{when-tx-exists} allows to make a call only when outbound
430 packets exists. Combined with seconds-aware cron expression that can be
431 used as some kind of auto dialler.
434 @command{nncp-cronexpr} command allows you to check validity and
435 expectations of specified cron expression.
440 @section Release 5.6.0
444 @option{-autotoss*} option runs tosser not after the call, but every
445 second while it is active.
448 @option{autotoss}, @option{autotoss-doseen},
449 @option{autotoss-nofile}, @option{autotoss-nofreq},
450 @option{autotoss-noexec}, @option{autotoss-notrns} options available in
451 @option{calls} configuration section. You can configure per-call
452 automatic tosser options.
455 Use vendoring, instead of @env{$GOPATH} overriding during tarball
456 installation, because current minimal Go's version is 1.12 and it
462 @section Release 5.5.1
466 Respect for @env{$BINDIR}, @env{$INFODIR} and @env{$DOCDIR} environment
467 variables in @file{config} during installation.
472 @section Release 5.5.0
476 Bugfixes in @command{nncp-call(er)}/@command{nncp-daemon},
477 @command{nncp-bundle} and @command{nncp-stat}.
480 @command{nncp-rm} has @option{-dryrun} and @option{-older} options now.
483 @command{nncp-exec} has @option{-use-tmp} and @option{-nocompress}
484 options now. Uncompressed packets are not compatible with previous NNCP
488 @command{nncp-call}, @command{nncp-caller} and @command{nncp-daemon} commands
489 have @option{-autotoss*} options for running tosser after call is ended.
492 Updated dependencies. Minimal required Go version is 1.12.
497 @section Release 5.4.1
501 Fixed @code{SENDMAIL} variable usage during the build.
506 @section Release 5.4.0
510 Updated dependencies.
513 Build system is moved from Makefiles to @url{http://cr.yp.to/redo.html, redo}.
514 This should not influence package maintainers, because minimal @command{redo}
515 implementation is included in tarball.
520 @section Release 5.3.3
524 More various error checks.
527 Updated dependencies.
532 @section Release 5.3.2
536 Fixed incorrect logic of @option{onlinedeadline} timeout, where
537 connection won't take into account incoming packets events and will
538 forcefully disconnect.
543 @section Release 5.3.1
547 Fixed @option{onlinedeadline} workability with call addresses that use
548 external commands (@verb{#"|somecmd"#}).
551 @command{nncp-stat} has @option{-pkt} option displaying information
552 about each packet in the spool.
557 @section Release 5.3.0
561 Progress messages contain prefix, describing the running action.
564 Fixed not occurring handshake messages padding.
567 Finish all SP protocol related goroutines, less memory leak.
570 SP protocol generates less socket write calls, thus generating less TCP
574 Check @option{onlinedeadline} and @option{maxonlinetime} options every
575 second, independently from socket reads (up to 10 seconds).
578 Once per minute, if no other traffic exists, PING packets are sent in
579 SP-connection. That allows faster determining of connection unworkability.
582 @command{nncp-toss} uses lock-file to prevent simultaneous tossing.
587 @section Release 5.2.1
591 Fixed SP protocol error handling, sometimes causing program panic.
596 @section Release 5.2.0
600 Most commands by default show oneline operations progress.
601 @option{-progress}, @option{-noprogress} command line options,
602 @option{noprogress} configuration file option appeared.
605 Fixed incorrect @command{nncp-check} command return code, that returned
606 bad code when everything is good.
609 Free disk space check during @command{nncp-bundle -rx} call.
614 @section Release 5.1.2
618 @strong{Critical} vulnerability: remote peers authentication could lead
619 to incorrect identification of remote side, allowing foreign encrypted
623 Bugfix: private and public Noise keys were swapped in newly created
624 configuration files, that lead to inability to authenticate online peers.
627 Explicit directories fsync-ing for guaranteed files renaming.
632 @section Release 5.1.1
636 Fixed workability of @command{nncp-file} with @option{-chunked 0} option.
641 @section Release 5.1.0
645 @command{nncp-file} can send directories, automatically creating pax
649 Free disk space is checked during outbound packets creation.
652 @option{freq}, @option{freqminsize}, @option{freqchunked} configuration
653 file options replaced with the structure:
654 @option{freq: @{path: @dots{}, minsize: @dots{}, chunked: @dots{}@}}.
657 Added @option{freq.maxsize} configuration file option, forbidding of
658 freq sending larger than specified size.
661 Ability to notify about successfully executed commands (exec) with
662 @option{notify.exec} configuration file option.
667 @section Release 5.0.0
671 @strong{Incompatible} configuration file format change: YAML is
672 replaced with Hjson, due to its simplicity, without noticeable lack
673 of either functionality or convenience.
676 @strong{Incompatible} plain packet format changes. Older versions are
677 not supported. @code{zlib} compression is replaced with
678 @code{Zstandard}, due to its speed and efficiency, despite library
679 version is not mature enough.
682 Ability to call remote nodes via pipe call of external command, not only
686 @command{nncp-cfgnew} generates configuration file with many
687 comments. @option{-nocomments} option can be used for an old
691 Duplicate filenames have @file{.CTR} suffix, instead of @file{CTR}, to
692 avoid possible collisions with @file{.nncp.chunkCTR}.
695 Ability to override process umask through configuration file option.
698 Files and directories are created with 666/777 permissions by default,
699 allowing control with @command{umask}.
702 Updated dependencies.
705 Full usage of go modules for dependencies management
706 (@code{go.cypherpunks.ru/nncp/v5} namespace is used).
709 Forbid any later GNU GPL version autousage
710 (project's licence now is GNU GPLv3-only).
717 @item Workability on GNU/Linux systems and Go 1.10 is fixed.
725 @strong{Incompatible} encrypted and eblob packet format change: AEAD
726 encryption mode with 128 KiB blocks is used now, because previously
727 @command{nncp-toss} did not verify encrypted packet's MAC before feeding
728 decrypted data to external command. Older versions are not supported.
731 Available free space checking before copying in @command{nncp-xfer},
732 @command{nncp-daemon}, @command{nncp-call(er)}.
735 @command{nncp-call} has ability only to list packets on remote node,
736 without their transmission.
739 @command{nncp-call} has ability to transfer only specified packets.
742 Workability of @option{xxrate} preference in @option{calls}
743 configuration file section.
746 Dependant libraries are updated.
752 Begin using of @code{go.mod} subsystem.
759 @item @command{nncp-daemon} can be run as @command{inetd}-service.
767 @command{nncp-daemon}, @command{nncp-call}, @command{nncp-caller} check
768 if @file{.seen} exists and treat it like file was already downloaded.
769 Possibly it was transferred out-of-bound and remote side needs to be
773 If higher priority packet is spooled, then @command{nncp-daemon} will
774 queue its sending first, interrupting lower priority transmissions.
777 Simple packet rate limiter added to online-related tools
778 (@command{nncp-daemon}, @command{nncp-call}, @command{nncp-caller}).
781 Ability to specify niceness with symbolic notation:
782 @verb{|NORMAL|}, @verb{|BULK+10|}, @verb{|PRIORITY-5|}, etc.
785 Changed default niceness levels:
786 for @command{nncp-exec} from 64 to 96,
787 for @command{nncp-freq} from 64 to 160,
788 for @command{nncp-file} from 196 to 224.
796 @strong{Incompatible} @emph{bundle} archive format changes and
797 @command{nncp-bundle} workability with Go 1.10+. Bundles must be
798 valid tar archives, but Go 1.9 made them invalid because of long paths
799 inside. NNCP accidentally was dependant on that bug. Explicit adding of
800 @file{NNCP/} directory in archive restores workability with valid tar
808 Ability to disable relaying at all using @verb{|-via -|} command line option.
816 @strong{Incompatible} plain packet format changes. Older versions are
820 Ability to queue remote command execution, by configuring @option{exec}
821 option in configuration file and using @command{nncp-exec} command:
824 @command{nncp-mail} command is replaced with more flexible
825 @command{nncp-exec}. Instead of @verb{|nncp-mail NODE RECIPIENT|}
826 you must use @verb{|nncp-exec NODE sendmail RECIPIENT|}.
828 @option{sendmail} configuration file option is replaced with
829 @option{exec}. @verb{|sendmail: [...]|} must be replaced with
830 @verb{|exec: sendmail: [...]|}.
834 Ability to override @option{via} configuration option for destination
835 node via @option{-via} command line option for following commands:
836 @command{nncp-file}, @command{nncp-freq}, @command{nncp-exec}.
839 Chunked files, having size less than specified chunk size, will be sent
840 as an ordinary single file.
843 Exec commands are invoked with additional @env{$NNCP_NICE} and
844 @env{$NNCP_SELF} environment variables.
847 Files, that are sent as a reply to freq, have niceness level taken from
848 the freq packet. You can set desired niceness during @command{nncp-freq}
849 invocation using @option{-replynice} option.
852 @command{nncp-toss} command can ignore specified packet types during
853 processing: @option{-nofile}, @option{-nofreq}, @option{-noexec},
857 @command{nncp-file} command uses
858 @option{FreqMinSize}/@option{FreqChunked} configuration file options
859 for @option{-minsize}/@option{-chunked} by default. You can turn this
860 off by specifying zero value.
869 @strong{Incompatible} encrypted/eblob packet format changes. Older
870 versions are not supported.
873 Twofish encryption algorithm is replaced with ChaCha20. It is much more
874 faster. One cryptographic primitive less.
877 HKDF-BLAKE2b-256 KDF algorithm is replaced with BLAKE2Xb XOF. Yet
878 another cryptographic primitive less (assuming that BLAKE2X is nearly
879 identical to BLAKE2).
888 @strong{Incompatible} encrypted packet format changes. Older versions
892 @command{nncp-bundle} command can either create stream of encrypted
893 packets, or digest it. It is useful when dealing with
894 @code{stdin}/@code{stdout} based transmission methods (like writing to
895 CD-ROM without intermediate prepared ISO image and working with tape
899 @command{nncp-toss} is able to create @file{.seen} files preventing
900 duplicate packets receiving.
903 Single background checksum verifier worker is allowed in
904 @command{nncp-call}. This is helpful when thousands of small inbound
905 packets could create many goroutines.
908 Ability to override path to spool directory and logfile through either
909 command line argument, or environment variable.
912 @command{nncp-rm} is able to delete outbound/inbound, @file{.seen},
913 @file{.part}, @file{.lock} and temporary files.
918 @section Release 0.12
920 @item Sendmail command is called with @env{$NNCP_SENDER} environment variable.
924 @section Release 0.11
926 @item @command{nncp-stat}'s command output is sorted by node name.
930 @section Release 0.10
933 @command{nncp-freq}'s @file{DST} argument is optional now. Last
934 @file{SRC} path's element will be used by default.
941 Fix @option{-rx}/@option{-tx} arguments processing in
942 @command{nncp-call} command. They were ignored.
949 Little bugfix in @command{nncp-file} command, where @option{-minsize}
950 option for unchunked transfer was not in KiBs, but in bytes.
958 Ability to feed @command{nncp-file} from @code{stdin}, that uses an
959 encrypted temporary file for that.
962 Chunked files transmission appeared with corresponding
963 @command{nncp-reass} command and @option{freqchunked} configuration file
964 entry. Useful for transferring big files over small storage devices.
967 @option{freqminsize} configuration file option, analogue to
968 @option{-minsize} one.
971 @command{nncp-xfer}'s @option{-force} option is renamed to
972 @option{-mkdir} for clarity.
975 @option{-minsize} option is specified in KiBs, not bytes, for
979 @command{nncp-newcfg} command is renamed to @command{nncp-cfgnew},
980 and @command{nncp-mincfg} to @command{nncp-cfgmin} -- now they have
981 common prefix and are grouped together for convenience.
984 @command{nncp-cfgenc} command appeared, allowing configuration file
985 encryption/decryption, for keeping it safe without any either OpenPGP or
989 Cryptographic libraries (dependencies) are updated.
996 @item Small @command{nncp-rm} command appeared.
997 @item Cryptographic libraries (dependencies) are updated.
1001 @section Release 0.5
1004 Trivial small fix in default niceness level of @command{nncp-file}
1005 and @command{nncp-freq} commands.
1009 @section Release 0.4
1013 Small fix in @command{nncp-call}, @command{nncp-caller},
1014 @command{nncp-daemon}: they can segmentation fail sometimes (no data is
1018 @command{nncp-newnode} renamed to @command{nncp-newcfg} -- it is shorter
1019 and more convenient to use.
1022 @command{nncp-mincfg} command appeared: helper allowing to create
1023 minimalistic stripped down configuration file without private keys, that
1024 is useful during @command{nncp-xfer} usage.
1029 @section Release 0.3
1031 @item Fixed compatibility with Go 1.6.
1035 @section Release 0.2
1039 @strong{Incompatible} packet's format change (magic number is changed
1040 too): size field is encrypted and is not send in plaintext anymore.
1043 @option{-minsize} option gives ability to automatically pad outgoing
1044 packets to specified minimal size.
1047 @command{nncp-daemon} and @command{nncp-call}/@command{nncp-caller}
1048 always check new @emph{tx} packets appearance in the background while
1049 connected. Remote side is immediately notified.
1052 @option{-onlinedeadline} option gives ability to configure timeout of
1053 inactivity of online connection, when it could be disconnected. It could
1054 be used to keep connection alive for a long time.
1057 @option{-maxonlinetime} option gives ability to set maximal allowable
1058 online connection aliveness time.
1061 @command{nncp-caller} command appeared: cron-ed TCP daemon caller.
1064 @command{nncp-pkt} command can decompress the data.