4 See also this page @ref{Новости, on russian}.
11 Minimal required Go version 1.13.
14 Merkle Tree-based Hashing with BLAKE3 (MTH) is used instead of BLAKE2b.
15 Because of that, there are backward @strong{incompatible} changes of
16 encrypted files (everything laying in the spool directory) and
17 @file{.meta} files of chunked transfer.
19 Current implementation is far from being optimal: it lacks
20 parallelizable calculations and has higher memory consumption: nearly
21 512 KiB for each 1 GiB of file's data. Future performance and memory
22 size optimizations should not lead to packet's format change. But it is
23 still several times faster than BLAKE2b.
26 Resumed online downloads, because of MTH, require reading only of the
27 preceding part of file, not the whole one as was before.
30 @command{nncp-hash} utility appeared for calculating file's MTH hash.
33 BLAKE2 KDF and XOF functions are replaced with BLAKE3 in encrypted
34 packets. Lowering number of used primitives. Also, its encrypted
35 packet's header is used as an associated data during encryption.
38 MultiCast Discovery uses
39 @verb{|ff02::4e4e:4350|} address instead of @verb{|ff02::1|}.
42 @command{nncp-cfgenc} mistakenly asked passphrase three times during encryption.
45 @command{nncp-stat} reports about partly downloaded packets.
53 @section Release 6.6.0
57 @command{nncp-daemon}, @command{nncp-call} and @command{nncp-caller}
58 commands wait for all background checksummers completion after
59 connection is finished.
62 Added possibility of address determining through multicast announcement
63 in local area network, so called MCD (MultiCast Discovery).
68 @section Release 6.5.0
72 Fixed segfault in @command{nncp-daemon} when SP handshake did not succeed.
75 Fixed possible bad return code ignoring in automatic tosser.
78 Fixed race during file descriptors closing when online protocol call is
79 finished, that could lead to write error of received packet fragment.
82 Kill all packet transmission progress bars in @command{nncp-daemon},
83 @command{nncp-call} and @command{nncp-caller} when call is finished.
88 @section Release 6.4.0
92 Fixed possible race in online protocol, that lead to panic.
97 @section Release 6.3.0
101 Fixed possible panic while showing progress during online protocol.
106 @section Release 6.2.1
110 Three places in logs contained excess @code{%s}.
115 @section Release 6.2.0
119 Returned @command{nncp-caller}'s @option{-autotoss*} options workability.
122 Yet another logging refactoring and simplification.
123 Should be no visible differences to the end user.
128 @section Release 6.1.0
132 Optimization: most commands do not keep opened file descriptors now.
133 Previously you can exceed maximal number of opened files if you have got
134 many packets in the spool directory.
137 Optimization: do not close file descriptor of the file we download
138 online. Previously each chunk lead to expensive open/close calls.
141 Online downloaded files are saved with @file{.nock} (non-checksummed)
142 suffix, waiting either for @command{nncp-check}, or online daemons to
143 perform integrity check.
146 Optimization: files, that are not resumed, are checksummed immediately
147 during the online download, skipping @file{.nock}-intermediate step.
150 Ability to store encrypted packet's header in @file{.hdr} file, close to
151 the packet itself. That can greatly increase performance of packets
152 listing on filesystems with big block's size.
157 @section Release 6.0.0
161 Log uses human readable and easy machine parseable
162 @url{https://www.gnu.org/software/recutils/, recfile} format for the
163 records, instead of structured RFC 3339 lines. Old logs are not readable
164 by @command{nncp-log} anymore.
167 @option{-autotoss*} option workability with @command{nncp-daemon}'s
168 @option{-inetd} mode.
171 Call's @option{when-tx-exists} allows to make a call only when outbound
172 packets exists. Combined with seconds-aware cron expression that can be
173 used as some kind of auto dialler.
176 @command{nncp-cronexpr} command allows you to check validity and
177 expectations of specified cron expression.
182 @section Release 5.6.0
186 @option{-autotoss*} option runs tosser not after the call, but every
187 second while it is active.
190 @option{autotoss}, @option{autotoss-doseen},
191 @option{autotoss-nofile}, @option{autotoss-nofreq},
192 @option{autotoss-noexec}, @option{autotoss-notrns} options available in
193 @option{calls} configuration section. You can configure per-call
194 automatic tosser options.
197 Use vendoring, instead of @env{GOPATH} overriding during tarball
198 installation, because current minimal Go's version is 1.12 and it
204 @section Release 5.5.1
208 Respect for @env{BINDIR}, @env{INFODIR} and @env{DOCDIR} environment
209 variables in @file{config} during installation.
214 @section Release 5.5.0
218 Bugfixes in @command{nncp-call(er)}/@command{nncp-daemon},
219 @command{nncp-bundle} and @command{nncp-stat}.
222 @command{nncp-rm} has @option{-dryrun} and @option{-older} options now.
225 @command{nncp-exec} has @option{-use-tmp} and @option{-nocompress}
226 options now. Uncompressed packets are not compatible with previous NNCP
230 @command{nncp-call}, @command{nncp-caller} and @command{nncp-daemon} commands
231 have @option{-autotoss*} options for running tosser after call is ended.
234 Updated dependencies. Minimal required Go version is 1.12.
239 @section Release 5.4.1
243 Fixed @code{SENDMAIL} variable usage during the build.
248 @section Release 5.4.0
252 Updated dependencies.
255 Build system is moved from Makefiles to @url{http://cr.yp.to/redo.html, redo}.
256 This should not influence package maintainers, because minimal @command{redo}
257 implementation is included in tarball.
262 @section Release 5.3.3
266 More various error checks.
269 Updated dependencies.
274 @section Release 5.3.2
278 Fixed incorrect logic of @option{onlinedeadline} timeout, where
279 connection won't take into account incoming packets events and will
280 forcefully disconnect.
285 @section Release 5.3.1
289 Fixed @option{onlinedeadline} workability with call addresses that use
290 external commands (@verb{#"|somecmd"#}).
293 @command{nncp-stat} has @option{-pkt} option displaying information
294 about each packet in the spool.
299 @section Release 5.3.0
303 Progress messages contain prefix, describing the running action.
306 Fixed not occurring handshake messages padding.
309 Finish all SP protocol related goroutines, less memory leak.
312 SP protocol generates less socket write calls, thus generating less TCP
316 Check @option{onlinedeadline} and @option{maxonlinetime} options every
317 second, independently from socket reads (up to 10 seconds).
320 Once per minute, if no other traffic exists, PING packets are sent in
321 SP-connection. That allows faster determining of connection unworkability.
324 @command{nncp-toss} uses lock-file to prevent simultaneous tossing.
329 @section Release 5.2.1
333 Fixed SP protocol error handling, sometimes causing program panic.
338 @section Release 5.2.0
342 Most commands by default show oneline operations progress.
343 @option{-progress}, @option{-noprogress} command line options,
344 @option{noprogress} configuration file option appeared.
347 Fixed incorrect @command{nncp-check} command return code, that returned
348 bad code when everything is good.
351 Free disk space check during @command{nncp-bundle -rx} call.
356 @section Release 5.1.2
360 @strong{Critical} vulnerability: remote peers authentication could lead
361 to incorrect identification of remote side, allowing foreign encrypted
365 Bugfix: private and public Noise keys were swapped in newly created
366 configuration files, that lead to inability to authenticate online peers.
369 Explicit directories fsync-ing for guaranteed files renaming.
374 @section Release 5.1.1
378 Fixed workability of @command{nncp-file} with @option{-chunked 0} option.
383 @section Release 5.1.0
387 @command{nncp-file} can send directories, automatically creating pax
391 Free disk space is checked during outbound packets creation.
394 @option{freq}, @option{freqminsize}, @option{freqchunked} configuration
395 file options replaced with the structure:
396 @option{freq: @{path: ..., minsize: ..., chunked: ...@}}.
399 Added @option{freq.maxsize} configuration file option, forbidding of
400 freq sending larger than specified size.
403 Ability to notify about successfully executed commands (exec) with
404 @option{notify.exec} configuration file option.
409 @section Release 5.0.0
413 @strong{Incompatible} configuration file format change: YAML is
414 replaced with Hjson, due to its simplicity, without noticeable lack
415 of either functionality or convenience.
418 @strong{Incompatible} plain packet format changes. Older versions are
419 not supported. @code{zlib} compression is replaced with
420 @code{Zstandard}, due to its speed and efficiency, despite library
421 version is not mature enough.
424 Ability to call remote nodes via pipe call of external command, not only
428 @command{nncp-cfgnew} generates configuration file with many
429 comments. @option{-nocomments} option can be used for an old
433 Duplicate filenames have @file{.CTR} suffix, instead of @file{CTR}, to
434 avoid possible collisions with @file{.nncp.chunkCTR}.
437 Ability to override process umask through configuration file option.
440 Files and directories are created with 666/777 permissions by default,
441 allowing control with @command{umask}.
444 Updated dependencies.
447 Full usage of go modules for dependencies management
448 (@code{go.cypherpunks.ru/nncp/v5} namespace is used).
451 Forbid any later GNU GPL version autousage
452 (project's licence now is GNU GPLv3-only).
459 @item Workability on GNU/Linux systems and Go 1.10 is fixed.
467 @strong{Incompatible} encrypted and eblob packet format change: AEAD
468 encryption mode with 128 KiB blocks is used now, because previously
469 @command{nncp-toss} did not verify encrypted packet's MAC before feeding
470 decrypted data to external command. Older versions are not supported.
473 Available free space checking before copying in @command{nncp-xfer},
474 @command{nncp-daemon}, @command{nncp-call(er)}.
477 @command{nncp-call} has ability only to list packets on remote node,
478 without their transmission.
481 @command{nncp-call} has ability to transfer only specified packets.
484 Workability of @option{xxrate} preference in @option{calls}
485 configuration file section.
488 Dependant libraries are updated.
494 Begin using of @code{go.mod} subsystem.
501 @item @command{nncp-daemon} can be run as @command{inetd}-service.
509 @command{nncp-daemon}, @command{nncp-call}, @command{nncp-caller} check
510 if @file{.seen} exists and treat it like file was already downloaded.
511 Possibly it was transferred out-of-bound and remote side needs to be
515 If higher priority packet is spooled, then @command{nncp-daemon} will
516 queue its sending first, interrupting lower priority transmissions.
519 Simple packet rate limiter added to online-related tools
520 (@command{nncp-daemon}, @command{nncp-call}, @command{nncp-caller}).
523 Ability to specify niceness with symbolic notation:
524 @verb{|NORMAL|}, @verb{|BULK+10|}, @verb{|PRIORITY-5|}, etc.
527 Changed default niceness levels:
528 for @command{nncp-exec} from 64 to 96,
529 for @command{nncp-freq} from 64 to 160,
530 for @command{nncp-file} from 196 to 224.
538 @strong{Incompatible} @emph{bundle} archive format changes and
539 @command{nncp-bundle} workability with Go 1.10+. Bundles must be
540 valid tar archives, but Go 1.9 made them invalid because of long paths
541 inside. NNCP accidentally was dependant on that bug. Explicit adding of
542 @file{NNCP/} directory in archive restores workability with valid tar
550 Ability to disable relaying at all using @verb{|-via -|} command line option.
558 @strong{Incompatible} plain packet format changes. Older versions are
562 Ability to queue remote command execution, by configuring @option{exec}
563 option in configuration file and using @command{nncp-exec} command:
566 @command{nncp-mail} command is replaced with more flexible
567 @command{nncp-exec}. Instead of @verb{|nncp-mail NODE RECIPIENT|}
568 you must use @verb{|nncp-exec NODE sendmail RECIPIENT|}.
570 @option{sendmail} configuration file option is replaced with
571 @option{exec}. @verb{|sendmail: [...]|} must be replaced with
572 @verb{|exec: sendmail: [...]|}.
576 Ability to override @option{via} configuration option for destination
577 node via @option{-via} command line option for following commands:
578 @command{nncp-file}, @command{nncp-freq}, @command{nncp-exec}.
581 Chunked files, having size less than specified chunk size, will be sent
582 as an ordinary single file.
585 Exec commands are invoked with additional @env{NNCP_NICE} and
586 @env{NNCP_SELF} environment variables.
589 Files, that are sent as a reply to freq, have niceness level taken from
590 the freq packet. You can set desired niceness during @command{nncp-freq}
591 invocation using @option{-replynice} option.
594 @command{nncp-toss} command can ignore specified packet types during
595 processing: @option{-nofile}, @option{-nofreq}, @option{-noexec},
599 @command{nncp-file} command uses
600 @option{FreqMinSize}/@option{FreqChunked} configuration file options
601 for @option{-minsize}/@option{-chunked} by default. You can turn this
602 off by specifying zero value.
611 @strong{Incompatible} encrypted/eblob packet format changes. Older
612 versions are not supported.
615 Twofish encryption algorithm is replaced with ChaCha20. It is much more
616 faster. One cryptographic primitive less.
619 HKDF-BLAKE2b-256 KDF algorithm is replaced with BLAKE2Xb XOF. Yet
620 another cryptographic primitive less (assuming that BLAKE2X is nearly
621 identical to BLAKE2).
630 @strong{Incompatible} encrypted packet format changes. Older versions
634 @command{nncp-bundle} command can either create stream of encrypted
635 packets, or digest it. It is useful when dealing with
636 @code{stdin}/@code{stdout} based transmission methods (like writing to
637 CD-ROM without intermediate prepared ISO image and working with tape
641 @command{nncp-toss} is able to create @file{.seen} files preventing
642 duplicate packets receiving.
645 Single background checksum verifier worker is allowed in
646 @command{nncp-call}. This is helpful when thousands of small inbound
647 packets could create many goroutines.
650 Ability to override path to spool directory and logfile through either
651 command line argument, or environment variable.
654 @command{nncp-rm} is able to delete outbound/inbound, @file{.seen},
655 @file{.part}, @file{.lock} and temporary files.
660 @section Release 0.12
662 @item Sendmail command is called with @env{NNCP_SENDER} environment variable.
666 @section Release 0.11
668 @item @command{nncp-stat}'s command output is sorted by node name.
672 @section Release 0.10
675 @command{nncp-freq}'s @file{DST} argument is optional now. Last
676 @file{SRC} path's element will be used by default.
683 Fix @option{-rx}/@option{-tx} arguments processing in
684 @command{nncp-call} command. They were ignored.
691 Little bugfix in @command{nncp-file} command, where @option{-minsize}
692 option for unchunked transfer was not in KiBs, but in bytes.
700 Ability to feed @command{nncp-file} from @code{stdin}, that uses an
701 encrypted temporary file for that.
704 Chunked files transmission appeared with corresponding
705 @command{nncp-reass} command and @option{freqchunked} configuration file
706 entry. Useful for transferring big files over small storage devices.
709 @option{freqminsize} configuration file option, analogue to
710 @option{-minsize} one.
713 @command{nncp-xfer}'s @option{-force} option is renamed to
714 @option{-mkdir} for clarity.
717 @option{-minsize} option is specified in KiBs, not bytes, for
721 @command{nncp-newcfg} command is renamed to @command{nncp-cfgnew},
722 and @command{nncp-mincfg} to @command{nncp-cfgmin} -- now they have
723 common prefix and are grouped together for convenience.
726 @command{nncp-cfgenc} command appeared, allowing configuration file
727 encryption/decryption, for keeping it safe without any either OpenPGP or
731 Cryptographic libraries (dependencies) are updated.
738 @item Small @command{nncp-rm} command appeared.
739 @item Cryptographic libraries (dependencies) are updated.
746 Trivial small fix in default niceness level of @command{nncp-file}
747 and @command{nncp-freq} commands.
755 Small fix in @command{nncp-call}, @command{nncp-caller},
756 @command{nncp-daemon}: they can segmentation fail sometimes (no data is
760 @command{nncp-newnode} renamed to @command{nncp-newcfg} -- it is shorter
761 and more convenient to use.
764 @command{nncp-mincfg} command appeared: helper allowing to create
765 minimalistic stripped down configuration file without private keys, that
766 is useful during @command{nncp-xfer} usage.
773 @item Fixed compatibility with Go 1.6.
781 @strong{Incompatible} packet's format change (magic number is changed
782 too): size field is encrypted and is not send in plaintext anymore.
785 @option{-minsize} option gives ability to automatically pad outgoing
786 packets to specified minimal size.
789 @command{nncp-daemon} and @command{nncp-call}/@command{nncp-caller}
790 always check new @emph{tx} packets appearance in the background while
791 connected. Remote side is immediately notified.
794 @option{-onlinedeadline} option gives ability to configure timeout of
795 inactivity of online connection, when it could be disconnected. It could
796 be used to keep connection alive for a long time.
799 @option{-maxonlinetime} option gives ability to set maximal allowable
800 online connection aliveness time.
803 @command{nncp-caller} command appeared: cron-ed TCP daemon caller.
806 @command{nncp-pkt} command can decompress the data.