Custom Query (44 matches)

gpgverify uses the old attached signature verification method, which doesn't work properly for new-style GnuPG signatures that require Hash headers for attached signatures.

Given that pgpverify does the right thing and gpgverify was added just because it was a simplified version that assumed GnuPG, perhaps it should be removed.

inews wrongly rejects articles that contain header fields whose length exceeds 998 bytes. That length should be the one of a header line, not a whole header field.

Reported by Jeffery Small in inn-workers.

According to RFC 3977, section 3.4.1:

Except as an effect of the MODE READER command (Section 5.3) on a mode-switching server, once a server advertises either or both of the IHAVE or READER capabilities, it MUST continue to advertise them for the entire session.

If IHAVE has been advertised, it will not necessarily be advertised for the entire session. innd and nnrpd only advertise the IHAVE capability when it is really available.

Impact: Probably none. It is sort of a weird edge case, since having such basic commands disappear after authentication is a little odd and would require an unusual configuration. It is probably not worth fixing. Besides, such a fix seems to partly defeat the point of the capability system.