2013-04-12  Holger Weiß  <holger@weiss.in-berlin.de>

	* NEWS, configure.ac: NSCA-ng 1.1

	* NEWS: Cosmetic change

	Use imperative language throughout the NEWS file.

	* man/nsca-ng.cfg.in: Add "chroot" example

	The idea is to mention all available variables in the EXAMPLES section
	of the nsca-ng.cfg(5) man page.

2013-04-10  Holger Weiß  <holger@weiss.in-berlin.de>

	* contrib/invoke_check: Survive exit codes != 0

	Don't die (due to "set -e") if the plugin returns an exit code other
	than zero.

	Thanks to Mirko Tasler for tracking down this bug.

	* man/send_nsca.in, src/client/client.c, src/client/client.h,
	src/client/send_nsca.c, tests/input.at: New send_nsca(8) option: "-e
	<separator>"

	Add the "-e" flag, which allows for specifying a delimiter to use
	instead of the ETB character for separating check results.  A newline
	character may be specified to get compatibility with the original NSCA
	releases prior to version 2.9.

2013-04-09  Holger Weiß  <holger@weiss.in-berlin.de>

	* etc/nsca-ng.cfg, man/nsca-ng.cfg.in, src/server/auth.c,
	src/server/conf.c, tests/auth.at: Support "hosts" patterns in
	"authorize" sections

	The new "hosts" variable is syntactic sugar (along the lines of the
	"services" variable); i.e., the following assignments are equivalent:

		hosts = "foo"
		commands = "PROCESS_HOST_CHECK_RESULT;foo;.+"

	* etc/nsca-ng.cfg: Apply minor corrections

	Improve the description of authorization patterns.

	* m4/aio.m4, tests/auth.at, tests/input.at: Cosmetic changes in M4 macro
	calls

	Put empty M4 macro arguments at the end of lines rather than at the
	beginning.

	* tests/auth.at: Add service check test case

	Test whether authorization patterns for (legitimate) service check
	results work as expected.

2013-03-23  Holger Weiß  <holger@weiss.in-berlin.de>

	* README: Fix typo

2013-03-18  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/client/client.c, src/common/util.c, src/common/util.h,
	tests/input.at: Let send_nsca(8) ignore empty input lines

	A command such as the following triggered an "Input format incorrect"
	message:

		printf 'jupiter\tdisk\t0\okay\n\27\n' | send_nsca

	This happened because the trailing newline character was interpreted as
	another check result.  In practice, such a trailing newline character
	might be generated unintentionally when using echo(1) to pipe check
	results into the client.  Therefore, send_nsca(8) now ignores empty
	input lines.

2013-03-17  Holger Weiß  <holger@weiss.in-berlin.de>

	* m4/openssl.m4: Link against libdl only if necessary

	We should link against libdl whenever necessary, but not whenever
	possible.

2013-03-16  Holger Weiß  <holger@weiss.in-berlin.de>

	* configure.ac: Support --disable-maintainer-mode

	Debian's dh_auto_configure(1) (which is used for building packages)
	calls the ./configure script with the --disable-maintainer-mode flag.

2013-03-14  Holger Weiß  <holger@weiss.in-berlin.de>

	* THANKS: Add a THANKS file

	The good ideas came from Heiko!

2013-03-13  Stuart Henderson  <stu@spacehopper.org>

	* etc/nsca-ng.cfg, man/nsca-ng.cfg.in, src/server/conf.c,
	src/server/nsca-ng.c: Add a directive to chroot(2) at startup

	Allow the user to specify a directory the server should chroot(2) into
	on startup.

2013-03-12  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/client/input.c: Cosmetic change: replace 0 with NULL

	Compare pointers to NULL rather than 0 (for clarity).

2013-03-11  Holger Weiß  <holger@weiss.in-berlin.de>

	* Makefile.am, build-aux/generate-change-log: s/python/perl/

	Replace the Python script for creating the ChangeLog file with a version
	written in Perl.  The reason is simply that the Python binary on the
	system I use for creating the NSCA-ng releases is called "python2.7",
	not "python"; and reimplementing the thing in Perl seems simpler than
	adding magic to update the Shebang line when Python is updated :-)

2013-03-10  Holger Weiß  <holger@weiss.in-berlin.de>

	* README: Slightly improve wording

	Improve the wording in the README file a bit.

2013-03-08  Holger Weiß  <holger@weiss.in-berlin.de>

	* build-aux/man2ps: Remove outdated comment

	The script no longer does what the comment said.

2013-03-06  Holger Weiß  <holger@weiss.in-berlin.de>

	* NEWS, configure.ac: NSCA-ng 1.0

	* etc/nsca-ng.cfg: Fix indentation

	Remove a superfluous tab character.

2013-03-04  Holger Weiß  <holger@weiss.in-berlin.de>

	* contrib/invoke_check: Fix our send_nsca(8) call

	The invoke_check script doesn't feed send_nsca(8) with "raw" commands,
	so specifying the "-C" option was incorrect.

	* contrib/downtime: Fix our timestamps

	The timestamps must be submitted as the number of seconds since the
	Epoch.

	* contrib/debug_server: Fix send_nsca.cfg(5) parsing

	Quote the argument to the "eval" call that parses the configuration
	file.

	* COPYING: Slightly improve wording

	Improve the wording in the COPYING file a bit.

	* src/client/send_nsca.c, src/server/server.c: Make Clang happy

	Fix two minor compiler warnings.

	* PROTOCOL: Improve wording a bit

	Slightly improve the wording of the description of the PUSH request.

2013-03-03  Holger Weiß  <holger@weiss.in-berlin.de>

	* NEWS, PROTOCOL, README, TODO, contrib/README: Mark Markdown files as
	such for Vim

	Specify "filetype=markdown" in the Vim modeline of Markdown files.

	* configure.ac: Set AC_CONFIG_MACRO_DIR()

	The Autoconf manual suggests to specify the AC_CONFIG_MACRO_DIR(), as it
	might be used "by future versions of commands like autoreconf that trace
	macro calls".

	* etc/nsca-ng.cfg: Give better examples

	Improve the clarity of the authorization section examples a bit.

	* etc/nsca-ng.cfg: Add a default "authorize" section

	Add an "authorize" section which lets the server start out of the box
	(instead of bailing out because the user didn't specify an "authorize"
	section).  The new configuration still doesn't permit clients to submit
	anything to Nagios (it just allows authenticated clients to talk to the
	server), so the client will spit out a "not authorized" message until
	the user edits the nsca-ng.cfg(5) file.

2013-03-02  Holger Weiß  <holger@weiss.in-berlin.de>

	* TODO: Add a wish list item

	The client should support talking to multiple servers.

2013-03-01  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/server/fifo.c: Log a notice when (re)opening the command file

	The server should log a notice when opening the command file succeeds
	after having failed before.

	* PROTOCOL: Clarifications regarding PUSHed commands

	Explicitly note that PUSHed "monitoring commands" shall not be
	CRLF-terminated, and that embedded newline characters and backslashes
	must be escaped.

2013-02-27  Holger Weiß  <holger@weiss.in-berlin.de>

	* man/nsca-ng.cfg.in, man/send_nsca.cfg.in, src/client/conf.c,
	src/server/conf.c: Use AES256-CBC instead of RC4 by default

	We used the PSK-RC4-SHA cipher suite by default, since the CBC ciphers
	are broken in OpenSSL 1.0.1d.  However, many other applications don't
	work (properly) when linked against 1.0.1d either, and it was quickly
	replaced with 1.0.1e (which fixes the issue), so the number of 1.0.1d
	users is probably very small.  Therefore, it should be safe to use the
	PSK-AES256-CBC-SHA cipher by default.

	* src/server/fifo.c: Only use the command file if it's a named pipe

	Check whether the command file is a FIFO after opening it.  If it isn't,
	close it again, log a warning message, and retry opening it later on.

2013-02-26  Holger Weiß  <holger@weiss.in-berlin.de>

	* m4/aio.m4: Use AIOLIBS when testing POSIX AIO

	Since commit 60ff499, the linker options required to use the POSIX AIO
	API are saved into AIOLIBS instead of into LIBS.  This broke our
	Autoconf test whether POSIX AIO actually works.

	* etc/nsca-ng.cfg, man/nsca-ng.cfg.in: Add "authorize" section for
	PING-only access

	Add an example "authorize" section which shows how to allow clients to
	talk to the server without allowing them to submit anything to the
	command file.  This might be useful for monitoring the server.

2013-02-25  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/common/tls.c: Add missing "break" statement

	If the peer aborted the TLS shutdown, the check_tls_error() function
	generated an additional, bogus warning message due to a missing "break"
	statement.

	* NEWS, configure.ac: NSCA-ng 0.3

	* PROTOCOL: Markup changes

	Format commands and arguments as `code`.

2013-02-23  Holger Weiß  <holger@weiss.in-berlin.de>

	* README, configure.ac: Suggest nsca-ng.org website and lists for
	support

	For support, suggest the nsca-ng.org mailing lists and website instead
	of my personal email address.

2013-02-22  Holger Weiß  <holger@weiss.in-berlin.de>

	* NEWS, PROTOCOL, README, TODO, contrib/README: Convert plain text
	documentation to Markdown

	Use Markdown syntax for the plain text documentation files so that we
	can generate HTML versions of those for the website.

	* man/nsca-ng.cfg.in, man/send_nsca.cfg.in: Man pages: Replace "\(rs"
	with "\\"

	The System V roff macros usually don't support "\(rs".

2013-02-21  Holger Weiß  <holger@weiss.in-berlin.de>

	* contrib/invoke_check: Cosmetic change

	Remove a trailing "." from an error message.

	* build-aux/make-confuse, build-aux/make-openssl, build-aux/man2ps,
	contrib/acknowledge, contrib/debug_server,
	contrib/disable_notifications, contrib/downtime,
	contrib/enable_notifications, contrib/invoke_check,
	contrib/nsca-ng.init, tests/atlocal.in: Fix Vim modelines

	The trailing ":" was missing in some of our Vim modelines.

2013-02-20  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/client/client.c, src/common/tls.c, src/common/tls.h,
	src/server/server.c: Add session ID to connection-related log messages

	Mention the session ID in all log messages related to the TLS
	communication in order to ease debugging.

2013-02-19  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/server/nsca-ng.c: Fix nsca-ng(8)'s "-s" and "-S" flags

	The "-s" and "-S" options were effectively ignored by nsca-ng(8).

	* src/server/nsca-ng.c: Call ev_loop_fork() only if daemonizing

	If nsca-ng(8) is executed with the "-F" option, it doesn't fork(2).

	* man/nsca-ng.cfg.in: Cosmetic changes

	Change the word wrapping of the comments in the example nsca-ng.cfg(5)
	file.

	* man/nsca-ng.cfg.in: Mark setting as mandatory

	Mention that the password setting in authorization sections is
	mandatory.

	* man/nsca-ng.cfg.in, man/nsca-ng.in: Shorten log level description in
	server man pages

	Remove the example for warning messages.  The NSCA-ng server generates
	all sorts of warnings, not just connection timeouts.

	* build-aux/man2ps: Really use GNU groff extensions

	Heirloom troff(1b)'s "-mg" option must be used to enable GNU groff
	extensions.  I forgot to do this in commit 24ce669.

	* NEWS, configure.ac: NSCA-ng 0.2

	* src/client/send_nsca.c: Fix send_nsca(8)'s "-s" flag

	The "-s" option was effectively ignored by send_nsca(8).

2013-02-18  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/server/fifo.c: Use "async" prefix for all AIO-related functions

	Always use "async" as a prefix for the names of AIO-related functions.

	* src/server/fifo.c: Clarify a comment

	Make it clear that the point of using ev_invoke() is to invoke the
	callback immediately.

2013-02-17  Holger Weiß  <holger@weiss.in-berlin.de>

	* README: Add compatibility note

	Add a note for NSCA 2.x users to the README file.

2013-02-13  Holger Weiß  <holger@weiss.in-berlin.de>

	* build-aux/man2ps: Use GNU groff extensions

	Let Heirloom troff use GNU groff extensions (by specifying the "-mg"
	flag) in order to simplify the script.

	* man/nsca-ng.cfg.in: Don't use em dash character

	GNU nroff gets the line wrapping wrong when em dash characters are used.

	* etc/send_nsca.cfg: Mention default settings

	Add comments mentioning the default settings to the sample client
	configuration file.

2013-02-12  Holger Weiß  <holger@weiss.in-berlin.de>

	* .gitignore: Let Git ignore /man/*.ps files

	GNU Make removes the intermediate PostScript files during "make pdf",
	but other Make implementations don't.

	* m4/confuse.m4, m4/networking.m4, m4/openssl.m4: Fix order of linker
	arguments

	When linking statically, the order in which libraries and object files
	are specified on the linker command line matters.  So, make sure that
	library A is specified before library B if A depends on B.

	* m4/aio.m4, m4/pidfile.m4, src/server/Makefile.am: Don't link client
	against server's libraries

	The POSIX AIO API and FreeBSD's pidfile(3) functions are used only by
	the server, so don't link the client against those libraries.

2013-02-11  Holger Weiß  <holger@weiss.in-berlin.de>

	* build-aux/clang-analyze: Add some include paths

	Add a few include paths required to make build-aux/clang-analyze work on
	my NetBSD system.

	* build-aux/clang-analyze: Define NSCA_VERSION

	NSCA_VERSION is defined via "-D".

	* man/send_nsca.in: Tidy up "-d" flag description

	The fact that the argument to the "-d" option must be a single character
	need not be mentioned twice :-)

	* man/send_nsca.in: Mention that usage errors are written to stderr

	Add a note to the send_nsca.cfg(5) man page to clarify that usage errors
	are written to the standard error output even if the "-s" option is
	specified.

	* man/nsca-ng.cfg.in: s/client ID/client identity/

	The send_nsca.cfg(5) man page refers to the term "client identity", so
	let's use that in the nsca-ng.cfg(5) man page as well.

	* src/common/util.c: Cosmetic change: replace 0 with '\0'

	A '\0' should be assigned to nul-terminate a string.

2013-02-10  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/common/Makefile.am, src/common/util.c: Use git-describe(1) output
	in version string

	Include the Git revision in the version string if a non-release version
	of NSCA-ng is built from Git.  (The version string is only updated if
	src/common/util.o is rebuilt, though.)

	* tests/Makefile.am: Let "make distclean" remove tests/atconfig

	The tests/atconfig file is created from tests/atconfig.in by the
	./configure script and should therefore be removed by "make distclean".

	* etc/nsca-ng.cfg, src/server/conf.c, tests/auth.at: Be more careful
	with service patterns

	Make sure the default host name pattern (used when service patterns
	without host name part are specified) only matches the host name field
	of service check results.

	Without this change, "service = disk" was expanded to:

		PROCESS_SERVICE_CHECK_RESULT;.*;disk;.+;.+

	This pattern would have also matched "http" service check results:

		PROCESS_SERVICE_CHECK_RESULT;saturn;http;0;disk;0;oops

	While at it, adjust a comment in the sample configuration file
	accordingly, and add a test case for this issue.

2013-02-09  Holger Weiß  <holger@weiss.in-berlin.de>

	* src/server/server.c: Mention the session ID when refusing data

	The session ID can be useful when tracing problems, so we should log it
	when we refuse a monitoring command (and not just when accepting data).

	* src/server/conf.c: Accept non-numeric service check result status

	Nagios accepts a non-numeric check result status (such as "OK"), so we
	should accept that, too (when matching against service patterns).

2013-02-08  Holger Weiß  <holger@weiss.in-berlin.de>

	* README, contrib/README, contrib/debug_server, etc/Makefile.am,
	etc/nsca-ng.cfg, etc/send_nsca.cfg, man/Makefile.am, man/nsca-ng.cfg.in,
	man/nsca-ng.in, man/send_nsca.cfg.in, man/send_nsca.in,
	src/client/conf.h, src/server/conf.h, tests/input.at, tests/local.at,
	tests/test_nsca.c: Use ".cfg" as the configuration file extension

	Nagios and NSCA configuration files usually have a ".cfg" extension, so
	we should use that too.

	* .gitignore, AUTHORS, COPYING, Makefile.am, NEWS, PROTOCOL, README,
	TODO, autogen.sh, build-aux/Makefile.am, build-aux/clang-analyze,
	build-aux/generate-change-log, build-aux/make-confuse,
	build-aux/make-openssl, build-aux/man2ps, configure.ac,
	contrib/Makefile.am, contrib/README, contrib/acknowledge,
	contrib/debug_server, contrib/disable_notifications, contrib/downtime,
	contrib/enable_notifications, contrib/invoke_check,
	contrib/nsca-ng.init, etc/Makefile.am, etc/nsca-ng.conf,
	etc/send_nsca.conf, etc/valgrind.supp, lib/Makefile.am, lib/daemon.c,
	lib/ev/Makefile.am, lib/ev/ev.c, lib/ev/ev.h, lib/ev/ev_epoll.c,
	lib/ev/ev_kqueue.c, lib/ev/ev_poll.c, lib/ev/ev_port.c,
	lib/ev/ev_select.c, lib/ev/ev_vars.h, lib/ev/ev_win32.c,
	lib/ev/ev_wrap.h, lib/ev/libev.m4, lib/pidfile/Makefile.am,
	lib/pidfile/flock.c, lib/pidfile/flopen.c, lib/pidfile/libutil.h,
	lib/pidfile/pidfile.c, lib/progname.c, lib/strcasecmp.c, lib/strdup.c,
	lib/strncasecmp.c, lib/system.h, lib/wrappers.c, lib/wrappers.h,
	lib/xprintf.c, m4/aio.m4, m4/confuse.m4, m4/daemon.m4, m4/ev.m4,
	m4/networking.m4, m4/openssl.m4, m4/pidfile.m4, m4/progname.m4,
	m4/xprintf.m4, man/Makefile.am, man/nsca-ng.conf.in, man/nsca-ng.in,
	man/send_nsca.conf.in, man/send_nsca.in, src/Makefile.am,
	src/client/Makefile.am, src/client/auth.c, src/client/auth.h,
	src/client/client.c, src/client/client.h, src/client/conf.c,
	src/client/conf.h, src/client/input.c, src/client/input.h,
	src/client/parse.c, src/client/parse.h, src/client/send_nsca.c,
	src/client/send_nsca.h, src/common/Makefile.am, src/common/buffer.c,
	src/common/buffer.h, src/common/log.c, src/common/log.h,
	src/common/tls.c, src/common/tls.h, src/common/util.c,
	src/common/util.h, src/server/Makefile.am, src/server/auth.c,
	src/server/auth.h, src/server/conf.c, src/server/conf.h,
	src/server/fifo.c, src/server/fifo.h, src/server/hash.c,
	src/server/hash.h, src/server/nsca-ng.c, src/server/server.c,
	src/server/server.h, tests/Makefile.am, tests/atlocal.in, tests/auth.at,
	tests/basic.at, tests/input.at, tests/local.at, tests/test_nsca.c,
	tests/testsuite.at: Initial import of NSCA-ng

	This is a fully functional first version of NSCA-ng.  It provides the
	following features:

	* Submission of arbitrary "monitoring commands" (not just check
	  results) of arbitrary size.

	* Client-specific passwords.

	* Fine-grained authorization control.

	* Optional random delay before the client connects to the server.  This
	  might be useful if many clients are invoked simultaneously.

	* Simple, extensible, and documented text-based protocol.

	* TLS encryption and pre-shared key authentication as per RFC 4279.

	NSCA-ng is short for "Not just a Service Check Acceptor" ("next
	generation").

