1. Forum
  2. FidoNet
  3. POINTS

  • OpenXP 5.0.49 released

    From Martin Foster@2:310/31.3 to All on Sat Feb 20 11:32:00 2021
    Greetings All!

    OpenXP 5.0.49 has been released and is available for download from the following URLs .....

    https://sourceforge.net/projects/openxp5/

    https://openxp.uk/

    OpenXP is a fully integrated FidoNet Point system, email client and
    newsgroup client for the Windows/Linux console.

    OpenXP5.0.49-win.zip - Win32 version.

    openxp-5.0.49-1.x86_64-lnx.zip - Linux 64-Bit ZIP package.

    openxp-5.0.49-1.x86_64.rpm - Linux 64-Bit RPM package.

    Pascal source code packages are also available for download.

    See this document for a complete list of changes ..... https://openxp.uk/doc/changes.txt

    Regards,
    Martin

    --- OpenXP 5.0.49
    * Origin: OpenXP-Team (2:310/31.3)
  • From Anna Christina Nass@2:240/5824.1 to Martin Foster on Thu Mar 4 12:11:00 2021
    Am 20.02.21 schrieb Martin Foster@2:310/31.3 in POINTS:

    Hallo Martin,

    See this document for a complete list of changes ..... https://openxp.uk/doc/changes.txt

    Meh, this change (bugfix, I know...) took me a while to notice:

    - Disabling "Packet password" in Edit/Servers/Edit/Point had no effect

    I had the default setting (disabled) and since yesterday (where I
    installed the update) mails from my point went to .bad packets in my BBS.

    My BBS had these lines in the log:

    2021-03-03 15:29:04 Packet /sbbs/fido/inbound/xxx.PKT from 2:240/5824.1 - Incorrect password ('' instead of 'xxx')

    So to all OpenXP users:
    Check your settings :)

    Regards,
    Anna

    --- OpenXP 5.0.49
    * Origin: Imzadi Box Point (2:240/5824.1)
  • From August Abolins@2:221/1.58 to Anna Christina Nass on Thu Mar 4 08:10:00 2021
    Hello Anna Christina!

    ** On Thursday 04.03.21 - 12:11, you wrote:

    - Disabling "Packet password" in Edit/Servers/Edit/Point
    had no effect

    2021-03-03 15:29:04 Packet /sbbs/fido/inbound/xxx.PKT from
    2:240/5824.1 - Incorrect password ('' instead of 'xxx')

    That is a different matter. What *was* the matter was that a
    session password in-the-clear was included in ALL outgoing PKTs
    (including crash/direct)!

    So.. it may not be wise anyone to continue to use any version
    less than 5.0.49.

    --
    ../|ug

    --- OpenXP 5.0.49
    * Origin: The point of origin --> . <-- (2:221/1.58)
  • From Anna Christina Nass@2:240/5824.1 to August Abolins on Thu Mar 4 15:30:00 2021
    Am 04.03.21 schrieb August Abolins@2:221/1.58 in POINTS:

    Hallo August,

    - Disabling "Packet password" in Edit/Servers/Edit/Point
    had no effect

    2021-03-03 15:29:04 Packet /sbbs/fido/inbound/xxx.PKT from
    2:240/5824.1 - Incorrect password ('' instead of 'xxx')

    That is a different matter.

    Okay?!? But indeed, enabling the "Packet password" option made at least my mails go out again :)

    What *was* the matter was that a
    session password in-the-clear was included in ALL outgoing PKTs
    (including crash/direct)!

    So.. it may not be wise anyone to continue to use any version
    less than 5.0.49.

    That's right.

    Although I'm a little confused :)

    Regards,
    Anna

    --- OpenXP 5.0.49
    * Origin: Imzadi Box Point (2:240/5824.1)
  • From August Abolins@2:221/1.58 to Anna Christina Nass on Thu Mar 4 21:09:00 2021
    Hello Anna Christina!

    ** On Thursday 04.03.21 - 15:30, you wrote to me:

    What *was* the matter was that a session password in-the-
    clear was included in ALL outgoing PKTs (including crash/
    direct)!

    So.. it may not be wise anyone to continue to use any
    version less than 5.0.49.

    That's right.

    Although I'm a little confused :)

    Before 5.0.49, whenever you would crash/direct a message
    (bypassing your boss) the outgoing pkt would include the session
    pwd you had established with the boss!

    Like this: https://susepaste.org/69048853

    That means, each and every fido node you crashed a message to,
    had the opportunity to see it.

    The latest version, fixes that: https://susepaste.org/14013065


    --
    ../|ug

    --- OpenXP 5.0.49
    * Origin: The point of origin --> . <-- (2:221/1.58)
  • From Anna Christina Nass@2:240/5824.1 to August Abolins on Fri Mar 5 09:08:00 2021
    Am 04.03.21 schrieb August Abolins@2:221/1.58 in POINTS:

    Hallo August,

    Before 5.0.49, whenever you would crash/direct a message
    (bypassing your boss) the outgoing pkt would include the session
    pwd you had established with the boss!
    [...]

    So now, when "[x] Packet password" is set, the password is included in packets to my boss but not in crash/direct message packets?

    And when the option is not set, the password is added in no case, is this correct?

    Thank you!

    Regards,
    Anna

    --- OpenXP 5.0.49
    * Origin: Imzadi Box Point (2:240/5824.1)
  • From August Abolins@2:221/1.58 to Anna Christina Nass on Fri Mar 5 10:22:00 2021
    Hello Anna Christina Nass!

    So now, when "[x] Packet password" is set, the password is
    included in packets to my boss but not in crash/direct
    message packets?

    Correct.

    And when the option is not set, the password is added in
    no case, is this correct?

    Correct.

    You can confirm these things by looking at your history of .PKT
    files stored in the root dir /SPOOL.

    If you've ever crashed any messages to someone else's system
    from OXP 5.0.48 or earlier, those packets will have your
    personal session password in there.

    --
    ../|ug

    --- OpenXP 5.0.49
    * Origin: The point of origin --> . <-- (2:221/1.58)
  • From Anna Christina Nass@2:240/5824.1 to August Abolins on Fri Mar 5 18:47:00 2021
    Am 05.03.21 schrieb August Abolins@2:221/1.58 in POINTS:

    Hallo August,

    So now, when "[x] Packet password" is set, the password is
    included in packets to my boss but not in crash/direct
    message packets?

    Correct.

    And when the option is not set, the password is added in
    no case, is this correct?

    Correct.

    Thank you very much for clarification!

    If you've ever crashed any messages to someone else's system
    from OXP 5.0.48 or earlier, those packets will have your
    personal session password in there.

    As I did not do it, I cannot confirm it :)

    Regards,
    Anna

    --- OpenXP 5.0.49
    * Origin: Imzadi Box Point (2:240/5824.1)
  • From August Abolins@2:221/1.58 to Anna Christina Nass on Fri Mar 5 18:33:00 2021
    Hello Anna Christina!

    If you've ever crashed any messages to someone else's
    system from OXP 5.0.48 or earlier, those packets will have
    your personal session password in there.

    As I did not do it, I cannot confirm it :)

    Probably most OXP users simply used their boss system to deliver
    netmail. But I think OXP's ability to send crash/direct is
    amazing. Attaching the boss session password for those
    deliveries was not so amazing. :/


    --
    ../|ug

    --- OpenXP 5.0.49
    * Origin: The point of origin --> . <-- (2:221/1.58)
  • From Anna Christina Nass@2:240/5824.1 to August Abolins on Sat Mar 6 13:44:00 2021
    Am 05.03.21 schrieb August Abolins@2:221/1.58 in POINTS:

    Hallo August,

    Probably most OXP users simply used their boss system to deliver
    netmail.

    Maybe, yes :) And my boss system (my own BBS) sends out mails pretty
    quickly to my uplink.

    But I think OXP's ability to send crash/direct is
    amazing. Attaching the boss session password for those
    deliveries was not so amazing. :/

    Yep, that's true...

    Have a nice weekend!

    Regards,
    Anna

    --- OpenXP 5.0.49
    * Origin: Imzadi Box Point (2:240/5824.1)
  • From Martin Foster@2:310/31.3 to Anna Christina Nass on Mon Mar 8 10:35:00 2021
    Hello Anna!

    *** Thursday 04.03.21 at 12:11, Anna Christina Nass wrote to Martin Foster:

    See this document for a complete list of changes .....
    https://openxp.uk/doc/changes.txt

    Meh, this change (bugfix, I know...) took me a while to notice:

    - Disabling "Packet password" in Edit/Servers/Edit/Point had no effect

    I had the default setting (disabled) and since yesterday (where I installed the update) mails from my point went to .bad packets in my
    BBS.

    I've just checked the default setting for this in a fresh clean install of OpenXP and the "Packet password" setting is disabled by default but as we
    now know, it wasn't disabled at all because the switch didn't actually do anything. Now that the bug has been fixed, the default setting for "Packet password" will be enabled as from the next OpenXP release. Many thanks for bringing this matter to our attention.

    Regards,
    Martin

    --- OpenXP 5.0.49
    * Origin: Bitz-Box - Bradford - UK (2:310/31.3)
  • From Martin Foster@2:310/31.3 to August Abolins on Mon Mar 8 10:38:00 2021
    Hello August!

    *** Thursday 04.03.21 at 08:10, August Abolins wrote to Anna Christina Nass:

    - Disabling "Packet password" in Edit/Servers/Edit/Point
    had no effect

    2021-03-03 15:29:04 Packet /sbbs/fido/inbound/xxx.PKT from
    2:240/5824.1 - Incorrect password ('' instead of 'xxx')

    That is a different matter.

    Maybe so but at least it's highlighted something that had escaped my attention.

    Regards,
    Martin

    --- OpenXP 5.0.49
    * Origin: Bitz-Box - Bradford - UK (2:310/31.3)
  • From August Abolins@2:221/1.58 to Martin Foster on Mon Mar 8 07:32:00 2021
    Hello Martin Foster!

    ** On Monday 08.03.21 - 10:38, you wrote:

    - Disabling "Packet password" in Edit/Servers/Edit/Point
    had no effect

    2021-03-03 15:29:04 Packet /sbbs/fido/inbound/xxx.PKT
    from 2:240/5824.1 - Incorrect password ('' instead of
    'xxx')

    That is a different matter.

    Maybe so but at least it's highlighted something that had
    escaped my attention.

    Well... it brought forward TWO broken issues at the same time.

    --
    ../|ug

    --- OpenXP 5.0.49
    * Origin: The ONLY point that matters! --> . <-- (2:221/1.58)