INN commit: trunk/doc/pod (news.pod)

INN Commit rra at isc.org
Wed Dec 30 13:04:30 UTC 2009 

    Date: Wednesday, December 30, 2009 @ 05:04:30
  Author: iulius
Revision: 8876

Commit 8765 (mandatory AUTHINFO USER for authenticated peers)
will be only in INN 2.6.0 -- not INN 2.5.2.

Modified:
  trunk/doc/pod/news.pod

----------+
 news.pod |   50 +++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 39 insertions(+), 11 deletions(-)

Modified: news.pod
===================================================================
--- news.pod	2009-12-30 11:42:02 UTC (rev 8875)
+++ news.pod	2009-12-30 13:04:30 UTC (rev 8876)
@@ -1,23 +1,51 @@
-=head1 Changes in 2.5.2
+=head1 Upgrading from 2.5 to 2.6
 
-Please note that owing to the implementation of S<RFC 4643> (AUTHINFO USER/PASS)
-in B<innd>, if remote peers have to authenticate in order to feed articles,
-they now have to send a username (which was previously wrongly optional), before
-sending their password.  The mandatory username, though unused by B<innd>, can be
-whatever the remote peer wishes.  In previous versions of INN, B<inncheck> was
-already complaining when F<passwd.nntp> contained an empty username associated
-with a password.
+The following changes require your full attention because a manual
+intervention may be needed:
 
 =over 2
 
 =item *
 
+Owing to the implementation of S<RFC 4643> (AUTHINFO USER/PASS) in B<innd>,
+if remote peers have to authenticate in order to feed articles, they now
+have to send a username (which was previously wrongly optional), before
+sending their password.  The mandatory username, though currently unused
+by B<innd>, can be whatever the remote peer wishes.  In previous versions
+of INN, B<inncheck> was already complaining when F<passwd.nntp> contained
+an empty username associated with a password.
+
+A manual review of authenticated feeds should then be done so as to ensure
+that they are properly working.
+
+=back
+
+=head1 Changes in 2.6.0
+
+=over 2
+
+=item *
+
+The NNTP protocol requires a username to be sent before a password when
+authentication is used.  B<innd> was wrongly allowing only a password to
+be sent by authenticated peers.  See the note above for more details.
+
+=back
+
+=head1 Changes in 2.5.2
+
+=over 2
+
+=item *
+
 Julien Elie has implemented in B<innd> the new version of the NNTP protocol
 described in S<RFC 3977>, S<RFC 4643> and S<RFC 4644>.  Consequently, B<innd>
 now recognizes the CAPABILITIES command.  Notwithstanding these standards,
 three commands (IHAVE, CHECK and TAKETHIS) will continue, for interoperability
 reasons, to return a reject code (respectively C<435>, C<438> and C<439>) when
-the command contains a syntax error (which normally leads to C<501>).
+the command contains a syntax error (which normally leads to C<501>).  Besides,
+the mandatory username for authenticated peers will only be enforced by
+S<INN 2.6.0>.
 
 Major improvements are:
 
@@ -47,8 +75,8 @@
 
 =item *
 
-When using HEAD or STAT with an article number or a range, 412 (no group
-selected) is now returned instead of 501 (syntax error).
+When using HEAD or STAT with an article number or a range, C<412> (no
+group selected) is now returned instead of C<501> (syntax error).
 
 =back

More information about the inn-committers mailing list