INN 2.6.0 release candidate

Julien ÉLIE julien at trigofacile.com
Mon Mar 30 20:39:02 UTC 2015


Hi all,

A release candidate for INN 2.6.0 has just been made available
for download on ftp.isc.org:

    http://ftp.isc.org/isc/inn/testing/


Please report any issue you may encounter, especially during
the upgrade process from INN 2.5.x.

The final 2.6.0 release is scheduled in May or June.

Suggestion for the changelog follows.


INN 2.6.0 is almost entirely compatible with INN 2.5, and most INN 2.5
users will be able to upgrade with a simple "make update".  A few checks
explained in the upgrade changes below should also be made.

All of the applicable bug fixes from the INN 2.5 STABLE series, including
the upcoming 2.5.5 release, are also included in INN 2.6.





Upgrading from 2.5 to 2.6

    The following changes require your full attention because a manual
    intervention may be needed:

    * The name and location of the pullnews configuration file have changed.
      It is now pullnews.marks, located in *pathdb* when pullnews is run as
      the news user, or otherwise in the running user's home directory. 
      This file was previously stored in .pullnews in the running user's
      home directory (even for the news user).  If you use pullnews, you
      need to manually move and rename the configuration file; otherwise, it
      will no longer work.  Note that the -c flag passed to pullnews allows
      to specify another configuration file, if need be.

    * If you have been using SSL/TLS with nnrpd before, be aware that the
      default value of a few inn.conf parameters have changed:  the server
      now decides the preferred cipher (instead of the client), and only TLS
      protocols are allowed (using the flawed SSLv2 and SSLv3 protocols is
      now disabled).  If you want to change these settings, the respective
      *tlspreferserverciphers* and *tlsprotocols* parameters can be tuned to
      your needs.

    * The --with-kerberos configure flag used to add Kerberos v5 support has
      been renamed to --with-krb5.

    * The --with-berkeleydb configure flag used to add Berkeley DB support
      has been renamed to --with-bdb.

    * The --enable-ipv6 configure flag no longer exists.  IPv6 is now
      unconditionally enabled, if available.

    * $HOME is no longer exported as an environment variable by
      innshellvars, innshellvars.tcl and the Perl module "INN::Config".  It
      was previously overriding the default user home directory with
      *pathnews*.  If you use these scripts in your own scripts, you will
      have to take care of that change.

    * Owing to the implementation of RFC 4643 (AUTHINFO USER/PASS) in innd,
      if remote peers have to authenticate in order to feed articles, they
      now have to send a username (which was previously wrongly optional),
      before sending their password.  The mandatory username, though
      currently unused by innd, can be whatever the remote peer wishes.  In
      previous versions of INN, inncheck was already complaining when
      passwd.nntp contained an empty username associated with a password.

      A manual review of authenticated feeds should then be done so as to
      ensure that they are properly working.

    * The Injection-Date: and Injection-Info: headers are now generated by
      nnrpd at injection time instead of the NNTP-Posting-Date:,
      NNTP-Posting-Host:, X-Complaints-To: and X-Trace: headers.  Local
      scripts that were using (for authentication, privacy, etc.) these now
      deprecated headers should be updated.  Also note that the Path: header
      of locally posted articles can also contain the contents of the
      deprecated NNTP-Posting-Host: field.

    * The two *addnntppostingdate* and *addnntppostinghost* parameters in
      inn.conf have been respectively renamed to *addinjectiondate* and
      *addinjectionpostinghost*.  innupgrade takes care of the modification
      only for inn.conf; a manual change will therefore be needed for
      readers.conf, if these parameters are overridden in this file.

Changes in 2.6.0

    * The NNTP protocol requires a username to be sent before a password
      when authentication is used.  innd was wrongly allowing only a
      password to be sent by authenticated peers.  See the note above for
      more details.

    * The Lines: header is no longer generated by nnrpd at injection time.

    * The Injection-Date: header is now generated by nnrpd at injection time
      instead of the deprecated NNTP-Posting-Date: header, when
      *addinjectiondate* is set to true.  Note that *addnntppostingdate* has
      been renamed to *addinjectiondate* in inn.conf.

    * The Injection-Info: header is now generated by nnrpd at injection time
      instead of the deprecated NNTP-Posting-Host: (when
      *addinjectionpostinghost* is set to true), X-Complaints-To: and
      X-Trace: headers.  Note that *addnntppostinghost* has been renamed to
      *addinjectionpostinghost* in inn.conf.  The Path: header of locally
      posted articles now also contains the contents of the
      NNTP-Posting-Host: header.

    * A new *addinjectionpostingaccount* parameter has been added in
      inn.conf.  When set to true, the Injection-Info: header field contains
      an additional posting-account attribute that mentions the username
      assigned to the user at connection time or after authentication.  The
      default value for this parameter is false.

    * A few headers are now considered as obsolete by nnrpd at injection
      time:  NNTP-Posting-Date:, NNTP-Posting-Host:, X-Complaints-To:,
      X-Trace:, Also-Control:, Article-Names:, Article-Updates:, and
      See-Also: headers.

      Besides, nnrpd will similarly reject obsolete sendsys, senduuname and
      version control messages.

    * The presence of a Subject: header field beginning with "cmsg " no
      longer causes an article to be interpreted as a control message by
      nnrpd at injection time.

    * nnrpd no longer differentiates IHAVE from POST.  Articles injected
      with IHAVE are now treated as though they were injected with POST.  It
      means that if the previous behaviour of IHAVE was expected, innd
      should handle itself the connection instead of nnrpd.

    * The name of the pullnews configuration file is now pullnews.marks
      located in *pathdb* when pullnews is run as the news user, or
      otherwise in the running user's home directory.  It was previously
      stored in .pullnews in the running user's home directory (even for the
      news user).

    * Building with Libtool is no longer optional.  The --enable-libtool
      option to configure has been removed.

    * When building INN with Berkeley DB, Cyrus SASL, Kerberos v5, OpenSSL,
      or zlib support, no longer add standard locations to compiler and
      linker include flags.  Such default paths are now added only if
      explicitly given to one or more of the --with-bdb, --with-bdb-include,
      --with-bdb-lib, --with-sasl, --with-sasl-include, --with-sasl-lib,
      --with-krb5, --with-krb5-include, --with-krb5-lib, --with-openssl,
      --with-openssl-include, --with-openssl-lib, --with-zlib,
      --with-zlib-include, or --with-zlib-lib configure flags (the flags
      ending with "-include" and "-lib" are new in INN 2.6.0).

    * If the Berkeley DB, Cyrus SASL, Kerberos v5, or OpenSSL SSL and crypto
      libraries are found at configure time, INN will now be built with
      support for them unless respectively the --without-bdb,
      --without-sasl, --without-krb5, or --without-openssl flags are
      explicitly passed to configure.

      Note that it was already the default behaviour for zlib support when
      Berkeley DB support was also enabled.

    * The configure flag --enable-reduced-depends has been added to request
      that library probes assume shared libraries are in use and
      dependencies of libraries should not be probed.  It therefore tries to
      minimize the shared library dependencies of the resulting binaries on
      platforms with proper shared library dependencies.  This is not
      enabled by default, and is of interest primarily to people building
      packages for distributions.

    * The INN test suite driver is now fully synchronized with the upstream
      version of the C TAP Harness package maintained by Russ Allbery. 
      Keeping the INN test suite driver up-to-date will be possible thanks
      to a new getc-tap-harness script in the support directory that
      automatically fetches the latest upstream changes.

      Similarly, the new getrra-c-util script permits to keep most of 
      the utility and portability functions synchronized with the upstream
      version of the rra-c-util package maintained by Russ Allbery.

    * Other minor bug fixes and documentation improvements.


-- 
Julien ÉLIE

« À vaincre sans péril, on évite des ennuis ! » (légionnaire
  romain)


More information about the inn-workers mailing list