<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt'>
<p>My advice, for what it's worth, since its a "major", please consider using the -RC way so others may test it before the true final is published. </p>
<p> </p>
<p>On 24/03/2015 07:41, Julien ÉLIE wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">Hi all,<br /><br /> I believe it is time to release a new major version of INN (2.6.0).<br /> At the same time, a final version for the 2.5 branch can be released.<br /><br /> If someone has patches that would be interesting to add to either<br /> of these versions, please send them.<br /> If you are aware of bugs that need being fixed before a new release,<br /> please also tell.<br /><br /> As a major version is the right moment to do somehow "incompatible"<br /> changes, if you have ideas of useful such changes, do not hesitate<br /> to tell.<br /><br /><br /><br /> There are several reasons for doing a release soon.<br /> Naturally, the main reason is that we have been accumulating<br /> several useful improvements for 6 years (INN 2.5.0 was released<br /> in June 2009). The new injection header fields described<br /> in RFC 5536 and 5537 are for instance now generated by nnrpd.<br /><br /> The second reason is that the coding effort is currently very low<br /> for INN; it then seems smarter to release our latest changes than<br /> waiting for another couples of years!<br /><br /> And as some of you already know, I am expecting a son within<br /> a few weeks. It will be my first child, so I do not expect<br /> to have lots of hours to spend on INN these next months/years...<br /> At least for major changes.<br /><br /><br /><br /> Here is the current changelog for INN 2.5.5 and INN 2.6.0.<br /> Feel free to comment.<br /><br /><br /><br /> Changes in 2.5.5<br /><br /> * New inn.conf parameters used by nnrpd to fine-tune the SSL/TLS<br /> configuration have been added: *tlsciphers*, *tlscompression*,<br /> *tlseccurve*, *tlspreferserverciphers*, and *tlsprotocols*. Many<br /> thanks to Christian Mock for his contribution that permits to tighten<br /> the level of security provided by TLS/SSL.<br /><br /> * innwatch no longer creates a child process only for sleeping and then<br /> waits on that process. The forked-off process only died after it had<br /> done sleeping, which caused the INN service to drop into maintenance<br /> state when for instance running under SMF on illumos/Solaris (since<br /> not all processes die within timeout). Thanks to Lauri Tirkkonen for<br /> the patch.<br /><br /> * Add new -i flag to both cnfsstat and innwatch to specify how many<br /> seconds they should sleep at startup. It will especially be useful in<br /> rc.news so that these scripts are actually started and then sleep by<br /> themselves, instead of being started a minute after innd and therefore<br /> not being properly stopped if "rc.news stop" is invoked during that<br /> minute.<br /><br /> * Add new -f flag to "innwatch" to specify the configuration file to<br /> use, in case it is not the default innwatch.ctl file.<br /><br /> * Fixed how innupgrade is executed during an update of an INN<br /> installation; on a few systems like AIX, it fails to run because its<br /> taint mode was unproperly declared.<br /><br /> * Several improvements have been contributed to pullnews by Geraint<br /> Edwards: the new -a flag adds the Diablo-compatible hashfeed ability,<br /> the new -B flag triggers header-only feeding, the -m flag now permits<br /> to remove headers matching (or not) a given regexp, and rnews<br /> reporting is improved.<br /><br /> * Add the nnrp.access2readers.conf contribution script written by<br /> Jeffrey M. Vinocur to convert old-style nnrp.access file to<br /> readers.conf.<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> Upgrading from 2.5 to 2.6<br /><br /> The following changes require your full attention because a manual<br /> intervention may be needed:<br /><br /> * The name and location of the pullnews configuration file have changed.<br /> It is now pullnews.marks, located in *pathdb* when pullnews is run as<br /> the news user, or otherwise in the running user's home directory. <br /> This file was previously stored in .pullnews in the running user's<br /> home directory (even for the news user). If you use pullnews, you<br /> need to manually move and rename the configuration file; otherwise, it<br /> will no longer work. Note that the -c flag passed to pullnews allows<br /> to specify another configuration file, if need be.<br /><br /> * If you have been using SSL/TLS with nnrpd before, be aware that the<br /> default value of a few inn.conf parameters have changed: the server<br /> now decides the preferred cipher (instead of the client), and only TLS<br /> protocols are allowed (using the flawed SSLv2 and SSLv3 protocols is<br /> now disabled). If you want to change these settings, the respective<br /> *tlspreferserverciphers* and *tlsprotocols* parameters can be tuned to<br /> your needs.<br /><br /> * The --with-kerberos configure flag used to add Kerberos v5 support has<br /> been renamed to --with-krb5.<br /><br /> * The --with-berkeleydb configure flag used to add Berkeley DB support<br /> has been renamed to --with-bdb.<br /><br /> * The --enable-ipv6 configure flag no longer exists. IPv6 is now<br /> unconditionally enabled, if available.<br /><br /> * $HOME is no longer exported as an environment variable by<br /> innshellvars, innshellvars.tcl and the Perl module "INN::Config". It<br /> was previously overriding the default user home directory with<br /> *pathnews*. If you use these scripts in your own scripts, you will<br /> have to take care of that change.<br /><br /> * Owing to the implementation of RFC 4643 (AUTHINFO USER/PASS) in innd,<br /> if remote peers have to authenticate in order to feed articles, they<br /> now have to send a username (which was previously wrongly optional),<br /> before sending their password. The mandatory username, though<br /> currently unused by innd, can be whatever the remote peer wishes. In<br /> previous versions of INN, inncheck was already complaining when<br /> passwd.nntp contained an empty username associated with a password.<br /><br /> A manual review of authenticated feeds should then be done so as to<br /> ensure that they are properly working.<br /><br /> * The Injection-Date: and Injection-Info: headers are now generated by<br /> nnrpd at injection time instead of the NNTP-Posting-Date:,<br /> NNTP-Posting-Host:, X-Complaints-To: and X-Trace: headers. Local<br /> scripts that were using (for authentication, privacy, etc.) these now<br /> deprecated headers should be updated. Also note that the Path: header<br /> of locally posted articles can also contain the contents of the<br /> deprecated NNTP-Posting-Host: field.<br /><br /> * The two *addnntppostingdate* and *addnntppostinghost* parameters in<br /> inn.conf have been respectively renamed to *addinjectiondate* and<br /> *addinjectionpostinghost*. innupgrade takes care of the modification<br /> only for inn.conf; a manual change will therefore be needed for<br /> readers.conf, if these parameters are overridden in this file.<br /><br /> Changes in 2.6.0<br /><br /> * The NNTP protocol requires a username to be sent before a password<br /> when authentication is used. innd was wrongly allowing only a<br /> password to be sent by authenticated peers. See the note above for<br /> more details.<br /><br /> * The Lines: header is no longer generated by nnrpd at injection time.<br /><br /> * The Injection-Date: header is now generated by nnrpd at injection time<br /> instead of the deprecated NNTP-Posting-Date: header, when<br /> *addinjectiondate* is set to true. Note that *addnntppostingdate* has<br /> been renamed to *addinjectiondate* in inn.conf.<br /><br /> * The Injection-Info: header is now generated by nnrpd at injection time<br /> instead of the deprecated NNTP-Posting-Host: (when<br /> *addinjectionpostinghost* is set to true), X-Complaints-To: and<br /> X-Trace: headers. Note that *addnntppostinghost* has been renamed to<br /> *addinjectionpostinghost* in inn.conf. The Path: header of locally<br /> posted articles now also contains the contents of the<br /> NNTP-Posting-Host: header.<br /><br /> * A new *addinjectionpostingaccount* parameter has been added in<br /> inn.conf. When set to true, the Injection-Info: header field contains<br /> an additional posting-account attribute that mentions the username<br /> assigned to the user at connection time or after authentication. The<br /> default value for this parameter is false.<br /><br /> * A few headers are now considered as obsolete by nnrpd at injection<br /> time: NNTP-Posting-Date:, NNTP-Posting-Host:, X-Complaints-To:,<br /> X-Trace:, Also-Control:, Article-Names:, Article-Updates:, and<br /> See-Also: headers.<br /><br /> Besides, nnrpd will similarly reject obsolete sendsys, senduuname and<br /> version control messages.<br /><br /> * The presence of a Subject: header field beginning with "cmsg " no<br /> longer causes an article to be interpreted as a control message by<br /> nnrpd at injection time.<br /><br /> * nnrpd no longer differentiates IHAVE from POST. Articles injected<br /> with IHAVE are now treated as though they were injected with POST. It<br /> means that if the previous behaviour of IHAVE was expected, innd<br /> should handle itself the connection instead of nnrpd.<br /><br /> * The name of the pullnews configuration file is now pullnews.marks<br /> located in *pathdb* when pullnews is run as the news user, or<br /> otherwise in the running user's home directory. It was previously<br /> stored in .pullnews in the running user's home directory (even for the<br /> news user).<br /><br /> * Building with Libtool is no longer optional. The --enable-libtool<br /> option to configure has been removed.<br /><br /> * When building INN with Berkeley DB, Cyrus SASL, Kerberos v5, OpenSSL,<br /> or zlib support, no longer add standard locations to compiler and<br /> linker include flags. Such default paths are now added only if<br /> explicitly given to one or more of the --with-bdb, --with-bdb-include,<br /> --with-bdb-lib, --with-sasl, --with-sasl-include, --with-sasl-lib,<br /> --with-krb5, --with-krb5-include, --with-krb5-lib, --with-openssl,<br /> --with-openssl-include, --with-openssl-lib, --with-zlib,<br /> --with-zlib-include, or --with-zlib-lib configure flags (the flags<br /> ending with "-include" and "-lib" are new in INN 2.6.0).<br /><br /> * If the Berkeley DB, Cyrus SASL, Kerberos v5, or OpenSSL SSL and crypto<br /> libraries are found at configure time, INN will now be built with<br /> support for them unless respectively the --without-bdb,<br /> --without-sasl, --without-krb5, or --without-openssl flags are<br /> explicitly passed to configure.<br /><br /> Note that it was already the default behaviour for zlib support when<br /> Berkeley DB support was also enabled.<br /><br /> * The configure flag --enable-reduced-depends has been added to request<br /> that library probes assume shared libraries are in use and<br /> dependencies of libraries should not be probed. It therefore tries to<br /> minimize the shared library dependencies of the resulting binaries on<br /> platforms with proper shared library dependencies. This is not<br /> enabled by default, and is of interest primarily to people building<br /> packages for distributions.<br /><br /> * The INN test suite driver is now fully synchronized with the upstream<br /> version of the C TAP Harness package maintained by Russ Allbery. <br /> Keeping the INN test suite driver up-to-date will be possible thanks<br /> to a new getc-tap-harness script in the support directory that<br /> automatically fetches the latest upstream changes.<br /><br /> Similarly, the new getrra-c-util script permits to keep most of <br /> the utility and portability functions synchronized with the upstream<br /> version of the rra-c-util package maintained by Russ Allbery.<br /><br /> * Other minor bug fixes and documentation improvements.<br /><br /><br /><br /><br /><br /> The next major changes would naturally be for INN 2.7.0.<br /> I will update accordingly Trac and TODO.<br /><br /> Have a nice week,</div>
</blockquote>
<p> </p>
<p> </p>
</body></html>