2. Very detailed Change Log
This document intends to detail the change log for relatively recent work
(roughly since the source code was tracked in Git).
Note
This change log section represents git commits in range v2.8.5..HEAD (commits 0e051f9f6..db633d1bd).
-
tests/NIT/nit.sh: wrap long openssl lines; fix a missed
validity-time spec [#1711]
-
tests/NIT/nit.sh: check_NIT_certs_NSS(): verify old run-time
toolkit vs. newer (cached) DB files [#3331, #1711] Auto-repair the
trusted NSS DB set(s) of files if we can. Primarily relevant for
build agents where same cache is used by NSS toolkits a decade
apart.
-
docs/nut.dict: add opcodes
-
configure.ac: add -Wno-thread-safety-negative to clang flags (seen
on FreeBSD builds)
-
lib/libupsclient-config.in: this should consider
LIBSSL_LDFLAGS_RPATH [#3331]
-
lib/libnutclient.pc.in: this now Requires: @LIBSSL_REQUIRES@
[#3331]
-
tests/NIT/nit.sh: fix passing server cert trust to NSS DB [#3331,
#1711]
-
tests/NIT/nit.sh: fix passing server cert usage to NSS DB [#3331,
#1711]
-
tests/NIT/nit.sh: fix passing root CA cert trust to NSS DB [#3331,
#1711]
-
drivers/apc_common.c, drivers/apc_common.h: add Axel Gembe
copyright to apc_common as the code is at the very least inspired
by the original code from apc-modbus
-
drivers/apcmicrolink.c: drop pragma to ignore a warning unknown to
old clang [#3406]
-
docs/man/apcmicrolink.txt, docs/nut.dict, drivers/apcmicrolink.c:
update docs and spellcheck dictionary
-
drivers/Makefile.am: add missing apc_common.h to distributed
headers
-
drivers/apcmicrolink-maps.c, drivers/apcmicrolink-maps.h,
drivers/apcmicrolink.c: extract descriptor helpers and fix map
includes
-
drivers/apcmicrolink.c, drivers/apcmicrolink.h: fix switch warnings
and replace flag bit-fields
-
NEWS.adoc, drivers/nutdrv_qx_megatec.c:
drivers/nutdrv_qx_megatec.c: add QX_FLAG_ABSENT to "ups.firmware"
so devices with all-spaces in that field can still be recognized
[#3436] Co-authored-by: Jim Klimov <jimklimov\+nut@gmail.com>
Co-authored-by: Siravijbb <siravijbb@gmail.com>
-
drivers/apc_modbus.c: remove unused function
-
common/common.c: cosmetic fix
-
docs/Makefile.am: add ASPELL_NUT_COMMON_ARGS to preclude mangling
of nut.dict on some platforms when checking interactively
-
drivers/apcmicrolink.c: fix commands and writes sometimes not
working and allow configuration of command source
-
drivers/Makefile.am, drivers/apc_common.c, drivers/apc_common.h,
drivers/apc_modbus.c, drivers/apc_modbus.h,
drivers/apcmicrolink-maps.c, drivers/apcmicrolink-maps.h,
drivers/apcmicrolink.c: Variable cleanup and commons creation
between apc-modbus and microlink
-
server/upsd.c: update_sysmaxconn(): default the sysmaxconn value to
"MAX - RESERVE_FD_COUNT_UPSD" on platforms where it might matter
[#3365]
-
server/upsd.c: update_sysmaxconn(): check that detected
sysmaxconn_hard is big enough to be useful considering the
RESERVE_FD_COUNT_UPSD set aside AND a few actual connections
[#3365]
-
server/upsd.c: update_sysmaxconn(): revise warning message about
hard limit [#3365]
-
server/upsd.c: be sure to re-detect sysmaxconn after (re-)loading
config [#3365]
-
NEWS.adoc, UPGRADING.adoc, docs/nut.dict, server/upsd.c,
server/upsd.h: server/upsd.{c,h}, NEWS.adoc, UPGRADING.adoc:
consider getrlimit() permissons vs. MAXCONN request [#3365]
-
NEWS.adoc, server/conf.c, server/upsd.c, server/upsd.h:
server/conf.c, server/upsd.{c,h}, NEWS.adoc: if we hit "Too many
open files" during configuration reload, close oldest client
connection and retry [#3365]
-
server/upsd.h: update © heading and whitespace styling
-
docs/nut.dict: update for dllldd [#3420]
-
NEWS.adoc: update about
scripts/Windows/dllldd.sh helper script
refinements [#3420]
-
docs/man/upscli_add_host_cert.txt: update that this call works also
with OpenSSL (since NUT v2.8.6) [#3331]
-
docs/download.txt, docs/nut.dict: Upload
NUT-for-Windows-x86_64-RELEASE-2.8.5-1-fixNSS.7z with NSS
dependency libraries missing in original NUT v2.8.5 release [#3420]
-
appveyor.yml: allow
ln to create hard links, and tell 7-zip to
store them as such, not as independent files (subject to 7zip
format du jour)
-
scripts/Windows/dllldd.sh: Revise use of TEMPFILE_REC to avoid grep
if it is empty [#3420]
-
Makefile.am: install-win-bundle-thirdparty: revise progress message
markup for easier troubleshooting [#3420]
-
scripts/Windows/dllldd.sh: dllldd_with_strings(): filter away
OUT_TOOLS hits if known [#3420]
-
scripts/Windows/dllldd.sh: dllldd_with_strings(): quick bail-out
with TEMPFILE_REC [#3420]
-
scripts/Windows/dllldd.sh: revise cleanup of TEMPFILE_REC; create
it earlier in dllldddir() [#3420]
-
scripts/Windows/dllldd.sh: dllldd(): use TEMPFILE_REC if defined by
caller [#3420]
-
scripts/Windows/dllldd.sh: dllldd_with_tools(), dllldd(): optimize
looped iteration of search paths we prepared [#3420] Avoid calls
to
tr ':' '\n' that can be done once.
-
scripts/Windows/dllldd.sh: relocate TEMPFILE_REC declaration to
before first use-mention [#3420]
-
scripts/Windows/dllldd.sh: filter_away_system_DLLs(): add some more
OS-provided common hits to exclusion list [#3420]
-
scripts/Windows/dllldd.sh: filter_away_system_DLLs(): add
DWrite.dll [#3420] Some OS releases have Microsoft DirectWrite for
high-quality text rendering, anti-aliasing, and font management…
not something we really care about in NUT, and part of OS footprint
we do not drill into.
-
scripts/Windows/dllldd.sh: dllldd_with_tools(), dllldd(): optimize
SEARCH_INPUT_PATH discovery [#3420] Instead of a loop with
dirname calls (spawning those processes takes a few seconds in
MSYS2 on Windows), use one sed process.
-
scripts/Windows/dllldd.sh: dllldd_with_strings(): ignore also
"lib%s.dll" hits [#3420]
-
scripts/Windows/dllldd.sh: accept also outputs from "objdump"
variants that return "NEEDED libname" [#3420]
-
scripts/Windows/dllldd.sh: when given a CLI argume t, check if it
is a directory (to run dllldddir) before diving in with dlllddrec
[#3420]
-
scripts/Windows/dllldd.sh: accept also outputs from "ldd" variants
that only return path (no parenthesis with hex) [#3420]
-
scripts/Windows/dllldd.sh: allow to parameterize DLLEXT_REGEX
[#3420] At least, allow to test/iterate the script with
non-Windows builds too.
-
scripts/Windows/dllldd.sh: dllldd_with_strings(): filter away some
bogus
strings outputs and findings [#3420]
-
scripts/Windows/dllldd.sh: more filter_away_system_DLLs() [#3420]
-
scripts/Windows/dllldd.sh: dllldd_with_tools(): define and clean-up
TEMPFILE_REC in the outer-most call if we stack them [#3420] This
should help directory crawlers etc. ignore paths already walked by
some previous recursion in this scripted execution.
-
scripts/Windows/dllldd.sh: dllldd_with_tools(): do not bail out if
we found some but not all DLLs via objdump; feed only the names we
did not resolve to ldd [#3420]
-
scripts/Windows/dllldd.sh: consider also SEARCH_INPUT_PATH based on
where the input EXE/DLL files are [#3420] This allows to find
libnutprivate*.dll or libupsclient*.dll files we built and
installed to EXE bindir, which were otherwise ignored by earlier
path discovery tools and/or logic.
-
scripts/Windows/dllldd.sh: filter_away_NUT_DLLs() when we query
both dllldd_with_tools() and dllldd_with_strings() [#3420]
-
scripts/Windows/dllldd.sh: refactor with discover_COMPILER_PATHS()
to not do this in a loop [#3420]
-
docs/nut.dict: Update nut.dict [#3430]
-
scripts/python/app/NUT-Monitor-py3qt5.in,
scripts/python/app/NUT-Monitor-py3qt6.in: Fix NUT-Monitor tray
tooltip text
-
NEWS.adoc: update about NUT-Monitor tooltips [#3430]
-
clients/upsmon.c, NEWS.adoc: do not abort if we did not succeed
upscli_init() but did not require SSL in the first place [#3420]
-
scripts/Windows/dllldd.sh: refactor to find DLLs with
strings
too; track filenames we already investigated [#3420] DRY the loop
and avoid cycles.
-
m4/nut_check_libnetsnmp.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libavahi.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
ci_build.sh, scripts/Windows/build-mingw-nut.sh:
get_CI_CACHE_NUT_HASHDIR_CFG_OPT(): consider also MAKE and
(CONFIG_)SHELL as circumstances that impact the configuration hash
[#3108]
-
m4/nut_check_libfreeipmi.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libgd.m4: revise with AC_CACHE_VAL() for each option
to be remembered [#3108]
-
m4/nut_check_libglib.m4, configure.ac: revise with AC_CACHE_VAL()
for each option to be remembered [#3108]
-
m4/nut_check_libgpiod.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libmodbus.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libneon.m4: revise with AC_CACHE_VAL() for each option
to be remembered [#3108]
-
m4/nut_check_libltdl.m4: do not drag around nut_have_libltdl in
cached section, use nut_cv_have_libltdl right away [#3108]
-
m4/nut_check_libopenssl.m4, m4/nut_check_libnss.m4, configure.ac:
revise with AC_CACHE_VAL() for each option to be remembered [#3108]
-
m4/nut_check_libpowerman.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libusb.m4: revise with AC_CACHE_VAL() for each option
to be remembered [#3108]
-
m4/nut_check_os.m4: fix comments starting a line with a hash to use
"dnl" first
-
m4/nut_check_libregex.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libsystemd.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_libwrap.m4: revise with AC_CACHE_VAL() for each option
to be remembered [#3108]
-
m4/nut_check_pkgconfig.m4: revise with AC_CACHE_VAL() for each
option to be remembered [#3108]
-
m4/nut_check_os.m4: set OS_NAME and PKG_TARGET after passing
AC_CACHE_CHECK [#3108]
-
m4/nut_check_libltdl.m4: do not reset nut_have_libltdl=yes when
checking for header from cached data [#3108]
-
m4/nut_check_libltdl.m4: add a summary print-out for cached re-runs
[#3108]
-
common/common.c: upsnotify(): fix "unused" warnings in different
build combos
-
ci_build.sh, ci_build.adoc: when we DO_USE_NUTCI_CACHE_DEBUG, stash
also the help text from configure script [#3108]
-
m4/nut_check_pkgconfig.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libwrap.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libusb.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libsystemd.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libregex.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libpowerman.m4: fix indentations, use AS_IF and
AS_CASE more [#3108]
-
m4/nut_check_libopenssl.m4, m4/nut_check_libpowerman.m4:
m4/nut_check_libopenssl.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libnss.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libnetsnmp.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libneon.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libmodbus.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libgpiod.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libglib.m4: fix indentations, use AS_IF and AS_CASE
more [#3108]
-
m4/nut_check_libgd.m4: fix indentations, use AS_IF and AS_CASE more
[#3108]
-
m4/nut_check_libfreeipmi.m4: fix indentations, use AS_IF [#3108]
-
m4/nut_check_libavahi.m4: fix indentations, use AS_IF [#3108]
-
m4/nut_check_cppcheck.m4: fix indentations, use AS_IF and
AC_CACHE_VAL [#3108]
-
m4/nut_check_bool.m4: fix indentations [#3108]
-
m4/nut_check_aspell.m4: fix indentations, use AS_IF [#3108]
-
m4/nut_check_asciidoc.m4: fix indentations, use AS_IF [#3108]
-
m4/nut_check_libltdl.m4: fix indentations, use AS_IF for outer
check [#3108]
-
m4/nut_check_os.m4: fix typo in heading
-
m4/nut_check_libltdl.m4: revise with AC_CACHE_VAL() for each option
to be remembered [#3108]
-
Makefile.am: when we
touch -d "-10 seconds", hide the errors
(such request is known to be not too portable)
-
ci_build.sh, scripts/Windows/build-mingw-nut.sh: facilitate re-runs
with changed .m4/.am/.ac sources and enabled autoconf cache:
handle precious CCACHE_ args/vars [#3108]
-
ci_build.adoc: clarify some points about caching [#3108]
-
ci_build.sh, ci_build.adoc: introduce
DO_USE_AUTOCONF_CACHE_DEBUG=each mode [#3108]
-
NEWS.adoc: move entry for #3302 into v2.8.6 release
-
docs/config-prereqs.txt: do not pull valgrind into default
Debian/Ubuntu footprint, it is not ubiquitous Revise other
suggestions a bit too
-
tests/cpputest-client.cpp: revise reporting of UPSCLI_SSL_CAPS*
[#3331, #1711]
-
clients/nutclient.cpp, clients/nutclient.h, clients/upsclient.c,
clients/upsclient.h, docs/man/upscli_ssl_caps.txt: upsclient,
nutclient, docs: introduce UPSCLI_SSL_CAPS_CERTHOST* [#3331]
-
tests/NIT/nit.sh: consider if we can not do CERTHOST validation
[#3331]
-
clients/upsclient.c: report if we can not do CERTHOST(name)
validation [#3331]
-
Makefile.am: .libs-dev-PATH: fix typo
-
clients/Makefile.am, common/Makefile.am, scripts/obs/debian.rules,
scripts/obs/nut.spec, tools/nut-scanner/Makefile.am: /Makefile.am,
scripts/obs/: bump libnutclient ABI level [#1290, #3331]
-
clients/nutclient.cpp: drop obsolete FIXME comments [#3331]
-
clients/nutclient.cpp: with openssl builds, do not require
non-trivial certhost_name IF we do not have methods to check it
(openssl too old) [#3331]
-
tests/NIT/nit.sh: refactor by use of check_NIT_certs_NSS() [#1711]
-
tests/NIT/nit.sh: introduce check_NIT_certs_NSS() [#1711]
-
tests/cpputest-client.cpp: enable testing for CERTHOST with OpenSSL
builds, update argument order for NSS builds [#3331, #1711]
-
clients/Makefile.am, clients/nutclient.cpp, clients/nutclient.h,
docs/man/libnutclient_tcp.txt: clients/nutclient.{cpp,h}, docs,
Makefile.am: fix SSLConfig_NSS related argument order to place
certhost after certident, to match logical proximity and OpenSSL
equivalents; reset ABI age (not backwards compatibleto recent
v2.8.5 release) [#3331]
-
tests/NIT/nit.sh: refactor by use of check_NIT_certs_NSS() [#1711,
#3390, #3108]
-
tests/NIT/nit.sh: introduce check_NIT_certs_NSS() [#1711]
-
tests/NIT/nit.sh: revise sanity-check, not all NSS versions had a
*.txt file [#3331, #1711]
-
tests/NIT/nit.sh: consider WITH_SSL_CLIENT_CERTIDENT=none to
(re)set certificate nickname verification [#3331, #1711]
-
tests/NIT/nit.sh: reword SSL support messages [#1711]
-
tests/NIT/nit.sh: revise sanity-check, not all NSS versions had a
*.txt file [#3331, #1711]
-
clients/nutclient.cpp: fix NULL⇒nullptr [#3331]
-
tests/NIT/nit.sh: isTestablePython(): fix detection of interpreter
shebang via /usr/bin/env [#1711]
-
tests/NIT/nit.sh: isTestablePython(): fix detection of interpreter
shebang via /usr/bin/env [#1711]
-
tests/NIT/nit.sh: refactor and improve portability with
somehash_filter()/somehash_files() method detection [#3390]
-
ci_build.sh: refactor and improve portability with
somehash_filter()/somehash_files() method detection [#3108]
-
.circleci/config.yml: allow various cache contents for same
branch/job iterations [#3390]
-
tests/NIT/nit.sh: introduce check_NIT_certs() to ensure
availability of all expected certs for NSS or OpenSSL scenarios
[#3390]
-
Makefile.am: .libs-dev-PATH: adjust for MacOS [#1711]
-
tests/cpputest-client.cpp: report also NUT_PORT [#1711, #3331]
-
tests/cpputest-client.cpp: fix reporting of incoming envvars
[#1711, #3331]
-
clients/upsclient.c, clients/nutclient.cpp: accept systems where
openssl does not define X509_V_ERR_HOSTNAME_MISMATCH [#3331]
-
clients/upsclient.c, clients/nutclient.cpp: use pragmas to hide
unreachable code warnings when built against openssl without X509
checking methods we use [#3331]
-
ci_build.sh, tests/NIT/nit.sh: introduce DO_USE_NUTCI_CACHE_DEBUG
to stash optional items not needed in production use of the cache,
but rather to track its regressions on re-runs etc. [#3108]
-
Makefile.am: use a more portable date spec in touch for start of
Epoch
-
configure.ac: properly use AC_CACHE_VAL for BSDKVMPROCLIBS [#3108]
-
m4/nut_check_libltdl.m4: re-detect ltdl.h details if we needed to
retry, to not lose track [#3108]
-
tests/NIT/nit.sh: fix NUT_CAPATH for PERL SSL tests on Windows
(MSYS2) yet some more [#1711]
-
tests/NIT/nit.sh: fix NUT_CAPATH for PERL SSL tests on Windows
(MSYS2) with forward slashes too [#1711]
-
tests/NIT/nit.sh: fix NUT_CAPATH for PERL SSL tests on Windows
(MSYS2) with forward slashes too [#1711]
-
tests/NIT/nit.sh: fix portability for recursive "cp" [#3390]
-
m4/nut_check_libnetsnmp.m4: re-detect libnetsnmp details in mingw
builds to not lose track [#3108]
-
scripts/Windows/build-mingw-nut.sh: CI_CACHE_NUT_HASHDIR_CFG and
configure_nut(): stash a copy of first-run config.log and config.h
as examples of resulting configuration [#3108]
-
scripts/Windows/build-mingw-nut.sh: add © into the heading
-
ci_build.sh: get_CI_CACHE_NUT_HASHDIR_CFG_OPT(), configure_nut():
stash a copy of first-run config.log and config.h as examples of
resulting configuration [#3108]
-
docs/download.txt: fix NOTE block style
-
ci_build.sh, Makefile.am: revise passing
CI_CACHE_NUT_HASHDIR_CFG_OPT into distcheck runs [#3108]
-
ci_build.sh: consider_cleanup_shortcut(): do not fail if there is
no out-of-tree CI_BUILDDIR/Makefile.in - normally it should not be
there (but do check for one in SCRIPTDIR)
-
ci_build.sh: refactor get_CI_CACHE_NUT_HASHDIR_CFG_OPT() into a
method, handle distcheck builds too [#3108]
-
NEWS.adoc: update about NIT caching of test certificates [#3390]
-
tests/NIT/README.adoc, docs/nut.dict: document caching [#3108,
#3390, #1711]
-
appveyor.yml, .circleci/config.yml: generalize to
DO_USE_NUTCI_CACHE, not just DO_USE_AUTOCONF_CACHE [#3108, #3390]
-
ci_build.adoc, docs/nut.dict: document caching [#3108]
-
ci_build.sh, tests/NIT/nit.sh: generalize DO_USE_NUTCI_CACHE so
AUTOCONF and NIT_TESTCERT toggles may be separate; drop old logic
for config.cache in build area; rename CLEAN vars to …_BEFORE
[#1711, #3390]
-
tests/NIT/nit.sh: handle DO_CLEAN_AUTOCONF_CACHE [#3390]
-
tests/NIT/nit.sh: fix preparation of PEM and JKS client key/cert
from OpenSSL [#1711, #3390] Move code that landed into a wrong
case.
-
tests/NIT/nit.sh: refactor preparation of PEM and JKS server
key/cert from OpenSSL [#1711, #3390] Handle a situation with new
openssl defaults and old(er) java keytool.
-
tests/NIT/Makefile.am, tests/NIT/nit.sh: name the default
WITH_SSL_TESTS=best-effort behavior for clarity [#1711]
-
ci_build.sh, scripts/Windows/build-mingw-nut.sh: ci_build.sh: name
CI_CACHE_NUT_HASHDIR with AUTOCONF prefix [#3108]
-
tests/NIT/nit.sh: prepare_NIT_certs(): rename TESTCERT_VARS.sh to
.env, generate one [#3390]
-
tests/NIT/nit.sh: fix NUT_CAPATH for PERL SSL tests on Windows
(MSYS2) [#1711]
-
tests/NIT/nit.sh: prepare_NIT_certs(): for caching, also generate
NSS DB from OpenSSL PEM if we can [#3390]
-
tests/NIT/nit.sh: prepare_NIT_certs(): drop obsolete comment
[#3390]
-
tests/NIT/nit.sh: prepare_NIT_certs(): extend validity of generated
test certificates to 20 years [#3390]
-
tests/NIT/nit.sh: prepare_NIT_certs(): add generation of JKS (and
more PEM) from NSS, but only if we plan to cache the result [#3390]
-
tests/NIT/nit.sh: prepare_NIT_certs(): wrap long command lines
[#3390]
-
tests/NIT/nit.sh: refactor mock cert population logic as
prepare_NIT_certs(), and allow caller-provided or automatically
cached mocks [#3390]
-
appveyor.yml: tweak notification triggers again [#1400]
-
tests/NIT/nit.sh: fix NUT_CAPATH for PERL SSL tests on Windows
(MSYS2) [#1711]
-
NEWS.adoc, clients/nutclient.cpp, clients/nutclient.h,
clients/upsclient.c, conf/upsmon.conf.sample.in,
docs/man/libnutclient_tcp.txt, docs/man/upscli_add_host_cert.txt:
clients/{nut,ups}client, docs: make sure CERTHOST values for
FORCESSL/CERTVERIFY are used (C+\+), allow inheriting global setting
via -1 [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: in TcpClient, track the applied
SSLConfig* vs. build(/run)time ability to use NSS (and/)or OpenSSL
via UPSCLI_SSL_CAPS* and consider that in getter preferences
[#3331]
-
clients/nutclient.cpp, clients/nutclient.h,
docs/man/libnutclient_commands.txt, docs/man/libnutclient_tcp.txt:
clients/nutclient.{cpp,h}, docs/man/libnutclient_tcp.txt: add
optional CERTHOST verification to OpenSSL code path [#3331]
-
clients/nutclient.cpp: some builds manage to get into WITH_SSL_CXX
without WITH_OPENSSL|\|WITH_NSS defined [#3331]
-
m4/nut_check_libopenssl.m4, clients/upsclient.c,
clients/nutclient.cpp, server/netssl.c:
openssl_cert_verify_san_name(): support OpenSSL versions before
ASN1_STRING_get0_data() and potentially related helpers [#3331]
-
ci_build.sh: comment about the life-cycle of config.cache file
[#3108]
-
ci_build.sh: align defaults for DO_USE_AUTOCONF_CACHE and
DO_CLEAN_AUTOCONF_CACHE with existence of CI_CACHE_NUT_BASEDIR
[#3108]
-
scripts/Windows/build-mingw-nut.sh: add support for CI_TRACE envvar
toggle, like in ci_build.sh
-
ci_build.sh, scripts/Windows/build-mingw-nut.sh: pass
CI_CACHE_NUT_HASHDIR into Windows builds if we want to and can
[#3108]
-
NEWS.adoc, appveyor.yml: NEWS.adoc: ability to optionally re-use a
config.cache file from older runs moved to NUT v2.8.6 [#3108]
-
appveyor.yml, .circleci/config.yml: cache the out-of-tree locations
for config.cache [#3108]
-
ci_build.sh: support reusable config.cache per "uname \+ script
config opts" hash [#3108] Now even several build environments
sharing a source directory with a generated configure script should
be able to safely use their individual caches.
-
ci_build.sh: in developer mode (no BUILD_TYPE) utilize
make
all-quick for less noise
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: refactor SSLConfig_CERTIDENT_NSS to not
construct with a separate certstore_pass [#3331] NSS only has one
pass phrase (shared for all private key database entries)
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: refactor TcpClient and Socket to pass
around SSLConfig(-derived) instances instead of private fields
[#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: SSLConfig: add getCertHostBy*() methods
[#3331]
-
clients/nutclient.cpp: clients/nutclient.{cpp,h}:
SSLConfig_*::apply(): prepare and hide debug printouts [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: SSLConfig_CERTIDENT fix
polymorphic-friendly reference to _certstore [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclientmem.{cpp,h}: use _empty_str in constructors, just
to be sure we have a valid reference to an immortal std::string
where we expect one [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: SSLConfig*: introduce clone() methods to
own data in our sets of CERTHOST/CERTSTORE/CERTIDENT and delete it
properly [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: SSLConfig: in the sets of
CERTHOST/CERTSTORE/CERTIDENT data, retain polymorphic-friendly
pointers instead of mutilated auto-casted objects [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: SSLConfig::addCertHost(): constrain to
adding non-trivial entries only [#3331]
-
clients/nutclient.cpp, clients/nutclient.h:
clients/nutclient.{cpp,h}: move SSLConfig* method implementations
from header to CPP file [#3331]
-
clients/nutclient.cpp, clients/nutclient.h: clients/nutclient.h:
refactor SSLConfig_NSS class to use new storage classes [#3331]
-
clients/nutclient.cpp, clients/nutclient.h: clients/nutclient.h:
refactor SSLConfig_OpenSSL class to use new storage classes [#3331]
-
clients/nutclient.h: extend base SSLConfig class to keep track of
optional CERTSTORE, CERTIDENT and/or CERTHOST info [#3331]
-
clients/nutclient.cpp, clients/nutclient.h: clients/nutclient.h:
introduce SSLConfig* classes to keep CERTSTORE locations and
credentials, and CERTIDENT and CERTHOST info [#3331]
-
clients/nutclient.h: streamline code style for SSLConfig* classes
[#3331]
-
clients/nutclient.cpp: Socket() constructor should not rely on
openssl_cert_verify_data struct to be pre-zeroed [#3331] OBS
builds, and later valgrind, confirmed an issue with random
decisions and free()'s based on random data in that struct.
Apparently C differs from C+\+ in that aspect?..
-
drivers/usbhid-ups.c, NEWS.adoc: reconnect_ups(): report success
more visibly [#3423] Also fix setting "quiet" driver status when
we actualy remain in reconnecting state (or rather will soon
re-enter it because situation is not fixed)
-
clients/nutclient.cpp, clients/upsclient.c, server/netssl.c:
openssl_cert_verify_san_name(): revise loop based on return from
*printf() [#3331]
-
clients/nutclient.cpp, server/netssl.c: fix CI warnings [#3331]
-
UPGRADING.adoc, clients/nutclient.cpp, clients/nutclient.h,
docs/man/Makefile.am, docs/man/libnutclient_tcp.txt,
tests/NIT/nit.sh, tests/cpputest-client.cpp:
clients/nutclient.{cpp,h}, tests/cpputest-client.cpp, nit.sh, docs:
a CERTHOST address was missing (and subject/nickname is not the
host name/url that NSS checks for) [#3331, #1711]
-
clients/nutclient.cpp, clients/nutclient.h,
docs/man/libnutclient_tcp.txt: clients/nutclient.{cpp,h}: rename
"forcessl" to match upsclient.c, and "tryssl" to not stand out
[#3331]
-
tests/cpputest-client.cpp: honour NUT_DEBUG_LEVEL by enabling
(Socket Connect) debug toggle [#1711]
-
tests/NIT/nit.sh: support passing individual
NUT_DEBUG_LEVEL_{PERL,PYTHON,CPPNIT,NUTSCAN} [#1711]
-
server/netssl.c, clients/upsclient.c, clients/nutclient.cpp: align
messages from NSS AuthCertificate() callbacks [#3331]
-
clients/nutclient.cpp: Socket::startTLS(): if NSS handshake fails,
add ssl_url to the exception message [#3331]
-
clients/nutclient.cpp: setSSLConfig_*(): debug-log the code path
actually taken [#1711]
-
clients/nutclient.cpp: Socket: document the SSL fields better
[#3331]
-
clients/nutclient.cpp: TcpClient::connect(): now we can config
run-time for both NSS and OpenSSL, most options are shared and
built-in abilities drive the final choice [#3331]
-
tests/cpputest-client.cpp: setupClientSSL(): rearrange reporting of
enabled SSL options [#1711]
-
tests/NIT/nit.sh: setenv_ssl_cppnit(): provide NUT_CERTFILE and
NUT_KEYFILE values for OpenSSL tests [#1711, #3331]
-
clients/nutclient.cpp: transplant openssl_cert_verify_callback() et
al from upsclient.{c,h} [#3331]
-
clients/nutclient.cpp: Socket::startTLS(): some reported CN values
(at least from openssl parser) may include escaped slashes as a
separator [#3331]
-
clients/nutclient.cpp: fix syntax for NSS builds [#3331, #1711]
-
configure.ac: fix the checks for enabling SSL support in C+\+ builds
[#1711, #3331]
-
server/netssl.c: ssl_init(): some reported CN values (at least from
openssl parser) may include escaped slashes as a separator [#3331]
-
server/netssl.c, server/nut_ctype.h: transplant
openssl_cert_verify_callback() et al from upsclient.{c,h} [#3331]
-
clients/upsclient.c, clients/upsclient.h: clients/upsclient.{c,h}:
revise code/comment markup for recent changes [#3331]
-
tests/NIT/nit.sh: ensure SAN aliases (DNS and IP) that should NOT
match the current host [#1711]
-
clients/upsclient.c: upscli_init2(): some reported CN values (at
least from openssl parser) may include escaped slashes as a
separator [#3331]
-
clients/upsclient.c: openssl_cert_verify_san_name(): use
X509_check_host()/X509_check_ip_asc() where available [#3331]
-
clients/upsclient.c: openssl_cert_verify_callback(): consistently
report depth along with CN (counterpart, CA…) [#3331]
-
clients/upsclient.c: openssl_cert_verify_callback(): do not call
and log openssl_cert_verify_san_name() when already OK per caller
[#3331]
-
clients/upssched.c: hush down byte-by-byte read tracing (away from
common debug level 6)
-
clients/upsclient.c, clients/upsclient.h: clients/upsclient.c:
convert openssl_cert_print_san_name() into
openssl_cert_verify_san_name() [#3331] Also persist
openssl_cert_verify_data_t in UPSCONN_t so it is always available
to callbacks when needed for this ups instance.
-
clients/upsclient.c: openssl_cert_print_san_name(): handle
IPv4/IPv6 addresses in SAN [#3331]
-
clients/upsclient.c: rename example "mydata" into
"openssl_cert_verify_data" (types, vars) and example methods to
print/verify certs [#3331]
-
clients/upsclient.c, configure.ac: import openssl doc examples for
certificate reporting/inspection into NUT styling and logging
[#3331]
-
clients/upsclient.c: fix markup about switch() so it is consistent
in the file [#3331]
-
clients/nutclient.cpp, clients/upsclient.c, server/netssl.c:
server/netssl.c,clients/upsclient.c, clients/nutclient.cpp: when we
verify subject_CN[], consider comma as a separator too [#3331]
-
clients/nutclient.cpp: fix a missed static_cast [#3331]
-
clients/nutclient.cpp: be sure to include openssl/x509v3.h for
methods we use [#3331]
-
drivers/apcmicrolink.c, drivers/apcmicrolink.h:
drivers/apcmicrolink.c: minor handshake fix, allow flexible frame
size Change to allow flexible frame size (upto 256 bytes) by
waiting for page0, as some devices with payload size != 35 were
incompatible. Allow variable length serial number string during
handshake (as some devices use 14 characters).
-
drivers/apc_modbus.c: addvar() the modbus_retries option [#3414]
-
tests/NIT/nit.sh: setenv_ssl_common(): revise NUT_CAPATH conditions
[#1711]
-
tests/NIT/nit.sh: fix check of python FORCESSL is testable [#1711,
#1349]
-
scripts/python/module/PyNUT.py.in: fix sleep() [#1349, #1711]
-
clients/nutclient.cpp, clients/nutclient.h, clients/upsclient.c,
clients/upsclient.h, docs/man/libnutclient_tcp.txt,
docs/man/upscli_ssl_caps.txt, server/netssl.c, tests/NIT/nit.sh:
Further differentiate reported CERTIDENT_NAME/_PASS capability
[#1711]
-
tests/NIT/nit.sh: refactor with setenv_ssl_common(), and in
setenv_ssl_python() verify that we can run SSL tests (else do not
force them) [#1349, #1711]
-
scripts/python/module/PyNUT.py.in: detect inability to use SSL
module (older interpreter etc.) [#1349, #1711]
-
tests/NIT/nit.sh: align generation of CERTIDENT into
upsd.conf/upsmon.conf with ability announced by the binaries
[#1711]
-
scripts/perl/test_nutclient.pl: ANSI colors are a nice to have, do
not crash if absent [#1711]
-
scripts/perl/UPS/Nut.pm: StartTLS(): use a better portable "or" for
"undef" printing [#1711]
-
scripts/perl/test_nutclient.pl: warnings are a nice to have, do not
crash if absent [#1711]
-
NEWS.adoc, clients/nutclient.cpp, clients/nutclient.h,
clients/upsclient.c, clients/upsclient.h,
docs/man/libnutclient_tcp.txt, docs/man/upscli_ssl_caps.txt:
clients/upsclient.c, clients/nutclient.cpp, headers, docs:
propagate UPSCLI_SSL_CAPS_CERTIDENT as a flag [#3331]
-
server/netssl.c, clients/upsclient.c: *ssl_caps_descr(): mention
OpenSSL CERTIDENT (in)ability [#3331]
-
scripts/perl/UPS/Nut.pm: warnings are a nice to have, do not crash
if absent [#1711]
-
clients/upsclient.c, clients/nutclient.cpp, server/netssl.c,
m4/nut_check_libopenssl.m4: for OpenSSL password callback, check
actual presence of methods, not version numbers [#3331]
-
clients/upsclient.c: nss_password_callback(): reconcile markup with
server/netssl.c [#3331]
-
server/netssl.c: for now openssl_password_callback() should only be
declared/implemented when OPENSSL_VERSION_NUMBER >= 1.1.0 [#3331]
-
tests/NIT/nit.sh: account SKIPPED test cases (when isTestable* says
we can not) [#1711]
-
tests/NIT/nit.sh: be portable, use TABCHAR instead of "\t" [#1711]
-
docs/nut.dict: update for older systems
-
configure.ac: work around ancient autotools without PACKAGE_URL
-
Makefile.am: hijack PARMAKES_OPT to also set V=0 by default
-
drivers/apcmicrolink-maps.c, drivers/apcmicrolink-maps.h,
drivers/apcmicrolink.c: drivers/apcmicrolink.c: try to use naming
from apc_modbus for some commands and values
-
drivers/apcmicrolink.c: fix microlink_page0_state_t init and reset
-
clients/upsclient.c: for now openssl_password_callback() should
only be declared/implemented when OPENSSL_VERSION_NUMBER >= 1.1.0
[#3331]
-
conf/upsmon.conf.sample.in, docs/man/upsmon.conf.txt: clarify that
CERTIDENT support requires OpenSSL 1.1.0\+ to fully work at the
moment [#3331]
-
drivers/nutdrv_qx.c, NEWS.adoc: qx_is_usb_device_supported(): only
claim SUPPORTED if subdriver_command was assigned [#3410]
-
NEWS.adoc, drivers/apc_modbus.c: apc_modbus: increase default TCP
response timeout to 2000 ms The default 500ms timeout value is
marginal for Modbus TCP, even on a fast local network. In tests
with an APC UPS, we see timeouts because of this: ``` Apr 14
19:10:44 ares apc_modbus[2002143]: _apc_modbus_read_registers: Read
of 0:27 failed: Connection timed out (192.168.0.102:502) Apr 14
19:10:44 ares apc_modbus[2002143]: _apc_modbus_read_registers: Read
of 0:27 failed: Invalid data (192.168.0.102:502) Apr 14 19:10:44
ares apc_modbus[2002143]: _apc_modbus_close: Closing connection Apr
14 19:10:47 ares apc_modbus[2002143]: Opened modbus successfully
``` Packet capture: ``` No. Time Source Destination
Protocol Length Info 3636 2026-04-14 19:10:43.842072
192.168.0.40 192.168.0.102 Modbus/TCP 66 Query:
Trans: 12622; Unit: 1, Func: 3: Read Holding Registers 3637
2026-04-14 19:10:44.018369 192.168.0.102 192.168.0.40 TCP
60 502 → 40392 [ACK] Seq=70441 Ack=11905 Win=3660 Len=0 3638
2026-04-14 19:10:44.377723 192.168.0.40 192.168.0.102
Modbus/TCP 66 Query: Trans: 12623; Unit: 1, Func:
3: Read Holding Registers 3639 2026-04-14 19:10:44.578103
192.168.0.102 192.168.0.40 TCP 60 502 → 40392 [ACK]
Seq=70441 Ack=11917 Win=3648 Len=0 3640 2026-04-14
19:10:44.579449 192.168.0.102 192.168.0.40 Modbus/TCP
117 Response: Trans: 12622; Unit: 1, Func: 3: Read Holding
Registers 3641 2026-04-14 19:10:44.579482 192.168.0.40
192.168.0.102 TCP 54 40392 → 502 [ACK] Seq=11917
Ack=70504 Win=63 Len=0 3642 2026-04-14 19:10:44.579604
192.168.0.40 192.168.0.102 TCP 54 40392 → 502 [FIN,
ACK] Seq=11917 Ack=70504 Win=63 Len=0 ``` 3636 is the first read,
3638 is the retry after 500ms without response, both are ACKed.
3640 is the actual response to transaction 12622, which arrives
700ms after the initial packet. At this point we expect a response
to transaction 12623, which is why we fail with "invalid data". To
fix this we increase the default TCP response timeout to 2000 ms,
which seems to be more reasonable for a device that already can
take 700 ms to respond under ideal conditions. I chose a bit higher
value for users who might connect the device over a higher latency
network.
-
NEWS.adoc, docs/nut.dict, drivers/apc_modbus.c,
drivers/apc_modbus.h: apc_modbus: decode
RunTimeCalibrationStatus_BF
RunTimeCalibrationStatus_BF is
explained in MPAO-98KJ7F_R1_EN Appendix B. This adds defines for
the bitfield and decodes it into
experimental.ups.calibration.result using a string join
converter.
-
NEWS.adoc, docs/nut.dict, drivers/apc_modbus.c,
drivers/apc_modbus.h: apc_modbus: decode PowerSystemError_BF as
alarms
PowerSystemError_BF is explained in MPAO-98KJ7F_R1_EN
Appendix B. This adds defines for the bitfield and decodes it as
alarms in the driver.
-
NEWS.adoc, docs/nut.dict, drivers/apc_modbus.c,
drivers/apc_modbus.h: apc_modbus: decode BatterySystemError_BF as
alarms
BatterySystemError_BF is explained in MPAO-98KJ7F_R1_EN
Appendix B. We were already using the bitfield for the RB
status, this adds defines for the bitfield and decodes it as alarms
in the driver.
-
NEWS.adoc, docs/man/apc_modbus.txt, drivers/apc_modbus.c:
apc_modbus: simplify error handling with read retries Replace the
complex
_apc_modbus_handle_error function with a simpler retry
mechanism built into _apc_modbus_read_registers. The new
approach: - Retries register reads on ETIMEDOUT errors up to
modbus_retries times (configurable, default 3) - On non-timeout
errors or after retry exhaustion, closes the connection for
reconnection on the next update cycle - Removes the
platform-specific (WIN32/POSIX) timeout detection and the
flush-based recovery that didn’t work anyway (flush is already done
in _apc_modbus_reopen upon reconnection) Also adds a
modbus_retries driver option to configure the number of read
retry attempts, and improves logging for connection open/close
events. This change was inspired by a patch by @marcan to do the
same and from testing the behaviour of apcupsd, noticing that on
my USB unit it times out on read and only succeeds on the first
retry.
-
NEWS.adoc, drivers/apc_modbus.c: apc_modbus: always zero terminate
string join
_apc_modbus_string_join did not zero terminate the
result in every case, like when all values are NULL.
-
drivers/apc_modbus.c: apc_modbus: bump driver version to 0.20
-
docs/nut.dict: Add more words to dict
-
drivers/apcmicrolink.c: fix most static compile issues
-
docs/nut.dict: add apcmicrolink and RMI
-
NEWS.adoc: introduce apcmicrolink driver [#3406]
-
drivers/Makefile.am: EXTRA_DIST apcmicrolink-maps.h apcmicrolink.h
[#3406]
-
docs/man/Makefile.am: provide apsmicrolink.html also [#3406]
-
tests/NIT/nit.sh: generate upsmon.pem [#3331, #1711]
-
NEWS.adoc, clients/nutclient.cpp, clients/upsclient.c,
conf/upsd.conf.sample, conf/upsmon.conf.sample.in,
docs/man/upsd.conf.txt, docs/man/upsmon.conf.txt, server/netssl.c:
upsd, libupsclient, libnutclient, upsmon: in OpenSSL builds,
support CERTPATH pointing to a big PEM file as well as a directory
[#3331]
-
clients/nutclient.cpp, clients/nutclient.h,
tests/cpputest-client.cpp: clients/nutclient.{h,cpp},
tests/cpputest-client.cpp: extend setSSLConfig_OpenSSL() etc. to
support CERTIDENT name (validation of client' own cert) [#3331]
-
clients/upsclient.c: fix CERTIDENT (OpenSSL) to check for CN=…
part too [#3331]
-
server/netssl.c: fix CERTIDENT (OpenSSL) to check for CN=… part
too [#3331]
-
tests/NIT/nit.sh: generate upsmon.pem [#3331, #1711]
-
tests/NIT/nit.sh: setenv_ssl_cppnit(): fix check for
TESTCERT_PATH_ROOTCA [#1711]
-
tests/NIT/nit.sh: unlock OpenSSL features that are now on par with
NSS [#3331, #1711]
-
scripts/python/module/PyNUT.py.in, scripts/perl/UPS/Nut.pm: handle
CERTIDENT to validate loaded client certificate name [#3331] Make
sure the file we got is the file we wanted. Belts and suspenders
rule!
-
scripts/python/module/PyNUT.py.in, scripts/perl/UPS/Nut.pm: handle
CERTHOST (dict or list of dict/tuple) to validate connections
better [#3331]
-
scripts/perl/UPS/Nut.pm: StartTLS(): alias variables named like in
other NUT code into SSL_* if not provided directly [#1711]
-
clients/nutclient.cpp, clients/upsclient.c, conf/upsd.conf.sample,
docs/man/upsd.conf.txt, server/netssl.c: clients/nutclient.cpp,
clients/upsclient.c, server/netssl.c: reconcile variants of
openssl_password_callback() [#3331] Notably, in C code (upsclient,
netssl) constrain with OpenSSL >= 1.1 support, and do use
SSL_CTX_set_default_passwd_cb_userdata() to pass the configured (or
generally otherwise provided)
certpasswd string.
-
NEWS.adoc, clients/upsmon.c, conf/upsmon.conf.sample.in,
docs/man/upsmon.conf.txt: clients/upsmon.c, NEWS.adoc, conf/,
docs/man/: introduce support of CERTFILE to upsmon [#3331]
-
clients/upsclient.c, clients/upsclient.h, docs/man/Makefile.am,
docs/man/upscli_init.txt: clients/upsclient.{c,h},
docs/man/upscli_init.txt: implement client CERTIDENT correctly (via
CERTFILE); introduce upscli_init2() [#3331]
-
NEWS.adoc, conf/upsd.conf.sample, docs/man/upsd.conf.txt,
server/conf.c, server/netssl.c, server/netssl.h: server/*,
NEWS.adoc, conf/upsd.conf.sample, docs/man/upsd.conf.txt: implement
server-side CERTPATH for OpenSSL [#3331] Optionally use for
validation of clients with OpenSSL collection of CA PEM files.
-
conf/upsd.conf.sample, docs/man/upsd.conf.txt, server/conf.c,
server/netssl.c: server/*, conf/upsd.conf.sample,
docs/man/upsd.conf.txt: implement server-side CERTIDENT for OpenSSL
[#3331]
-
NEWS.adoc, conf/upsd.conf.sample, conf/upsmon.conf.sample.in,
docs/man/upsd.conf.txt, docs/man/upsmon.conf.txt: NEWS.adoc,
docs/man/, conf/: update docs about newly supported features with
OpenSSL [#3331]
-
server/conf.c: reshuffle options processing and update comments now
that CERTREQUEST is for both backends and more may follow [#3331]
-
clients/upsclient.c: upscli_sslinit(): consider
CERTHOST→certverify setting to NOT abort the connection if
verification was not required (0) [#3331]
-
clients/upsclient.c: upscli_sslinit(): consider
OPENSSL_VERSION_NUMBER constraint in logging, possibly rejecting
the StartTLS attempt with OpenSSL too old (can not fulfil required
security, avoid sad mishaps) [#3331]
-
conf/upsd.conf.sample, docs/man/upsd.conf.txt: heads-up about
MAXCONN and ulimit [#3365]
-
NEWS.adoc: remove duplicated paragraph (silent merge conflict)
-
clients/upsmon.c, clients/upsrw.c, common/common.c,
drivers/adelsystem_cbi.c, drivers/generic_modbus.c, drivers/main.c,
drivers/powerman-pdu.c, drivers/snmp-ups.c,
drivers/tripplite_usb.c, tools/nut-scanner/nutscan-serial.c: .c:
fix use of non-const char with strstr() and strchr() return values
[#823]
-
docs/man/Makefile.am: fix possible non-delivery of
NUTSCAN_UPSLOG_SET_DEBUG_LEVEL_DEPS pages [#3378, #3379]
-
docs/man/upscli_init.txt: update wording and markup for
pre-existing features [#3331]
-
NEWS.adoc: announce the adjusted markup format
-
scripts/perl/UPS/Nut.pm: warn if CERTVERIFY and custom CA options
are enabled on Darwin platform [#3404]
-
scripts/perl/UPS/Nut.pm: align closer with can_ssl [#1711]
-
scripts/perl/UPS/Nut.pm, scripts/perl/test_nutclient.pl,
tests/NIT/nit.sh: scripts/perl/*, tests/NIT/nit.sh: streamline
passing NUT_DEBUG_SSL_PERL (or defaulting to no debug) [#1711]
-
tests/NIT/nit.sh: neuter CERTVERIFY on darwin for now [#3404]
-
tests/NIT/nit.sh: centralize definition of PERL_OPTS [#1711]
-
scripts/perl/UPS/Nut.pm: allow SSL cert validation for IP addresses
as host names [#1711]
-
scripts/perl/UPS/Nut.pm: pass only defined args to
IO::Socket::SSL→start_SSL() [#1711]
-
scripts/perl/UPS/Nut.pm: support debugging messages of
IO::Socket::SSL [#1711]
-
tests/NIT/nit.sh: report the non-default NIT_CASE being handled
[#1711]
-
clients/upsclient.c: upscli_sslinit(): OPENSSL_VERSION_NUMBER
constraint applies to whole block for X509_VERIFY_PARAM [#3331]
-
server/netssl.c: extend OpenSSL builds feature set to support
CERTREQUEST validation of clients [#3331]
-
clients/upsclient.c: extend OpenSSL builds feature set to support
pinning server certificates [#3331]
-
clients/upsclient.c: extend OpenSSL builds feature set to support a
client certificate\+key, optionally with password [#3331]
-
scripts/perl/UPS/Nut.pm, scripts/perl/test_nutclient.pl:
scripts/perl/UPS/Nut.pm: now we can pass SSL debug level as a
number [#1711]
-
scripts/perl/UPS/Nut.pm: fix to loading IO::Socket::SSL via eval
with quotes not braces [#1711] It is then evaluated at run-time as
code reaches that line (or not - conditionals), not at
interpretation time where it fails too early. Also use "1;" in the
end as a tidy practice.
-
clients/nutclient.cpp: work around lack of threads in some mingw
versions [#3402]
-
data/driver.list.in, docs/man/Makefile.am,
docs/man/apcmicrolink.txt, drivers/Makefile.am,
drivers/apcmicrolink-maps.c, drivers/apcmicrolink-maps.h,
drivers/apcmicrolink.c, drivers/apcmicrolink.h: drivers: add
experimental APC Microlink serial driver Implement a new
apcmicrolink driver for APC Smart-UPS units that expose the
Microlink serial protocol. The driver establishes a Microlink
session over the serial link, reads the device descriptor blob, and
uses that runtime descriptor map to publish standard NUT variables,
writable settings, status bits, alarms, and supported instant
commands. Add labeled Microlink command masks for battery tests,
calibration, UPS control, and outlet-group power control; wire
APC-style load and shutdown commands through the static command
map; publish input.transfer.reason from UPS status change cause;
and stop folding simple-signaling status bits into ups.status. Also
hook upsdrv_shutdown() up to the Microlink shutdown request,
document the driver, and clean up initial upstream review issues
such as missing file headers, whitespace, and format-string
warnings.
-
m4/ax_c_pragmas.m4, clients/nutclient.cpp: introduce
HAVE_PRAGMA_GCC_DIAGNOSTIC_IGNORED_DEPRECATED_DECLARATIONS{,_BESIDEFUNC}
to implement methods for deprecated "master" operation [#840,
#3402]
-
NEWS.adoc: announce updates to client binding libraries [#3402]
-
scripts/perl/test_nutclient.pl: avoid "Can’t call method "Error" on
an undefined value" messages in failed tests; clearly say that $nut
is no more [#1711]
-
scripts/perl/UPS/Nut.pm: when IO::Socket::SSL is not available,
report the error with "FEATURE-NOT-SUPPORTED" in text [#1711]
-
tests/NIT/nit.sh: setenv_ssl_perl(): check if IO::Socket::SSL is
available, neuter NUT_FORCESSL based on that [#1711]
-
scripts/perl/test_nutclient.pl: support USESSL=undef if no value
provided in env [#1711]
-
scripts/perl/UPS/Nut.pm: support USESSL=undef, check that we
can_ssl and follow up with that [#1711]
-
scripts/perl/UPS/Nut.pm: _initialize(): include previously reported
error in SSL setup fail messages [#1711]
-
scripts/perl/UPS/Nut.pm: apply indentation consistenly (3 styles
were intermixed)
-
scripts/perl/UPS/Nut.pm, scripts/perl/test_nutclient.pl: support
NUT_SSL envvar toggle to disable attempts at SSL altogether [#1711]
-
scripts/perl/UPS/Nut.pm, scripts/perl/test_nutclient.pl:
SSL_ca_path should be defined in args by caller, not by a hack in
production code [#1711]
-
scripts/perl/UPS/Nut.pm: STARTTLS: debug-print %arg list that is
passed to the SSL library [#1711]
-
scripts/perl/UPS/Nut.pm: use CAPATH to provide SSL_ca_path, not
SSL_ca_file [#1348, #1711]
-
scripts/python/module/PyNUT.py.in: retry SSL handshake if it timed
out, a few times [#3401]
-
server/netssl.c: net_starttls(): report which SSL backend is in
place (if any) [#3331]
-
scripts/python/module/PyNUT.py.in: isValidProtocolVersion():
stringify and strip the "result" before matching in regex [#1349]
-
clients/Makefile.am: bump libupsclient ABI version
-
tests/NIT/nit.sh: add a note about jNut using this script [#1711,
#1350]
-
clients/nutclient.cpp, clients/nutclient.h,
clients/nutclientmem.cpp, clients/nutclientmem.h,
tests/cpputest-client.cpp: clients/nutclient{,mem}.{h,cpp},
tests/cpputest-client.cpp: remember if we enabled TRACKING so it is
really done once, confirm with isTrackingModeEnabled() [#656]
-
scripts/perl/test_nutclient.pl: fix DeviceLogin⇒ListClient for
"admin" without a role [#1711]
-
scripts/perl/UPS/Nut.pm: _send(): reset the error buffer before
networking away [#1711, #1348]
-
scripts/perl/UPS/Nut.pm: we can only authenticate once per
connection, skip other attempts [#1711, #1348]
-
docs/download.txt: publish jNut-1.1 [#1350]
-
NEWS.adoc: announce updates to client binding libraries [#3402]
-
appveyor.yml: post only one (custom) notification per build [#1400]
-
docs/man/Makefile.am: hush "cat" errors in
LIBNUTCLIENT_TCP_DEPS_SUB recipe
-
scripts/perl/test_nutclient.pl: fix reporting of @failed methods
[#1711]
-
scripts/perl/UPS/Nut.pm: GetTrackingResult(): fix parsing results
of GET TRACKING [#1348]
-
tests/NIT/nit.sh: when we ask for specific NIT_CASE values (cppnit,
python, perl, nutscanner) the lack of prerequisites should be a
FAILURE [#1711]
-
tests/NIT/nit.sh: introduce tests for PERL [#1348, #1711]
-
message, so we can parse it [#1348, #1711]
-
scripts/perl/test_nutclient.pl: fix access to possibly undefined
envvars [#1348, #1711]
-
scripts/perl/UPS/Nut.pm: fix error messages when Authenticate() and
Login() fail [#1348, #1711]
-
scripts/perl/UPS/Nut.pm, scripts/perl/test_nutclient.pl:
scripts/perl/test_nutclient.pl: fix test case setup, update
comments [#1711, #1348]
-
scripts/perl/UPS/Nut.pm: fix string work with TRACKING logic
-
scripts/perl/UPS/Nut.pm: change commands that address an UPS to
optionally accept the UPS name as argument, only using
-
scripts/python/module/test_nutclient.py.in: fix typo in debug
traces
-
assignments into debug() calls [#1348, #1711]
-
COPYING, scripts/HP-UX/nut.psf.in, scripts/Makefile.am,
scripts/obs/debian.libups-nut-perl.install, scripts/perl/{ ⇒
UPS}/Nut.pm, scripts/perl/test_nutclient.pl:
scripts/perl/test_nutclient.pl: introduce tests, move Nut.pm to UPS
subdir [#1348, #1711]
-
scripts/perl/Nut.pm: call StartTLS() from _initialize(), and use
isValidProtocolVersion() method to actively ping a connection after
STARTTLS claimed success (but handshake might be broken in fact)
[#3387, #1348]
-
clients/nutclient.cpp, clients/upsclient.c,
scripts/python/module/PyNUT.py.in: Client libraries (C, C+\+,
Python): use isValidProtocolVersion() method to actively ping a
connection after STARTTLS claimed success (but handshake might be
broken in fact) [#3387]
-
clients/nutclient.cpp, clients/nutclient.h,
clients/nutclientmem.cpp, clients/nutclientmem.h,
clients/upsclient.c, clients/upsclient.h, scripts/perl/Nut.pm,
scripts/python/module/PyNUT.py.in: Client libraries (C, C+\+,
Python, PERL): introduce an isValidProtocolVersion() method to
actively ping a connection [#3387]
-
clients/nutclient.cpp, clients/nutclient.h,
clients/nutclientmem.cpp, clients/nutclientmem.h:
clients/nutclient{,mem}.{h,cpp}: becomeSecondary() was overkill,
there is no such verb in NUT protocol (LOGIN already reaches that
role level)
-
scripts/python/module/PyNUT.py.in: refactor FSD() with an explicit
becomePrimary() method
-
scripts/perl/Nut.pm: becomeSecondary() was overkill, there is no
such verb in NUT protocol (LOGIN already reaches that role level)
-
scripts/perl/Nut.pm: add warnings toggle
-
scripts/perl/Nut.pm: fix typos in comments
-
scripts/perl/Nut.pm: rename primary()⇒becomePrimary, add
becomeSecondary() for completeness [#1348]
-
clients/nutclient.cpp, clients/nutclient.h,
clients/nutclientmem.cpp, clients/nutclientmem.h:
clients/nutclient{,mem}.{h,cpp}: rename primary()⇒becomePrimary,
add becomeSecondary() for completeness [#656]
-
tests/cpputest-client.cpp: add test with SET VAR TRACKING [#1711,
#656]
-
scripts/python/module/test_nutclient.py.in: add test with SET VAR
TRACKING [#1711, #1349]
-
scripts/perl/Nut.pm: fix typos in comments
-
docs/download.txt: refer to new release of jNut-1.0 (and the
following snapshot evolution)
-
tests/NIT/nit.sh: do not unset DEBUG_SLEEP when we generate configs
[#1711] We might actually want more of those, with test case
passwords revealed, etc.
-
scripts/python/module/PyNUT.py.in: TrackingID class: include
timestamp tracking and age reporting [#1349]
-
scripts/perl/Nut.pm: TrackingID class: include timestamp tracking
and age reporting [#1348]
-
clients/nutclient.cpp, clients/nutclient.h,
clients/nutclientmem.cpp, clients/nutclientmem.h:
clients/nutclient{,mem}.{h,cpp}, tests/*.cpp: implement waiting for
TRACKING result if requested [#656]
-
clients/nutclient.h, clients/Makefile.am: Implement TrackingID as a
separate class, including timestamp tracking and age reporting
[#656]
-
scripts/python/module/PyNUT.py.in: Implement TrackingID as a
separate class [#1349]
-
scripts/python/module/PyNUT.py.in: fix syntax [#1349]
-
scripts/perl/Nut.pm: Implement TrackingID as a separate class
[#1348]
-
scripts/perl/Nut.pm: fix syntax [#1348]
-
scripts/python/module/PyNUT.py.in: revise AI creations, complete
the TRACKING\+waiting dialog support [#1349]
-
scripts/perl/Nut.pm: revise AI creations, complete the
TRACKING\+waiting dialog support [#1348]
-
scripts/perl/Nut.pm, scripts/python/module/PyNUT.py.in: AI PoC:
implement the remainder of NUT Networked protocol (as of NUT
v2.8.5) for Python and Perl bindings
-
scripts/perl/Nut.pm: clean up trailing white-space
-
tests/NIT/nit.sh: simplify with NIT_CASE=generatecfg_sandbox
support [#1711]
-
tests/NIT/nit.sh: allow injecting WITH_SSL_CLIENT, WITH_SSL_SERVER,
WITH_SSL_SERVER_CLIVAL (e.g. to test against older packaged builds)
[#1711]
-
.github/workflows/05-codeql.yml: drop duplicate init stage
-
configure.ac: hush clang-21 "-Wc11-extensions" warnings about
system headers
-
docs/download.txt: fix NOTE markup for N4W 7Zip size
-
docs/maintainer-guide.txt: revise instructions for post-release
steps (website, etc.)
-
docs/download.txt: newly refer to nut-X.Y.Z-docs.tar.gz archives
-
docs/docinfo.xml.in: fix release date of v2.8.5 and move its tag to
be above v2.8.4
-
NEWS.adoc, UPGRADING.adoc, docs/docinfo.xml.in: Revert "NEWS.adoc,
UPGRADING.adoc, docs/docinfo.xml.in: finalize text before NUT
v2.8.5 release" This reverts commit
784219a3dc935e53a1273063c591bc6dd949590b: finally released NUT
v2.8.5, preparing for v2.8.6 cycle now.
-
common/wincompat.c: syslog(), send_to_named_pipe(): debug-log when
we failed to open existing NAMED_PIPE and so move on [#3302]
-
common/wincompat.c: log errors after methods faults via
upslog_with_errno() not plain upslogx() [#3302]
-
common/wincompat.c: log progress through pipe*() methods [#3302,
#3368]
-
common/wincompat.c: fix send_to_named_pipe() to measure
strlen(data) once [#3302]
-
common/wincompat.c: fix getpass() to measure
strlen(wincompat_password) once [#3302]
-
common/wincompat.c: fix filter_path() to measure strlen(source)
once [#3302]
-
common/wincompat.c: tcflush(): fix bitwise OR to boolean OR
-
server/upsd.c: sendback(): adjust debug traces for write() vs
ssl_write() [#3379, #3331]
-
server/netssl.c: net_starttls():
send_err_extra(NUT_ERR_ACCESS_DENIED) for faults in NSS setup
[#3379, #3331]
-
server/upsd.c, server/upsd.h: server/upsd.{c,h}: introduce
send_err_extra() [#3331]
-
drivers/dstate.c, NEWS.adoc: revise closing of connections and
returning error codes; document the methods [#3302]
-
drivers/dstate.c: debug-log the progress around starting and maybe
failing CreateNamedPipe() [#3302]
-
drivers/dstate.c: sock_disconnect(): resync code with
wincompat::pipe_disconnect() implementation [#3302]
-
drivers/dstate.c: sock_disconnect(): try to flush the buffer
[#3368]
-
drivers/dstate.c: err on the safe side and set conn=NULL after
sock_disconnect() [#3368]
-
drivers/upsdrvctl.c: refactor with forkexec_parent_analyze() and a
re-check before retry - also for WIN32 [#3302] Also revised
WaitForSingleObject() result checking - there has to be a chance to
succeed ;)
-
drivers/upsdrvctl.c: refactor with forkexec_parent_analyze() and a
re-check before retry - POSIX part [#3302]
-
configure.ac: WIN32 GetAdaptersInfo(): be careful about
$NETLIBS_GETADDRS usage
-
ci_build.sh: retain config.cache if DO_CLEAN_AUTOCONF_CACHE=no also
in dev-test builds [#3108]
-
ci_build.sh: configure_nut(): log if config.cache is available and
if we want/do use it [#3108]
-
ci_build.sh: do not default to
DO_USE_AUTOCONF_CACHE=yes/DO_CLEAN_AUTOCONF_CACHE=no [#3108]
Callers like specific CI recipes should be free to enable certain
behaviors though.
-
.circleci/config.yml: default to DO_CLEAN_AUTOCONF_CACHE:no
DO_USE_AUTOCONF_CACHE:yes and carry over the config.cache between
builds [#3108]
-
appveyor.yml: default to DO_CLEAN_AUTOCONF_CACHE:no
DO_USE_AUTOCONF_CACHE:yes and carry over the config.cache between
builds [#3108]
-
ci_build.sh, scripts/Windows/build-mingw-nut.sh, NEWS.adoc:
introduce options to USE_AUTOCONF_CACHE and/or CLEAN_AUTOCONF_CACHE
[#3108]