networkupstools
diff --git a/‎COPYING‎
Lines changed: 1 addition & 1 deletion b/‎COPYING‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎NEWS.adoc‎
Lines changed: 37 additions & 0 deletions b/‎NEWS.adoc‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎appveyor.yml‎
Lines changed: 1 addition & 0 deletions b/‎appveyor.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎clients/Makefile.am‎
Lines changed: 2 additions & 2 deletions b/‎clients/Makefile.am‎
Lines changed: 2 additions & 2 deletions
@@ -7,7 +7,7 @@
  Public License (GPL) version 3, or (at your option) any later version. See
  "LICENSE-GPL3" in the root of this distribution.
 
- The Perl client module (scripts/perl/Nut.pm) is released under the same
+ The Perl client module (scripts/perl/UPS/Nut.pm) is released under the same
  license as Perl itself. That is to say either GPL version 1 or (at your option)
  any later version, or the "Artistic License".
 
 
@@ -42,6 +42,43 @@ https://github.com/networkupstools/nut/milestone/13
  - (expected) CI automation for use of data points in drivers that conform
    to patterns defined in link:docs/nut-names.txt[]
 
+ - Second-level bullet points listed in this file will now use 4 spaces
+   (not 3 like before) for easier initial indentation of new entries.
+
+ - NUT client libraries:
+    * Complete support for actions documented in `docs/net-protocol.txt`
+      was implemented in C++, Python and PERL bindings in-tree, and for Java
+      in link:https://github.com/networkupstools/jNut[jNut] nearby. Among
+      other things, all these libraries now support `STARTTLS` and `TRACKING`
+      to wait for server confirmation of a `SET VAR` or `INSTCMD` request,
+      and this is tested by the NIT script. [issues #656, #1348, #1349, #1350,
+      #1613, #1711, PR #3402]
+    * Enhanced client side of `STARTTLS` dialog to follow up by a simple
+      query (for protocol version) to verify that handshake succeeded.
+      This change impacted also the classic C `libupsclient` library.
+      [issue #3387, PR #3402]
+    * Updated OpenSSL code paths in the `libupsclient` C library to support
+      features earlier only available with NSS builds, like specifying the
+      client certificate+key, optionally with password, and pinning expected
+      server certificates. For both backends such pinning should now honour
+      the 'certverify' setting of the `CERTHOST` entry (e.g. not abort the
+      connection attempt if that number is '0'). [issue #3331]
+    * Updated SSL support in the `upsd` data server to handle `CERTREQUEST`
+      (optional validation of clients identified by a certificate) also
+      when built with OpenSSL, optionally using the `CERTPATH` with a
+      collection of CA certificates.
+      Also support `CERTIDENT` to provide a private key password and ensure
+      that the certificate in `CERTFILE` has an expected subject name as an
+      exact string, or that its CN or SAN match the provided string as a
+      standard expression of host name (section 3.5 of RFC 1034) or IP address.
+      [issue #3331]
+    * The `libupsclient` API was extended with a `upscli_init2()` method which
+      allows to pass the `certfile` argument needed for OpenSSL builds. [#3331]
+
+ - `upsmon` client updates:
+    * Introduced support for `CERTFILE` option, so the client can identify
+      itself to the data server also in OpenSSL builds. [issue #3331]
+
 
 Release notes for NUT 2.8.5 - what's new since 2.8.4
 ----------------------------------------------------
 
@@ -33,6 +33,7 @@ environment:
 #  https://github.com/marketplace/actions/delete-pr-comments-during-subsequent-ci
 notifications:
   - provider: GitHubPullRequest
+    on_build_status_changed: true
     template: |
       {{#passed}}:white_check_mark:{{/passed}}{{#failed}}:x:{{/failed}} [Build {{&projectName}} {{buildVersion}} {{status}}]({{buildUrl}}) (commit {{commitUrl}} by @{{&commitAuthorUsername}})
       * [artifacts{{#failed}} (if any){{/failed}}]({{buildurl}}/artifacts)
 
@@ -219,7 +219,7 @@ endif WITH_SSL
 # for the run-time dynamic linker resolution? For now the shared-library
 # builds are "exotic", but it makes sense to deprecate this export in a
 # future release.
-libupsclient_la_LDFLAGS = -version-info 8:0:1
+libupsclient_la_LDFLAGS = -version-info 9:0:2
 libupsclient_la_LDFLAGS += -export-symbols-regex '^(upscli_|nut_debug_level)'
 #|s_upsdebug|fatalx|fatal_with_errno|xcalloc|xbasename|print_banner_once)'
 if HAVE_WINDOWS
@@ -292,7 +292,7 @@ libupsclient-version.h: libupsclient.la
 if HAVE_CXX11
 # libnutclient version information and build
 libnutclient_la_SOURCES = nutclient.h nutclient.cpp
-libnutclient_la_LDFLAGS = -version-info 3:0:1
+libnutclient_la_LDFLAGS = -version-info 4:0:2
 # Needed in not-standalone builds with -DHAVE_NUTCOMMON=1
 # which is defined for in-tree CXX builds above:
 if ENABLE_SHARED_PRIVATE_LIBS