< February 2021 | Russ Allbery > Eagle's Path | April 2021 > |
I have finally done the work to create a new modern GnuPG signing key for control messages for the Big Eight hierarchies and wired it into the machinery that sends those control messages. I have sent one experimental checkgroups message signed with that key:
<cmsg-20210314174844$1888@isc.org>
To test the automation, tomorrow the normal monthly checkgroups will be issued, which should result in two control messages, one signed with the new key and one with the old key.
I've used the same key ID for the new key as the old key so that updating will be as simple as importing the new key.
This key is currently EXPERIMENTAL and I reserve the right to reissue the key if anyone uncovers any problems. If you are in a position to do so, please try verifying the control messages with the new key and verify that the work properly. I plan on making this new key official some time next month and will post a more general announcement to news.announce.newgroups and news.admin.announce at that time.
The new key, signed with my personal key and the old hierarchy control signing key, is available on my web site. (The Big Eight hierarchies need a more official information page for news administrators, I know, but one thing at a time.)
rra-c-util is my collection of support functions, Autoconf macros, test programs, and other infrastructure that I use to build other packages.
This release includes lots of portability work to support the INN 2.6.4 release, much of it by Julien ÉLIE. There are some incompatibilities in the Autoconf macros compared to previous versions, hence the version bump.
Rename all SQLite Autoconf macros from SQLITE to SQLITE3, including their output variables and configure command-line options, to bring the naming convention in line with common practice for software using SQLite v3. Clear the SQLITE3 variables if the library was optional and no working library was found.
Rename the KRB5_CPPFLAGS_GCC output variable from the RRA_LIB_KRB5 macro to KRB5_CPPFLAGS_WARNINGS to more accurately reflect its intended use and to reflect that it works with Clang.
The m4/krb5.m4
Autoconf macros no longer define AM_CONDITIONAL
as a no-op if it's not already defined, since this may be unexpected
when loading a macro.
The RRA_LIB_KRB5 and RRA_LIB_KRB5_OPTIONAL macros now also check that at least one Kerberos header file was found and either abort with an error or mark Kerberos as unusable depending on the choice of macro.
Add C stubs for sd_notify
and sd_notifyf
and a
(non-functional) preprocessor stub for sd_is_socket
for
portability for more APIs to systems without libsystemd.
Fix the RRA_PROG_PYTHON Python version test to work on Python 3.0 and Python versions older than 2.7.
There are also some fixes for portability of the test suite and other minor portability improvements.
You can get the latest release from the rra-c-util distribution page.
pam-krb5 is a relatively simple Kerberos PAM module with no dependencies on larger infrastructure such as sssd.
This is a small bug-fix release that fixes a possible double-free if
krb5_cc_get_principal
fails on the newly-acquired ticket cache
during authentication. I am dubious this is exploitable because this
temporary ticket cache should not be under the control of an attacker, but
I'm putting out a release just in case. Thanks to Michael Muehle for the
report.
You can get the latest release from the pam-krb5 distribution page.
faq2html is the program I use to turn various text files into web pages.
I've started adopting CPAN::Changes::Spec for my Perl modules, and changes files in that format look best if shown in a dense bullet list similar to:
- Remove single spaces at the start of lines in wrapped paragraphs. - Encode output in UTF-8 if necessary. - Strip formatting codes from headings that will go into the table of contents or navbar, and fix the algorithm for adding anchors to account for this transformation. - Use Module::Build as the build system.
faq2html could deal with these if every line was its own bullet, but couldn't handle line continuations, so the output looked poor. This new release fixes that problem (in a somewhat overly complex way, but I'll wait to fix that until I start refactoring it, which is on the menu for a future project).
Note that there is a remaining ambiguity. When there is a blank line
between bullet items, I prefer to wrap the text of each bullet in
<p>
to preserve that spacing (even though that makes the output
look awful in the Dreamwidth style
that I use and in the original style, due to a bug on their end I think).
But if that's the entirety of the list, which can happen with Changes
files, I'd prefer to omit the <p>
. That requires defering output
of the bullet point until either more paragraphs that are part of the same
list are seen, or some other text is seen. That's a larger refactoring
that I'll put off until later.
I also released cvs2xhtml version 1.15 and cl2xhtml version 1.12. There are no changes in the output of either of those programs; I just ported them to Python 3, since I've uninstalled Python 2 from my systems.
You can get all of these tools from my web tools distribution page.
I am slowly working towards collecting twenty years of static web site generation and release management tools into DocKnot. Pod::Thread is the component that turns POD documentation into HTML by converting it to thread, the macro language that is the backbone of my static site generator, and then letting spin turn the results into HTML.
I wrote this module years ago and have had it around as a private Perl module, but since the version of DocKnot that incorporates spin will have it as a dependency, it seemed time to publicly release it.
Compared to the last released version in 2013, it also has a few bug fixes
and improvements. The module now internally handles the navbar and table
of contents generation (by deferring output) rather than using a
pre-scanning pass in the driver script, and fixes the title casing of
DB_CONFIG
in the output from one INN manual page. I also did a lot
of modernization and improvements to the test suite.
You can get the latest version from CPAN or the Pod::Thread distribution page.
< February 2021 | Russ Allbery > Eagle's Path | April 2021 > |