Posts for June 2018

2018-06-03: Free software log (May 2018)

The wonders of a week of vacation that was spent mostly working on free software! The headline releases were remctl 3.15, which fixes a long-standing correctness bug on the server and adds more protocol validation and far better valgrind support, and podlators 4.11, which fixes a buncho f long-standing bugs in Pod::Text and its subclasses.

In support of those releases, I also released new versions of my three major development infrastructure packages:

On the Debian front, I realized that I had intended to donate libnet-duo-perl to the Debian Perl team but never finished uploading the package I had prepared (and even signed). I merged that with some other pending changes in Git and actually uploaded it. (I'm still hanging on to maintenance of the upstream Net::Duo Perl module because I'm kicking around the idea of using Duo on a small scale for some personal stuff, although at the moment I'm not using the module at all and therefore am not making changes to it.)

I also finally started working on wallet again, although I'm of two minds about the future of that package. It needs a ton of work — the Perl style and general backend approach is all wrong, and I've learned far better ways to do equivalent things since. And one could make a pretty solid argument that Vault does essentially the same thing, has a lot more resources behind it, and has a ton of features that I haven't implemented or may never implement. I think I still like my ACL model better, and of course there's the Kerberos support (which is probably superior to Vault), but I haven't looked at Vault closely enough to be sure and it may be that it's better in those areas as well.

I don't use wallet for my personal stuff, but we still do use it in a few places at work. I kind of want to overhaul the package and fix it, since I like the concept, but in the broader scheme of things it's probably a "waste" of my time to do this.

Free software seems full of challenges like this. I'll at least put out another release, and then probably defer making a decision for a while longer.

2018-06-03: wallet 1.4

wallet is a secret management system that I developed at Stanford, primarily to distribute keytab management. As mentioned in an earlier post, I'm not entirely sure it has significant advantages over Vault, but it does handle Kerberos natively and we're still using it for some things, so I'm still maintaining it.

This release incorporates a bunch of improvements to the experimental support for managing keytabs for Active Directory principals, all contributed by Bill MacAllister and Dropbox. Anyone using the previous experimental Active Directory support should read through the configuration options, since quite a lot has changed (for the better).

Also fixed in this release are some stray strlcpy and strlcat references that were breaking systems that include them in libc, better krb5.conf configuration handling, better support for Perl in non-standard locations, and a bunch of updates and modernization to the build and test frameworks.

You can get the latest release from the wallet distribution page.

2018-06-03: rra-c-util 7.2

rra-c-util is my collection of portability and utility code that I reuse in all the C and Perl projects I maintain.

Most of the changes in this release are Autoconf macro improvements prompted by Julien ÉLIE. This release incorporates his work on RRA_PROG_PYTHON, RRA_LIB_PYTHON, and RRA_PYTHON_MODULE macros, which support both Python 2 and Python 3. It also improves the RRA_PROG_PERL macro to make PERL a substitution variable and to check that building against libperl actually works. Finally, RRA_LIB_BDB, RRA_LIB_OPENSSL, RRA_LIB_SASL, and RRA_LIB_ZLIB now check that the headers for the library are found as well as the library itself (based on Julien's work in INN).

The docs/urls test, which was always misnamed, is now style/obsolete-strings, since its role is to check for obsolete patterns in my code (old URLs, that sort of thing). It now checks for my old RRA_MAINTAINER_TESTS environment variable, which I replaced with the Perl Lancaster Consensus environment variables a long time ago.

This release also fixes a few more minor issues with test code and the script to update the version of all Perl modules in a package.

You can get the latest release from the rra-c-util distribution page.

Last modified and spun 2018-06-06