Posts for May 2020

2020-05-16: C TAP Harness 4.7

This is a small bug fix release to my testing framework for C packages. It picks up a change to the test suite so that it won't break when C_TAP_VERBOSE is already set in the environment, and fixes new compilation warnings with GCC 10.

You can get the latest release from the C TAP Harness distribution page.

2020-05-16: rra-c-util 8.2

This release of my general utility libraries and support code includes a large grab bag of fixes and improvements.

portable/system.h now defines explicit_bzero in terms of memset if it is not available. The memset version is unlikely to have the same security properties since the compiler may optimize it away, but that allows me to use explicit_bzero to erase security data where it is available.

For packages with Kerberos tests, generating a test krb5.conf file now works properly even if the system krb5.conf file does not set a default realm, and a krb5.conf file dropped into the test configuration directory now works properly. Thanks to Jeffrey Hutzelman for the latter fix.

For packages with PAM modules, the ENTRY and EXIT logging macros can now be used like function calls, and portable/pam.h now defines PAM_MAX_RESP_SIZE if it isn't defined.

Header ordering in some of the portability socket code has been restored to compatibility with a few ancient UNIX systems. This was accidentally broken by the clang-format reformatting. Thanks to Julien √ČLIE for the fix.

A few bugs in the test for SPDX license identifiers have been fixed.

Finally, this release fixes warnings with Clang 10 and GCC 10.

You can get the latest release from the rra-c-util distribution page.

2020-05-16: DocKnot 3.04

This is a relatively small feature release of my tool for managing software documentation and releases.

I'm slowly moving all of my packages from Travis-CI to GitHub Workflows for automated CI. GitHub Workflows is much easier to configure and control, and I've been a bit worried about the future of Travis-CI since their acquisition. It seems unlikely that GitHub Workflows is going anywhere.

It would be nice to use a fully free software solution for CI, but there doesn't seem to be anything out there that's nearly as easy and straightforward to use, and I have neither the time nor the energy to cobble something together myself. The configuration is fairly straightforward and should be portable to any fully free solution that might materialize in the future.

Anyway, as part of that migration I needed to make some changes to DocKnot to generate status badges from GitHub Workflows instead of Travis-CI. This release includes those changes. There is a backward-incompatible change to make the semantics of the package metadata a bit more straightforward: vcs.travis needs to be changed to vcs.status.travis.

You can get the latest release from the DocKnot distribution page. Debian packages have been uploaded to my personal repository. I plan on uploading DocKnot to Debian proper once I change the metadata format to use YAML instead of relaxed JSON.

2020-05-17: krb5-strength 3.2

krb5-strength provides password strength checking for Kerberos KDCs (either MIT or Heimdal), and also provides a password history implementation for Heimdal.

This release adds a check-only mode to the heimdal-history command to interrogate history without modifying it and increases the default hash iterations used when storing old passwords. explicit_bzero is now used, where available, to clear the memory used for passwords after processing. krb5-strength can now optionally be built without CrackLib support at all, if you only want to use the word list, edit distance, or length and character class rules.

It's been a few years since the previous release, so this release also updates all the portability code, overhauls valgrind testing, and now passes tests when built with system CrackLib (by skipping tests for passwords that are rejected by the stronger rules of the embedded CrackLib fork).

You can get the latest release from the krb5-strength distribution page. New packages will be uploaded to Debian unstable shortly (as soon as a Perl transition completes enough to make the package buildable in unstable).

Last spun 2020-06-15 from thread modified 2020-05-17