Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2021-11

Paul's Blog Entries for November 2021

Monday 1st November 2021

Local Packages

  • Updated davfs2 to 1.6.1:

    • configure.ac: Add Neon version 0.32

    • mount.davfs.c, get_options: Ignore all unknown options

    • mount_davfs.c, write_mtab_entry: Add option _netdev to utab-entry

  • Updated getmail to 5.16:

    • Add new use_netrc and netrc_file configuration options to support reading username/password from a .netrc file

    • Documentation updates

  • Updated mcrcon to 0.7.2:

    • Quit gracefully when Ctrl-D or Ctrl+C is pressed

    • Remove "exit" and "quit" as quitting commands (these are actual rcon commands on some servers)

    • Suppress compiler warning (strncpy)

    • Fix erroneous string length in packet building function

    • Fix typo in ANSI escape sequence for LCYAN

    • Make stdout and stderr unbuffered

  • Updated perl-Moose to 2.2200:

    • Replaced all uses of Sub::Name with Sub::Util, since the latter is part of core as of Perl 5.22

Friday 5th November 2021

Local Packages

  • Updated perl-Net-SSLeay (development repo only) to the development release 1.91_01 (see Changes for details)

Sunday 7th November 2021

Local Packages

Monday 8th November 2021

Fedora Project

  • Updated perl-Math-GMP to 2.23 in Rawhide:

    • Add support for bmulf() to multiply by a floating point number

    • Add support for bnok() (Binomial)

Wednesday 10th November 2021

Fedora Project

  • Updated perl-Finance-Quote (1.51) in F-35 and Rawhide to add explicit dependency on perl(LWP::Protocol::https) (Bug #2021755)

  • Updated python-crypto (2.6.1) in Rawhide to fix Python 3.11 compatibility (Bug #2021808)

Local Packages

  • Updated curl to 7.80.0:

    • CURLOPT_MAXLIFETIME_CONN: Maximum allowed lifetime for conn reuse

    • CURLOPT_PREREQFUNCTION: Add new callback

    • libssh2: Add SHA256 fingerprint support

    • urlapi: Add curl_url_strerror()

    • urlapi: Support UNC paths in file: URLs on Windows

    • wolfssl: Allow setting of groups/curves

    • .github: Retry macos "brew install" command on failure

    • aws-sigv4: Make signature work when post data is binary

    • BINDINGS: URL updates

    • build: Remove checks for WinSock 1

    • c-hyper: Don't abort CONNECT responses early when auth-in-progress

    • c-hyper: Make Curl_http propagate errors better

    • c-hyper: Make CURLOPT_SUPPRESS_CONNECT_HEADERS work

    • c-hyper: Make test 217 run

    • c-hyper: Use hyper_request_set_uri_parts to make h2 better

    • checksrc: Ignore preprocessor lines

    • CI/makefiles: Introduce dedicated test target

    • ci: Update Lift config to match requirements of curl build
    • cirrus: Remove FreeBSD 11.4 from the matrix

    • cirrus: Switch to openldap24-client

    • cleanup: constify unmodified static structs

    • cmake: Add CURL_ENABLE_SSL option

    • cmake: Fix error getting LOCATION property on non-imported target

    • cmake: Restore support for SecureTransport on iOS

    • cmake: With OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED

    • cmdline-opts: Made the 'Added:' field mandatory

    • configure.ac: Replace krb5-config with pkg-config

    • configure: When hyper is selected, deselect nghttp2

    • connect: Use sysaddr_un from sys/un.h or custom-defined for Windows

    • curl-confopts.m4: Remove --enable/disable-hidden-symbols

    • curl-openssl.m4: Modify library order for openssl linking

    • curl-openssl: Pass argument to sed single-quoted

    • curl.1: Remove mentions of really old version changes

    • curl: Actually append "-" to --range without number only

    • curl: Correct grammar in generated libcurl code

    • curl: Print help descriptions in an aligned right column

    • curl_gssapi: Fix link error on macOS Monterey

    • curl_multi_socket_action.3: Add a "RETURN VALUE" section

    • curl_ntlm_core: Use OpenSSL only if DES is available

    • Curl_updateconninfo: Store addresses for QUIC connections too

    • CURLOPT_ALTSVC_CTRL.3: Mention conn reuse is preferred

    • CURLOPT_HSTSWRITEFUNCTION.3: Using CURLOPT_HSTS_CTRL is required

    • CURLOPT_HTTPHEADER.3: Add description for specific headers

    • docs/HTTP3: Improve build instructions

    • docs/Makefile.am: Repair 'make html'

    • docs: Fix typo in CURLOPT_TRAILERFUNCTION example

    • docs: Provide "RETURN VALUE" section for more function manpages

    • docs: Reduce use of "very"

    • doh: Remove experimental code for DoH with GET

    • examples/htmltidy: Correct wrong printf() use

    • examples/imap-append: Fix end-of-data check

    • ftp: Make the MKD retry to retry once per directory

    • gen.pl: Insert the current date and version in generated man page

    • gen.pl: Replace leading single quotes with \(aq

    • http2: Make getsock not wait for write if there's no remote window

    • http3: Fix the HTTP/3 Explained book link
    • http: Fix Basic auth with empty name field in URL

    • http: Reject HTTP response codes < 100

    • http: Remove assert that breaks hyper
    • http: Set content length earlier

    • http_proxy: Make hyper CONNECT() return the correct error code

    • http_proxy: Multiple CONNECT with hyper done better

    • hyper: Disable test 1294 since hyper doesn't allow such crazy headers

    • hyper: Does not support disabling CURLOPT_HTTP_TRANSFER_DECODING

    • hyper: Pass the CONNECT line to the debug callback

    • imap: Display quota information

    • INSTALL: Update symbol hiding option

    • lib/mk-ca-bundle.pl: Skip certs passed Not Valid After date

    • lib: Avoid fall-through cases in switch statements

    • libcurl.rc: Switch out the copyright symbol for plain ASCII

    • libssh2: Get the version at runtime if possible

    • limit-rate.d: This is average over several seconds

    • llist: Remove redundant code, branch will not be executed

    • Makefile.m32: Fix to not require OpenSSL with -libssh2 or -rtmp options

    • maketgz: Redirect updatemanpages.pl output to /dev/null

    • man pages: Require all to use the same section header order

    • manpage: Adjust the asterisk in some SYNOPSIS sections

    • md5: Fix compilation with OpenSSL 3.0 API
    • misc: Fix a few issues on MidnightBSD
    • misc: Fix typos in docs and comments

    • ngtcp2: Advertise h3 as well as h3-29

    • ngtcp2: Compile with the latest nghttp3

    • ngtcp2: Specify the missing required callback functions

    • ngtcp2: Use latest QUIC TLS RFC9001

    • NTLM: Use DES_set_key_unchecked with OpenSSL

    • openssl: If verifypeer is not requested, skip the CA loading

    • openssl: With OpenSSL 1.1.0+ a failed RAND_status means goaway

    • Revert "src/tool_filetime: Disable -Wformat on mingw for this file"
    • sasl: Binary messages
    • schannel: Fix memory leak due to failed SSL connection

    • scripts/delta: Count command line options in the new file

    • sendf: Accept zero-length data in Curl_client_write()

    • sha256: Use high-level EVP interface for OpenSSL

    • smooth-gtk-thread.c: Enhance the mutex lock use

    • sws: Fix memory leak on exit

    • test1160: Edited to work with hyper

    • test1173: Make manpage-syntax.pl spot \n errors in examples

    • test1185: Verify checksrc

    • test1266/1267: Disabled on hyper: no HTTP/0.9 support

    • test1287: Make work on hyper

    • test207: Accept a different error code for hyper

    • test262: Don't attempt with hyper

    • test552: Updated to work with hyper

    • test559: Add 'HTTP' in keywords

    • tests/smbserver.py: Fix compatibility with impacket 0.9.23+

    • tests: Add Schannel-specific tests and disable unsupported ones
    • tests: Disable test 2043
    • tests: Kill some test servers afterwards to avoid locked logfiles

    • tests: Use python3 in test 1451

    • tls: Remove newline from three infof() calls

    • tool_cb_prg: Make resumed upload progress bar show better

    • tool_listhelp: Easier generated with gen.pl

    • tool_main: Fix typo in comment

    • tool_operate: A failed etag save now only fails that transfer

    • URL-SYNTAX: Add IMAP UID SEARCH example

    • url: Check the return value of curl_url()

    • url: Set "k->size" -1 at start of request

    • urlapi: Skip a strlen(), pass in zero

    • urlapi: URL decode percent-encoded host names

    • version_win32: Use actual version instead of manifested version

    • vtls: Fix a memory leak if an SSL session cannot be added to the cache
    • wolfssl: Use for SHA256, MD4, MD5, and setting DES odd parity

    • zuul: Pin the quiche build to use an older cmake-rs

  • I had to add a workaround for GSSAPI detection in Fedora 19 and Fedora 20, which have only krb5-config and no corresponding pkg-config file

Thursday 11th November 2021

Fedora Project

  • Updated python-crypto (2.6.1) in Rawhide to patch out the use of distutils, which will be going away in Python 3.12

Sunday 14th November 2021

Fedora Project

  • Updated curl (7.80.0) in Rawhide to add perl(Digest::SHA) as a build requirement, since it is now used by sshserver.pl in the test suite; this necessitated adding an upstream fix to skip a couple of SSH-related tests that fail when the back-end is libssh rather than libssh2

Local Packages

  • Updated curl (7.80.0) as per the Fedora version

Monday 15th November 2021

Fedora Project

  • Updated perl-Archive-Peek to 0.37 in Rawhide:

    • Add repository metadata

    • Port from Moose to Moo and Type::Tiny

    • Make prereqs more specific with respect to phase
    • Add negative test

Local Packages

  • New package perl-Types-Path-Tiny (0.006)

  • Updated perl-Archive-Peek to 0.37 as per the Fedora version

  • Rebuilt sendmail (8.17.1) for updated libnsl2 in Rawhide

Tuesday 16th November 2021

Fedora Project

  • Updated perl-MCE to 1.875 in Rawhide:

  • Updated pperl-PPIx-QuoteLike to 0.019 in Rawhide:

    • Add CONRIBUTING file

    • Try to quell weird Win32 test failures that seem to occur only in tests where I am using 'use open' to put the standard handles into UTF-8 mode; the fix (hopefully) is to do this to the Test::Harness handles at run time instead of to the standard handles at compile time

Local Packages

  • Updated perl-MCE to 1.875 as per the Fedora version

  • Updated perl-PPIx-QuoteLike to 0.019 as per the Fedora version

  • Updated perl-Test2-Suite to 0.000142:

    • Fix deprecation diagnostics

    • Fix older perls by removing //=

  • Updated unrar to 6.10 beta 2

Wednesday 17th November 2021

Fedora Project

  • Updated perl-Math-GMP to 2.24 in Rawhide:

    • Tests and better documentation for bnok() (Binomial)

    • Eliminate warning about not_here() in GMP.xs

Monday 22nd November 2021

Local Packages

  • Updated perl-Module-CoreList to 5.20211120:

    • Updated for v5.35.6

Wednesday 24th November 2021

Fedora Project

  • Updated perl-Try-Tiny to 0.31 in Rawhide:

    • Plug Syntax::Keyword::Try and Feature::Compat::Try in the docs

Local Packages

  • Updated perl-Try-Tiny to 0.31 as per the Fedora version

Monday 29th November 2021

Fedora Project

  • Updated python-paramiko to 2.8.1 in Rawhide:

    • Fix listdir failure when server uses a locale (GH#985, GH#992); now on Python 2.7 SFTPAttributes will decode abbreviated month names correctly rather than raise 'UnicodeDecodeError'

    • Deleting items from '~paramiko.hostkeys.HostKeys' would incorrectly raise 'KeyError' even for valid keys, due to a logic bug (GH#1024)

    • Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically 'TypeError' and its internal 'UnsupportedAlgorithm') (GH#1257, GH#1266); these exception classes will now become '~paramiko.ssh_exception.SSHException' instances instead of bubbling up

    • Update '~paramiko.pkey.PKey' and subclasses to compare ('__eq__') via direct field/attribute comparison instead of hashing (while retaining the existing behaviour of '__hash__' via a slight refactor) (GH#908)

    • Warning:

    • This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 that is running with 'PYTHONHASHSEED=0') it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key; this could enable attacks such as, but not limited to, the following:

      • Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim; we see this as the most plausible attack using this flaw
      • Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack; this impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques

Local Packages

  • Updated perl-PPIx-Regexp to 0.082:

    • Add --version to eg/predump, and document all options with double dashes

    • Silence 'uninitialized' warning generated by /(?<=.{35})/

    • Try to quell weird Win32 test failures that seem to occur only in tests where I am using 'use open' to put the standard handles into UTF-8 mode; the fix (I hope) is to do this to the Test::Harness handles at run time instead of to the standard handles at compile time

    • Add file CONTRIBUTING

Previous Month: October 2021
Next Month: December 2021

Recent