Small update to Paranoid for added functionality to Paranoid::Process. I added a signal dispatcher so I wouldn't have to worry about writing monolithic signal handlers. Now I can just add subroutines to a queue and have the dispatcher process them all as signals are recieved.
Also added minor updates to Microscopic Certificate Authorithy. No show-stoppers in terms of bugs, just some documentation updates and a correction to the logging mechanism.
Many tangents later it became apparent that others might get some use from a little package I've been using for years. Unfortunately, that meant refactoring the interface a wee bit and documenting it. Long story short, Microscopic Certificate Authorithy is now available.
Nothing too fancy, it's just an extremely simple way to get an internal CA up and running so you can quit adding a hundred exceptions in every browser you use. So simple that it only needs OpenSSL and GNU make in a UNIX environment to work.
And yes, I will get back to work on finishing my ports... :-P
The best laid plans of mice & men go oft' astray... Minor update this time for Parse::PlainConfig. Debian folks found a typo and I found a bug with the error reporting in the parser.
The Debian folks also find a trove of typos in Paranoid. Another gentleman (firstname.lastname@example.org) also pointed out the need for an improvement to the IPv6 regex, so that's there as well.
A few bug fixes and some expanded documentation necessitated the release of Paranoid v2.01. CPAN should be updated before long.
Not to sound like a broken record but I just uploaded Paranoid::BerkeleyDB to CPAN and this site. CPAN Testers pointed out a wee oversight of mine in which I was relying on a BDB 4.6+ call that failed on dists installed with older versions. Added some intelligence to fix that.
Just uploaded Paranoid::BerkeleyDB to CPAN and this site. Minor update, mostly documentation updates some small code adjustments.
Whew! Missed that by a mile, eh? So, I obviously didn't finish by the proposed deadline, but it is still coming. I've got a minor update to Paranoid::BerkeleyDB and I believe I will have everything in place to finish the port of autofwd.
This port isn't just a port, however, which is one reason why it's taking so long. It's essentially a complete rewrite meant to make it even easier to administer and far more flexible as well. With the help of Sander Klein as a sounding board I think this is going to be an update more than worth your while. It really can lend itself to so much more than just automated firewalling, but we'll see what people come up for it.
So, stay tuned, and thank you for your patience.
One of the joys of porting apps to the new API is in finding the little things we overlooked that make a big difference in usability. Found one such animal in Parse::PlainConfig in regards to a new feature of the parser: prototypes. As I'm reworking autofwd to leverage it it became obvious I was lacking an accompanying feature to make it really useful. So, now that's done. The update to the parser is live on this website now, and should be on CPAN within the day.
I'm not really trying to blow my deadlines, but I figured, hey, here's a program that's already using the new API. You may find it moderately useful: yapw.
Parse::PlainConfig is also live. This is updated to not only use the new Paranoid API but is a complete rethink on config parsers. This is tremendously nicer to use as a developer, but it does give up generation capabilities and the ability to parse arbitrary, free form configs. This now assumes that you have a well defined set of configuration parameters that are strongly typed by default. Much better suited for all of my use-case scenarios, at least. YMMV.
Paranoid v2.00 is now live, It should be up on CPAN soon as well. Please be aware that with this update I've also split out three modules into their own distributions since they required optional dependencies. This removes that ambiguity:
After quite the hiatus from posting it's time to get this site up to date. While I loathe updating web sites it's not like I haven't been coding, I've just haven't been sharing. If there ever was a time to share, however, it would be now.
I've spend most of the last ten years eating my own dog food, building most of my internal (and professional) code bases on my libraries. While those libraries have been effective, they haven't always been pleasant. As I've evolved as a hacker I've had to resign myself to dealing with a pragmatic reality that has refused, in many cases, to bend to my will.
Any of you who know me personally -- apologies for that, btw -- know that I've had a very long fixation on secure programming. All effective security has a cost and finding the sweet spot between effective security and usability is a constant balancing act. Both for the user and the developer.
I have been guilty for a long time of erroring on the side of the user. Not so much in usability -- again, sorry for that ;-) -- but in trying to guarantee effective security. It is in that obsessiveness that I managed to cross both the users and the developers. The best security in the world means nothing if it's so unpleasant that no one wants to use it.
All of which brings me to one of the most important lessons I could learn as a library developer: Don't be a dick, especially to other developers. It is perhaps ironic that as a cyber-recluse it took some time for me to recognize while slinging code that "that Paranoid guy's a dick." When I don't like using my own code, there's a problem. Therefore, I must reform.
I have spent considerable time over the last year rewriting my libraries, sometimes rewriting them entirely from scratch. The intent was to make the API more enjoyable to use while minimizing any adverse impact on the security goals.
For my Perl modules most of this is in the little details. Eliminating the use of function prototypes to make it easier to pass in arguments in list form, rather than explicitly by value. Or deploying prototypes only where it makes syntax more pleasant so the developer doesn't have to explicitly pass data structures by reference. By not croaking at every imagined offense, instead just exiting with a false return value.
With some of my foundational libraries already updated the race is now on to port the rest of the software that relies on it to the new API. That does mean, unfortunately, that software on this site is effectively broken if you grab the last revs of everything and try to build with it. My commitment to you is that I finish porting the broken software to the new API by the end of the month.
So there we have it. The ogre pokes his head out of his cave and has makes his proclamation. I have no intention of stopping my existence as an ogre, but in a small deviation I am very interested in feedback to these updates as I upload them. I am very excited about these changes, it's been a revelation -- to me, at least -- how much an API can affect one's eagerness to sling new code. The old APIs had really worn me down.
I'll leave it at that. Thank you for your time. Happy hacking!
Copyright © 1997 - 2016, Arthur Corliss, all rights reserved.