Blog

Group support for cmocka


Last Friday I've released cmocka 0.4.0. It has several bugfixes and at least two new features. One is support for groups. This means you can define a setup and teardown function for a group of unit tests. I think some people have been waiting for this. You can find an example here. It is simple and easy to use. The other small feature is a new macro: assert_return_code(). It is designed for standard C function return values which return 0 for success and less than 0 to indicate an error with errno set. It will produce a nice error message! The rest are bugfixes and improvements for error message. Thanks to all contributor and bug reporter! If you think cmocka…

The Gold Linker


After the Update to Fedora 20 I forgot to update the linker to Gold. Today I released that linking Samba is horribly slow. Time to change the linker to Gold again: Fedora: ll /etc/alternatives/ld /usr/sbin/alternatives --set ld /usr/bin/ld.gold openSUSE: ll /etc/alternatives/ld /usr/sbin/update-alternatives --set ld /usr/bin/ld.gold To still build a special project with ld.bfd use: LDFLAGS="-fuse-ld=bfd"

cwrap 1.0.0 – testing your full software stack …


on one single machine! FOSDEM/Brussels, February 2nd, I gave a talk about cwrap. I announced and released version 1.0.0 of cwrap, a set of tools to create a fully isolated network environment to test client/server components on a single host. It provides synthetic account information, hostname resolution and privilege separation support. The heart of cwrap consists of three libraries you can preload to any executable. The libc wrapper project does not require virtualization and can be used to build environments on different operating systems. The project consists of a socket wrapper, NSS module wrapper (users, groups, hosts), and a (s)uid wrapper with support for GNU/Linux, BSD and Solaris. The origin of these wrappers is the Samba project, where the wrappers…

libssh 0.6.0 released


After another development cycle, this time of 2,5 years, the libssh Team is proud to announce version 0.6.0 of libssh. The most important functionality which has been added is a new callback-based server API. Also we added ECDSA support and a new algorithm called gro.h1529370782ssbil1529370782@652a1529370782hs-911529370782552ev1529370782ruc1529370782 for key exchange to have something better than the NIST curves. OpenSSH also uses gro.h1529370782ssbil1529370782@652a1529370782hs-911529370782552ev1529370782ruc1529370782 as the default for key exchange. For ECDSA there is a complete new API for public key management available. Also a big improvement is Kerberos support which has been tested by Red Hat engineers with FreeIPA and gssproxy. Thanks to all contributors!

Powerline


I spent the day to look at tmux and vim and found a lot of great plugins. What I really like for tmux and also vim is powerline. Powerline is a status-line and prompts utility to change the look and feel of your vim or tmux status lines. It looks like this: It consists of a special font, a python tool and plugins for applications. I've created package for Fedora and submitted a review request here.

CM: chromium doesn’t build with JDK 1.7


If you build Android or CyanogenMod and you run into issues with HashSet_jni.h you need the following changes to the chromium_org project: diff --git a/base/android/jni_generator/jni_generator.py b/base/android/jni_generator/jni_generator.py index de865d5..d4a2324 100755 --- a/base/android/jni_generator/jni_generator.py +++ b/base/android/jni_generator/jni_generator.py @@ -555,18 +555,21 @@ class JNIFromJavaSource(object): contents) return JNIFromJavaSource(contents, fully_qualified_class) +def MultipleReplace(string, rep_dict): + pattern = re.compile("|".join([re.escape(k) for k in rep_dict.keys()]), re.M) + return pattern.sub(lambda x: rep_dict[x.group(0)], string) class InlHeaderFileGenerator(object): """Generates an inline header file for JNI integration.""" def __init__(self, namespace, fully_qualified_class, natives, called_by_natives): - self.namespace = namespace - self.fully_qualified_class = fully_qualified_class + self.namespace = MultipleReplace(namespace, {'':''}) + self.fully_qualified_class = MultipleReplace(fully_qualified_class, {'':''}) self.class_name = self.fully_qualified_class.split('/')[-1] self.natives = natives self.called_by_natives = called_by_natives - self.header_guard = fully_qualified_class.replace('/', '_') + '_JNI' + self.header_guard = MultipleReplace(fully_qualified_class, {'/':'_', '':''}) + '_JNI' def…

Curve25519-SHA256 is the default KEX in openSSH too now!


Since some hours gro.h1529370782ssbil1529370782@652a1529370782hs-911529370782552ev1529370782ruc1529370782 is the default KEX in OpenSSH! Several weeks ago Aris added a new Elliptic Curve algorithm for key exchange using Curve25519. After he wrote some kind of a RFC and implemented it in libssh he started to suggest a patch for OpenSSH which finally has been integrated.

Curve25519 and SSH with ECDSA


For the SSH Library we try to keep up with OpenSSH features and implement the most important stuff. After what we read about the NSA and NIST it became clear that the new ECDSA support we added in libssh 0.6.0rc1 needs new curves. So Aris implemented gro.h1529370782ssbil1529370782@652a1529370782hs-911529370782552ev1529370782ruc1529370782 and wrote a draft. At the same time he implemented the first draft and you can find the code in his private wip branch, here. Currently he is working on a patch for OpenSSH. If you have comments or want to discuss patches please subscribe to our mailing list. Update: Aris sent a patch to the OpenSSH mailing list, in this post.