For fun I thought I would see how hard it is to write an engine for OpenSSL. There are several existing ones that you can look at. I started by seeing how the opensc engine worked. This code shows the first step.
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/objects.h>
#include <openssl/engine.h>
static int bind_fn(ENGINE * e, const char *id)
{
if (!ENGINE_set_id(e, "simple") ||
!ENGINE_set_name(e, "simple engine")) {
return 0;
} else {
return 1;
}
}
IMPLEMENT_DYNAMIC_CHECK_FN();
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);
Compile it like this
gcc -c -fpic simple_engine.c
gcc -shared -o simple_engine.so simple_engine.o
Make openssl.cnf look like this
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
simple = simple_section
[simple_section]
engine_id = simple
dynamic_path = /path/to/simple_engine.so
init = 0
[req]
distinguished_name = req_distinguished_name
[req_distinguished_name]
Run OpenSSL and see your results
$ openssl engine
(padlock) VIA PadLock (no-RNG, no-ACE)
(dynamic) Dynamic engine loading support
(simple) simple engine
Of course it doesn’t do anything useful yet. But it is a start.
For a long time now I have thought that there has to be a better way to do backups. I want them to happen in the background and to ensure that I never lose anything either through disk failure or my own stupidity. Yesterday, I finally got round to setting up a system using subversion and WebDAV. I am still testing it but it appears to be really easy and if it works should mean that I never lose anything again!
On my desktop in the office I run Apache, mod_dav_svn and Subversion. It gives me a subversion repository that is presented as a WebDAV share that my mac can mount and use as if it were a regular disk. By using the autoversioning option in mod_dav_svn I can make this share do a commit every time I write a file to it. Whilst the share that appears as a disk on my Mac always shows the latest version I can use a full subversion client (like the excellent Versions) to search the history of any files or data that I store there and retrieve older versions.
Even better subversion comes with a utility svnsync that allow the repository to be replicated. So my auto-versioned WebDAV share is also set up to replicate to my house.
Now there are, of course, a few niggles and things left to do.
- Autoversioning makes lots of commits. Just saving one file the other day generated 60 odd versions.
- Autoversioning gives you no chance to add a comment to a commit.
- When I tried to open an indesign file saved to the share it refused to open it the first time. Re-trying works fine. (I think this is some kind of MIME issue.)
- I am using cron to run svnsync synchronize once a day. A post-commit hook would be much better and give me real time replication.
- I wonder if I could make the WebDAV share my home directory. Or is that a step too far?
- I need to think about how this should be organized. I still want source code in a dedicated repository that I can use with a real subversion client or IDE.
It’s been a while so I thought I would try and tackle learning a bit of Ruby on Rails again. Once again I wanted to build a simple gui to an existing database. This time I had planned ahead and created the database with plural table names and a primary key called id for each table. It still seems to be very difficult to find a good explanation of using Rails with an existing database, so I thought I would write some notes.
This is what I eventually worked out (assume I have a table in mysql called things)…
rails ProjectName
cd ProjectName/
cat <<EOF >config/database.yml
development:
adapter: mysql
database: test
host: test1
username: root
password:
EOF
script/generate model things --skip-migration
script/generate scaffold thing
This will create a set of views like this one called index
<h1>Listing things</h1>
<table>
<tr>
</tr>
<% for thing in @things %>
<tr>
<td><%= link_to 'Show', thing %></td>
<td><%= link_to 'Edit', edit_thing_path(thing) %></td>
<td><%= link_to 'Destroy', thing, :confirm => 'Are you sure?', :method => :dele
te %></td>
</tr>
<% end %>
</table>
<br />
<%= link_to 'New thing', new_thing_path %>
Of course, this shows no data when you view it in your browser (http://localhost:3000/things), you just get a Show, Edit and Destroy link for each row in things. Add something like this to the <tr> element in the for loop:
<% for column in Thing.content_columns %>
<td><%=h thing.send(column.name) %></td>
<% end %>
And it works! Maybe I am making progress. Next task will be to see if I can alter the new view to add a record and then it’s on to associations…
Earlier this year I created a patch for libdkim that adds DNSSEC validation using libunbound. It will be available as part of the 2.8.0 release of dkim-milter which starts public beta next week.
If you want to try it before then the patch is available from iis.se.
I have written some notes on building Fedora DS and the Fedora DS console from source.