Index of /phil.pennock/software/

[ICO]NameLast modifiedSizeDescription
[]RBL-check.pl-v2272008-07-24 23:0219.4KMail-server is on RBL ob.nox.ious
[PGP Signature]RBL-check.pl-v227.asc2008-07-24 23:03163PGP Signature
[TXT]RBL-check.pl.changelog.txt2008-07-24 23:054.2KRevision history
[Directory/Folder]RPMs2012-05-19 08:54-
[]desktop-notify.pl-v0.32009-11-11 09:319.4KIrssi DBUS notification plugin
[]emit_ipv6_regexp-0.3042010-01-03 02:434.3KIPv6 RegExp emitter
[PGP Signature]emit_ipv6_regexp-0.304.asc2010-01-03 02:43163PGP Signature
[src tarball]mailcheck-imap-0.406.tar.bz22010-08-14 06:2259.6KYou have 2 new mails in INBOX
[PGP Signature]mailcheck-imap-0.406.tar.bz2.asc2010-08-14 06:22163PGP Signature
[TXT]mailcheck-imap.ChangeLog.txt2010-08-14 06:2289.4KRevision history
[]puny.py-v4582011-02-06 23:444.7K
[PGP Signature]puny.py-v458.asc2011-02-06 23:44163PGP Signature
[src tarball]sieve-connect-0.81.tar.bz22011-04-02 10:1030.0KClient for the MANAGESIEVE protocol
[PGP Signature]sieve-connect-0.81.tar.bz2.asc2011-04-02 10:10163PGP Signature
[TXT]sieve-connect.ChangeLog.txt2011-04-02 10:1019.5KRevision history
[]sks_peers.py-v2852011-05-20 09:4982.7KSKS mesh mapper
[PGP Signature]sks_peers.py-v285.asc2011-05-20 09:49163PGP Signature
[TXT]sks_peers.py.ChangeLog.txt2011-09-08 22:4225.8KRevision history
[]smtp_tls_cert.pl2008-06-15 01:003.8KDump PEM-encoded TLS cert from MSA server

If a version number is encoded as -v<wholenum> then it's not directly the version of the software, it's the version of the repository I keep it in; the number will only ever go up, but there will be lots of missing intermediate values. Really, this is because I'm lazy.

You should be able to figure out a contact email address from reading whichever script you're looking at. Hints include the usercode used for SVN access and the domain of the web-server you're looking at (at the WHOIS registration level). If you want a PGP-signed sig where not already provided, ask. At the moment, most of these are scripts intended for people to read and check over, rather than just trust.

Whilst this server should also normally be available via https://, I do not normally purchase certificates from any widely distributed CA. The certificate in use is from my own personal CA, which is probably not suitable for general use. If you're interested in getting the CA cert and using HTTPS, then the cert and a PGP-signature can be obtained from www.security.spodhuis.org. That site does have a cert from a widespread PKI. Note that the Opera web-browser allows you to mark a CA certificate with a “warn me when this cert is used” flag.

If a changelog file is not up-to-date, prod me. I need to make them automatic.

Note that the above list of files is not complete; older versions exist in this directory, but aren't shown so as to reduce clutter.

If you have IPv6 connectivity then you'll be able to make use of the publicly available svn repository. It's browseable at http://svn.spodhuis.org/viewvc/ and can be checked out under /svn/. IPv6-only as I use Kerberised access and only have enough IP addresses for Kerberisation with dedicated service hostnames (as in, web vhosts) if I use IPv6.

I attempt to provide extended HTTP headers in the response, to aid in verification of retrieved files; there is a small chance that I've either made a mistake in how these are generated, or that their presence will lead to interoperability issues; if you encounter such problems, please do contact me to report the problem so we can work together to fix it. In particular, I provide the Content-MD5:, Digest: (SHA-256) and Link: headers.

RBL-check.pl
I call this from a crontab with -q my.mail.server.name to check if my server is on various RBL lists.
sieve-connect
This was written one evening after someone on the info-cyrus@ mailing-list wanted to know of a scriptable MANAGESIEVE client which could handle STARTTLS. I've tinkered with it since for improvements. I could write it fairly quickly because I'd already done most of the work in mailcheck-imap.
This used to be called sieve_connect and distributed as a standalone script. It's been moved into a tarball at the request of a user wanting to more easily package it. I've taken the opportunity to rename and to pre-generate the man-page (as relatively few people know about perldoc(1)). The Makefile is intended to be portable across make(1) implementations and failures of that are a bug. I do not intend to make a more complicated configure setup; packagers should know Unix and make.
mailcheck-imap
This is not a good example of production code. It was not written to use existing APIs for abstraction. I wrote it for self-education, whilst learning the details of authentication protocols, of SASL and IMAP and GSSAPI and more. So I re-implement SASL myself.
The nominal purpose of the script is a “You have X new and Y old mails in Z” multi-folder reporter. It reports on all of the subscribed folders in an IMAP server. It also provides for interactive command-prompts, authentication via GSSAPI or TLS client certificate with EXTERNAL SASL and a bunch of other goodies. It's also how I tab-complete IMAP mail-folder names. See the rather extensive POD documentation.
There is support for SASL integrity protection and some limited confidentiality protection when negotiated via DIGEST-MD5. GSSAPI session protection layers are supported (but typically not used, if you have TLS protection). This nests TLS/SASL in the order applied, not the pre-defined stacking order — in practice (a) servers don't offer SASL protection layers within TLS and (b) that'll be the right order anyway.
I did finally get around to making the protocol dispatch not be based on a bug.
In short, don't use this as an example of good code or the right way to do things, but it is useful for looking at how things fit together and playing around.
Versions named -vNNN have been removed from their old URL location. I messed up. See the ChangeLog at r350 for details.
desktop-notify
Plugin for the Irssi IRC client to let you register various types of alert rules so that matching communications will send a DBUS desktop IM notification. It needs a desktop which supports notification alerts and the 'notify-send' command. By default, it sends direct messages and channel messages prefixed with your nick. It can send everything on a given channel, optionally excluding certain nicks. It can send anything said by a particular user. It can blacklist certain users. It hooks into the end of the input event handlers, so that flood protection should (AIUI) already be active.
/SCRIPT LOAD desktop-notify
/dtop snoop #alertchan
sks_peers.py
This is a tool to map out the mesh of SKS (Synchronising Key Server) PGP keyservers. It's a WSGI application which I use with mod_wsgi at http://sks.spodhuis.org/sks-peers; it's a threaded application, which lingers after being spawned. After a little while, it will have populated the data structures by spidering across the stats pages; it will periodically rescan. Requests are always answered from data held in memory. It supports a second URL to fetch a list of IPs corresponding to servers which are populated with enough keys to be current, corresponding to some fast and loose statistics to define “enough”.
emit_ipv6_regexp
Emits a PCRE regexp matching IPv6 addresses per RFC 3986. Can emit as shell code to initialise a variable or can be invoked for regression tests. Useful for grepping IPv6 entries out of log-files.
puny
Takes domain-names on the cmdline and, for each, displays the input, the version fully-converted to Unicode and the version fully-converted to Punycode IDN encoding. Or you can ask for conversion in one direction on the command-line and get just the results of conversion.
Requires: Python 3.1 [only tested version; should work with 3.0 or 2.6 with some __future__ imports]