Index of /phil.pennock/software/
If a version number is encoded as -v<wholenum>
then it's not directly
the version of the software, it's the version of the repository I keep it in;
the number will only ever go up, but there will be lots of missing
intermediate values. Really, this is because I'm lazy.
You should be able to figure out a contact email address from reading
whichever script you're looking at. Hints include the usercode used for
SVN access and the domain of the web-server you're looking at (at the WHOIS
registration level). If you want a PGP-signed sig where not already provided,
ask. At the moment, most of these are scripts intended for people to read
and check over, rather than just trust.
Whilst this server should also normally be available via https://, I do
not normally purchase certificates from any widely distributed CA.
The certificate in use is from my own personal CA, which is probably not
suitable for general use. If you're interested in getting the CA cert and
using HTTPS, then the cert and a PGP-signature can be obtained from
www.security.spodhuis.org.
That site does have a cert from a widespread PKI.
Note that the Opera web-browser allows you to mark a CA certificate with a
“warn me when this cert is used” flag.
If a changelog file is not up-to-date, prod me. I need to make them
automatic.
Note that the above list of files is not complete; older versions exist in
this directory, but aren't shown so as to reduce clutter.
If you have IPv6 connectivity then you'll be able to make use of the publicly
available svn repository. It's browseable at
http://svn.spodhuis.org/viewvc/
and can be checked out under /svn/. IPv6-only as I use Kerberised
access and only have enough IP addresses for Kerberisation with dedicated
service hostnames (as in, web vhosts) if I use IPv6.
- RBL-check.pl
-
I call this from a crontab with -q my.mail.server.name
to check if my server is on various RBL lists.
- sieve-connect
-
This was written one evening after someone on the info-cyrus@
mailing-list wanted to know of a scriptable MANAGESIEVE client which could
handle STARTTLS. I've tinkered with it since for improvements. I could
write it fairly quickly because I'd already done most of the work in
mailcheck-imap.
This used to be called sieve_connect and distributed as a standalone
script. It's been moved into a tarball at the request of a user wanting to
more easily package it. I've taken the opportunity to rename and to
pre-generate the man-page (as relatively few people know about
perldoc(1)). The Makefile is intended to be portable across
make(1) implementations and failures of that are a bug. I do not
intend to make a more complicated configure setup; packagers should know
Unix and make.
- mailcheck-imap
-
This is not a good example of production code.
It was not written to use existing APIs for abstraction.
I wrote it for self-education, whilst learning the details of
authentication protocols, of SASL and IMAP and GSSAPI and more.
So I re-implement SASL myself.
The nominal purpose of the script is a
“You have X new and Y old mails in Z”
multi-folder reporter. It reports on all of the subscribed folders in an
IMAP server. It also provides for interactive command-prompts,
authentication via GSSAPI or TLS client certificate with EXTERNAL SASL and
a bunch of other goodies. It's also how I tab-complete IMAP mail-folder
names. See the rather extensive POD documentation.
There is support for SASL integrity protection and some limited confidentiality
protection when negotiated via DIGEST-MD5.
GSSAPI session protection layers are supported (but typically not used, if you
have TLS protection).
This nests TLS/SASL in the order applied,
not the pre-defined stacking order —
in practice (a) servers don't offer SASL protection layers within TLS and
(b) that'll be the right order anyway.
I did finally get around to making the protocol dispatch not be based on a bug.
In short, don't use this as an example of good code or the right way to do
things, but it is useful for looking at how things fit together and playing
around.
Versions named -vNNN have been removed from their old URL location.
I messed up. See the ChangeLog at r350 for details.
- desktop-notify
-
Plugin for the Irssi IRC client to let you register various types of alert rules
so that matching communications will send a DBUS desktop IM notification.
It needs a desktop which supports notification alerts and the 'notify-send' command.
By default, it sends direct messages and channel messages prefixed with your nick.
It can send everything on a given channel, optionally excluding certain nicks.
It can send anything said by a particular user.
It can blacklist certain users.
It hooks into the end of the input event handlers, so that flood protection should
(AIUI) already be active.
/SCRIPT LOAD desktop-notify
/dtop snoop #alertchan
- sks_peers.py
-
This is a tool to map out the mesh of
SKS (Synchronising Key Server)
PGP keyservers. It's a WSGI application which I use with mod_wsgi at
http://sks.spodhuis.org/sks-peers;
it's a threaded application, which lingers after being spawned.
After a little while, it will have populated the data structures by
spidering across the stats pages; it will periodically rescan.
Requests are always answered from data held in memory.
It supports a second URL to fetch a list of IPs corresponding to servers
which are populated with enough keys to be current, corresponding to some
fast and loose statistics to define “enough”.
- emit_ipv6_regexp
-
Emits a PCRE regexp matching IPv6 addresses per RFC 3986. Can emit as shell code
to initialise a variable or can be invoked for regression tests.
Useful for grepping IPv6 entries out of log-files.
![[ICO]](/icons/blank.png){kind=icon}
![[]](/icons/binary.png){kind=icon}
![[PGP Signature]](/icons/quill.png "PGP Signature"){kind=icon}
![[TXT]](/icons/text.png "TXT"){kind=icon}
![[src tarball]](/icons/tar.png "src tarball"){kind=icon}