Category Archives: Open Source

Open Source, Free Software, and similar

libcurl DNS resolve problems on Leopard

libcurlI found this article by Jungle Dave titled Leopard DNS Issues (and work-around), which explains how libcurl built with IPv6 support may cause trouble on MacOS X 10.5 (Leopard).

According to him, that’s because getaddrinfo() causes a SRV lookup to be made and that may be either slow or get discarded completely and thus cause trouble.

This just adds another problem to getaddrinfo() resolves then, since we already have the problem with it when resolving round-robin DNSes since more or less every machine has a bad /etc/gai.conf setup that makes getaddrinfo() return a sorted list instead of the “random” one DNS admins in the wild would prefer the users to use…

aget compared to curl

As you should know, we maintain this curl comparison table on the curl web site, and it lists a set of free tools and how they compare against curl and each other in various aspects. If you want more features compared or other tools included, please tell. Also if you disagree with any of the facts stated there, just shout!cURL

The other day I got an email asking me to add aget to the table, and since it is a free tool (original BSD licensed) with a similar purpose it would indeed fit.

So I downloaded aget 0.4 and had a go at it.

  1. The “stable” 0.4 version doesn’t build out of the tarball. It does wrong assumptions on “errno” and thus I had to manually poke on 3 source files to make it generate a fine binary! While this error is claimed to be fixed in the “devel” version, the devel version fails to build on compiler errors instead!
  2. My first test was to download aget’s own home page with aget… and it failed. It says the page is 0 bytes and it doesn’t download anything and outputs something about a bad seek 0 bytes!
  3. This really turned me off, but then I thought I should report this back to the guys rather than just blog it… but there’s no email address in the package that seems suitable, and when checking on the site I find a reference to a mailing list but when trying to read the list’s archive it just redirects back to the main page! So blogging it is.
  4. aget 0.4 from 2002, the aget devel version is from June 2004. Development seems to have stopped.
  5. I decided aget isn’t going to be added to the table by me at this time. It’ll have to mature some more first (and given the age of the tarballs I doubt that’ll happen…). I also read through the source code a bit and it really gives the impression of being a young project that hasn’t yet have time to settle since there are numerous of suspicious conclusions and source code doing “funny” things.

Intercepting Bug Reports is Bad

open sourceParticipating in and maintaining open source projects is great fun, much rewarding and very educating. One thing you always want is bug reports from users who suffer from problems, as you cannot fix problems unless you know they exist!

Yet there are several obstacles along the way that can prevent users’ reports from reaching your project. These obstacles include:

Security sites

Eager to announce a new problem, a new revealed leak or exploit, people (often) submit security- related problems directly to sites and forums dealing with security. These sites (of course) don’t forward the reports onwards, they simply assume the projects are informed as well…

Distros

People who use Linux Distributions very often feel like a user of that distro (no surprise there really!) and they therefore primarily report bugs and problems to the distro’s bug tracker. Unless the people in the distro are keen and interested enough, those reports sit there rotting away and people in the upstream project who would like to know about it are never told and thus the bug isn’t fixed…

Sometimes the bug is even fixed by the distro people and they make a newly built version available, featuring that patch, but the patch isn’t forwarded upstream either!

Related forums/mailing lists

People discussing the project in another list or forum where they are users of it. They talk about workarounds etc and sometimes even talk about “known bugs” and “existing flaws” but without ever reporting them to the originating project so they aren’t fixed. They may thus be known to the subgroup there but not upstream.

Please report upstream!

This is my cry for how this situation can be fixed: make sure that problems you know of are reported upstream to the actual project working on the project. Don’t assume that reporting it to your distro or to your neighbor is enough!

(I could easily point out examples for all these cases for projects I am involved in, but I don’t think pointing fingers will gain us anything.)

curl and libcurl 7.17.1

7.17.1 – the 102nd release of curl is out, with less than 5 months left to our ten year anniversary!

The previous release (7.17.0) included a few larger internal changes and unfortunately that had the backside that it brought a whole array of new bugs in, that we now have spent almost two months polishing off.

cURL

Apart from the twenty or so bug fixes, a range of new things are introduced as well, including improved NSS support, –proxy-negotiate, –post301 (to make curl act more standards compliant on HTTP 301 responses), –hostpubmd.

libcurl hackers will appreciate CURLOPT_OPENSOCKETFUNCTION and CURLOPT_COPYPOSTFIELDS (the latter a complement to the existing CURLOPT_POSTFIELDS that got broken in 7.17.0 if you posted binary data that contains a zero byte).

7.17.1 contains contributions by at least 16 different people (me not included).

Rockbox on iPod Touch

iPod TouchWell, not really but at least the recent “jailbreak” for it opens up the possibility…

The jailbreak seems to open up the ability to run apps on the target that are built for it, so I figure it can then theoretically be used to run whatever, and that’s why I say it is an opening for an eager and dedicated person to get Rockbox going on it.

curl references

I amuse myself by occasionally reading up on articles and posts “out there” that talk about curl and libcurl, and I often find interesting snippets and data well worth reading. Here’s a few of the ones I’ve stumbled upon recently:

  1. Tony G wrote a post to a u2 database mailing list and did an indirect praise of curl.
  2. magnetk.com writes about how to build a recent libcurl with visual studio 2005

Distros Don’t Drive Development

Lots of press and people focus on Linux distributions when they check out what happens in Linux land. This and that distro come in new releases and they offer this and that brand new feature. This is also true of the many linux podcasts. They give credit to distros for new things that pop up.

Mostly everyone of us involved in open source projects have a different view on all that:

Distros package the developments that are done elsewhere by other people. Sure they contribute with glue code and they do put pieces together in useful ways but really, most of the real grunt work – the actual sweating, is done by ordinary open source teams working independently of distros (but sure, sometimes people related to or even employed by distros contribute in such projects).

This is also part of the explanation to why most distros are at about the same level of development, why no distro outcompetes the others at one go. When X11 brings a fancy new feature, all distros have it. When compiz can rotate the screen in yet another way, all distros ship that…

Of course the other part of the explanation is that most distros release their own work as open source, free for the other distros to absorb.

In fact, many times the distros actually hinder the work of the open source projects since they add a filter to bug reports, they patch in their own dirty solutions in their distro rather than to work with the projects to do the fix the best possible way and similar.

Distros are exactly what they’re called: distributions – they distribute bundled collections of software, the vast majority of that software is not made by the distro.

wget going libcurl?

Micah Cowan is the current maintainer of GNU Wget, and he recently posted a long mail to the wgetA gnu head! mailing list titled “Thoughts on Wget 1.x, 2.0“.

Two fun quotes for the curious who don’t feel like reading the whole post:

1. On the subject of making wget deal with multiple simultanous connections/requests: The obvious solution to that is to use c-ares, which does exactly that: handle DNS queries asynchronously. Actually, I didn’t know this until just now, but c-ares was split off from ares to meet the needs of the curl developers.

2. Following the first reasoning, they can indeed get away with even less work if they base that work on an existing solution: While I’ve talked about not reinventing the wheel, using existing packages to save us the trouble of having to maintain portable async code, higher-level buffered-IO and network comm code, etc, I’ve been neglecting one more package choice. There is, after all, already a Free Software package that goes beyond handling asynchronous network operations, to specifically handle asynchronous _web_ operations; I’m speaking, of course, of libcurl. There would seem to be some obvious motivation for simply using libcurl to handle all asynchronous web traffic, and wrapping it with the logic we need to handle retries, recursion, timestamping, traversing, selecting which files to download, etc. Besides async web code, of course, we’d also automatically get support for a number of various protocols (SFTP, for example) that have been requested in Wget.libcurl

I am of course happy to see that the consideration exists – even if this won’t go further than just expressed in a mail. I did ventilate this idea to the wget people back in 2001, and even though we’re now more than six years down the road since then the situation is now even more clear: libcurl is a much more capable and proven transport layer solution and it supports much more protocols than wget is/does.

Me biased? naaah… 🙂

curl work towards release #102

libcurlThis is a bug fix week in curl land, trying to get everything sorted and fine to be able to release a really fine 7.17.1 release within a week or so. We got some nasty memory-related problems with changed protocols re-using the same easy handle, but it was good that they crept up and I think we’re doing good changes now that stabilize curl.

Release date now targeted perhaps around October 28-30.