Friday, February 26, 2016

makeup and decorations

This week was focused on basic work on libcad, the foundations library I use for circus and other projects.

My objective, for the upcoming weeks, is to code the framework and the first message of circus's client. For that, I need two components. Since those are likely re-usable, I coded those two components into libcad.

Templating engine

Yes, there are already templating engines. But almost none target pure C and those who do have a few shortcomings, such as the inability to define a specific memory handler. I need that for security.
So I started with a well-known spec: Mustache, and wrote cad_stache, the templating engine for Mustache in C.
Soon the ringmaster will proudly show off his mustachio.

CGI framework

In the same way, I found no convincing C library for CGI handling. Most target C++, and none allow for the customization of the memory handling.
So I started from my own CGI implementation in Eiffel, and translated in libcad.
I will also implement fastCGI, later, just to be complete. The library they provide is just awful: macro-ridden, even stdin/out are replaced by macros, meaning that all the components must be aware (i.e. depend!!) on the fastcgi thingy.
Circus will not use fastCGI, because the client is actually meant to die. It's a feature, not a bug.

To be continued…

Sunday, February 21, 2016

And now come the clowns.

After some time spent in real-life, I could at last implement the next admin feature for circus: creating a new user.

When a user is created, he/she is allocated a temporary password (by default valid 15 minutes). The aim is to send an email with that temporary password, that the user must change as soon as possible. (The mail sending is not coded yet.)

This simple spec brought quite a few changes:

  • The users now have an associated email
  • The password validity can now be limited
  • For tests, the "current time" is mocked to make the tests reproducible

Now that the very basic infrastructure is in place server-side, I need to start implementing the client, so that the next features can be implemented "vertically", i.e. with actual visibility.

Happy coding!

Thursday, February 4, 2016

Jumping through hoops

The Circus server is now alive. The best proof is that it can be stopped! Ain't that magic?

So what happened since the last billet?

The server learned to stop. This very first message is important: it means that the server actually listens and is able to understand queries.

Stopping the server is not a light operation, most of all because the server is meant to be controlled by the OS (SysV, whatever). Eventually that operation will become privileged. But for now it fills its role.

The server also learned to answer. The second message, ping, sends a phrase that must be sent back.

While implementing that message, a lot of bugs were shaken out; now the ZMQ layer (channel) looks quite solid and working very well with libuv. I am quite sure of that, because the logger also uses libuv, and log messages are correctly emitted.

The server tests also got better. A small test client already got factorized and will be the basis for the following message tests.

Program for next week

More acrobatics.

I want to look at that multi-user stuff.

The basic thinking is: I would not want anybody just connecting and creating a user, now would I? So creating a user must be a privileged operation, performed by an authenticated and authorized… user…

There are a few possibilities: using PAM, or having an administrator as seed. Maybe pre-creating and filling the database.

Some thinking must happen here.

Merry hacking!