Fun with ones and zeros

Monday, 04 May 2015


Put in a actual, recognized SSL Certificate on the site, and setup redirects to run everything through that now.

Figured that was a reasonable thing to do because people are still occasionally downloading old software from this site, and the cert was free for the year (Gandi).

Hopefully by the time it expires the Let's Encrypt service will be up and running.

posted at: 10:40 | tags: openssl | Comments | permanent link to this entry

Sunday, 08 April 2012

IPv6 World Launch Day

IPv6 Logo I've been working on getting this website up and running under IPv6, and it turned out to be somewhat involved. Firstly, I signed up with Hurricane Electric's, to get IPv6 connectivity, because my ISP doesn't offer it yet. Setup my own DNS servers running nsd, which was a bit of a learning curve, but in the long run I think it'll be better than working with goofy DNS managers like you'd find on registrar or hosting websites. NameCheap is now letting you setup IPv6 glue records right on their website (previously you had to file a support ticket), so that made things easier.

The only big glitch I ran into is that on FreeBSD, using simply

listen [::]:80;

to listen to both IPv4 and IPv6 didn't work. When trying that, I found that any request coming in as IPv4 would give weird 403 or 404 (I don't remember which) errors, where it seemed nginx just didn't know what virtual host to go to. Linux doesn't seem to have that problem. Ended up using separate listen statements, as in:

listen 80 default_server;
listen [::]:80 default_server ipv6only=on;

for the main site, but VERY IMPORTANTLY, the remaining sites could not have the ipv6only=on directive, they just simply say

listen  80;
listen [::]:80;

(found that trick in this ServerFault page). This also has the advantage of showing proper IPv4 IP addresses in the logs, instead of IPv4-mapped IPv6 addresses such as ::ffff:, so I ended up doing the same thing on a Linux box even though it handled dual-stack by default just fine.

I also for testing purposes, made aliases

To force one protocol or the other. When you use, it's not obvious which you're using.

posted at: 17:36 | tags: freebsd ipv6 nginx | Comments | permanent link to this entry

Monday, 19 March 2012

q2java and qwpython on GitHub

Quite some time ago I worked on a couple interesting projects, q2java which embedded Java into a Quake2 server and then allowed for games to be written in Java; and qwpython, which wrapped up the QuakeWorld dedicated server engine as a Python module and came with a QuakeC -> Python translator, so existing QW games like CTF could be converted to Python and hacked on from there.

Some time back I had created Subversion repositories of the various releases of those packages (didn't really know or use VCSes back then), and had them on an Apache mod_svn server. Well, SVN is kind of a PITA, and I'd like to not have to keep that server config going, so I looked at converting those repos to something else.

First tried hgsvn, which has worked pretty decently for smaller or simpler repos, but something in the q2java one make it crap out.

Next tried the hg convert extension, which worked better, but only when using a local SVN URL (like file://...), and then didn't manage to pick up the tags correctly.

Decided to give Git a try, first with Converting a Subversion repository to Git (in seven steps). It worked, but was kind of a nasty process for a Git newbie to wade through. The tags still didn't seem quite right.

Finally, realized GitHub has its own Subversion import built right into the website, and gave that a try. Very very nice, made importing the svn repo a breeze, and seems to have gotten the tags just right. Only took two steps: enter the svn URL, fill in a translation table of svn userids to git authors. I'd recommend this highly for anyone looking to move off svn. See the q2java and qwpython results here.

posted at: 19:01 | tags: git subversion | Comments | permanent link to this entry

Wednesday, 07 March 2012

PyCon 2012

Headed off for PyCon 2012 tomorrow. Last one I was at was 2007 in Dallas, can't believe it's been 5 years. Looking forward to seeing some cool stuff, and maybe playing some games in the evening.

posted at: 20:09 | tags: pycon python | Comments | permanent link to this entry

Thursday, 13 October 2011

Make sure virtualization is enabled in the BIOS

I just wasted a fair amount of time on a RedHat 6.1 box being setup to be a hypervisor with KVM, trying to figure how why when I ran virsh version it was telling me among other things

internal error Cannot find suitable emulator for x86_64

All the appropriate packages such as qemu-kvm were installed, but it just didn't seem to want to work. Finally as I was about to try reinstalling RHEL, I remoted into the actual console and saw:

kvm: disabled by bios

Doh!, and looking back in /var/log/messages the same thing was buried deep within all the boot noise. While trying to figure this out I managed to just be looking for virt or qemu in the logs and somehow didn't search for kvm. Enabled virtualization in the BIOS and everything's gravy now.

So there you go, if you're Googling that first error message and get lots of other nonsense, look for the message about the BIOS.

posted at: 15:24 | tags: kvm linux | Comments | permanent link to this entry

Monday, 08 August 2011

amqplib 1.0.0

I attended OSCON for the first time this year, and to celebrate I thought I'd wrap up the Python amqplib library a bit and consider it more-or-less finished for what it is (a simple blocking 0-8 client), and call it 1.0.0 You can find it on the in PyPi and Google Project Hosting

It's definitely a worthwhile upgrade in that it's significantly faster than amqplib 0.6.1, and has a fair number of bug fixes. Also noteworthy are support for Python 3.x (via 2to3) and IPv6

posted at: 13:24 | tags: amqp python | Comments | permanent link to this entry

Sunday, 17 July 2011

smbpasswd 1.0.2 submitted to PyPi

smbpasswd is a really old piece of software (9 years!) for generating NT/LM password hashes, suitable for use with Samba. It's in Debian/Ubuntu/Redhat repositories, and FreeBSD ports, and who knows where else.

Somehow it never got submitted to PyPi, but I took care of that today at the request of someone working on another Python module that wanted to use this as a dependency. Look for smbpasswd-1.0.2, or just easy_install smbpasswd if you're setup for that.

I changed the packaging slightly, so that the tarball extracts to smbpasswd-x.x.x instead of py-smbpasswd-x.x.x, and so bumped the version number to 1.0.2 just for the packaging changes. The library itself is unchanged.

However, I think you'd want to be very careful generating and storing LM hashes of user's passwords, they seem to be wildly insecure.

If your app can get by with just NT hashes, and you have a Python >= 2.5, you may be able to generate those using the standard Python library, and don't need this package at all. See the notes on my py-md4 page.

posted at: 14:36 | tags: python samba | Comments | permanent link to this entry

Wednesday, 13 April 2011

Rebuilding Hyper-V Linux Integration Components for a kernel upgrade

At work I've been running RedHat Enterprise Linux (RHEL) 5.6 on top of a Windows Server 2008 R2 Hyper-V host, with Linux Integration Components (LinuxIC) installed.

That all worked fine until I did a yum update on RHEL to pick up a new kernel and tried to reboot. The new kernel panicked, saying it couldn't find my LVM volume groups. Fortunately, the old kernel was still on the menu and booted OK. Turns out the new kernel didn't for whatever reason wouldn't see the virtual disks for that machine.

OK, so I needed to rebuild LinuxIC for the new kernel while running the old kernel, how to do that? The Makefile and various scripts that come with LinuxIC basically builds for and installs on the currently running kernel. Fortunately I came across this post showing a trick of replacing /bin/uname with a fake version that shows the kernel version number you want to build for. Tried that and was back in business.

I think this would work too, without messing with the original /bin/uname: create a directory somewhere, say '/tmp/fake_uname' and stick this file in it with the name uname (changing the "echo" line with the installed kernel version number you want to build for.

case $1 in
        echo "2.6.18-238.9.1.el5"
        exec /bin/uname $1

Then build and install your Linux IC with the /tmp/fake_uname prepended to your PATH as in

PATH=/tmp/fake_uname:$PATH make
PATH=/tmp/fake_uname:$PATH make install

When the LinuxIC build calls uname it finds the fake version first, and if the argument is -r shows you desired version number, otherwise falls back to the real uname.

posted at: 12:58 | tags: hyper-v linux | Comments | permanent link to this entry

Sunday, 03 April 2011

Simple debugging output in C

I don't do a whole lot of C programming, but when I do it tends to be in difficult environments like Apache modules or Samba VFS modules, where you can't just do simple printfs to get some output from your program.

I've come up with this small chunk of code I can plop in a C file to allow for optionally writing out useful information to a file somewhere on the disk.

    #include <stdarg.h>
    #include <stdio.h>
    #include <time.h>
    #define QUOTE(name) #name
    #define STR(macro) QUOTE(macro)

    static void debug_log(const char *msg, ...) {
        char timestamp[32]; // really only need 21 bytes here
        time_t now;
        va_list ap;
        FILE *f;

        now = time(NULL);
        strftime(timestamp, sizeof(timestamp), "%Y-%m-%d %H:%M:%S ", localtime(&now));

        f = fopen(STR(DEBUG_FILENAME), "a");

        fputs(timestamp, f);

        va_start(ap, msg);
        vfprintf(f, msg, ap);

        fputc('\n', f);
    #define debug_log

Within your program, you'd just sprinkle in calls to debug_log() with a format string and optional arguments, such as:

x = 5;
y = 10;
debug_log("Currently, x=%d, y=%d", x, y);

The code can then be enabled and configured to output to /tmp/foo.log (for example), by adding either

#define DEBUG_FILENAME /tmp/foo.log

to the top of your source file, or even more slickly for some things, from the commandline with

cc -DDEBUG_FILENAME=/tmp/foo.log myprogram.c

When the program is run, in your /tmp/foo.log file you'd find something like:

2011-04-03 20:30:05 Currently, x=5, y=10

If you don't define DEBUG_FILENAME, the code basically goes away, shouldn't take up any space in your binary at all.

posted at: 20:35 | tags: bugs c | Comments | permanent link to this entry

Tuesday, 29 September 2009

Flash playback on MacOSX Firefox

For a long time I've been annoyed by really jerky playback on Flash videos under Firefox on MacOSX.
This YouTube video for example, was just awful to watch, stuttering very frequently.

Turns out the fix is pretty simple: just go into about:config and increase the browser.sessionstore.interval setting in Firefox from the default of 10000 (10 seconds) to something larger like 120000 (120 seconds).
Got it from this page, even though it's talking about Ubuntu Firefox, it still applies to MacOSX and seems to have made a world of difference.

posted at: 17:57 | tags: firefox macosx | Comments | permanent link to this entry

1 2 3 4 5 6 7 8 Next>>

Feeds for /:
Atom Feed
RSS Feed

Valid XHTML 1.0 Transitional