June 30, 2014

php md5sum

#!/usr/bin/php -f
if (count($argv)<2) die("no file specified\n");

if (!file_exists($argv[1])) die ("file does not exist\n");
echo md5_file($argv[1])."\n";

June 25, 2014

git windows push hang 100%


1. Download the latest git for windows http://git-scm.com/download/win
2. git config --global sendpack.sideband false

You can also hack the git binary (either on Server or on Client) to change the string "side-band-64k" to something different such as "side-bond-64k". This essentially disables git side-band.


install gitweb on ubuntu/debian

you have to install the package gitweb sudo apt-get install gitweb

Then you have to edit the apache gitweb config file
$EDITOR /etc/apache2/conf.d/gitweb
change the line Alias /gitweb /usr/share/gitweb to Alias /git /usr/share/gitweb

open the /etc/gitweb.conf file:
you have to change the line $projectroot ".." to $projectroot "/code/git"
and change any other line containing /gitweb to /git for example
$stylesheet = "/gitweb/gitweb.css";
to $stylesheet = "/git/gitweb.css";

then reload you apache webserver with sudo /etc/init.d/apache2 force-reload


June 13, 2014

Kernel bypassing networking

Here is a selection of the many kernel-bypass solutions that are available:
These products each take their own design approaches and it’s interesting to consider choices that they make.

  • Customized kernel device driver. netmap and DNA both fork standard Intel drivers with extensions to map I/O memory into userspace.
  • Custom hardware. Myricom and Napatech both distribute bespoke device drivers for their own custom hardware (ASIC for Myricom and FPGA for Napatech).
  • Userspace library. These solutions each provide unique libraries to access their extensions. The scope varies tremendously: Ethernet I/O, libpcap compatibility, hardware-assisted traffic dispatching for multiprocessing, buffer memory management, all the way up to entire TCP/IP socket layers.
  • Licensing. netmap is open-source, DNA requires a modest license for its userspace library, Napatech requires an NDA and depends on very expensive hardware.

June 11, 2014

golang http client Server Sent Event receiver

package main

import (

func main() {
 var client *http.Client
 tr := &http.Transport{
  TLSClientConfig: &tls.Config{InsecureSkipVerify: true},

 client = &http.Client{tr, nil, nil, 0 * time.Second}

 /* open a request, can't use httpclient.Get because we need the http.Request so we can close the connection later */
 req, err := http.NewRequest("GET", "https://dev1.advistatech.com/sse2.php", nil)
 if err != nil {

 resp, err := client.Do(req)
 if err != nil {

 for {
  if err != nil {

 //respbytes, _ := ioutil.ReadAll(resp.Body)
 //log.Printf("resp: %s\n", respbytes)


June 10, 2014

California FTB live person

Service section at 800.852.5711.
The hours of operation are 7:00 a.m. - 5:00 p.m., Monday through Friday, except state holidays.
Choose the Business prompt 2 to then 4 to speak to a live representative.  

Openssl AES-NI Test

For OpenSSL versions after 1.0.1, AES-NI should be buit-in. This is how to test it:

Command A (with AES-NI) = openssl speed -elapsed -evp aes-128-cbc
Command B (Without AES-NI) = OPENSSL_ia32cap="~0x200000200000000" openssl speed -elapsed -evp aes-128-cbc

bit #33 denoting availability of PCLMULQDQ instruction (for AES-GCM computation);
bit #57 denoting AES-NI instruction set extension;

Command   16 bytes     64 bytes     256 bytes    1024 bytes   8192 bytes
A         796435.32k   845155.61k   852750.59k   860752.55k   865828.86k
B         393740.06k   431465.71k   438168.23k   443452.42k   446458.54k


June 4, 2014

How to add a schema to OpenLDAP server

vim /tmp/borrame.conf
(this is what goes in the file)

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/mypersonalschema.schema

mkdir /tmp/borrame.d
slaptest -f /tmp/borrame.conf -F /tmp/borrame.d

Edit the generated file
vim /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif

I changed the three head lines to this:
dn: cn=mypersonalschema,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: mypersonalschema

Then I deleted these lines from the bottom of the file:


And at last I inserted the new schema to the ldap tree:
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif

Add LDAP user authentication to YellowDog Linux

host ldap-server-ip-address
base ou=Users,dc=advistatech,dc=com
ssl no
pam_password md5

HOST ldap-server-ip-address
BASE ou=Users,dc=advistatech,dc=com

auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so

account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
account required /lib/security/$ISA/pam_unix.so
account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so

passwd: files ldap
shadow: files ldap
group: files ldap

You can use "getent passwd" to  list all the users in the ldap server.

To make sshd work, restart the sshd service.