Recently in Software Category

About that Reader program...

By Patrick on December 27, 2006 1:32 PM |

I don't know what is wrong with Adobe, but their Reader install boggles the mind. The process makes no sense. You download a program which downloads a program which downloads an installer. Has Adobe noticed that most people throw up a DMG with a drag and drop install. Hell, some even put a symlink to the Applications folder in the image to save you a step.

I understand that it's a free product and that I'm not forced to install it. But Adobe is using Reader to convince me to buy Acrobat. If Acrobat is anything like dealing with Reader, well, I'll pass.

FSF Membership

By Patrick on December 10, 2005 2:12 PM |

Almost 3 years ago Mark Pilgrim invited people to pony the hell up and get a Free Software Foundation membership. He was member #140. I'm #175. He said, "Someday that will be worth a lot of geek cred."

Maybe not so much?

Network Programming

By Patrick on October 13, 2005 3:29 PM |

If you've ever had to do socket programming, there is a better than average chance you ran across Beej's Guide to Network Programming. Beej has put up a paypal link. You should really click it. Beej has a SLR lens habit he needs to feed.

SSH Tunnel to MySQL

By Patrick on September 20, 2005 10:35 AM |

If you're using an ssh tunnel to connect a nice desktop client, like Cocoa MySQL, to a remote server with strict host-based firewall rules that doesn't allow remote connections, you need to have the desktop client connect to 127.0.0.1 and not localhost. I don't know why...maybe it's just me...but one works and one doesn't.

I'm just sayin'.

HOWTO: "Fix" Secure LDAP in PHP

By Patrick on September 10, 2005 8:58 AM |

Preface: I am not an expert in encryption, SSL, or LDAP. Your install may be functioning just fine and you don’t need any of this information. You use this at your own risk as it may be completely wrong. That being said, it worked for me.

Making a secure (ldaps) connection in PHP (php-4.3.9-3.8) on Red Hat Enterprise Linux AS release 4 (Nahant Update 1) will fail if on ldap_connect (Error -1: Can’t connect to LDAP server) if the certificate cannot be verified. Due to the release of a new intermediate certificate from Verisign, it is likely that your install of openssl will not have access to that intermediate cert. Thus openssl will tell you that there is a self-signed certificate in the chain (error -19). If you recently bought a certificate from Verisign you will not find much in the way of help for dealing with LDAP, PHP, or openssl.

The answer with web servers is generally well documented, and the intermediate certificate is made available to the server to send to the client. This is good because it means that 8 trillion web browsers don’t generally need to be updated to use SSL.

It should also be noted that it is probably best to “fix” this issue at the server level rather than the client because each and every client would need to be fixed as opposed to just fixing the server once. If you do not have access to the server to fix it, this should work for you.

  1. Obtain a copy of the Verisign intermediate certificate. Save it as a text file on a system where you can run openssl binaries.

  2. Convert from PEM to ca-bundle format. Save this output as you may need to do the next few steps on multiple servers.

    #!/bin/sh
# Friendly Name
openssl x509 -in $1 -text -noout | \
sed -n -e '/^[ ]\+Subject:/{s/^.*CN=\([^,]*\).*/\1/;p}' 
# Underline Friendly Name with equal signs
openssl x509 -in $1 -text -noout | \
sed -n -e '/^[ ]\+Subject:/{s/^.*CN=\([^,]*\).*/\1/;p}' | \
sed -e 's/./=/g'
# Output Fingerprint and swap = for :
openssl x509 -in $1 -noout -fingerprint | sed -e 's/=/: /'
# Output PEM Data:
echo 'PEM Data:'
# Output Certificate
openssl x509 -in $1
# Output Cettificate text swapping Certificate with Certificate Ingredients
openssl x509 -in $1 -text -noout | sed -e 's/^Certificate:/Certificate Ingredients:/'

  3. Locate and backup your ca-bundle.crt

    locate ca-bundle.crt should show you where on your system this file lives. On RHEL /usr/share/ssl/cert.pem is also symlinked to your ca-bundle.crt.

  4. Append the converted intermediate certificate to your ca-bundle.crt file.

    You can now test using the openssl command:

    openssl s_client -host your.ldap.edu -port 636 -CAfile /usr/share/ssl/certs/ca-bundle.crt.

    A Verify return code: 0 (ok) is what you are looking for.

  5. Configure OpenLDAP on the system that PHP is running on to use your ca-bundle.crt.

    Locate your ldap.conf for OpenLDAP. On RHEL it is /etc/openldap/ldap.conf.

    Add the following: TLS_CACERT /usr/share/ssl/cert.pem (which on RHEL is a symlink to ca-bundle.crt). Thanks to Rutgers for this tidbit.

  6. Restart httpd.

PHP should now successfully connect securely to your LDAP server.

Errata

Added restart of httpd (2005-09-10 11:52:00)

Flickr Favorites Browser

By Patrick on February 12, 2005 8:18 AM |

So I made my first foray into the land of Flickr programming. I'm using the perl Flickr::API module and it was quite easy to use once I found the Linux Gazette Flickr and Perl article by Jimmy O'Regan to help me get past the perl XPath stuff. The hardest part was coming up with an idea of what to do with it. So this is what I came up with:

Neons Chalk on the sidewalk Vexed self-portrait maciej and the bulgar
Water Bottle release pure white evening ambience
Choo choo reflection intercom thingie
IMG_0803 What didja say, ma??? Hope the Pope doesn't see this... brigitta03

What is it? I'm glad you asked. It's a small sample of my Favorites Browser. The basics structure is that pictures in the first column are ones that I have marked as a favorite. The pictures that extend out in the row are the favorites from the person who took the picture that I marked as a favorite.

So the first picture in the table was taken by bopuc and the next three are his first three public favorites. Go one down, rinse, lather and repeat. Obviously this is a very static view and I plan to add more interaction. Some ideas that I'm tossing around are dynamically rebuilding the square when you click on an image, being able to enter a username or e-mail address for a starting point and maybe some kind of DHTML-fu where I use the XMLHttpRequest object to pull in favorites and build some kind of Boogle™ like game board without having to reload the page.

Anyway, this is how far I got last night before I went out to watch movies with "the guys." I can't spend all Friday night geeking out...

Update:

Some issues that I need to deal with:

  • If the first column contains two favorites from the same person, the rows will be the same. I should pull more photos to make sure that doesn't happen.
  • If the person doesn't have enough favorites to complete the row, the square effect is botched.
Pipe Pensa Rápido / Catch! Twelve Walls Marked for Demolition chillin' by the river...
fort_entrance rest tribute of lights1 private_property
sand_slope rest tribute of lights1 private_property
blue sky crumpet 06

Changing the World

By Patrick on December 9, 2004 8:12 PM |

A year ago I was wondering about some "world changing" apps. What have they been doing since then?

The Chandler chaps are hiring and the Remail people are still publishing papers.

Sometimes things move fast, sometimes they don't. Sometimes your perspective on how fast things are moving is wrong.

« Softball | Main Index | Archives | Sports »

About this Archive

This page is a archive of recent entries in the Software category.

Softball is the previous category.

Sports is the next category.

Find recent content on the main index or look in the archives to find all content.

Powered by Movable Type 4.01