timdoug's interesting tidbits
Little bits of technical documentation and such. Hopefully helpful.
Using TLS v1.2 with OpenVPN 2.3.4
It's disabled by default, and if you add e.g. tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 (a TLS v1.2 cipher) to your server config it silently breaks. The solution is to add tls-version-min 1.2 to both the server and client config, and then it works like a charm. OpenVPN 2.3.3 added support for v1.2, so this won't work with anything older than 2.3.3.
Setting up IPv6 with Sonic.net and an OpenWRT Router
This uses the newer 6rd mechanism instead of the 6in4 tunnels, so other documentation you enounter may inapplicable. I'm using nightly builds; YMMV with stable builds.
- Enable "LAN Subport" on the equipment provided by Sonic.net for your OpenWRT router (might work with double NAT, haven't tried)
- On your router: opkg update && opkg install 6rd (if it complains about version conflicts, try flashing the most recent build)
- Make the wan6 entry in your /etc/config/network look like so:
config interface 'wan6'
option proto '6rd'
option peeraddr '188.8.131.52'
option ip6prefix '2602:240::'
option ip6prefixlen '28'
- /etc/init.d/networking restart
- Disconnect and reconnect your machine, and IPv6 autoconfiguration should be good to go.
Addresses were taken from this post
on the Sonic.net forums, and configuration for OpenWRT from here
How to install and use Errbit through nginx & Passenger
Capistrano scares the shit out of me. I'd rather know what I'm deploying, rather than rely on some foreign script, thank you very much. To install Errbit and deploy with Passenger through nginx, try this:
git clone https://github.com/errbit/errbit.git
vi config/config.yml # and change hostnames / SMTP settings
vi config/mongoid.yml # and change production mongo settings
echo "Errbit::Application.config.secret_token = '$(bundle exec rake secret)'" > config/initializers/secret_token.rb
RAILS_ENV=production rake assets:precompile
RAILS_ENV=production rake db:mongoid:create_indexes
RAILS_ENV=production rake db:seed
Then add something like the following to your nginx config:
Use tcpdump to download arbitrary Flash videos
I came across an interesting video on the web that I wanted to watch offline, but it played through a Flash application, there were no download links, grabbing the stream by looking through the HTML/DOM was nontrivial, and the youtube-dl mainstay didn't work. tcpdump to the rescue!
- tcpdump -v -i <interface> -w output.cap
- Load the video up and start playing. Sadly, this has to be done in real-time.
- When done, tcpflow -r output.cap
- The largest file should be your video; use an editor to strip the HTTP headers from the beginning.
- If all goes well, you should have a video.flv. For extra credit, use ffmpeg -i video.flv to see if it's H.264/AAC. If so, use ffmpeg -i video.flv -acodec copy -vcodec copy video.mp4 for lossless container conversion to a standard MPEG-4 Part 14 file.
Thanks to this post
for the tip.
Fun summer projects
So. With a summer ahead of me, there are a few things I want to get into now that I have the time. A list:
- Get and play with an Arduino/Atmel AVR
- Create a much less crufty compiler with
PLY (python lex-yacc) and maybe
LLVM too (llvm-py maybe?)
- Follow the Jonesforth
tutoral, and get better at x86 asm at the same time
- PS3/CUDA/SIMD fun & benchmarks
- Finally release that mixtape I've been working on
- Brush up on my Starcraft abilities
- Learn Erlang,
and read through SICP again