Search Results

Search found 1154 results on 47 pages for 'rsa sha1'.

Page 38/47 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >

• c# How to Verify Signature, Loading PUBLIC KEY From PEM file?

  - by bbirtle

  I'm posting this in the hope it saves somebody else the hours I lost on this really stupid problem involving converting formats of public keys. If anybody sees a simpler solution or a problem, please let me know! The eCommerce system I'm using sends me some data along with a signature. They also give me their public key in .pem format. The .pem file looks like this: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe+hkicNP7ROHUssGNtHwiT2Ew HFrSk/qwrcq8v5metRtTTFPE/nmzSkRnTs3GMpi57rBdxBBJW5W9cpNyGUh0jNXc VrOSClpD5Ri2hER/GcNrxVRP7RlWOqB1C03q4QYmwjHZ+zlM4OUhCCAtSWflB4wC Ka1g88CjFwRw/PB9kwIDAQAB -----END PUBLIC KEY----- Here's the magic code to turn the above into an "RSACryptoServiceProvider" which is capable of verifying the signature. Uses the BouncyCastle library, since .NET apparently (and appallingly cannot do it without some major headaches involving certificate files): RSACryptoServiceProvider thingee; using (var reader = File.OpenText(@"c:\pemfile.pem")) { var x = new PemReader(reader); var y = (RsaKeyParameters)x.ReadObject(); thingee = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); var pa = new RSAParameters(); pa.Modulus = y.Modulus.ToByteArray(); pa.Exponent = y.Exponent.ToByteArray(); thingee.ImportParameters(pa); } And then the code to actually verify the signature: var signature = ... //reads from the packet sent by the eCommerce system var data = ... //reads from the packet sent by the eCommerce system var sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data)); byte[] bSignature = Convert.FromBase64String(signature); ///Verify signature, FINALLY: var hasValidSig = thingee.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bSignature);

  Read the article

• Using the public ssh key from local machine to access two remote users [closed]

  - by Nick

  I have an new Ubuntu (Hardy 8.04) server; it has two users, Alice and Bob. Alice is listed in sudoers. I appended my public ssh key (my local machine's public key local/Users/nick/.ssh/id_rsa.pub) to authorized_keys in remote_server/home/Alice/.ssh/authorized_keys, changed the permissions on Alice/.ssh/ to 700 and Alice/.ssh/authorized_keys to 600, and both the file and folder are owned my Alice. Then added I Alice to sshd_config (AllowUsers Alice). This works and I can login into Alice: ssh -v [email protected] ... debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from 123.456.789.00 I then copied the authorized_keys file remote_server/home/Alice/.ssh/authorized_keys to remote_server/home/Bob/.shh/authorized_keys and changed the permissions and ownership and added Bob to AllowUsers in sshd_config (AllowUsers Alice Bob). Now when I try to login to Bob it will not authenticate the same public key. ssh -v [email protected] ... debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works?

  Read the article

• File not found on RSACryptoServiceProvider, service account permissions?

  - by Ben Scheirman

  Our web service wraps around a third party library that contains the following code. We are using an Active Directory service account in the IIS 6 app pool (no interactive login abilities). Our service fails with the error “The system cannot find the file specified”. We’ve traced the error to the “RSACryptoServiceProvider provider = new RSACryptoServiceProvider();”. The third party assembly depends on a x509 file based certificate for its encryption process and the Service Account has Read / Write access to the keys folder. Additionally, the service account has Read, Write, Modify rights to “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys”. Code: StringBuilder builder = new StringBuilder(publicKeyData); builder.Replace("-----BEGIN CERTIFICATE-----", ""); builder.Replace("-----END CERTIFICATE-----", ""); X509Certificate2 certificate = new X509Certificate2( Convert.FromBase64String(builder.ToString())); string xmlString = certificate.PublicKey.Key.ToXmlString(false); RSACryptoServiceProvider provider = new RSACryptoServiceProvider(); //BOOM CspKeyContainerInfo containerInfo = provider.CspKeyContainerInfo; provider.PersistKeyInCsp = false; provider.FromXmlString(xmlString); loadedKeys.Add(key, provider); provider2 = provider; We cracked open FileMon and noticed that there is a FILE NOT FOUND for that AppPool, followed by another SUCCESS for the same exact file. I'm out of my element here, anybody have an idea as to why we're seeing this?

  Read the article

• Having problems with uploading photos to TwitPic using OAuth in Objective C on the iPhone

  - by M. Bedi

  I have been working on an iPhone app that has a feature of uploading photos to TwitPic. I have it working with basic authentication. I am trying to get it working with OAuth. I am getting authentication errors. I have studied very carefully the TwitPic documentation. I am authorising the app by displaying a UI Web View and the it returns a PIN value. I enter the PIN value in the app and request the token. I am able to upload status updates to Twitter but not photos. My code is based on some example code from here: Example iPhone app using OAuth Here is my code: NSString *url = @"http://api.twitpic.com/2/upload.json"; NSString *oauth_header = [oAuth oAuthHeaderForMethod:@"POST" andUrl:url andParams:nil]; NSLog(@"OAuth header : %@\n\n", oauth_header); ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:[NSURL URLWithString:url]]; [request addRequestHeader:@"User-Agent" value:@"ASIHTTPRequest"]; request.requestMethod = @"POST"; [request addRequestHeader:@"X-Auth-Service-Provider" value:@"https://api.twitter.com/1/account/verify_credentials.json"]; [request addRequestHeader:@"X-Verify-Credentials-Authorization" value:oauth_header]; NSData *imageRepresentation = UIImageJPEGRepresentation(imageToUpload, 0.8); [request setData:imageRepresentation forKey:@"media"]; [request setPostValue:@"Some Message" forKey:@"message"]; [request setPostValue:TWITPIC_API_KEY forKey:@"key"]; [request setDelegate:self]; [request setDidFinishSelector:@selector(requestDone:)]; [request setDidFailSelector:@selector(requestFailed:)]; [request start]; Here is the OAuth Header: OAuth realm="http://api.twitter.com/", oauth_timestamp="1275492425", oauth_nonce="b686f20a18ba6763ac52b689b2ac0c421a9e4013", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="zNbW3Xi3MuS7i9cpz6fw", oauth_version="1.0", oauth_token="147275699-jmrjpwk3B6mO2FX2BCc9Ci9CRBbBKYW1bOni2MYs", oauth_signature="d17HImz6VgygZgbcp845CD2qNnI%3D"

  Read the article

• Server port 16080 problem: webserver adds the port number 16080 in the URL

  - by Juri

  Hello everybody. On my wordpress website one little thing doesn't work. Sometimes the Webserver adds the port number 16080 in the URL, which leads to an error (network timeout). Wrong: http://www.example.com:16080/about-us/weekly-program/?month=may&yr=2010 Correct: http://www.example.com/about-us/weekly-program/?month=may&yr=2010 Has someone a "Server port 16080 problem fix"? Is it possible, that I need to add a ServerName directive to the config file to tell the domain name of the server? Cheers Juri !!!update!!! PS: Here is the site configuration, don't ask me to change the 16080 to 80, because that screwes up everyone else's websites... Please let me know what you think of the configuration: ## Default Virtual Host Configuration <VirtualHost *:16080> ServerName example.com ServerAdmin [email protected] DocumentRoot "/Library/WebServer/Documents/WMsites/example.com/wordpress" DirectoryIndex "index.html" "index.php" CustomLog "/var/log/httpd/access_log" "%{PC-Remote-Addr}i %l %u %t \"%r\" %>s %b" ErrorLog "/var/log/httpd/error_log" ErrorDocument 404 /error.html <IfModule mod_ssl.c> SSLEngine Off SSLLog "/var/log/httpd/ssl_engine_log" SSLCertificateFile "/etc/certificates/Default.crt" SSLCertificateKeyFile "/etc/certificates/Default.key" SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL" </IfModule> <IfModule mod_dav.c> DAVLockDB "/var/run/davlocks/.davlock100" DAVMinTimeout 600 </IfModule> <Directory "/Library/WebServer/Documents/WMsites/example.com/wordpress"> Options All -Indexes -ExecCGI -Includes +MultiViews <IfModule mod_dav.c> DAV Off </IfModule> AllowOverride All </Directory> <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F] </IfModule> <IfModule mod_alias.c> </IfModule> LogLevel warn ServerAlias www.example.com ServerAlias example.com </VirtualHost>

  Read the article

• Can the public ssh key from my local machine be used to access two different users on a remote serve

  - by Nick

  I have an new ubuntu (hardy 8.04) server, it has two users, User1 and User2. User1 is listed in sudoers. I appended my public ssh key (my local machine's public key local/Users/nick/.ssh/id_rsa.pub) to authorized_keys in remote_server/home/user1/.ssh/authorized_keys, changed the permissions on user1/.ssh/ to 700 and user1/.ssh/authorized_keys to 600 and both file and folder are owned my User1. Then added I User1 to sshd_config (AllowUsers User1). This works and I can login into User1 debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from ..*.* I then copied the authorized_keys file remote_server/home/user1/.ssh/authorized_keys to remote_server/home/user2/.shh/authorized_keys and changed the permissions and ownership and added User2 to AllowUsers in sshd_config (AllowUsers User1 User2). Now when I try to login to User2 it will not authenticate the same public key. debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works? Thanks in advance, Nick

  Read the article

• Uploading to google Docs - Unknown authorization header Error 401 - PLease Help

  - by Ali

  Hi guys I'm trying to upload a document to google docs but I'm getting an error namely an Unknown authorization header Error 401 to be exact.. I'm developing for google apps marketplace here - my code for uploading is: $client = getGoogleClient(); $docs = new Zend_Gdata_Docs($client); uploadDocument($docs, true, $FILES['file']['name'], $FILES['file']['tmp_name']); function getGoogleClient() { $options = array( 'requestScheme' => Zend_Oauth::REQUEST_SCHEME_HEADER, 'version' => '1.0', 'signatureMethod' => 'HMAC-SHA1', 'consumerKey' => $CONSUMER_KEY, 'consumerSecret' => $CONSUMER_SECRET ); $consumer = new Zend_Oauth_Consumer($options); $token = new Zend_Oauth_Token_Access(); $httpClient = $token->getHttpClient($options); return $httpClient; } function uploadDocument($docs, $html, $originalFileName, $temporaryFileLocation) { $fileToUpload = $originalFileName; if ($temporaryFileLocation) { $fileToUpload = $temporaryFileLocation; } $newDocumentEntry = $docs->uploadFile($fileToUpload, $originalFileName, null, Zend_Gdata_Docs::DOCUMENTS_LIST_FEED_URI); // this function never executes completely I get the error $alternateLink = ''; foreach ($newDocumentEntry->link as $link) { if ($link->getRel() === 'alternate') { $alternateLink = $link->getHref(); } } return $alternateLink; } ANy ideas ?

  Read the article

• Can the same ssh key be used to access two different users on the same server?

  - by Nick

  I have an new ubuntu (hardy 8.04) server, it has two users, User1 and User2. User1 is listed in sudoers. I appended my public ssh key to authorized_keys in /home/user1/.ssh/authorized_keys, changed the permissions on user1/.ssh/ to 700 and user1/.ssh/authorized_keys to 600 and both file and folder are owned my User1. Then added I User1 to sshd_config (AllowUsers User1). This works and I can login into User1 debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from 86.141.61.197 I then copied the authorized_keys file to /home/user2/.shh/ and changed the permissions and ownership and added User2 to AllowUsers in sshd_config (AllowUsers User1 User2). Now when I try to login to User2 it will not authenticate the same public key. debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works? Thanks in advance, Nick

  Read the article

• Scapy Installed, when i use it as module Its full of errors ???

  - by Rami Jarrar

  I installed scapy 2.xx (after get some missed modules to make it install),, then i'm trying to use it as module in my python programs,, but i cant it give me alot of errors, I download and installed some missed modules and finally i'm depressed, because this error, after hard work i got this Traceback (most recent call last): File "<pyshell#0>", line 1, in <module> from scapy.all import * File "C:\Python26\scapy\all.py", line 43, in <module> from crypto.cert import * File "C:\Python26\scapy\crypto\cert.py", line 15, in <module> from Crypto.PublicKey import * File "C:\Python26\lib\Crypto\PublicKey\RSA.py", line 34, in <module> from Crypto import Random File "C:\Python26\lib\Crypto\Random\__init__.py", line 29, in <module> import _UserFriendlyRNG File "C:\Python26\lib\Crypto\Random\_UserFriendlyRNG.py", line 36, in <module> from Crypto.Random.Fortuna import FortunaAccumulator File "C:\Python26\lib\Crypto\Random\Fortuna\FortunaAccumulator.py", line 36, in <module> import FortunaGenerator File "C:\Python26\lib\Crypto\Random\Fortuna\FortunaGenerator.py", line 32, in <module> from Crypto.Util import Counter File "C:\Python26\lib\Crypto\Util\Counter.py", line 27, in <module> import _counter ImportError: No module named _counter by do the following code: from scapy.all import * p=sr1(IP(dst=ip_dst)/ICMP()) if p: p.show() so what should i do,, is there a solution for this ???

  Read the article

• How to replace openSSL calls with C# code?

  - by fonix232

  Hey there again! Today I ran into a problem when I was making a new theme creator for chrome. As you may know, Chrome uses a "new" file format, called CRX, to manage it's plugins and themes. It is a basic zip file, but a bit modified: "Cr24" + derkey + signature + zipFile And here comes the problem. There are only two CRX creators, written in Ruby or Python. I don't know neither language too much (had some basic experience in Python though, but mostly with PyS60), so I would like to ask you to help me convert this python app to a C# code that doesn't depend on external programs. Also, here is the source of crxmake.py: #!/usr/bin/python # Cribbed from http://github.com/Constellation/crxmake/blob/master/lib/crxmake.rb # and http://src.chromium.org/viewvc/chrome/trunk/src/chrome/tools/extensions/chromium_extension.py?revision=14872&content-type=text/plain&pathrev=14872 # from: http://grack.com/blog/2009/11/09/packing-chrome-extensions-in-python/ import sys from array import * from subprocess import * import os import tempfile def main(argv): arg0,dir,key,output = argv # zip up the directory input = dir + ".zip" if not os.path.exists(input): os.system("cd %(dir)s; zip -r ../%(input)s . -x '.svn/*'" % locals()) else: print "'%s' already exists using it" % input # Sign the zip file with the private key in PEM format signature = Popen(["openssl", "sha1", "-sign", key, input], stdout=PIPE).stdout.read(); # Convert the PEM key to DER (and extract the public form) for inclusion in the CRX header derkey = Popen(["openssl", "rsa", "-pubout", "-inform", "PEM", "-outform", "DER", "-in", key], stdout=PIPE).stdout.read(); out=open(output, "wb"); out.write("Cr24") # Extension file magic number header = array("l"); header.append(2); # Version 2 header.append(len(derkey)); header.append(len(signature)); header.tofile(out); out.write(derkey) out.write(signature) out.write(open(input).read()) os.unlink(input) print "Done." if __name__ == '__main__': main(sys.argv) Please could you help me?

  Read the article

• Integrating twitpic OAuth for iPhone.

  - by asadqamber

  How can I integrate twitpic API with OAuth for posting an image from iPhone? Any help or tutorial? Currently I am doing... NSURL *twitpicURL = [NSURL URLWithString:@"http://api.twitpic.com/2/upload.format"]; theRequest = [NSMutableURLRequest requestWithURL:twitpicURL]; [theRequest setHTTPMethod:@"POST"]; // Set the params NSString *message = theMessage; [theRequest addValue:@"http://api.twitter.com/" forHTTPHeaderField:@"OAuth realm"]; [theRequest addValue:TWITPIC_API_KEY forHTTPHeaderField:@"oauth_consumer_key"]; [theRequest addValue:@"HMAC-SHA1" forHTTPHeaderField:@"oauth_signature_method"]; [theRequest addValue:USER_OAUTH_TOKEN forHTTPHeaderField:@"oauth_token"]; [theRequest addValue:USER_OAUTH_SECRET forHTTPHeaderField:@"oauth_secret"]; [theRequest addValue: @"1272325550" forHTTPHeaderField:@"oauth_timestamp"]; [theRequest addValue:nil forHTTPHeaderField:@"oauth_nonce"]; [theRequest addValue:@"1.0" forHTTPHeaderField:@"oauth_version"]; [theRequest addValue:nil forHTTPHeaderField:@"oauth_signature"]; NSMutableData *postBody = [NSMutableData data]; [postBody appendData:[[NSString stringWithFormat:@"Content-Disposition: form-data; name=\"source\"\r\n\r\n"] dataUsingEncoding:NSUTF8StringEncoding]]; [postBody appendData:[[NSString stringWithFormat:@"lighttable"] dataUsingEncoding:NSUTF8StringEncoding]]; // Message [postBody appendData:[[NSString stringWithFormat:@"Content-Disposition: form-data; name=\"message\"\r\n\r\n%@", message]dataUsingEncoding:NSUTF8StringEncoding]]; // Media [postBody appendData:[[NSString stringWithFormat:@"Content-Disposition: form-data; name=\"media\"; filename=\"%@\"\r\n", @"doc_twitpic_image.jpg"] dataUsingEncoding:NSUTF8StringEncoding]]; [postBody appendData:[[NSString stringWithFormat:@"Content-Type: image/jpg\r\n"] dataUsingEncoding:NSUTF8StringEncoding]]; // data as JPEG [postBody appendData:[[NSString stringWithFormat:@"Content-Transfer-Encoding: binary\r\n\r\n"] dataUsingEncoding:NSUTF8StringEncoding]]; [postBody appendData:[NSData dataWithData:image]]; [theRequest setHTTPBody:postBody]; [theRequest setValue:[NSString stringWithFormat:@"%d", [postBody length]] forHTTPHeaderField:@"Content-Length"]; theConnection = [[NSURLConnection alloc] initWithRequest:theRequest delegate:self];

  Read the article

• Automate the signature of the update.rdf manifest for my firefox extension

  - by streetpc

  Hello, I'm developing a firefox extension and I'd like to provide automatic update to my beta-testers (who are not tech-savvy). Unfortunately, the update server doesn't provide HTTPS. According to the Extension Developer Guide on signing updates, I have to sign my update.rdf and provide an encoded public key in the install.rdf. There is the McCoy tool to do all of this, but it is an interactive GUI tool and I'd like to automate the extension packaging using an Ant script (as this is part of a much bigger process). I can't find a more precise description of what's happening to sign the update.rdf manifest than below, and McCoy source is an awful lot of javascript. The doc says: The add-on author creates a public/private RSA cryptographic key pair. The public part of the key is DER encoded and then base 64 encoded and added to the add-on's install.rdf as an updateKey entry. (...) Roughly speaking the update information is converted to a string, then hashed using a sha512 hashing algorithm and this hash is signed using the private key. The resultant data is DER encoded then base 64 encoded for inclusion in the update.rdf as an signature entry. I don't know well about DER encoding, but it seems like it needs some parameters. So would anyone know either the full algortihm to sign the update.rdf and install.rdf using a predefined keypair, or a scriptable alternative to McCoy whether a command-line tool like asn1coding will suffise a good/simple developer tutorial on DER encoding

  Read the article

• How to Verify Signature, Loading PUBLIC KEY From PEM file?

  - by bbirtle

  I'm posting this in the hope it saves somebody else the hours I lost on this really stupid problem involving converting formats of public keys. If anybody sees a simpler solution or a problem, please let me know! The eCommerce system I'm using sends me some data along with a signature. They also give me their public key in .pem format. The .pem file looks like this: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe+hkicNP7ROHUssGNtHwiT2Ew HFrSk/qwrcq8v5metRtTTFPE/nmzSkRnTs3GMpi57rBdxBBJW5W9cpNyGUh0jNXc VrOSClpD5Ri2hER/GcNrxVRP7RlWOqB1C03q4QYmwjHZ+zlM4OUhCCAtSWflB4wC Ka1g88CjFwRw/PB9kwIDAQAB -----END PUBLIC KEY----- Here's the magic code to turn the above into an "RSACryptoServiceProvider" which is capable of verifying the signature. Uses the BouncyCastle library, since .NET apparently (and appallingly cannot do it without some major headaches involving certificate files): RSACryptoServiceProvider thingee; using (var reader = File.OpenText(@"c:\pemfile.pem")) { var x = new PemReader(reader); var y = (RsaKeyParameters)x.ReadObject(); thingee = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); var pa = new RSAParameters(); pa.Modulus = y.Modulus.ToByteArray(); pa.Exponent = y.Exponent.ToByteArray(); thingee.ImportParameters(pa); } And then the code to actually verify the signature: var signature = ... //reads from the packet sent by the eCommerce system var data = ... //reads from the packet sent by the eCommerce system var sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data)); byte[] bSignature = Convert.FromBase64String(signature); ///Verify signature, FINALLY: var hasValidSig = thingee.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bSignature);

  Read the article

• https not redirecting to mongrel upstream

  - by kip

  Normal http is working fine for me with nginx and mongrel, however when i attempt to use https I am directed to the "welcome to nginx page". http { # passenger_root /opt/passenger-2.2.11; # passenger_ruby /usr/bin/ruby1.8; include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; upstream mongrel { server 00.000.000.000:8000; server 00.000.000.000:8001; } server { listen 443; server_name domain.com; ssl on; ssl_certificate /etc/ssl/localcerts/domain_combined.crt; ssl_certificate_key /etc/ssl/localcerts/www.domain.com.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; # ssl_prefer_server_ciphers on; location / { root /current/public/; index index.html index.htm; proxy_set_header X_FORWARDED_PROTO https; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mongrel; } } }

  Read the article

• Getting SSL to work with Apache/Passenger on OSX

  - by jonnii

  I use apache/passenger on my development machine, but need to add SSL support (something which isn't exposed through the control panel). I've done this before in production, but for some reason I can't seem to get it work on OSX. The steps I've followed so far are from a default apache osx install: Install passenger and passenger preference pane. Add my rails app (this works) Create my ca.key, server.crt and server.key as detailed on the apple website. At this point I need to start editing the apache configs, so I added: # Apache knows to listen on port 443 for ssl requests. Listen 443 Listen 80 I thought I'd try editing the passenger pref pane generated config first to get everything working, when I add: It starts off looking like this <VirtualHost *:80> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <Directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </Directory> </VirtualHost> I then append this: <VirtualHost *:443> ServerName myapp.local DocumentRoot "/Users/jonnii/programming/ruby/myapp/public" RailsEnv development <directory "/Users/jonnii/programming/ruby/myapp/public"> Order allow,deny Allow from all </directory> # SSL Configuration SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars +StrictRequire #Self Signed certificates SSLCertificateFile /private/etc/apache2/ssl.key/server.crt SSLCertificateKeyFile /private/etc/apache2/ssl.key/server.key SSLCertificateChainFile /private/etc/apache2/ssl.key/ca.crt SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 </VirtualHost> The files referenced all exist (I doubled checked that), but now when I restart my apache I can't even get to myapp.local. However apache can still server the default page when I click on it in the sharing preference panel. Any help would be greatly appreciated.

  Read the article

• Django's self.client.login(...) does not work in unit tests

  - by thebossman

  I have created users for my unit tests in two ways: 1) Create a fixture for "auth.user" that looks roughly like this: { "pk": 1, "model": "auth.user", "fields": { "username": "homer", "is_active": 1, "password": "sha1$72cd3$4935449e2cd7efb8b3723fb9958fe3bb100a30f2", ... } } I've left out the seemingly unimportant parts. 2) Use 'create_user' in the setUp function (although I'd rather keep everything in my fixtures class): def setUp(self): User.objects.create_user('homer', '[email protected]', 'simpson') Note that the password is simpson in both cases. I've verified that this info is correctly being loaded into the test database time and time again. I can grab the User object using User.objects.get. I can verify the password is correct using 'check_password.' The user is active. Yet, invariably, self.client.login(username='homer', password='simpson') FAILS. I'm baffled as to why. I think I've read every single Internet discussion pertaining to this. Can anybody help? The login code in my unit test looks like this: login = self.client.login(username='homer', password='simpson') self.assertTrue(login) Thanks.

  Read the article

• I am Unable to Post Xml to Linkedin Share API

  - by Vijesh V.Nair

  I am using Delphi 2010, with Indy 10.5.8(svn version) and oAuth.pas from chuckbeasley. I am able to collect token with app key and App secret, authorize token with a web page and Access the final token. Now I have to post a status with Linkedin’s Share API. I am getting a unauthorized response. My request and responses are giving bellow. Request, POST /v1/people/~/shares HTTP/1.0 Content-Encoding: utf-8 Content-Type: text/xml; charset=us-ascii Content-Length: 999 Authorization: OAuth oauth_consumer_key="xxx",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1340438599",oauth_nonce="BB4C78E0A6EB452BEE0FAA2C3F921FC4",oauth_version="1.0",oauth_token="xxx",oauth_signature="Pz8%2FPz8%2FPz9ePzkxPyc%2FDD82Pz8%3D" Host: api.linkedin.com Accept: text/html, */* Accept-Encoding: identity User-Agent: Mozilla/3.0 (compatible; Indy Library) %3C%3Fxml+version=%25221.0%2522%2520encoding%253D%2522UTF-8%2522%253F%253E%253Cshare%253E%253Ccomment%253E83%2525%2520of%2520employers%2520will%2520use%2520social%2520media%2520to%2520hire%253A%252078%2525%2520LinkedIn%252C%252055%2525%2520Facebook%252C%252045%2525%2520Twitter%2520%255BSF%2520Biz%2520Times%255D%2520http%253A%252F%252Fbit.ly%252FcCpeOD%253C%252Fcomment%253E%253Ccontent%253E%253Ctitle%253ESurvey%253A%2520Social%2520networks%2520top%2520hiring%2520tool%2520-%2520San%2520Francisco%2520Business%2520Times%253C%252Ftitle%253E%253Csubmitted-url%253Ehttp%253A%252F%252Fsanfrancisco.bizjournals.com%252Fsanfrancisco%252Fstories%252F2010%252F06%252F28%252Fdaily34.html%253C%252Fsubmitted-url%253E%253Csubmitted-image-url%253Ehttp%253A%252F%252Fimages.bizjournals.com%252Ftravel%252Fcityscapes%252Fthumbs%252Fsm_sanfrancisco.jpg%253C%252Fsubmitted-image-url%253E%253C%252Fcontent%253E%253Cvisibility%253E%253Ccode%253Eanyone%253C%252Fcode%253E%253C%252Fvisibility%253E%253C%252Fshare%253E Response, HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 x-li-request-id: K14SWRPEPL Date: Sat, 23 Jun 2012 08:07:17 GMT Vary: * x-li-format: xml Content-Type: text/xml;charset=UTF-8 Content-Length: 341 Connection: keep-alive <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <error> <status>401</status> <timestamp>1340438838344</timestamp> <request-id>K14SWRPEPL</request-id> <error-code>0</error-code> <message>[unauthorized]. OAU:xxx|nnnnn|*01|*01:1340438599:Pz8/Pz8/Pz9ePzkxPyc/DD82Pz8=</message> </error> Please help. Regards, Vijesh Nair

  Read the article

• Makefile : Build in a separate directory tree

  - by Simone Margaritelli

  My project (an interpreted language) has a standard library composed by multiple files, each of them will be built into an .so dynamic library that the interpreter will load upon user request (with an import directive). Each source file is located into a subdirectory representing its "namespace", for instance : The build process has to create a "build" directory, then when each file is compiling has to create its namespace directory inside the "build" one, for instance, when compiling std/io/network/tcp.cc he run an mkdir command with mkdir -p build/std/io/network The Makefile snippet is : STDSRC=stdlib/std/hashing/md5.cc \ stdlib/std/hashing/crc32.cc \ stdlib/std/hashing/sha1.cc \ stdlib/std/hashing/sha2.cc \ stdlib/std/io/network/http.cc \ stdlib/std/io/network/tcp.cc \ stdlib/std/io/network/smtp.cc \ stdlib/std/io/file.cc \ stdlib/std/io/console.cc \ stdlib/std/io/xml.cc \ stdlib/std/type/reflection.cc \ stdlib/std/type/string.cc \ stdlib/std/type/matrix.cc \ stdlib/std/type/array.cc \ stdlib/std/type/map.cc \ stdlib/std/type/type.cc \ stdlib/std/type/binary.cc \ stdlib/std/encoding.cc \ stdlib/std/os/dll.cc \ stdlib/std/os/time.cc \ stdlib/std/os/threads.cc \ stdlib/std/os/process.cc \ stdlib/std/pcre.cc \ stdlib/std/math.cc STDOBJ=$(STDSRC:.cc=.so) all: stdlib stdlib: $(STDOBJ) .cc.so: mkdir -p `dirname $< | sed -e 's/stdlib/stdlib\/build/'` $(CXX) $< -o `dirname $< | sed -e 's/stdlib/stdlib\/build/'`/`basename $< .cc`.so $(CFLAGS) $(LDFLAGS) I have two questions : 1 - The problem is that the make command, i really don't know why, doesn't check if a file was modified and launch the build process on ALL the files no matter what, so if i need to build only one file, i have to build them all or use the command : make path/to/single/file.so Is there any way to solve this? 2 - Any way to do this in a "cleaner" way without have to distribute all the build directories with sources? Thanks

  Read the article

• Command not write in buffer with Expect

  - by Romuald

  Hello, I try to backup a Linkproof device with expect script and i have some trouble. It's my first script in expect and i have reach my limits ;) #!/usr/bin/expect spawn ssh @IPADDRESS expect "username:" # Send the username, and then wait for a password prompt. send "@username\r" expect "password:" # Send the password, and then wait for a shell prompt. send "@password\r" expect "#" # Send the prebuilt command, and then wait for another shell prompt. send "system config immediate\r" #Send space to pass the pause expect -re "^ *--More--\[^\n\r]*" send "" expect -re "^ *--More--\[^\n\r]*" send "" expect -re "^ *--More--\[^\n\r]*" send "" # Capture the results of the command into a variable. This can be displayed, or written to disk. sleep 10 expect -re .* set results $expect_out(buffer) # Copy buffer in a file set config [open linkproof.txt w] puts $config $results close $config # Exit the session. expect "#" send "logout\r" expect eof The content of the output file: The authenticity of host '@IP (XXX.XXX.XXX.XXX)' can't be established. RSA key fingerprint is XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. Are you sure you want to continue connecting (yes/no)? @username Please type 'yes' or 'no': @password Please type 'yes' or 'no': system config immediate Please type 'yes' or 'no': Like you can see, the result of the command is not in the file. Could you, please, help me to understantd why ? Thanks for your help. Romuald

  Read the article

• Enable cross app redirects

  - by Gogster

  Hi all, We have load balancing set up on out two web server, however, a few users are being asked to login when they are being re-directed to a particular server to upload a document (we are trying to keep all uploaded documents on one server only), here is the code from web.config: <authentication mode="Forms"> <forms name="EAAAuthCookie" loginUrl="/login" defaultUrl="/members/home" protection="All" path="/" timeout="60000" slidingExpiration="true" enableCrossAppRedirects="true" /> </authentication> <machineKey decryption="AES" validation="SHA1" decryptionKey="7B4EC5B0C83631DF25D5B179EDDBF91B1C175B81C6F52102267D3D097FBF272A" validationKey="7D1F50788629CC342EE4985D85DE3D14F10654695912C0FFD439F54BED64F76A57A2D5E8180BC6FF052E0385C30558F5527D6C197C577A7F32DD8FF1CAC9F794" /> Here is the transfer code to the upload form: $('#addReport').click(function() { if ($.cookie('TransferURL') != '') { $("#iframeUploadReport").attr('src', $.cookie('TransferURL')); }; $('#overlay').fadeIn('slow'); }); <script type="text/C#" runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string userName = Request.Cookies["HiddenUsername"].ToString(); string cookieValue = FormsAuthentication.GetAuthCookie(userName, false).Value; Response.Cookies["TransferURL"].Value = "http://eaa.cms.necinteractive.net/members/media-upload" + String.Format("?{0}={1}", cookieName, cookieValue); } </script> <iframe id="iframeUploadReport" src="http://eaa.cms.necinteractive.net/members/media-upload" width="500px" height="336px" frameborder="0" scrolling="no"></iframe> Can you see any obvious step we are missing? Thanks

  Read the article

• Simple imeplementation of admin/staff panel?

  - by Michael Mao

  Hi all: A new project requires a simple panel(page) for admin and staff members that : Preferably will not use SSL or any digital ceritification stuff, a simple login from via http will just be fine. has basic authentication which allows only admin to login as admin, and any staff member as of the group "staff". Ideally, the "credentials(username-hashedpassword pair)" will be stored in MySQL. is simple to configure if there is a package, or the strategy is simple to code. somewhere (PHP session?) somehow (include a script at the beginning of each page to check user group before doing anything?), it will detect any invalid user attempt to access protected page and redirect him/her to the login form. while still keeps high quality in security, something I worry about the most. Frankly I am having little knowledge about Internet security, and how modern CMS such as WordPress/Joomla do with their implementation in this. I only have one thing in my mind that I need to use a salt to hash the password (SHA1?) to make sure any hacker gets the username and password pair across the net cannot use that to log into the system. And that is what the client wants to make sure. But I really not sure where to start, any ideas? Thanks a lot in advance.

  Read the article

• Setup SSL (self signed cert) with tomcat

  - by Danny

  I am mostly following this page: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html I used this command to create the keystore keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore and answered the prompts Then i edited my server.xml file and uncommented/edited this line <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/tomcat6/keystore" keystorePass="tomcat" /> then I go to the web.xml file for my project and add this into the file <security-constraint> <web-resource-collection> <web-resource-name>Security</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> When I try to run my webapp I am met with this: Unable to connect Firefox can't establish a connection to the server at localhost:8443. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. If I comment out the lines I've added to my web.xml file, the webapp works fine. My log file in /var/lib/tomcat6/logs says nothing. I can't figure out if this is a problem with my keystore file, my server.xml file or my web.xml file.... Any assistance is appreciated I am using tomcat 6 on ubuntu.

  Read the article

• Can't get automated release working with Hudson + Git + Maven Release Plugin

  - by Christopher Maier

  As the title says, I'm trying to get an automated release job working on Hudson. It's a Maven project, and all the code is in Git. Manually, I do the release on my personal machine like so: git checkout master mvn -B release:prepare release:perform This works perfectly. The Maven release plugin properly pushes the release tag to the origin repository as well as the next commit that bumps the version to the next SNAPSHOT. However, when I run this same Maven job through Hudson (either by creating my own "release" job or by using the M2 Release Plugin) it doesn't work so well. The release tag gets pushed out to the origin repository, and the release gets pushed out to our Nexus repository, but the subsequent commit that bumps the version to the next SNAPSHOT doesn't go out. Furthermore, the "master" branch in the origin repository doesn't get changed at all. I've looked in Hudson's workspace for the job, however, and the version has been updated. After looking at the output from the Hudson job, it appears that the Git plugin does not actually checkout "master", but rather it's SHA1 id. That is, if the "master" branch label points to commit "f6af76f541f1a1719e9835cdb46a183095af6861", Hudson does git checkout -f f6af76f541f1a1719e9835cdb46a183095af6861 instead of git checkout -f master As a result, the changes that the Maven release plugin is making are not actually on any branch (certainly not on "master") and these changes don't make it to the origin repository. It runs on the right code, but bookkeeping-wise, the changes seem to get lost because no branch label points to them. Has anybody gotten the Hudson + Git + Maven Release Plugin combo to work properly? Is there some additional configuration somewhere I can set to make this happen? Or is this a bug in the Hudson Git plugin? Thanks in advance.

  Read the article

• Can I recover lost commits in a SVN repository using a local tracking git-svn branch?

  - by Ian Stevens

  A SVN repo I use git-svn to track was recently corrupted and a backup was recovered. However, a week's worth of commits were lost in the recovery. Is it possible to recover those lost commits using git-svn dcommit on my local git repo? Is it sufficient to run git-svn dcommit with the SHA1 of the last recovered commit in SVN? eg. > svn info http://tracked-svn/trunk | sed -n "s/Revision: //p" 252 > git log --grep="git-svn-id:.*@252" --format=oneline | cut -f1 -d" " 55bb5c9cbb5fe11a90ec2e9e1e0c7c502908cf9a > git svn dcommit 55bb5c9cbb5fe11a90ec2e9e1e0c7c502908cf9a Or will the git-svn-id need to be stripped from the intended commits? I tried this using --dry-run but couldn't tell whether it would try to submit all commits: > git svn dcommit --verbose --dry-run 55bb5c9cbb5fe11a90ec2e9e1e0c7c502908cf9a Committing to http://tracked-svn/trunk ... dcommitted on a detached HEAD because you gave a revision argument. The rewritten commit is: 55bb5c9cbb5fe11a90ec2e9e1e0c7c502908cf9a Thanks for your help.

  Read the article

• SvnDumpFilter 2,3: Error parsing header. How to fix?

  - by flashnik

  I use SVN from Collabnet, 1.6.9 version. I tried to separate my project on two parts with SvnDumpFilter and encountered an error because some folders (includeing the one I want to separate) had been moved. Then I googled that SvnDumpFilter 2 and 3 can solve this problem. I tried to use them but in both cases encountered an error: Error parsing header. Here is the beginning of source dump: SVN-fs-dump-format-version: 2 UUID: REP_GUID Revision-number: 0 Prop-content-length: 56 Content-length: 56 K 8 svn:date V 27 2008-10-28T07:01:45.445155Z PROPS-END Revision-number: 1 Prop-content-length: 151 Content-length: 151 K 7 svn:log V 48 ?±???·???µ??-?‡?°???‚??, ?????‚?????°?? ?±?‹?»?° K 10 svn:author V 8 flashnik K 8 svn:date V 27 2008-10-29T20:18:56.633888Z PROPS-END Node-path: Foo Node-kind: dir Node-action: add Prop-content-length: 10 Content-length: 10 PROPS-END Node-path: Foo/Bar Node-kind: dir Node-action: add Prop-content-length: 10 Content-length: 10 PROPS-END Node-path: Foo/Bar/example.doc Node-kind: file Node-action: add Prop-content-length: 59 Text-content-length: 181248 Text-content-md5: f14c77a031ab2de001ac5239427ceded Text-content-sha1: 95470e8d29bf76b00485c4fa33f4029f5c2386cb Content-length: 181307 K 13 svn:mime-type V 24 application/octet-stream ....Some binary code and so on SvnDumpFilter3 produces following part before dying: SVN-fs-dump-format-version: 2 UUID: REP_GUID Revision-number: 0 Prop-content-length: 56 Content-length: 56 K 8 svn:date V 27 2008-10-28T07:01:45.445155Z PROPS-END Revision-number: 1 Prop-content-length: 151 Content-length: 151 K 7 svn:log V 48 ?±???·???µ??-?‡?°???‚??, ?????‚?????°?? ?±?‹?»?° K 10 svn:author V 8 flashnik K 8 svn:date V 27 2008-10-29T20:18:56.633888Z PROPS-END What's wrong? How to fix it? Does it work with my subversion version?

  Read the article

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >