Search Results

Search found 4695 results on 188 pages for 'david chu ca'.

Page 51/188 | < Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >

  • Sorting linked lists in Pascal

    - by user3712174
    I'm doing my final project for Informatics class and I can't get my sorting procedure to work. Have a look at my program, specifically the bolded part (some things are in Croatian. - if you need something translated, let me know): type pokazivac=^slog; slog=record prezime_ime:string[30]; redni_broj:string[2]; fakultet:string[50]; bodovi:integer; sljedeci:pokazivac; end; var pocetni, trenutni, prethodni:pokazivac; i:integer; procedure racunaj; var i,a,c:integer; b,d,e,f,g,h,j:real; begin write('Postotak bodova (u decimalnom zapisu) koje ucenik ostvaruje na temelju prosjeka ocjena - '); readln(e); e:=e*1000/4; write('Prosjek ocjena u prvom razredu : '); readln(f); f:=f/5*e; write('Prosjek ocjena u drugom razredu : '); readln(g); g:=g/5*e; write('Prosjek ocjena u trecem razredu : '); readln(h); h:=h/5*e; write('Prosjek ocjena u cetvrtom razredu : '); readln(j); j:=j/5*e; d:=f+g+h+j; write('Broj predmeta (ne racunajuci hrvatski jezik, strani jezik i matematiku) koju je ucenik/ca polagao na maturi - '); readln(a); write('Postotak rijesnosti ispita iz hrvatskog jezika te zatim maksimum bodova koje je ucenik/ca mogao ostvariti - '); readln(b); readln(c); d:=d+b*c; write('Postotak rijesnosti ispita iz stranog jezika te zatim maksimum bodova koje je ucenik/ca mogao ostvariti - '); readln(b); readln(c); d:=d+(b*c); write('Postotak rijesnosti ispita iz matematike te zatim maksimum bodova koje je ucenik/ca mogao ostvariti - '); readln(b); readln(c); d:=d+(b*c); for i:=1 to a do begin writeln('Postotak rijesnosti dodatnog predmeta te zatim maksimum bodova koje je ucenik/ca mogao ostvariti - '); readln(b); readln(c); d:=d+(b*c); end; d:=round(d); writeln('Vas broj bodova je: ', d:4:2); write('Za nastavak pritisnite ENTER..'); readln; end; procedure unos; begin new(trenutni); write('Redni broj ucenika - ');readln(trenutni^.redni_broj); write('Prezime i ime - ');readln(trenutni^.prezime_ime); write('Naziv fakultet - ');readln(trenutni^.fakultet); write('Bodovi - ');readln(trenutni^.bodovi); trenutni^.sljedeci:=pocetni; pocetni:=trenutni; end; procedure ispis; begin writeln(); writeln('Lista popisanih ucenika:'); writeln(); trenutni:=pocetni; while trenutni<>NIL do begin with trenutni^do begin writeln('IME: ',prezime_ime); writeln('FAKULTET: ',fakultet); writeln('BODOVI: ',bodovi); writeln(); end; trenutni:=trenutni^.sljedeci; end; writeln(); write('Za nastavak pritisnite ENTER..'); readln; end; procedure brisi; var s:string; begin trenutni:= pocetni; prethodni:=pocetni; write('Redni broj ucenika kojeg zelite izbrisati - '); readln(s); while trenutni<>NIL do begin if trenutni^.redni_broj=s then begin prethodni^.sljedeci:=trenutni^.sljedeci; dispose(trenutni); break; end; trenutni:=trenutni^.sljedeci; end; end; procedure izmjeni; var s:string; begin trenutni:=pocetni; write('Redni broj ucenika cije podatke zelite izmijeniti - '); readln(s); while trenutni<> NIL do begin if trenutni^.redni_broj=s then begin write(trenutni^.prezime_ime, ' - '); readln(trenutni^.prezime_ime); write(trenutni^.fakultet, ' - '); readln(trenutni^.fakultet); write(trenutni^.bodovi, ' - '); readln(trenutni^.bodovi); break; end; trenutni:=trenutni^.sljedeci; end; end; **procedure sortiraj; var t1,t2,t:pokazivac; begin t1:=pocetni; while t1 <> NIL do begin t2:=t1^.sljedeci; while t2<>NIL do if t2^.bodovi<t1^.bodovi then begin new(t); t^.redni_broj:=t1^.redni_broj; t^.prezime_ime:=t1^.prezime_ime; t^.fakultet:=t1^.fakultet; t^.bodovi:=t1^.bodovi; t1^.redni_broj:=t2^.redni_broj; t1^.prezime_ime:=t2^.prezime_ime; t1^.fakultet:=t2^.fakultet; t1^.bodovi:=t2^.bodovi; t2^.redni_broj:=t^.redni_broj; t2^.prezime_ime:=t^.prezime_ime; t2^.fakultet:=t^.fakultet; t2^.bodovi:=t^.bodovi; dispose(t); end; t2:=t2^.sljedeci; end; t1:=t1^.sljedeci; write('Za nastavak pritisnite ENTER..'); readln; end;** begin pocetni:=NIL; trenutni:=NIL; writeln('******************************************'); writeln('**********DOBRODOSLI U FAX-O-MAT**********'); writeln('******************************************'); repeat writeln('1 - Racunaj broj bodova'); writeln('2 - Dodaj ucenika'); writeln('3 - Brisi ucenika'); writeln('4 - Ispis liste'); writeln('5 - Izmjeni podatke'); writeln('6 - Sortiraj listu prema broju bodova'); writeln('0 - Kraj'); readln(i); case i of 1:racunaj; 2:unos; 3:brisi; 4:ispis; 5:izmjeni; 6:sortiraj; end; until i=0; end. Either it crashes with a fatal error, or when I press the number 6, nothing happens. The pointer keeps blinking and I can't enter any more numbers.

    Read the article

  • help me improve my sse yuv to rgb ssse3 code

    - by David McPaul
    Hello, I am looking to optimise some sse code I wrote for converting yuv to rgb (both planar and packed yuv functions). i am using SSSE3 at the moment but if there are useful functions from later sse versions thats ok. I am mainly interested in how I would work out processor stalls and the like. Anyone know of any tools that do static analysis of sse code? ; ; Copyright (C) 2009-2010 David McPaul ; ; All rights reserved. Distributed under the terms of the MIT License. ; ; A rather unoptimised set of ssse3 yuv to rgb converters ; does 8 pixels per loop ; inputer: ; reads 128 bits of yuv 8 bit data and puts ; the y values converted to 16 bit in xmm0 ; the u values converted to 16 bit and duplicated into xmm1 ; the v values converted to 16 bit and duplicated into xmm2 ; conversion: ; does the yuv to rgb conversion using 16 bit integer and the ; results are placed into the following registers as 8 bit clamped values ; r values in xmm3 ; g values in xmm4 ; b values in xmm5 ; outputer: ; writes out the rgba pixels as 8 bit values with 0 for alpha ; xmm6 used for scratch ; xmm7 used for scratch %macro cglobal 1 global _%1 %define %1 _%1 align 16 %1: %endmacro ; conversion code %macro yuv2rgbsse2 0 ; u = u - 128 ; v = v - 128 ; r = y + v + v >> 2 + v >> 3 + v >> 5 ; g = y - (u >> 2 + u >> 4 + u >> 5) - (v >> 1 + v >> 3 + v >> 4 + v >> 5) ; b = y + u + u >> 1 + u >> 2 + u >> 6 ; subtract 16 from y movdqa xmm7, [Const16] ; loads a constant using data cache (slower on first fetch but then cached) psubsw xmm0,xmm7 ; y = y - 16 ; subtract 128 from u and v movdqa xmm7, [Const128] ; loads a constant using data cache (slower on first fetch but then cached) psubsw xmm1,xmm7 ; u = u - 128 psubsw xmm2,xmm7 ; v = v - 128 ; load r,b with y movdqa xmm3,xmm0 ; r = y pshufd xmm5,xmm0, 0xE4 ; b = y ; r = y + v + v >> 2 + v >> 3 + v >> 5 paddsw xmm3, xmm2 ; add v to r movdqa xmm7, xmm1 ; move u to scratch pshufd xmm6, xmm2, 0xE4 ; move v to scratch psraw xmm6,2 ; divide v by 4 paddsw xmm3, xmm6 ; and add to r psraw xmm6,1 ; divide v by 2 paddsw xmm3, xmm6 ; and add to r psraw xmm6,2 ; divide v by 4 paddsw xmm3, xmm6 ; and add to r ; b = y + u + u >> 1 + u >> 2 + u >> 6 paddsw xmm5, xmm1 ; add u to b psraw xmm7,1 ; divide u by 2 paddsw xmm5, xmm7 ; and add to b psraw xmm7,1 ; divide u by 2 paddsw xmm5, xmm7 ; and add to b psraw xmm7,4 ; divide u by 32 paddsw xmm5, xmm7 ; and add to b ; g = y - u >> 2 - u >> 4 - u >> 5 - v >> 1 - v >> 3 - v >> 4 - v >> 5 movdqa xmm7,xmm2 ; move v to scratch pshufd xmm6,xmm1, 0xE4 ; move u to scratch movdqa xmm4,xmm0 ; g = y psraw xmm6,2 ; divide u by 4 psubsw xmm4,xmm6 ; subtract from g psraw xmm6,2 ; divide u by 4 psubsw xmm4,xmm6 ; subtract from g psraw xmm6,1 ; divide u by 2 psubsw xmm4,xmm6 ; subtract from g psraw xmm7,1 ; divide v by 2 psubsw xmm4,xmm7 ; subtract from g psraw xmm7,2 ; divide v by 4 psubsw xmm4,xmm7 ; subtract from g psraw xmm7,1 ; divide v by 2 psubsw xmm4,xmm7 ; subtract from g psraw xmm7,1 ; divide v by 2 psubsw xmm4,xmm7 ; subtract from g %endmacro ; outputer %macro rgba32sse2output 0 ; clamp values pxor xmm7,xmm7 packuswb xmm3,xmm7 ; clamp to 0,255 and pack R to 8 bit per pixel packuswb xmm4,xmm7 ; clamp to 0,255 and pack G to 8 bit per pixel packuswb xmm5,xmm7 ; clamp to 0,255 and pack B to 8 bit per pixel ; convert to bgra32 packed punpcklbw xmm5,xmm4 ; bgbgbgbgbgbgbgbg movdqa xmm0, xmm5 ; save bg values punpcklbw xmm3,xmm7 ; r0r0r0r0r0r0r0r0 punpcklwd xmm5,xmm3 ; lower half bgr0bgr0bgr0bgr0 punpckhwd xmm0,xmm3 ; upper half bgr0bgr0bgr0bgr0 ; write to output ptr movntdq [edi], xmm5 ; output first 4 pixels bypassing cache movntdq [edi+16], xmm0 ; output second 4 pixels bypassing cache %endmacro SECTION .data align=16 Const16 dw 16 dw 16 dw 16 dw 16 dw 16 dw 16 dw 16 dw 16 Const128 dw 128 dw 128 dw 128 dw 128 dw 128 dw 128 dw 128 dw 128 UMask db 0x01 db 0x80 db 0x01 db 0x80 db 0x05 db 0x80 db 0x05 db 0x80 db 0x09 db 0x80 db 0x09 db 0x80 db 0x0d db 0x80 db 0x0d db 0x80 VMask db 0x03 db 0x80 db 0x03 db 0x80 db 0x07 db 0x80 db 0x07 db 0x80 db 0x0b db 0x80 db 0x0b db 0x80 db 0x0f db 0x80 db 0x0f db 0x80 YMask db 0x00 db 0x80 db 0x02 db 0x80 db 0x04 db 0x80 db 0x06 db 0x80 db 0x08 db 0x80 db 0x0a db 0x80 db 0x0c db 0x80 db 0x0e db 0x80 ; void Convert_YUV422_RGBA32_SSSE3(void *fromPtr, void *toPtr, int width) width equ ebp+16 toPtr equ ebp+12 fromPtr equ ebp+8 ; void Convert_YUV420P_RGBA32_SSSE3(void *fromYPtr, void *fromUPtr, void *fromVPtr, void *toPtr, int width) width1 equ ebp+24 toPtr1 equ ebp+20 fromVPtr equ ebp+16 fromUPtr equ ebp+12 fromYPtr equ ebp+8 SECTION .text align=16 cglobal Convert_YUV422_RGBA32_SSSE3 ; reserve variables push ebp mov ebp, esp push edi push esi push ecx mov esi, [fromPtr] mov edi, [toPtr] mov ecx, [width] ; loop width / 8 times shr ecx,3 test ecx,ecx jng ENDLOOP REPEATLOOP: ; loop over width / 8 ; YUV422 packed inputer movdqa xmm0, [esi] ; should have yuyv yuyv yuyv yuyv pshufd xmm1, xmm0, 0xE4 ; copy to xmm1 movdqa xmm2, xmm0 ; copy to xmm2 ; extract both y giving y0y0 pshufb xmm0, [YMask] ; extract u and duplicate so each u in yuyv becomes u0u0 pshufb xmm1, [UMask] ; extract v and duplicate so each v in yuyv becomes v0v0 pshufb xmm2, [VMask] yuv2rgbsse2 rgba32sse2output ; endloop add edi,32 add esi,16 sub ecx, 1 ; apparently sub is better than dec jnz REPEATLOOP ENDLOOP: ; Cleanup pop ecx pop esi pop edi mov esp, ebp pop ebp ret cglobal Convert_YUV420P_RGBA32_SSSE3 ; reserve variables push ebp mov ebp, esp push edi push esi push ecx push eax push ebx mov esi, [fromYPtr] mov eax, [fromUPtr] mov ebx, [fromVPtr] mov edi, [toPtr1] mov ecx, [width1] ; loop width / 8 times shr ecx,3 test ecx,ecx jng ENDLOOP1 REPEATLOOP1: ; loop over width / 8 ; YUV420 Planar inputer movq xmm0, [esi] ; fetch 8 y values (8 bit) yyyyyyyy00000000 movd xmm1, [eax] ; fetch 4 u values (8 bit) uuuu000000000000 movd xmm2, [ebx] ; fetch 4 v values (8 bit) vvvv000000000000 ; extract y pxor xmm7,xmm7 ; 00000000000000000000000000000000 punpcklbw xmm0,xmm7 ; interleave xmm7 into xmm0 y0y0y0y0y0y0y0y0 ; extract u and duplicate so each becomes 0u0u punpcklbw xmm1,xmm7 ; interleave xmm7 into xmm1 u0u0u0u000000000 punpcklwd xmm1,xmm7 ; interleave again u000u000u000u000 pshuflw xmm1,xmm1, 0xA0 ; copy u values pshufhw xmm1,xmm1, 0xA0 ; to get u0u0 ; extract v punpcklbw xmm2,xmm7 ; interleave xmm7 into xmm1 v0v0v0v000000000 punpcklwd xmm2,xmm7 ; interleave again v000v000v000v000 pshuflw xmm2,xmm2, 0xA0 ; copy v values pshufhw xmm2,xmm2, 0xA0 ; to get v0v0 yuv2rgbsse2 rgba32sse2output ; endloop add edi,32 add esi,8 add eax,4 add ebx,4 sub ecx, 1 ; apparently sub is better than dec jnz REPEATLOOP1 ENDLOOP1: ; Cleanup pop ebx pop eax pop ecx pop esi pop edi mov esp, ebp pop ebp ret SECTION .note.GNU-stack noalloc noexec nowrite progbits

    Read the article

  • SSAS Compare: an intern’s journey

    - by Red Gate Software BI Tools Team
    About a month ago, David mentioned an intern working in the BI Tools Team. That intern happens to be me! In five weeks’ time, I’ll start my second year of Computer Science at the University of Cambridge and be a full-time student again, but for the past eight weeks, I’ve been living a completely different life. As Jon mentioned before, the teams here at Red Gate are small and everyone (including the interns!) is responsible for the product as a whole. I’ve attended planning sessions, UX tests, daily meetings, and everything else a full-time member of the team would; I had as much say in where we would go next with the product as anyone; I was able to see that what I was doing was an important part of the product from the feedback we got in the UX tests. All these things almost made me forget that this is just an internship and not my full-time job. First steps at Red Gate Being based in Cambridge, Red Gate has many Cambridge university graduates working for them. They also hire some Cambridge undergraduates for internships each summer. With its popularity with university graduates and its great working environment, Red Gate has managed to build up a great reputation. When I thought of doing an internship here in Cambridge, Red Gate just seemed to be the obvious choice for my first real work experience. On my first day at Red Gate, David, the lead developer for SSAS Compare, helped me settle in and explained what I’d be doing. My task was to improve the user experience of displaying differences between MDX scripts by syntax highlighting, script formatting, and improving the difference identification in the first place. David suggested how I should approach the problem, but left all the details and design decisions to me. That was when I realised how much independence and responsibility I’d have. What I’ve done If you launch the latest version of SSAS Compare and drill down to an MDX script difference, you can see the changes that have been made. In earlier versions, you could only see the scripts in plain text on both sides — either in black or grey, depending on whether they were the same or not. However, you couldn’t see exactly where the scripts were different, which was especially annoying when the two scripts were large – as they often are. Furthermore, if parts of the two scripts were formatted differently, they seemed to be different but were actually the same, which caused even more confusion and made it difficult to see where the differences were. All these issues have been fixed now. The two scripts are automatically formatted by the tool so that if two things are syntactically equivalent, they look the same – including case differences in keywords! The actual difference is highlighted in grey, which makes them easy to spot. The difference identification has been improved as well, so two scripts aren’t identified as different if there’s just a difference in meaningless whitespace characters, or when you have “select” on one side and “SELECT” on the other. We also have syntax highlighting, which makes it easier to read the scripts. How I did it In order to do the formatting properly, we decided to parse the MDX scripts. After some investigation into parser builders, I decided to go with the GOLD Parser builder and the bsn-goldparser .NET engine. GOLD Parser builder provides a fairly nice GUI to write, build, and test grammar in. We also liked the idea of separating the grammar building from parsing a text. The bsn-goldparser is one of many .NET engines for GOLD, and although it doesn’t support the newest features of GOLD Parser, it has “the ability to map semantic action classes to terminals or reduction rules, so that a completely functional semantic AST can be created directly without intermediate token AST representation, and without the need for glue code.” That makes it much easier for us to change the implementation in our program when we change the grammar. As bsn-goldparser is open source, and I wanted some more features in it, I contributed two new features which have now been merged to the project. Unfortunately, there wasn’t an MDX grammar written for GOLD already, so I had to write it myself. I was referencing MSDN to get the formal grammar specification, but the specification was all over the place, so it wasn’t that easy to implement and find. We’re aware that we don’t yet fully support all valid MDX, so sometimes you’ll just see the MDX script difference displayed the old way. In that case, there is some grammar construct we don’t yet recognise. If you come across something SSAS Compare doesn’t recognise, we’d love to hear about it so we can add it to our grammar. When some MDX script gets parsed, a tree is produced. That tree can then be processed into a list of inlines which deal with the correct formatting and can be outputted to the screen. Doing all this has led me to many new technologies and projects I haven’t worked with before. This was my first experience with C# and Visual Studio, although I have done things in Java before. I have learnt how to unit test with NUnit, how to do dependency injection with Ninject, how to source-control code with SVN and Mercurial, how to build with TeamCity, how to use GOLD, and many other things. What’s coming next Sadly, my internship comes to an end this week, so there will be less development on MDX difference view for a while. But the team is going to work on marking the differences better and making it consistent with difference indication in the top part of comparison window, and will keep adding support for more MDX grammar so you can see the differences easily in every comparison you make. So long! And maybe I’ll see you next summer!

    Read the article

  • Upcoming EMEA, APAC & US Events with MySQL in 2014

    - by Lenka Kasparova
    As an update to the previous announcement from Mar 25, 2014 please find below the updated list of events where MySQL Community team is attending and/or supporting. This time you can find not only EMEA & APAC ones but also conferences & events we are covering in the US & Canada. You are invited to meet our engineers at the events below.   EMEA  NEW!! BGOUG, Sandanski, Bulgaria, June 13, 2014  Georgi Kodinov will attend and speak at this local Oracle User Group event. Feel free to come. PHP Tour Lyon, Lyon, France, June 23-24, 2014 MySQL team is going to be part of this show as well, we are not going to have a booth here but very active networking by our french MySQL team around the event. Come to meet us and talk to us! NEW!! Converge Conference, Glasgow, Scotland, August 15-16, 2014  MySQL Community Manager, David Stokes attends with MySQL talk. NEW!! CakeFest, Madrid, Spain, August 21-24, 2014  A talk on "Scaling Your MySQL instances AND keeping your Sanity" will be given by the MySQL Community Manager, David Stokes. Froscon 2014, St.Augustin, Germany, August 23-24, 2014 Please visit our booth as well as watch the Froscon website for the schedule updates. NEW!! SymfonyLive, UK, London, September 25-26, 2014 MySQL Community Magers, David Stokes & Morgan Tocker submitted MySQL talks for this show. Schedule will be announced later on. DrupalCon Amsterdam, The Netherlands, September 29-Oct 3, 2014 Meet us at our booth at DrupalCon Amsterdam. For the schedule please watch the DrupalCon website. All Your Base, Oxford UK, October 17, 2014  Come to visit our MySQL booth and talk to our MySQL experts. NEW!! WebTechCon / IPC, Munich Germany, October 26-29, 2014 NEW!! DOAG, Nuremberg, Germany, November 18-20, 2014 There will be a full day of MySQL talks and one full day of MySQL workshop & sessions with live demo. This event is simply hard to miss! NEW!! Forum PHP Paris, France, November 21-22, 2014 More details: TBD NEW!! UK OUG, Liverpool, UK, December 8-10, 2014 MySQL will be part of the Oracle booth and we hope to get more space for MySQL talks.  USA NEW!! Texas Linux Fest, Austin, Texas, US, June 13-14, 2014 NEW!! SouthEast Linux Fest, Charlotte, US, June 20-22, 2014 NEW!! Debian Conference 2014, Portland, OR, US, August 23-31, 2014 NEW!! FossetCon, Orlando, US, September 11-13, 2014 NEW!! Oracle Open World, San Francisco, US, September 29-October 3, 2014 NEW!! MySQL Central @ Open/World, San Francisco, US, September 29-October 3, 2014 NEW!! PyTexas 2014, Dallas, TX, US, October 3-5, 2014 NEW!! All Things Open (replacing POSSCON), Raleigh, NC, October 23-24, 2014 NEW!! Ohio LinuxFest 2014, Columbus, Ohio, US, October 24-25, 2014 NEW!! ZendCon PHP, Santa Clara, US, October 27-30, 2014 NEW!! Kuali Days 2014, Indianapolis, US, November 10-13, 2014 NEW!! Live 360, Orlando, FL, US, November 17-20, 2014 APAC OpenSourceConference Japan, Hokkaido, June 13-14, 2014 MySQL is represented by Ryusuke Kajiyama with the talk on "MySQL Technology Updates". NEW!! db tech showcase, Osaka Japan, June 18-20, 2014 Three MySQL talks are scheduled for this show, "MySQL for Oracle DBA" & "MySQL Technology Updates" by Ryusuke Kajiyama. The last talk will be on MySQL Fabric by Yoshiaki Yamasaki. NEW!! PyCon Singapore, Singapore, June 18-20, 2014 Ryusuke Kajiyama will be talking about "Sharding and scale-out using Python-based MySQL Fabric". NEW!! COSCUP, Taipei, Taiwan, July 19-20, 2014 We are going to run a technical session on MySQL Workbench & one talk on how to make MySQL better MySQL. NEW!! PyCon New Zealand, Wellington, New Zealand, September 13-14, 2014 MySQL talks were submitted as well as one talk by Solaris Modernization team on Python & Solaris, watch the website for schedule updates. NEW!! PyCon Japan, Tokyo Japan, September 13-15, 2014 MySQL will be a MySQL session speaker, no schedule is announced yet. Ruby Kaigi, Tokyo, Japan, September 18-20, 2014 Another event MySQL supports and attends in APAC region. Ruby Kaigi is the international Ruby Conference in Japan, Tokyo. Ruby started in Japan, so Ruby Kaigi has excellent speakers and developers! MySQL team is going to be present at this conference with MySQL talks and active networking around the venue. NEW!! PyCon India, Bangalore, India, September 26-28, 2014 A MySQL talk on "MySQL Utilities scaling MySQL with Python" has been submitted, please watch the PyCon website for the schedule updates. NEW!! OpenSourceConference Japan, Tokyo, October 18-19, 2014 NEW!! OpenSource India, Bengaluru, India, November 7-8, 2014 NEW!! OpenSourceConference Japan, Fukuoka, November 14-15, 2014 You can check the MySQL wikis for updates on the conferences we are attending. Next time I hope to have more details for each event above (especially for the US ones).

    Read the article

  • iPack -The iOS Application Packager

    - by user13277780
    iOS applications are distributed in .ipa archive files. These files are regular zip files which contain application resources and executable-s. To protect them from unauthorized modifications and to provide identification of their sources, the content of the archives is signed. The signature is included in the application executable of an.ipa archive and protects the executable file itself and the associated resource files. Apple provides native Mac OS tools for signing iOS executable-s (which are actually generic Mach-O code signing tools), but these tools are not generally available on other platforms. To provide a multi-platform development environment for JavaFX based iOS applications, we ported iOS signing and packaging to Java and created a dedicated ipack tool for it. The iPack tool can be used as a last step of creating .ipa package on various operating systems. Prototype has been tested by creating a final distributable for JavaFX application that runs on iPad, all done on Windows 7. Source Code The source code of iPac tool is in OpenJFX project repository. You can find it in: <openjfx root>/rt/tools/ios/Maven/ipack To build the iPack tool use: rt/tools/ios/Maven/ipack$ mvn package After building, you can run the tool: java -jar <path to ipack.jar> <arguments>  Signing keystore The tool uses a java key store to read the signing certificate and the associated private key. To prepare such keystore users can use keytool from JDK. One possible scenario is to import an existing private key and the certificate from a key store used on Mac OS: To list the content of an existing key store and identify the source alias: keytool -list -keystore <src keystore>.p12 -storetype pkcs12 -storepass <src keystore password> To create Java key store and import the private key with its certificate to the keys store: keytool -importkeystore \ -destkeystore <dst keystore> -deststorepass <dst keystore password> \ -srckeystore <src keystore>.p12 -srcstorepass <src keystore password> -srcstoretype pkcs12 \ -srcalias <src alias> -destalias <dst alias> -destkeypass <dst key password> Another scenario would be to generate a private / public key pair directly in a Java key store and create a certificate request from it. After sending the request to Apple one can then import the certificate response back to the Java key store and complete the signing certificate entry. In both scenarios the resulting alias in the Java key store will contain only a single (leaf) certificate. This can be verified with the following command: keytool -list -v -keystore <ipack keystore> -storepass <keystore password> When looking at the Certificate chain length entry, the number next to it is 1. When an executable file is signed on Mac OS, the resulting signature (in CMS format) includes the whole certificate chain up to the Apple Root CA. The ipack tool includes only the chain which is stored under the alias specified on the command line. So to have the whole chain in the signature we need to replace the single certificate entry under the alias with the corresponding full certificate chain. To do that we need first to create the chain in a separate file. It is easy to create such chain when working with certificates in Base-64 encoded PEM format. A certificate chain can be created by concatenating PEM certificates, which should form the chain, into a single file. For iOS signing we need the following certificates in our chain: Apple Root CA Apple Worldwide Developer Relations CA Our signing leaf certificate To convert a certificate from the binary DER format (.der, .cer) to PEM format: keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert -file <certificate>.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert -rfc -file <certificate>.pem To export the signing certificate into PEM format: keytool -exportcert -keystore <ipack keystore> -storepass <keystore password> -alias <signing alias> -rfc -file SigningCert.pem After constructing a chain from AppleIncRootCertificate.pem, AppleWWDRCA.pem andSigningCert.pem, it can be imported back into the keystore with: keytool -importcert -noprompt -keystore <ipack keystore> -storepass <keystore password> -alias <signing alias> -keypass <key password> -file SigningCertChain.pem To summarize, the following example shows the full certificate chain replacement process: keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert1 -file AppleIncRootCertificate.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert1 -rfc -file AppleIncRootCertificate.pem keytool -importcert -noprompt -keystore temp.ks -storepass temppwd -alias tempcert2 -file AppleWWDRCA.cer keytool -exportcert -keystore temp.ks -storepass temppwd -alias tempcert2 -rfc -file AppleWWDRCA.pem keytool -exportcert -keystore ipack.ks -storepass keystorepwd -alias mycert -rfc -file SigningCert.pem cat SigningCert.pem AppleWWDRCA.pem AppleIncRootCertificate.pem >SigningCertChain.pem keytool -importcert -noprompt -keystore ipack.ks -storepass keystorepwd -alias mycert -keypass keypwd -file SigningCertChain.pem keytool -list -v -keystore ipack.ks -storepass keystorepwd Usage When the ipack tool is started with no arguments it prints the following usage information: -appname MyApplication -appid com.myorg.MyApplication     Usage: ipack <archive> <signing opts> <application opts> [ <application opts> ... ] Signing options: -keystore <keystore> keystore to use for signing -storepass <password> keystore password -alias <alias> alias for the signing certificate chain and the associated private key -keypass <password> password for the private key Application options: -basedir <directory> base directory from which to derive relative paths -appdir <directory> directory with the application executable and resources -appname <file> name of the application executable -appid <id> application identifier Example: ipack MyApplication.ipa -keystore ipack.ks -storepass keystorepwd -alias mycert -keypass keypwd -basedir mysources/MyApplication/dist -appdir Payload/MyApplication.app -appname MyApplication -appid com.myorg.MyApplication    

    Read the article

  • Quick guide to Oracle IRM 11g: Configuring SSL

    - by Simon Thorpe
    Quick guide to Oracle IRM 11g index So far in this guide we have an IRM Server up and running, however I skipped over SSL configuration in the previous article because I wanted to focus in more detail now. You can, if you wish, not bother with setting up SSL, but considering this is a security technology it is worthwhile doing. Contents Setting up a one way, self signed SSL certificate in WebLogic Setting up an official SSL certificate in Apache 2.x Configuring Apache to proxy traffic to the IRM server There are two common scenarios in which an Oracle IRM server is configured. For a development or evaluation system, people usually communicate directly to the WebLogic Server running the IRM service. However in a production environment and for some proof of concept evaluations that require a setup reflecting a production system, the traffic to the IRM server travels via a web server proxy, commonly Apache. In this guide we are building an Oracle Enterprise Linux based IRM service and this article will go over the configuration of SSL in WebLogic and also in Apache. Like in the past articles, we are going to use two host names in the configuration below,irm.company.com will refer to the public Apache server irm.company.internal will refer to the internal WebLogic IRM server Setting up a one way, self signed SSL certificate in WebLogic First lets look at creating just a simple self signed SSL certificate to be used in WebLogic. This is a quick and easy way to get SSL working in your environment, however the downside is that no browsers are going to trust this certificate you create and you'll need to manually install the certificate onto any machine's communicating with the server. This is fine for development or when you have only a few users evaluating the system, but for any significant use it's usually better to have a fully trusted certificate in use and I explain that in the next section. But for now lets go through creating, installing and testing a self signed certificate. We use a library in Java to create the certificates, open a console and running the following commands. Note you should choose your own secure passwords whenever you see password below. [oracle@irm /] source /oracle/middleware/wlserver_10.3/server/bin/setWLSEnv.sh [oracle@irm /] cd /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/ [oracle@irm /] java utils.CertGen -selfsigned -certfile MyOwnSelfCA.cer -keyfile MyOwnSelfKey.key -keyfilepass password -cn "irm.oracle.demo" [oracle@irm /] java utils.ImportPrivateKey -keystore MyOwnIdentityStore.jks -storepass password -keypass password -alias trustself -certfile MyOwnSelfCA.cer.pem -keyfile MyOwnSelfKey.key.pem -keyfilepass password [oracle@irm /] keytool -import -trustcacerts -alias trustself -keystore TrustMyOwnSelf.jks -file MyOwnSelfCA.cer.der -keyalg RSA We now have two Java Key Stores, MyOwnIdentityStore.jks and TrustMyOwnSelf.jks. These contain keys and certificates which we will use in WebLogic Server. Now we need to tell the IRM server to use these stores when setting up SSL connections for incoming requests. Make sure the Admin server is running and login into the WebLogic Console at http://irm.company.intranet:7001/console and do the following; In the menu on the left, select the + next to Environment to expose the submenu, then click on Servers. You will see two servers in the list, AdminServer(admin) and IRM_server1. If the IRM server is running, shut it down either by hitting CONTROL + C in the console window it was started from, or you can switch to the CONTROL tab, select IRM_server1 and then select the Shutdown menu and then Force Shutdown Now. In the Configuration tab select IRM_server1 and switch to the Keystores tab. By default WebLogic Server uses it's own demo identity and trust. We are now going to switch to the self signed one's we've just created. So select the Change button and switch to Custom Identity and Custom Trust and hit save. Now we have to complete the resulting fields, the setting's i've used in my evaluation server are below. IdentityCustom Identity Keystore: /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/MyOwnIdentityStore.jks Custom Identity Keystore Type: JKS Custom Identity Keystore Passphrase: password Confirm Custom Identity Keystore Passphrase: password TrustCustom Trust Keystore: /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/TrustMyOwnSelf.jks Custom Trust Keystore Type: JKS Custom Trust Keystore Passphrase: password Confirm Custom Trust Keystore Passphrase: password Now click on the SSL tab for the IRM_server1 and enter in the alias and passphrase, in my demo here the details are; IdentityPrivate Key Alias: trustself Private Key Passphrase: password Confirm Private Key Passphrase: password And hit save. Now lets test a connection to the IRM server over HTTPS using SSL. Go back to a console window and start the IRM server, a quick reminder on how to do this is... [oracle@irm /] cd /oracle/middleware/user_projects/domains/irm_domain/bin [oracle@irm /] ./startManagedWeblogic IRM_server1 Once running, open a browser and head to the SSL port of the server. By default the IRM server will be listening on the URL https://irm.company.intranet:16101/irm_rights. Note in the example image on the right the port is 7002 because it's a system that has the IRM services installed on the Admin server, this isn't typical (or advisable). Your system is going to have a separate managed server which will be listening on port 16101. Once you open this address you will notice that your browser is going to complain that the server certificate is untrusted. The images on the right show how Firefox displays this error. You are going to be prompted every time you create a new SSL session with the server, both from the browser and more annoyingly from the IRM Desktop. If you plan on always using a self signed certificate, it is worth adding it to the Windows certificate store so that when you are accessing sealed content you do not keep being informed this certificate is not trusted. Follow these instructions (which are for Internet Explorer 8, they may vary for your version of IE.) Start Internet Explorer and open the URL to your IRM server over SSL, e.g. https://irm.company.intranet:16101/irm_rights. IE will complain that about the certificate, click on Continue to this website (not recommended). From the IE Tools menu select Internet Options and from the resulting dialog select Security and then click on Trusted Sites and then the Sites button. Add to the list of trusted sites a URL which mates the server you are accessing, e.g. https://irm.company.intranet/ and select OK. Now refresh the page you were accessing and next to the URL you should see a red cross and the words Certificate Error. Click on this button and select View Certificates. You will now see a dialog with the details of the self signed certificate and the Install Certificate... button should be enabled. Click on this to start the wizard. Click next and you'll be asked where you should install the certificate. Change the option to Place all certificates in the following store. Select browse and choose the Trusted Root Certification Authorities location and hit OK. You'll then be prompted to install the certificate and answer yes. You also need to import the root signed certificate into the same location, so once again select the red Certificate Error option and this time when viewing the certificate, switch to the Certification Path tab and you should see a CertGenCAB certificate. Select this and then click on View Certificate and go through the same process as above to import the certificate into the store. Finally close all instances of the IE browser and re-access the IRM server URL again, this time you should not receive any errors. Setting up an official SSL certificate in Apache 2.x At this point we now have an IRM server that you can communicate with over SSL. However this certificate isn't trusted by any browser because it's path of trust doesn't end in a recognized certificate authority (CA). Also you are communicating directly to the WebLogic Server over a non standard SSL port, 16101. In a production environment it is common to have another device handle the initial public internet traffic and then proxy this to the WebLogic server. The diagram below shows a very simplified view of this type of deployment. What i'm going to walk through next is configuring Apache to proxy traffic to a WebLogic server and also to use a real SSL certificate from an official CA. First step is to configure Apache to handle incoming requests over SSL. In this guide I am configuring the IRM service in Oracle Enterprise Linux 5 update 3 and Apache 2.2.3 which came with OpenSSL and mod_ssl components. Before I purchase an SSL certificate, I need to generate a certificate request from the server. Oracle.com uses Verisign and for my own personal needs I use cheaper certificates from GoDaddy. The following instructions are specific to Apache, but there are many references out there for other web servers. For Apache I have OpenSSL and the commands are; [oracle@irm /] cd /usr/bin [oracle@irm bin] openssl genrsa -des3 -out irm-apache-server.key 2048 Generating RSA private key, 2048 bit long modulus ............................+++ .........+++ e is 65537 (0x10001) Enter pass phrase for irm-apache-server.key: Verifying - Enter pass phrase for irm-apache-server.key: [oracle@irm bin] openssl req -new -key irm-apache-server.key -out irm-apache-server.csr Enter pass phrase for irm-apache-server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:US State or Province Name (full name) [Berkshire]:CA Locality Name (eg, city) [Newbury]:San Francisco Organization Name (eg, company) [My Company Ltd]:Oracle Organizational Unit Name (eg, section) []:Security Common Name (eg, your name or your server's hostname) []:irm.company.com Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:testing An optional company name []: You must make sure to remember the pass phrase you used in the initial key generation, you will need this when later configuring Apache. In the /usr/bin directory there are now two new files. The irm-apache-server.csr contains our certificate request and is what you cut and paste, or upload, to your certificate authority when you purchase and validate your SSL certificate. In response you will typically get two files. Your server certificate and another certificate file that will likely contain a set of certificates from your CA which validate your certificate's trust. Next we need to configure Apache to use these files. Typically there is an ssl.conf file which is where all the SSL configuration is done. On my Oracle Enterprise Linux server this file is located in /etc/httpd/conf.d/ssl.conf and i've added the following lines. <VirtualHost irm.company.com> # Setup SSL for irm.company.com ServerName irm.company.com SSLEngine On SSLCertificateFile /oracle/secure/irm.company.com.crt SSLCertificateKeyFile /oracle/secure/irm.company.com.key SSLCertificateChainFile /oracle/secure/gd_bundle.crt </VirtualHost> Restarting Apache (apachectl restart) and I can now attempt to connect to the Apache server in a web browser, https://irm.company.com/. If all is configured correctly I should now see an Apache test page delivered to me over HTTPS. Configuring Apache to proxy traffic to the IRM server Final piece in setting up SSL is to have Apache proxy requests for the IRM server but do so securely. So the requests to Apache will be over HTTPS using a legitimate certificate, but we can also configure Apache to proxy these requests internally across to the IRM server using SSL with the self signed certificate we generated at the start of this article. To do this proxying we use the WebLogic Web Server plugin for Apache which you can download here from Oracle. Download the zip file and extract onto the server. The file extraction reveals a set of zip files, each one specific to a supported web server. In my instance I am using Apache 2.2 32bit on an Oracle Enterprise Linux, 64 bit server. If you are not sure what version your Apache server is, run the command /usr/sbin/httpd -V and you'll see version and it its 32 or 64 bit. Mine is a 32bit server so I need to extract the file WLSPlugin1.1-Apache2.2-linux32-x86.zip. The from the resulting lib folder copy the file mod_wl.so into /usr/lib/httpd/modules/. First we want to test that the plug in will work for regular HTTP traffic. Edit the httpd.conf for Apache and add the following section at the bottom. LoadModule weblogic_module modules/mod_wl.so <IfModule mod_weblogic.c>    WebLogicHost irm.company.internal    WebLogicPort 16100    WLLogFile /tmp/wl-proxy.log </IfModule> <Location /irm_rights>    SetHandler weblogic-handler </Location> <Location /irm_desktop>    SetHandler weblogic-handler </Location> <Location /irm_sealing>    SetHandler weblogic-handler </Location> <Location /irm_services>    SetHandler weblogic-handler </Location> Now restart Apache again (apachectl restart) and now open a browser to http://irm.company.com/irm_rights. Apache will proxy the HTTP traffic from the port 80 of your Apache server to the IRM service listening on port 16100 of the WebLogic Managed server. Note above I have included all four of the Locations you might wish to proxy. http://irm.company.internalirm_rights is the URL to the management website, /irm_desktop is the URL used for the IRM Desktop to communicate. irm_sealing is for web services based document sealing and irm_services is for IRM server web services. The last two are typically only used when you have the IRM server integrated with another application and it is unlikely you'd be accessing these resources from the public facing Apache server. However, just in case, i've mentioned them above. Now let's enable SSL communication from Apache to WebLogic. In the ZIP file we extracted were some more modules we need to copy into the Apache folder. Looking back in the lib that we extracted, there are some more files. Copy the following into the /usr/lib/httpd/modules/ folder. libwlssl.so libnnz11.so libclntsh.so.11.1 Now the documentation states that should only need to do this, but I found that I also needed to create an environment variable called LD_LIBRARY_PATH and point this to the folder /usr/lib/httpd/modules/. If I didn't do this, starting Apache with the WebLogic module configured to SSL would throw the error. [crit] (20014)Internal error: WL SSL Init failed for server: (null) on 0 So I had to edit the file /etc/profile and add the following lines at the bottom. You may already have the LD_LIBRARY_PATH variable defined, therefore simply add this path to it. LD_LIBRARY_PATH=/usr/lib/httpd/modules/ export LD_LIBRARY_PATH Now the WebLogic plug in uses an Oracle Wallet to store the required certificates.You'll need to copy the self signed certificate from the IRM server over to the Apache server. Copy over the MyOwnSelfCA.cer.der into the same folder where you are storing your public certificates, in my example this is /oracle/secure. It's worth mentioning these files should ONLY be readable by root (the user Apache runs as). Now lets create an Oracle Wallet and import the self signed certificate from the IRM server. The file orapki was included in the bin folder of the Apache 1.1 plugin zip you extracted. orapki wallet create -wallet /oracle/secure/my-wallet -auto_login_only orapki wallet add -wallet /oracle/secure/my-wallet -trusted_cert -cert MyOwnSelfCA.cer.der -auto_login_only Finally change the httpd.conf to reflect that we want the WebLogic Apache plug-in to use HTTPS/SSL and not just plain HTTP. <IfModule mod_weblogic.c>    WebLogicHost irm.company.internal    WebLogicPort 16101    SecureProxy ON    WLSSLWallet /oracle/secure/my-wallet    WLLogFile /tmp/wl-proxy.log </IfModule> Then restart Apache once more and you can go back to the browser to test the communication. Opening the URL https://irm.company.com/irm_rights will proxy your request to the WebLogic server at https://irm.company.internal:16101/irm_rights. At this point you have a fully functional Oracle IRM service, the next step is to create a sealed document and test the entire system.

    Read the article

  • Upload Certificate and Key to RUEI in order to decrypt SSL traffic

    - by stefan.thieme(at)oracle.com
    So you want to monitor encrypted traffic with your RUEI collector ?Actually this is an easy thing if you follow the lines below...I will start out with creating a pair of snakeoil (so called self-signed) certificate and key with the make-ssl-cert tool which comes pre-packaged with apache only for the purpose of this example.$ sudo make-ssl-cert generate-default-snakeoil$ sudo ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key-rw-r--r-- 1 root root     615 2010-06-07 10:03 /etc/ssl/certs/ssl-cert-snakeoil.pem-rw-r----- 1 root ssl-cert 891 2010-06-07 10:03 /etc/ssl/private/ssl-cert-snakeoil.keyRUEI Configuration of Security SSL Keys You will most likely get these two files from your Certificate Authority (CA) and/or your system administrators should be able to extract this from your WebServer or LoadBalancer handling SSL encryption for your infrastructure.Now let's look at the content of these two files, the certificate (apache assumes this is in PEM format) is called a public key and the private key is used by the apache server to encrypt traffic for a client using the certificate to initiate the SSL connection with the server.In case you already know that these two match, you simply have to paste them in one text file and upload this text file to your RUEI instance.$ sudo cat /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key > /tmp/ruei.cert_and_key$ sudo cat /tmp/ruei.cert_and_key -----BEGIN CERTIFICATE----- MIIBmTCCAQICCQD7O3XXwVilWzANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDEwZ1 YnVudHUwHhcNMTAwNjA3MDgwMzUzWhcNMjAwNjA0MDgwMzUzWjARMQ8wDQYDVQQD EwZ1YnVudHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALbs+JnI+p+K7Iqa SQZdnYBxOpdRH0/9jt1QKvmH68v81h9+f1Z2rVR7Zrd/l+ruE3H9VvuzxMlKuMH7 qBX/gmjDZTlj9WJM+zc0tSk+e2udy9he20lGzTxv0vaykJkuKcvSWNk4WE9NuAdg IHZvjKgoTSVmvM1ApMCg69nyOy97AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAk2rv VEkxR1qPSpJiudDuGUHtWKBKWiWbmSwI3REZT+0vG+YDG5a55NdxgRk3zhQntqF7 gNYjKxblBByBpY7W0ci00kf7kFgvXWMeU96NSQJdnid/YxzQYn0dGL2rSh1dwdPN NPQlNSfnEQ1yxFevR7aRdCqTbTXU3mxi8YaSscE= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQC27PiZyPqfiuyKmkkGXZ2AcTqXUR9P/Y7dUCr5h+vL/NYffn9W dq1Ue2a3f5fq7hNx/Vb7s8TJSrjB+6gV/4Jow2U5Y/ViTPs3NLUpPntrncvYXttJ Rs08b9L2spCZLinL0ljZOFhPTbgHYCB2b4yoKE0lZrzNQKTAoOvZ8jsvewIDAQAB AoGBAJ7LCWeeUwnKNFqBYmD3RTFpmX4furnal3lBDX0945BZtJr0WZ/6N679zIYA aiVTdGfgjvDC9lHy3n3uctRd0Jqdh2QoSSxNBhq5elIApNIIYzu7w/XI/VhGcDlA b6uadURQEC2q+M8YYjw3mwR2omhCWlHIViOHe/9T8jfP/8pxAkEA7k39WRcQildH DFKcj7gurqlkElHysacMTFWf0ZDTEUS6bdkmNXwK6mH63BlmGLrYAP5AMgKgeDf8 D+WRfv8YKQJBAMSCQ7UGDN3ysyfIIrdc1RBEAk4BOrKHKtD5Ux0z5lcQkaCYrK8J DuSldreN2yOhS99/S4CRWmGkTj04wRSnjwMCQQCaR5mW3QzTU4/m1XEQxsBKSdZE 2hMSmsCmhuSyK13Kl0FPLr/C7qyuc4KSjksABa8kbXaoKfUz/6LLs+ePXZ2JAkAv +mIPk5+WnQgS4XFgdYDrzL8HTpOHPSs+BHG/goltnnT/0ebvgXWqa5+1pyPm6h29 PrYveM2pY1Va6z1xDowDAkEAttfzAwAHz+FUhWQCmOBpvBuW/KhYWKZTMpvxFMSY YD5PH6NNyLfBx0J4nGPN5n/f6il0s9pzt3ko++/eUtWSnQ== -----END RSA PRIVATE KEY----- Simply click on the add new key and browse for the cert_and_key file on your desktop which you concatenated earlier using any text editor. You may need to add a passphrase in order to decrypt the RSA key in some cases (it should tell you BEGIN ENCRYPTED PRIVATE KEY in the header line). I will show you the success screen after uploading the certificate to RUEI. You may want to restart your collector once you have uploaded all the certificate/key pairs you want to use in order to make sure they get picked up asap.You should be able to see the number of SSL Connections rising in the Collector statistics screen below. The figures for decrypt errors should slowly go down and the usage figures for your encryption algortihm on the subsequent SSL Encryption screen should go up. You should be 100% sure everything works fine by now, otherwise see below to distinguish the remaining 1% from your 99% certainty.Verify Certificate and Key are matchingYou can compare the modulus of private key and public certificate and they should match in order for the key to fit the lock. You only want to make sure they both fit each other.We are actually interested only in the following details of the two files, which can be determined by using the -subject, -dates and -modulus command line switches instead of the complete -text output of the x509 certificate/rsa key contents.$ sudo openssl x509 -noout -subject -in /etc/ssl/certs/ssl-cert-snakeoil.pemsubject= /CN=ubuntu$ sudo openssl x509 -noout -dates -in /etc/ssl/certs/ssl-cert-snakeoil.pemnotBefore=Jun  7 08:03:53 2010 GMTnotAfter=Jun  4 08:03:53 2020 GMT$ sudo openssl x509 -noout -modulus -in /etc/ssl/certs/ssl-cert-snakeoil.pem Modulus=B6ECF899C8FA9F8AEC8A9A49065D9D80713A97511F4FFD8EDD502AF987EBCBFCD61F7E7F5676AD547B66B77F97EAEE1371FD56FBB3C4C94AB8C1FBA815FF8268C3653963F5624CFB3734B5293E7B6B9DCBD85EDB4946CD3C6FD2F6B290992E29CBD258D938584F4DB8076020766F8CA8284D2566BCCD40A4C0A0EBD9F23B2F7B $ sudo openssl rsa -noout -modulus -in /etc/ssl/private/ssl-cert-snakeoil.keyModulus=B6ECF899C8FA9F8AEC8A9A49065D9D80713A97511F4FFD8EDD502AF987EBCBFCD61F7E7F5676AD547B66B77F97EAEE1371FD56FBB3C4C94AB8C1FBA815FF8268C3653963F5624CFB3734B5293E7B6B9DCBD85EDB4946CD3C6FD2F6B290992E29CBD258D938584F4DB8076020766F8CA8284D2566BCCD40A4C0A0EBD9F23B2F7BAs you can see the modulus matches exactly and we have the proof that the certificate has been created using the private key. OpenSSL Certificate and Key DetailsAs I already told you, you do not need all the greedy details, but in case you want to know it in depth what is actually in those hex-blocks can be made visible with the following commands which show you the actual content in a human readable format.Note: You may not want to post all the details of your private key =^) I told you I have been using a self-signed certificate only for showing you these details.$ sudo openssl rsa -noout -text -in /etc/ssl/private/ssl-cert-snakeoil.keyPrivate-Key: (1024 bit)modulus:    00:b6:ec:f8:99:c8:fa:9f:8a:ec:8a:9a:49:06:5d:    9d:80:71:3a:97:51:1f:4f:fd:8e:dd:50:2a:f9:87:    eb:cb:fc:d6:1f:7e:7f:56:76:ad:54:7b:66:b7:7f:    97:ea:ee:13:71:fd:56:fb:b3:c4:c9:4a:b8:c1:fb:    a8:15:ff:82:68:c3:65:39:63:f5:62:4c:fb:37:34:    b5:29:3e:7b:6b:9d:cb:d8:5e:db:49:46:cd:3c:6f:    d2:f6:b2:90:99:2e:29:cb:d2:58:d9:38:58:4f:4d:    b8:07:60:20:76:6f:8c:a8:28:4d:25:66:bc:cd:40:    a4:c0:a0:eb:d9:f2:3b:2f:7bpublicExponent: 65537 (0x10001)privateExponent:    00:9e:cb:09:67:9e:53:09:ca:34:5a:81:62:60:f7:    45:31:69:99:7e:1f:ba:b9:da:97:79:41:0d:7d:3d:    e3:90:59:b4:9a:f4:59:9f:fa:37:ae:fd:cc:86:00:    6a:25:53:74:67:e0:8e:f0:c2:f6:51:f2:de:7d:ee:    72:d4:5d:d0:9a:9d:87:64:28:49:2c:4d:06:1a:b9:    7a:52:00:a4:d2:08:63:3b:bb:c3:f5:c8:fd:58:46:    70:39:40:6f:ab:9a:75:44:50:10:2d:aa:f8:cf:18:    62:3c:37:9b:04:76:a2:68:42:5a:51:c8:56:23:87:    7b:ff:53:f2:37:cf:ff:ca:71prime1:    00:ee:4d:fd:59:17:10:8a:57:47:0c:52:9c:8f:b8:    2e:ae:a9:64:12:51:f2:b1:a7:0c:4c:55:9f:d1:90:    d3:11:44:ba:6d:d9:26:35:7c:0a:ea:61:fa:dc:19:    66:18:ba:d8:00:fe:40:32:02:a0:78:37:fc:0f:e5:    91:7e:ff:18:29prime2:    00:c4:82:43:b5:06:0c:dd:f2:b3:27:c8:22:b7:5c:    d5:10:44:02:4e:01:3a:b2:87:2a:d0:f9:53:1d:33:    e6:57:10:91:a0:98:ac:af:09:0e:e4:a5:76:b7:8d:    db:23:a1:4b:df:7f:4b:80:91:5a:61:a4:4e:3d:38:    c1:14:a7:8f:03exponent1:    00:9a:47:99:96:dd:0c:d3:53:8f:e6:d5:71:10:c6:    c0:4a:49:d6:44:da:13:12:9a:c0:a6:86:e4:b2:2b:    5d:ca:97:41:4f:2e:bf:c2:ee:ac:ae:73:82:92:8e:    4b:00:05:af:24:6d:76:a8:29:f5:33:ff:a2:cb:b3:    e7:8f:5d:9d:89exponent2:    2f:fa:62:0f:93:9f:96:9d:08:12:e1:71:60:75:80:    eb:cc:bf:07:4e:93:87:3d:2b:3e:04:71:bf:82:89:    6d:9e:74:ff:d1:e6:ef:81:75:aa:6b:9f:b5:a7:23:    e6:ea:1d:bd:3e:b6:2f:78:cd:a9:63:55:5a:eb:3d:    71:0e:8c:03coefficient:    00:b6:d7:f3:03:00:07:cf:e1:54:85:64:02:98:e0:    69:bc:1b:96:fc:a8:58:58:a6:53:32:9b:f1:14:c4:    98:60:3e:4f:1f:a3:4d:c8:b7:c1:c7:42:78:9c:63:    cd:e6:7f:df:ea:29:74:b3:da:73:b7:79:28:fb:ef:    de:52:d5:92:9d$ sudo openssl x509 -noout -text -in /etc/ssl/certs/ssl-cert-snakeoil.pemCertificate:    Data:        Version: 1 (0x0)        Serial Number:            fb:3b:75:d7:c1:58:a5:5b        Signature Algorithm: sha1WithRSAEncryption        Issuer: CN=ubuntu        Validity            Not Before: Jun  7 08:03:53 2010 GMT            Not After : Jun  4 08:03:53 2020 GMT        Subject: CN=ubuntu        Subject Public Key Info:            Public Key Algorithm: rsaEncryption            RSA Public Key: (1024 bit)                Modulus (1024 bit):                    00:b6:ec:f8:99:c8:fa:9f:8a:ec:8a:9a:49:06:5d:                    9d:80:71:3a:97:51:1f:4f:fd:8e:dd:50:2a:f9:87:                    eb:cb:fc:d6:1f:7e:7f:56:76:ad:54:7b:66:b7:7f:                    97:ea:ee:13:71:fd:56:fb:b3:c4:c9:4a:b8:c1:fb:                    a8:15:ff:82:68:c3:65:39:63:f5:62:4c:fb:37:34:                    b5:29:3e:7b:6b:9d:cb:d8:5e:db:49:46:cd:3c:6f:                    d2:f6:b2:90:99:2e:29:cb:d2:58:d9:38:58:4f:4d:                    b8:07:60:20:76:6f:8c:a8:28:4d:25:66:bc:cd:40:                    a4:c0:a0:eb:d9:f2:3b:2f:7b                Exponent: 65537 (0x10001)    Signature Algorithm: sha1WithRSAEncryption        93:6a:ef:54:49:31:47:5a:8f:4a:92:62:b9:d0:ee:19:41:ed:        58:a0:4a:5a:25:9b:99:2c:08:dd:11:19:4f:ed:2f:1b:e6:03:        1b:96:b9:e4:d7:71:81:19:37:ce:14:27:b6:a1:7b:80:d6:23:        2b:16:e5:04:1c:81:a5:8e:d6:d1:c8:b4:d2:47:fb:90:58:2f:        5d:63:1e:53:de:8d:49:02:5d:9e:27:7f:63:1c:d0:62:7d:1d:        18:bd:ab:4a:1d:5d:c1:d3:cd:34:f4:25:35:27:e7:11:0d:72:        c4:57:af:47:b6:91:74:2a:93:6d:35:d4:de:6c:62:f1:86:92:        b1:c1The above output can also be seen if you direct your browser client to your website and check the certificate sent by the server to your browser. You will be able to lookup all the details including the validity dates, subject common name and the public key modulus.Capture an SSL connection using WiresharkAnd as you would have expected, looking at the low-level tcp data that has been exchanged between the client and server with a tcp-diagnostics tool (i.e. wireshark/tcpdump) you can also see the modulus in there.These were the settings I used to capture all traffic on the local loopback interface, matching the filter expression: tcp and ip and host 127.0.0.1 and port 443. This tells Wireshark to leave out any other information, I may not have been interested in showing you.

    Read the article

  • VS 2012 Code Review &ndash; Before Check In OR After Check In?

    - by Tarun Arora
    “Is Code Review Important and Effective?” There is a consensus across the industry that code review is an effective and practical way to collar code inconsistency and possible defects early in the software development life cycle. Among others some of the advantages of code reviews are, Bugs are found faster Forces developers to write readable code (code that can be read without explanation or introduction!) Optimization methods/tricks/productive programs spread faster Programmers as specialists "evolve" faster It's fun “Code review is systematic examination (often known as peer review) of computer source code. It is intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers' skills. Reviews are done in various forms such as pair programming, informal walkthroughs, and formal inspections.” Wikipedia No where does the definition mention whether its better to review code before the code has been committed to version control or after the commit has been performed. No matter which side you favour, Visual Studio 2012 allows you to request for a code review both before check in and also request for a review after check in. Let’s weigh the pros and cons of the approaches independently. Code Review Before Check In or Code Review After Check In? Approach 1 – Code Review before Check in Developer completes the code and feels the code quality is appropriate for check in to TFS. The developer raises a code review request to have a second pair of eyes validate if the code abides to the recommended best practices, will not result in any defects due to common coding mistakes and whether any optimizations can be made to improve the code quality.                                             Image 1 – code review before check in Pros Everything that gets committed to source control is reviewed. Minimizes the chances of smelly code making its way into the code base. Decreases the cost of fixing bugs, remember, the earlier you find them, the lesser the pain in fixing them. Cons Development Code Freeze – Since the changes aren’t in the source control yet. Further development can only be done off-line. The changes have not been through a CI build, hard to say whether the code abides to all build quality standards. Inconsistent! Cumbersome to track the actual code review process.  Not every change to the code base is worth reviewing, a lot of effort is invested for very little gain. Approach 2 – Code Review after Check in Developer checks in, random code reviews are performed on the checked in code.                                                      Image 2 – Code review after check in Pros The code has already passed the CI build and run through any code analysis plug ins you may have running on the build server. Instruct the developer to ensure ZERO fx cop, style cop and static code analysis before check in. Code is cleaner and smell free even before the code review. No Offline development, developers can continue to develop against the source control. Cons Bad code can easily make its way into the code base. Since the review take place much later in the cycle, the cost of fixing issues can prove to be much higher. Approach 3 – Hybrid Approach The community advocates a more hybrid approach, a blend of tooling and human accountability quotient.                                                               Image 3 – Hybrid Approach 1. Code review high impact check ins. It is not possible to review everything, by setting up code review check in policies you can end up slowing your team. More over, the code that you are reviewing before check in hasn't even been through a green CI build either. 2. Tooling. Let the tooling work for you. By running static analysis, fx cop, style cop and other plug ins on the build agent, you can identify the real issues that in my opinion can't possibly be identified using human reviews. Configure the tooling to report back top 10 issues every day. Mandate the manual code review of individuals who keep making it to this list of shame more often. 3. During Merge. I would prefer eliminating some of the other code issues during merge from Main branch to the release branch. In a scrum project this is still easier because cheery picking the merges is a possibility and the size of code being reviewed is still limited. Let the tooling work for you, if some one breaks the CI build often, put them on a gated check in build course until you see improvement. If some one appears on the top 10 list of shame generated via the build then ensure that all their code is reviewed till you see improvement. At the end of the day, the goal is to ensure that the code being delivered is top quality. By enforcing a code review before any check in, you force the developer to work offline or stay put till the review is complete. What do the experts say? So I asked a few expects what they thought of “Code Review quality gate before Checking in code?" Terje Sandstrom | Microsoft ALM MVP You mean a review quality gate BEFORE checking in code????? That would mean a lot of code staying either local or in shelvesets, and not even been through a CI build, and a green CI build being the main criteria for going further, f.e. to the review state. I would not like code laying around with no checkin’s. Having a requirement that code is checked in small pieces, 4-8 hours work max, and AT LEAST daily checkins, a manual code review comes second down the lane. I would expect review quality gates to happen before merging back to main, or before merging to release.  But that would all be on checked-in code.  Branching is absolutely one way to ease the pain.   Another way we are using is automatic quality builds, running metrics, coverage, static code analysis.  Unfortunately it takes some time, would be great to be on CI’s – but…., so it’s done scheduled every night. Based on this we get, among other stuff,  top 10 lists of suspicious code, which is then subjected to reviews.  If a person seems to be very popular on these top 10 lists, we subject every check in from that person to a review for a period. That normally helps.   None of the clients I have can afford to have every checkin reviewed, so we need to find ways around it. I don’t disagree with the nicety of having all the code reviewed, but I find it hard to find those resources in today’s enterprises. David V. Corbin | Visual Studio ALM Ranger I tend to agree with both sides. I hate having code that is not checked in, but at the same time hate having “bad” code in the repository. I have found that branching is one approach to solving this dilemma. Code is checked into the private/feature branch before the review, but is not merged over to the “official” branch until after the review. I advocate both, depending on circumstance (especially team dynamics)   - The “pre-checkin” is usually for elements that may impact the project as a whole. Think of it as another “gate” along with passing unit tests. - The “post-checkin” may very well not be at the changeset level, but correlates to a review at the “user story” level.   Again, this depends on team dynamics in play…. Robert MacLean | Microsoft ALM MVP I do not think there is no right answer for the industry as a whole. In short the question is why do you do reviews? Your question implies risk mitigation, so in low risk areas you can get away with it after check in while in high risk you need to do it before check in. An example is those new to a team or juniors need it much earlier (maybe that is before checkin, maybe that is soon after) than seniors who have shipped twenty sprints on the team. Abhimanyu Singhal | Visual Studio ALM Ranger Depends on per scenario basis. We recommend post check-in reviews when: 1. We don't want to block other checks and processes on manual code reviews. Manual reviews take time, and some pieces may not require manual reviews at all. 2. We need to trace all changes and track history. 3. We have a code promotion strategy/process in place. For risk mitigation, post checkin code can be promoted to Accepted branches. Or can be rejected. Pre Checkin Reviews are used when 1. There is a high risk factor associated 2. Reviewers are generally (most of times) have immediate availability. 3. Team does not have strict tracking needs. Simply speaking, no single process fits all scenarios. You need to select what works best for your team/project. Thomas Schissler | Visual Studio ALM Ranger This is an interesting discussion, I’m right now discussing details about executing code reviews with my teams. I see and understand the aspects you brought in, but there is another side as well, I’d like to point out. 1.) If you do reviews per check in this is not very practical as a hard rule because this will disturb the flow of the team very often or it will lead to reduce the checkin frequency of the devs which I would not accept. 2.) If you do later reviews, for example if you review PBIs, it is not easy to find out which code you should review. Either you review all changesets associate with the PBI, but then you might review code which has been changed with a later checkin and the dev maybe has already fixed the issue. Or you review the diff of the latest changeset of the PBI with the first but then you might also review changes of other PBIs. Jakob Leander | Sr. Director, Avanade In my experience, manual code review: 1. Does not get done and at the very least does not get redone after changes (regardless of intentions at start of project) 2. When a project actually do it, they often do not do it right away = errors pile up 3. Requires a lot of time discussing/defining the standard and for the team to learn it However code review is very important since e.g. even small memory leaks in a high volume web solution have big consequences In the last years I have advocated following approach for code review - Architects up front do “at least one best practice example” of each type of component and tell the team. Copy from this one. This should include error handling, logging, security etc. - Dev lead on project continuously browse code to validate that the best practices are used. Especially that patterns etc. are not broken. You can do this formally after each sprint/iteration if you want. Once this is validated it is unlikely to “go bad” even during later code changes Agree with customer to rely on static code analysis from Visual Studio as the one and only coding standard. This has HUUGE benefits - You can easily tweak to reach the level you desire together with customer - It is easy to measure for both developers/management - It is 100% consistent across code base - It gets validated all the time so you never end up getting hammered by a customer review in the end - It is easy to tell the developer that you do not want code back unless it has zero errors = minimize communication You need to track this at least during nightly builds and make sure team sees total # issues. Do not allow #issues it to grow uncontrolled. On the project I run I require code analysis to have run on code before checkin (checkin rule). This means -  You have to have clean compile (or CA wont run) so this is extra benefit = very few broken builds - You can change a few of the rules to compile as errors instead of warnings. I often do this for “missing dispose” issues which you REALLY do not want in your app Tip: Place your custom CA rules files as part of solution. That  way it works when you do branching etc. (path to CA file is relative in VS) Some may argue that CA is not as good as manual inspection. But since manual inspection in reality suffers from the 3 issues in start it is IMO a MUCH better (and much cheaper) approach from helicopter perspective Tirthankar Dutta | Director, Avanade I think code review should be run both before and after check ins. There are some code metrics that are meant to be run on the entire codebase … Also, especially on multi-site projects, one should strive to architect in a way that lets men manage the framework while boys write the repetitive code… scales very well with the need to review less by containment and imposing architectural restrictions to emphasise the design. Bruno Capuano | Microsoft ALM MVP For code reviews (means peer reviews) in distributed team I use http://www.vsanywhere.com/default.aspx  David Jobling | Global Sr. Director, Avanade Peer review is the only way to scale and its a great practice for all in the team to learn to perform and accept. In my experience you soon learn who's code to watch more than others and tune the attention. Mikkel Toudal Kristiansen | Manager, Avanade If you have several branches in your code base, you will need to merge often. This requires manual merging, when a file has been changed in both branches. It offers a good opportunity to actually review to changed code. So my advice is: Merging between branches should be done as often as possible, it should be done by a senior developer, and he/she should perform a full code review of the code being merged. As for detecting architectural smells and code smells creeping into the code base, one really good third party tools exist: Ndepend (http://www.ndepend.com/, for static code analysis of the current state of the code base). You could also consider adding StyleCop to the solution. Jesse Houwing | Visual Studio ALM Ranger I gave a presentation on this subject on the TechDays conference in NL last year. See my presentation and slides here (talk in Dutch, but English presentation): http://blog.jessehouwing.nl/2012/03/did-you-miss-my-techdaysnl-talk-on-code.html  I’d like to add a few more points: - Before/After checking is mostly a trust issue. If you have a team that does diligent peer reviews and regularly talk/sit together or peer review, there’s no need to enforce a before-checkin policy. The peer peer-programming and regular feedback during development can take care of most of the review requirements as long as the team isn’t under stress. - Under stress, enforce pre-checkin reviews, it might sound strange, if you’re already under time or budgetary constraints, but it is under such conditions most real issues start to be created or pile up. - Use tools to catch most common errors, Code Analysis/FxCop was already mentioned. HP Fortify, Resharper, Coderush etc can help you there. There are also a lot of 3rd party rules you can add to Code Analysis. I’ve written a few myself (http://fccopcontrib.codeplex.com) and various teams from Microsoft have added their own rules (MSOCAF for SharePoint, WSSF for WCF). For common errors that keep cropping up, see if you can define a rule. It’s much easier. But more importantly make sure you have a good help page explaining *WHY* it's wrong. If you have small feature or developer branches/shelvesets, you might want to review pre-merge. It’s still better to do peer reviews and peer programming, but the most important thing is that bad quality code doesn’t make it into the important branch. So my philosophy: - Use tooling as much as possible. - Make sure the team understands the tooling and the importance of the things it flags. It’s too easy to just click suppress all to ignore the warnings. - Under stress, tighten process, it’s under stress that the problems of late reviews will really surface - Most importantly if you do reviews do them as early as possible, but never later than needed. In other words, pre-checkin/post checking doesn’t really matter, as long as the review is done before the code is released. It’ll just be much more expensive to fix any review outcomes the later you find them. --- I would love to hear what you think!

    Read the article

  • Firefox 3.6 Kiosk mode

    - by David Murdoch
    I've developed a FF 3.6+ only web app that needs to run in kiosk mode. I has assumed that since nearly every other browser has a built in kiosk switch FF would have this too. I haven't been able to find this. http://kb.mozillazine.org/Command_line_arguments does not have a kiosk mode listed. R-Kiosk doesn't work in FF 3.6. Apparently their is a new "experimental" version of R-Kiosk (v0.8.0) but I can't find it anywhere. Does anyone know of anyway to put Firefox in kiosk mode? I'd be especially great if the solution forced full screen, hid all toolbars and context menus, disables (Ctrl+) Alt + * combos, and disables "Windows Key" + * combos.

    Read the article

  • Server 2012 DFS New Member Issue

    - by David
    I am trying to add a new member to our DFS topology. We have 3 DCs (VMs - VMware) running Windows server 2012, two servers are located in or Primary site and the third at our DR site. Currently the two servers at our primary site are currently replicating DFS (full mesh) and are working fine. I have tried several times to add the third DC to our DFS topology, every time i configure the replication path e.g E:\MSI and click ok the MMC snap in crashes. Below is the crash info, any idea what is causing this? What i am doing is fairly straight forward and don't see why this would be happening. Windows Crash Error: gnature: Problem Event Name: CLR20r3 Problem Signature 01: mmc.exe Problem Signature 02: 6.2.9200.16496 Problem Signature 03: 50ece2e8 Problem Signature 04: System.Windows.Forms Problem Signature 05: 4.0.30319.18046 Problem Signature 06: 51552cda Problem Signature 07: 6291 Problem Signature 08: 25 Problem Signature 09: RML5K4UDBMA5NI04CIYRWVDHKEWFDHCV OS Version: 6.2.9200.2.0.0.272.7 Locale ID: 3081 Additional Information 1: b979 Additional Information 2: b97911c958b3d076b53a1d80c1c56088 Additional Information 3: 4fee Additional Information 4: 4fee5b9baabd694859b15dfc5e1863b7      Crash Report Version=1 EventType=CLR20r3 EventTime=130165974300817209 ReportType=2 Consent=1 ReportIdentifier=d15d0d38-dd36-11e2-93fb-005056af764c IntegratorReportIdentifier=d15d0d37-dd36-11e2-93fb-005056af764c NsAppName=mmc.exe Response.type=4 Sig[0].Name=Problem Signature 01 Sig[0].Value=mmc.exe Sig[1].Name=Problem Signature 02 Sig[1].Value=6.2.9200.16496 Sig[2].Name=Problem Signature 03 Sig[2].Value=50ece2e8 Sig[3].Name=Problem Signature 04 Sig[3].Value=System.Windows.Forms Sig[4].Name=Problem Signature 05 Sig[4].Value=4.0.30319.18046 Sig[5].Name=Problem Signature 06 Sig[5].Value=51552cda Sig[6].Name=Problem Signature 07 Sig[6].Value=6291 Sig[7].Name=Problem Signature 08 Sig[7].Value=25 Sig[8].Name=Problem Signature 09 Sig[8].Value=RML5K4UDBMA5NI04CIYRWVDHKEWFDHCV DynamicSig[1].Name=OS Version DynamicSig[1].Value=6.2.9200.2.0.0.272.7 DynamicSig[2].Name=Locale ID DynamicSig[2].Value=3081 DynamicSig[22].Name=Additional Information 1 DynamicSig[22].Value=b979 DynamicSig[23].Name=Additional Information 2 DynamicSig[23].Value=b97911c958b3d076b53a1d80c1c56088 DynamicSig[24].Name=Additional Information 3 DynamicSig[24].Value=4fee DynamicSig[25].Name=Additional Information 4 DynamicSig[25].Value=4fee5b9baabd694859b15dfc5e1863b7 UI[2]=C:\Windows\system32\mmc.exe UI[3]=Microsoft Management Console has stopped working UI[4]=Windows can check online for a solution to the problem. UI[5]=Check online for a solution and close the program UI[6]=Check online for a solution later and close the program UI[7]=Close the program LoadedModule[0]=C:\Windows\system32\mmc.exe LoadedModule[1]=C:\Windows\SYSTEM32\ntdll.dll LoadedModule[2]=C:\Windows\system32\KERNEL32.DLL LoadedModule[3]=C:\Windows\system32\KERNELBASE.dll LoadedModule[4]=C:\Windows\system32\GDI32.dll LoadedModule[5]=C:\Windows\system32\USER32.dll LoadedModule[6]=C:\Windows\system32\MFC42u.dll LoadedModule[7]=C:\Windows\system32\msvcrt.dll LoadedModule[8]=C:\Windows\system32\mmcbase.DLL LoadedModule[9]=C:\Windows\system32\ole32.dll LoadedModule[10]=C:\Windows\system32\SHLWAPI.dll LoadedModule[11]=C:\Windows\system32\UxTheme.dll LoadedModule[12]=C:\Windows\system32\DUser.dll LoadedModule[13]=C:\Windows\system32\OLEAUT32.dll LoadedModule[14]=C:\Windows\system32\ODBC32.dll LoadedModule[15]=C:\Windows\SYSTEM32\combase.dll LoadedModule[16]=C:\Windows\system32\RPCRT4.dll LoadedModule[17]=C:\Windows\SYSTEM32\sechost.dll LoadedModule[18]=C:\Windows\system32\ADVAPI32.dll LoadedModule[19]=C:\Windows\system32\SHCORE.DLL LoadedModule[20]=C:\Windows\system32\IMM32.DLL LoadedModule[21]=C:\Windows\system32\MSCTF.dll LoadedModule[22]=C:\Windows\system32\DUI70.dll LoadedModule[23]=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef\Comctl32.dll LoadedModule[24]=C:\Windows\system32\SHELL32.dll LoadedModule[25]=C:\Windows\system32\CRYPTBASE.dll LoadedModule[26]=C:\Windows\system32\bcryptPrimitives.dll LoadedModule[27]=C:\Windows\system32\urlmon.dll LoadedModule[28]=C:\Windows\system32\iertutil.dll LoadedModule[29]=C:\Windows\system32\WININET.dll LoadedModule[30]=C:\Windows\SYSTEM32\clbcatq.dll LoadedModule[31]=C:\Windows\system32\mmcndmgr.dll LoadedModule[32]=C:\Windows\System32\msxml6.dll LoadedModule[33]=C:\Windows\system32\profapi.dll LoadedModule[34]=C:\Windows\system32\apphelp.dll LoadedModule[35]=C:\Windows\system32\dwmapi.dll LoadedModule[36]=C:\Windows\System32\oleacc.dll LoadedModule[37]=C:\Windows\system32\CRYPTSP.dll LoadedModule[38]=C:\Windows\system32\rsaenh.dll LoadedModule[39]=C:\Windows\system32\NetworkExplorer.dll LoadedModule[40]=C:\Windows\system32\PROPSYS.dll LoadedModule[41]=C:\Windows\system32\SETUPAPI.dll LoadedModule[42]=C:\Windows\system32\CFGMGR32.dll LoadedModule[43]=C:\Windows\system32\DEVOBJ.dll LoadedModule[44]=C:\Windows\system32\mlang.dll LoadedModule[45]=C:\Windows\system32\xmllite.dll LoadedModule[46]=C:\Windows\system32\VERSION.dll LoadedModule[47]=C:\Windows\SYSTEM32\mscoree.dll LoadedModule[48]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll LoadedModule[49]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll LoadedModule[50]=C:\Windows\SYSTEM32\MSVCR110_CLR0400.dll LoadedModule[51]=C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\fa44d07a6b592198dfeae841489f295b\mscorlib.ni.dll LoadedModule[52]=C:\Windows\system32\sxs.dll LoadedModule[53]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System\577825eedb03a45fd7327050e85d0c44\System.ni.dll LoadedModule[54]=C:\Windows\assembly\NativeImages_v4.0.30319_64\MMCEx\9b714b187bfb304526df6d4e6160e15c\MMCEx.ni.dll LoadedModule[55]=C:\Windows\assembly\NativeImages_v4.0.30319_64\MMCFxCommon\3804721e3998fdf29b06e86bcfe92eb8\MMCFxCommon.ni.dll LoadedModule[56]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\e3873005e8829578178618d41d012849\System.Configuration.ni.dll LoadedModule[57]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\aea95442f7e98cffc3c849fe3b0658d6\System.Xml.ni.dll LoadedModule[58]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\f28da0d8140095c5c86e9f2443878807\System.Drawing.ni.dll LoadedModule[59]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\c2f5f2174cecd9faaf74a0cdeebfdd49\System.Windows.Forms.ni.dll LoadedModule[60]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll LoadedModule[61]=C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mff1be75b#\3c16df28b2935a005a7fd0da96e0ff6c\Microsoft.ManagementConsole.ni.dll LoadedModule[62]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll LoadedModule[63]=C:\Windows\assembly\NativeImages_v4.0.30319_64\DfsMgmt\ed2ebd5dc4469285040f2e21c5e990dc\DfsMgmt.ni.dll LoadedModule[64]=C:\Windows\assembly\NativeImages_v4.0.30319_64\DfsObjectModel\43ed7ca19e7c26cbf27c5c8a2e0fec93\DfsObjectModel.ni.dll LoadedModule[65]=C:\Windows\assembly\NativeImages_v4.0.30319_64\CfsCommonUIFx\aea54a98ed63ebeaa6703e9f0a724ac8\CfsCommonUIFx.ni.dll LoadedModule[66]=C:\Windows\assembly\NativeImages_v4.0.30319_64\Interop.DFSRHelper\3780b83ee96c137664d8807e7042768f\Interop.DFSRHelper.ni.dll LoadedModule[67]=C:\Windows\system32\WindowsCodecs.dll LoadedModule[68]=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_7762d5fd3178b04e\comctl32.dll LoadedModule[69]=C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16518_none_726fbfe0cc22f012\gdiplus.dll LoadedModule[70]=C:\Windows\system32\DWrite.dll LoadedModule[71]=C:\Windows\system32\COMDLG32.dll LoadedModule[72]=C:\Windows\system32\Netapi32.dll LoadedModule[73]=C:\Windows\system32\netutils.dll LoadedModule[74]=C:\Windows\system32\srvcli.dll LoadedModule[75]=C:\Windows\system32\wkscli.dll LoadedModule[76]=C:\Windows\system32\clusapi.dll LoadedModule[77]=C:\Windows\system32\cryptdll.dll LoadedModule[78]=C:\Windows\system32\WS2_32.dll LoadedModule[79]=C:\Windows\system32\NSI.dll LoadedModule[80]=C:\Windows\system32\mswsock.dll LoadedModule[81]=C:\Windows\system32\DNSAPI.dll LoadedModule[82]=C:\Windows\System32\rasadhlp.dll LoadedModule[83]=C:\Windows\system32\IPHLPAPI.DLL LoadedModule[84]=C:\Windows\system32\WINNSI.DLL LoadedModule[85]=C:\Windows\System32\fwpuclnt.dll LoadedModule[86]=C:\Windows\system32\DFSCLI.DLL LoadedModule[87]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\0acd265b442254788d2d1429c296558c\System.DirectoryServices.ni.dll LoadedModule[88]=C:\Windows\system32\ntdsapi.dll LoadedModule[89]=C:\Windows\system32\LOGONCLI.DLL LoadedModule[90]=C:\Windows\system32\activeds.dll LoadedModule[91]=C:\Windows\system32\adsldpc.dll LoadedModule[92]=C:\Windows\system32\WLDAP32.dll LoadedModule[93]=C:\Windows\system32\adsldp.dll LoadedModule[94]=C:\Windows\system32\SspiCli.dll LoadedModule[95]=C:\Windows\system32\DSPARSE.dll LoadedModule[96]=C:\Windows\system32\msv1_0.DLL LoadedModule[97]=C:\Windows\system32\cscapi.dll LoadedModule[98]=C:\Windows\system32\DSROLE.DLL LoadedModule[99]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dire5d62f0a2#\819205bfacb57978948171e414993369\System.DirectoryServices.Protocols.ni.dll LoadedModule[100]=C:\Windows\System32\objsel.dll LoadedModule[101]=C:\Windows\System32\Secur32.dll LoadedModule[102]=C:\Windows\System32\credui.dll LoadedModule[103]=C:\Windows\system32\CRYPT32.dll LoadedModule[104]=C:\Windows\system32\MSASN1.dll LoadedModule[105]=C:\Windows\System32\DPAPI.DLL LoadedModule[106]=C:\Windows\system32\riched32.dll LoadedModule[107]=C:\Windows\system32\RICHED20.dll LoadedModule[108]=C:\Windows\system32\USP10.dll LoadedModule[109]=C:\Windows\system32\msls31.dll LoadedModule[110]=C:\Windows\System32\Windows.Globalization.dll LoadedModule[111]=C:\Windows\System32\Bcp47Langs.dll LoadedModule[112]=C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\e44b9230fcc7dc263820eff07cfc6353\System.ServiceProcess.ni.dll LoadedModule[113]=C:\Windows\system32\kerberos.DLL LoadedModule[114]=C:\Windows\system32\bcrypt.dll LoadedModule[115]=C:\Windows\assembly\NativeImages_v4.0.30319_64\Accessibility\e69795104b16b74fe9c1e7dff4f3f510\Accessibility.ni.dll LoadedModule[116]=C:\Windows\system32\MPR.dll LoadedModule[117]=C:\Windows\System32\drprov.dll LoadedModule[118]=C:\Windows\System32\WINSTA.dll LoadedModule[119]=C:\Windows\System32\ntlanman.dll LoadedModule[120]=C:\Windows\system32\explorerframe.dll FriendlyEventName=Stopped working ConsentKey=CLR20r3 AppName=Microsoft Management Console AppPath=C:\Windows\system32\mmc.exe NsPartner=windows NsGroup=windows8 Application Log Event ID: 1000 Faulting application name: mmc.exe, version: 6.2.9200.16496, time stamp: 0x50ece2e8 Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451, time stamp: 0x50988aa6 Exception code: 0xe0434352 Fault offset: 0x000000000003811c Faulting process id: 0xd30 Faulting application start time: 0x01ce71411a7b775b Faulting application path: C:\Windows\system32\mmc.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: d15d0d37-dd36-11e2-93fb-005056af764c Faulting package full name: Faulting package-relative application ID: Application Log Event ID: 1026 Application: mmc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Runtime.InteropServices.SEHException Stack: at System.Windows.Forms.UnsafeNativeMethods.ThemingScope.DeactivateActCtx(Int32 dwFlags, IntPtr lpCookie) at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context) at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run() at Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart()

    Read the article

  • Watchguard Firewall - Issues with SSLVPN

    - by David W
    I have a client who has a WatchGuard XTM 23 device on site as their primary firewall. I just upgraded its firmware a couple days ago to the latest version for that series, 11.6.6. The problem is that I haven't successfully been able to setup a VPN connection for them. Using the instructions at http://www.watchguard.com/help/docs/webui/11_XTM/en-US/index.html#en-US/mvpn/ssl/configure_fb_for_mvpn_ssl_c.html, I'm trying to setup a VPN with SSL connection: From the firewall web GUI / Dashboard, I go to VPN - Mobile VPN with SSL, I enable it, add the organization's public IP address to which the firewall is connected. I've setup a group in Active Directory named "SSLVPN-Users", verified that the WatchGuard box can talk to the Active Directory Server, and added myself to that group. I then downloaded the WatchGuard Mobile VPN with SSL client onto my own Windows 7 machine, walked to the client's 2nd building across the street (which has a different public internet connection), and tried to connect to the VPN. When I do try to connect with the client, I get the following errors: 2013-06-24T15:41:32.119 Launching WatchGuard Mobile VPN with SSL client. Version 11.6.0 (Build 343814) Built:Jun 13 2012 01:42:55 2013-06-24T15:41:37.595 Requesting client configuration from 184.174.143.176:443 2013-06-24T15:41:50.106 FAILED:Cannot perform http request, timeout 12002 2013-06-24T15:41:50.106 failed to get domain name I discovered today the Firebox System Manager, and its "Traffic Monitor" which gives current log information (refreshes every 5 seconds). Unfortunately, it doesn't look like the client has setup any sort of WatchGuard / Firebox logging server, so actually recording server-side logs to file hasn't been done. I can work on implementing that if I need to. I noticed that if I try to ping the client's public IP address from an outside source, I don't get a response back (unless I added a policy into the firewall to allow ICMP traffic from "External", which I successfully did a few seconds ago for testing purposes - that rule has since been reverted to not respond to external ping requests). There's a policy in the firewall for allowing SSLVPN Traffic authentication requests coming from any external source TO the Firebox, and then to do the authentication / actually allow the VPN traffic, there's a policy allowing traffic for anyone in the SSLVPN-Users group to flow between that user and the inside network. So my questions are: Has anyone seen these errors before from the Watchguard VPN Client, and/or do you have any suggestions on how I can resolve that error? If I need to setup logging server to grab the firewall logs (in order to further troubleshoot this issue), how complicated a task is that and does it require a lot of system resources? The organization I'm consulting with only has 1 server and not a lot of resources or technical know-how.

    Read the article

  • iPhone 3GS lens data for Hugin / Panorama Tools

    - by david-ocallaghan
    I'm using the Hugin frontend to Panorama Tools and it requires camera and lens data for the images it handles (details here: http://wiki.panotools.org/Hugin_Camera_and_Lens_tab). Can anyone tell me the appropriate values for the iPhone 3GS camera? Lens: rectilinear Horizontal Field of View: ? focal length: 3.85mm crop factor / focal length multiplier: ?

    Read the article

  • Powershell import-module webadministration

    - by David
    Every time I execute this command invoke-command -computername REMOTEPC -scriptblock { import-module WebAdministration; new-item "$env:systemdrive\inetpub\testsite" -type directory; New-WebSite -Name TestSite -Port 81 -PhysicalPath "$env:systemdrive\inetpub\testsite" } I get the following error Invalid class string (Exception from HRESULT: 0x800401F3 (CO_E_CLASSSTRING)) + CategoryInfo : NotSpecified: (:) [Get-ChildItem], COMException + FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Microsoft.PowerShell.Commands.GetChildItemCommand The website is created successfully as far as I can see. The following command gives the same error when enumerating the testsite Invoke-Command -computername REMOTEPC { import-module webadministration; dir -path IIS:\Sites\ } Name ID State Physical Path Bindings PSComputerName Default Web Site 1 Started http *:80: REMOTEPC Invalid class string (Exception from HRESULT: 0x800401F3 (CO_E_CLASSSTRING)) + CategoryInfo : NotSpecified: (:) [Get-ChildItem], COMException + FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Microsoft.PowerShell.Commands.GetChildItemCo mmand Any suggestions would be appreciated

    Read the article

  • Have I bricked my Sun V20z?

    - by David Mackintosh
    I have a small pile of Sun V20z computers. I was trying to update the SP and BIOS firmwares in order to bring them all up to the same standard -- mostly to get the updated (ie actually useful) SP functionality, and figured that I would just do the BIOS while I was at it. For three of the four computers, it worked perfectly. However after the BIOS update, the fourth system won't boot. I did this: batch05-mgmt $ sp get mounts Local Remote /mnt 10.16.0.8:/export/v20z batch05-mgmt $ platform set os state update-bios /mnt/sw_images/platform/firmware/bios/V1.35.3.2/bios.sp This command may take several minutes. Please be patient. Bios started Bios Flash Transmit Started Bios Flash Transmit Complete Bios Flash update Progress: 7 Bios Flash update Progress: 6 Bios Flash update Progress: 5 Bios Flash update Progress: 4 Bios Flash update Progress: 3 Bios Flash update Progress: 2 Bios Flash update Progress: 1 Bios Flash update complete batch05-mgmt $ platform set power state on This command may take several minutes. Please be patient. After an hour of waiting, it still won't start. The chassis powers on, but beyond the fans spinning up and the hardware POST of the drives, nothing appears to happen. So if I try to re-flash the BIOS (on the theory that maybe something went wrong): batch05-mgmt $ platform set os state update-bios /mnt/sw_images/platform/firmware/bios/V1.35.3.2/bios.sp This command may take several minutes. Please be patient. Bios started Error. The operation timed out. Have I bricked it?

    Read the article

  • HAProxy not passing SSL traffic in TCP mode (unknown protocol)

    - by David
    Hi, I've got a HAProxy LB solution setup and working correctly. All HTTP traffic on port 80 is being passed through succesfully. I'm now trying to get SSL traffic to work (in TCP mode and on just one server for now) however I keep getting the following error when testing via openssl: 26396:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:588: However, when I try the same test (openssl s_client -connect) on the web servers IP address and hostname, everything seems to look OK. I can setup a hosts record locally and confirm that the browsers are picking up the SSL certificate succesfully for the domain. I guess this has led me to the conclusion that there is a problem at the HAProxy setup I have, so would really appreciate some advice here. frontend https-c-in bind 178.79.xxx.xxx:443 mode tcp default_backend c-https backend c-https balance source option ssl-hello-chk option httpclose server c-web-01 192.168.xxx.xxx:443 check inter 2000 rise 2 fall 5

    Read the article

  • Windows Update when Group Policy Forbids

    - by David Beckman
    I am in the administrators group for my local Windows XP machine and I would like to get updates via http://update.microsoft.com/[1]. However, this is prevented via the group policy: Network policy settings prevent you from using this website to get updates for your computer. Is there anyway to override this specific policy for my machine or my user? [1] Several installed applications are Microsoft based, but are not part of the machine standard (eg Visual studio). As such, I am not getting the updates for these applications. I could periodically go to the various application sites and look for hotfixes, but that is beyond tedious.

    Read the article

  • IIS 6.0 Application pool crash

    - by David
    One application pool on one of our webservers crashed and we found this in the Eventlog, where can we find more information about it? Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1101 Date: 11/23/2009 Time: 10:57:55 AM User: N/A Computer: ID-WEB Description: The World Wide Web Publishing Service failed to create app pool 'Global'. The data field contains the error number. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: b7 00 07 80 ·..? Attempting to manually start the application pool gives the following in the event log: Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1107 Date: 11/23/2009 Time: 3:53:13 PM User: N/A Computer: ID-WEB Description: The World Wide Web Publishing Service failed to modify app pool 'Global'. The data field contains the error number. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 05 40 00 80 .@.? We are running IIS 6.0 on a Windows server 2003 R2, 32bits.

    Read the article

  • iTunes Keeps Crashing After Activating iTunes Match

    - by David
    This morning I activated iTunes Match. There were over 20,000 songs to scan and upload, so I walked away and came back to it this afternoon. Upon returning, I found that iTunes had crashed. Now any time I try to open iTunes, the window displays but within a second (seemingly as soon as it tries to access iTunes Match, but I have no way of confirming that) it crashes. So I effectively can't get iTunes to run. Has this happened for anybody else? Does anybody have any suggestions for fixing or even diagnosing this?

    Read the article

  • Outlook close to tray

    - by David Lay
    Ok, I'm stuck using outlook in the office (but they let me use 2010 betas which are awsome, btw) and one thing I'll allways rant about outlook in any version is that when I press the X button it goes away. I mean, I know the X button is supposed to close the app, it's the standard and all that, but email is (sadly) very critical, as well as meeting requests and reminders, outlook should not be closed so freaking easily. I mean, Live Messenger is not so critical but it has this feature built in and on by default. Is there a way to close outlook to the tray, addons, vba, settings, reghack, anything? I know there is minimize to tray and I've been searching the web but could not find anything usefull.

    Read the article

  • Powermac G4 Booting Up to White Screen?

    - by David
    I have a Powermac G4 that I use as a server. Since yesterday, for any reason, it chimes, and just goes to a white screen. The only way to make it work again is to reset the PMU by holding the button inside for 10 seconds. It is running 10.4.11.

    Read the article

  • Postfix/SMTPD Relay Access Denied when sending outside the network

    - by David
    I asked a very similar question some 4 or 5 months ago, but haven't tracked down a suitable answer. I decided to post a new question so that I can ... a) Post updated info b) post my most current postconf -n output When a user sends mail from inside the network (via webmail) to email addresses both inside and outside the network, the email is delivered. When a user with an email account on the system sends mail from outside the network, using the server as the relay, to addresses inside the network, the email is delivered. But [sometimes] when a user connects via SMTPD to send email to an external address, a Relay Access Denied error is returned: Feb 25 19:33:49 myers postfix/smtpd[8044]: NOQUEUE: reject: RCPT from host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182]: 554 5.7.1 <host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<my-computer-name> Feb 25 19:33:52 myers postfix/smtpd[8044]: disconnect from host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182] Sending this through Microsoft Outlook 2003 generates the above log. However, sending through my iPhone, with the exact same settings, goes through fine: Feb 25 19:37:18 myers postfix/qmgr[3619]: A2D861302C9: from=<[email protected]>, size=1382, nrcpt=1 (queue active) Feb 25 19:37:18 myers amavis[2799]: (02799-09) FWD via SMTP: <[email protected]> -> <[email protected]>,BODY=7BIT 250 2.0.0 Ok, id=02799-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A2D861302C9 Feb 25 19:37:18 myers amavis[2799]: (02799-09) Passed CLEAN, [68.169.158.182] [68.169.158.182] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: yMLvzVQJloFV, Hits: -9.607, size: 897, queued_as: A2D861302C9, 6283 ms Feb 25 19:37:18 myers postfix/lmtp[8752]: 2ED3A1302C8: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.6, delays=0.25/0.01/0.19/6.1, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02799-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A2D861302C9) Feb 25 19:37:18 myers postfix/qmgr[3619]: 2ED3A1302C8: removed Outgoing Settings on Outlook 2003 match the settings on my iPhone: SMTP server: mail.my-domain.com Username: My full email address Uses SSL Server Port 587 Now, here's postconf -n. I realize the "My Networks" Parameter is a bit nasty. I have these IP addresses in here for just this reason, as others have been complaining of this problem too: alias_database = hash:/etc/postfix/aliases alias_maps = $alias_database append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavisfeed:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 disable_vrfy_command = yes html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 20480000 mydestination = $myhostname, localhost, localhost.$mydomain mydomain = my-domain.com myhostname = myers.my-domain.com mynetworks = 127.0.0.0/8, 74.125.113.27, 74.125.82.49, 74.125.79.27, 209.85.161.0/24, 209.85.214.0/24, 209.85.216.0/24, 209.85.212.0/24, 209.85.160.0/24 myorigin = $myhostname newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES receive_override_options = no_address_mappings recipient_delimiter = + relay_domains = $mydestination sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_bind_address = my-primary-server's IP address smtpd_banner = mail.my-domain.com smtpd_helo_required = yes smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/mailserver/postfix.pem smtpd_tls_key_file = /etc/ssl/mailserver/private/postfix.pem smtpd_tls_loglevel = 3 smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 554 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_minimum_uid = 5000 virtual_transport = dovecot virtual_uid_maps = static:5000 If anyone has any ideas and can help me finally solve this issue once and for all, I'd be eternally grateful.

    Read the article

  • IPSec VPN's being dropped by router and will not re-establish

    - by David Gard
    We have 3 sites, with our two remote sites connection to head office via LAN-to-LAN VPN's. All 3 sites use DrayTek 2900's with firware version v3.3.1.1_RC2 (this is a release candidate that DrayTek suggested I try, but sadly it made no difference). The only way to re-establish the VPN's once they have been dropped is to restart the router. Head office is set to dial out to both sites, with both the 'Always on' and 'Enable PING to keep alive' (pinging a server in the remote offices) options ticked. However, at random intervals the VPN's drop, logging IKE_RELEASE VPN : Dial-out Profile Index = 7, Name = Shepton (for one connection, and '6' & 'Wincanton' for the other connection). I first tried swapping the router with one at another site, and then had all three replaced, but that failed to solve the problem. Is anyone aware of anything that could cause the VPN's to drop randomly like this? Thanks.

    Read the article

  • VMWare Server Windows 2008 NAT Problem

    - by David
    At my new job our workstations run Windows Server 2008. However, for the specific task for which I've been hired, I need to set up a couple Linux VMs. So I grabbed the free VMWare Server and created an Ubuntu image and a Slackware image. (The former to more closely mimic the production server, the latter because I'm more familiar with it.) For desktop security purposes I need to use NAT for the network access (I would have preferred bridged, but I'm told that would go against some policy here and my whole workstation would be sandboxed from the switch). However, I can't seem to get it working right. I can ping out from the VMs to LAN addresses as well as internet addresses. I can resolve DNS names. However, attempts to use a web browser or perform any kind of higher-level interaction like that just time out. Googling around yesterday led me to various workarounds that were similar, but didn't solve my specific situation. (For example, Norton firewall blocking the connection on the host, or even the Windows firewall.) I also saw some forum posts where people said it's a known issue with VMWare and Windows Server 2008 (and Windows 7). So far I haven't been able to find a suggestion that gets me past this roadblock. I'm really not very familiar with managing a Windows Server 2008 box, so it's possible there's just some security setting somewhere that I need to modify. Does anybody have any suggestions on where I should look? UPDATE: I'm now looking at the "Network and Sharing Center" on the host workstation and it shows "VMWare Network Adapter VMnet8" (which is what I'm using) as an "Unidentified network" with "No Internet access." Looks like I can't modify ICS under the group policy. Any suggestions on how to allow this connection to have internet access?

    Read the article

  • Supplementary Developer Laptop

    - by David Smith
    I'm looking to buy a laptop with the following specs for a developer. The goal will be to have a development machine supplementing the devs desktop. During work hours the dev will be on a beefy desktop. For working while on the go: trains, client sites, code camps, it would be nice to have a machine which can run Visual Studio 2008 without needing to remote desktop into their primary machine. What do you think is the lowest cost laptop meeting this need? Here are the specs I have in mind: SSD drive 64GB-doesn't need to be huge, most data is stored on servers. Will need to fit Windows 7, IIS, SQL Server, and Visual Studio 2010. RAM-3GB processor =Pentium Core 2 duo Screen size = 14 inches. OS doesn't matter. It will be paved with Windows 7 Ultimate optical drive omitted would be a plus. weight and battery life aren't so important because the machine will be plugged in almost all the time.

    Read the article

  • HP Compaq nc8230 hackintosh?

    - by David
    I have an HP Compaq nc8230 with a Pentium M (1.86GHz, SSE2) 1.5GB RAM, and an ATI Mobility Radeon x600 (64MB dedicated, 596MB shared). I'm trying to install Mac OS X Leopard on it. I have a legal copy of Leopard from apple, so I tried using the generic.iso and putting in the Leo DVD when it tells me to. It gets to the Apple logo with the spinny thing for maybe 5 minutes, but then the computer just restarts. I don't get past the apple logo. Then I tried using iDeneb 1.3 (10.5.5) but it doesn't boot into the DVD. My computer just ignores it and moves onto the hard drive. I would appreciate some help with either methods (moat prefferably the more legal one), I really need an intel Mac, my PowerBook G4 just doesn't cut it.

    Read the article

< Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >