Search Results

Search found 3659 results on 147 pages for 'sorted hash'.

Page 51/147 | < Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >

  • Clickonce downloading the deploy files via HTTP and not HTTPS

    - by Scott Manning
    I am working on a project to deploy a project via clickonce. The website where these files are housed will only accept HTTPS traffic and if you attempt to connect via HTTP, our siteminder agent will redirect you to a HTTPS login form. We cannot disable the siteminder agent or enable HTTP for security reasons. In the application file, I have a codebase that references an absolute path to the manifest and it is via HTTPS <dependency> <dependentAssembly dependencyType="install" codebase="https://psaportal.ilab.test.com/testprinting/Application_Files/testprint_1_0_0_1/testprint.exe.manifest" size="10147"> <assemblyIdentity name="testprint.exe" version="1.0.0.1" publicKeyToken="9a078649ee05e0e7" language="neutral" processorArchitecture="msil" type="win32" /> <hash> <dsig:Transforms> <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" /> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <dsig:DigestValue>2nch1T0SmlAycmePobtg9F1qF7c=</dsig:DigestValue> </hash> </dependentAssembly> </dependency> In running wireshark and decoding the SSL traffic (I am using the server’s private key in wireshark to decrypt the SSL traffic). I see the request to the application’s manifest file is via HTTPS (This is a good thing). But when the clickonce tries to download the testprint.exe.deploy and the other respective files, it is always via HTTP and the siteminder jumps in and redirects the requests which kills the clickonce install with errors. I have tried to specific an absolute codebase reference in the manifest file, but then I start getting entrypoint errors when the manifest is downloaded by the Clickonce installer. The current dependency section from the manifest file looks like the following: <dependency> <dependentAssembly dependencyType="install" allowDelayedBinding="true" codebase="testprint.exe" size="107008"> <assemblyIdentity name="testprint" version="1.0.0.1" language="neutral" processorArchitecture="msil" /> <hash> <dsig:Transforms> <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" /> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <dsig:DigestValue>dm2nJsu/5UyaEXSDmnISwfnE9MM=</dsig:DigestValue> </hash> </dependentAssembly> </dependency> I have verified that the website where the application, manifest and deploy files are all under the same URL and the SSL certificate is a valid certificate. We have tried about every combination of generating application and manifest files as we a dream up and are looking for other solutions. The application is using .NET 3.5 and we have tried building the application and manifest files via VS2008, VS2010 and mage with no success. Does anyone know how to get all of the deploy files to always download via HTTPS?

    Read the article

  • Element.appendChild() hosed in IE .. workaround? (related to innerText vs textContent)

    - by Rowe Morehouse
    I've heard that using el.innerText||el.textContent can yield unreliable cross-browswer results, so I'm walking the DOM tree to collect text nodes recursively, and write them into tags in the HTML body. What this script does is read hash substring valus from the window.location and write them into the HTML. This script is working for me in Chrome & Firefox, but choking in IE. I call the page with an URL syntax like this: http://example.com/pagename.html#dyntext=FOO&dynterm=BAR&dynimage=FRED UPDATE UPDATE UPDATE Solution: I moved the scripts to before </body> (where they should have been) then removed console.log(sPageURL); and now it's working in Chrome, Firefox, IE8 and IE9. This my workaround for the innerText vs textContent crossbrowser issue when you are just placing text rather than getting text. In this case, getting hash substring values from the window.location and writing them into the page. <html> <body> <span id="dyntext-span" style="font-weight: bold;"></span><br /> <span id="dynterm-span" style="font-style: italic;"></span><br /> <span id="dynimage-span" style="text-decoration: underline;"></span><br /> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js"></script> <script> $(document).ready(function() { var tags = ["dyntext", "dynterm", "dynimage"]; for (var i = 0; i < tags.length; ++i) { var param = GetURLParameter(tags[i]); if (param) { var dyntext = GetURLParameter('dyntext'); var dynterm = GetURLParameter('dynterm'); var dynimage = GetURLParameter('dynimage'); } } var elem = document.getElementById("dyntext-span"); var text = document.createTextNode(dyntext); elem.appendChild(text); var elem = document.getElementById("dynterm-span"); var text = document.createTextNode(dynterm); elem.appendChild(text); var elem = document.getElementById("dynimage-span"); var text = document.createTextNode(dynimage); elem.appendChild(text); }); function GetURLParameter(sParam) { var sPageURL = window.location.hash.substring(1); var sURLVariables = sPageURL.split('&'); for (var i = 0; i < sURLVariables.length; i++) { var sParameterName = sURLVariables[i].split('='); if (sParameterName[0] == sParam) { return sParameterName[1]; } } } </script> </body> </html> FINAL UPDATE If your hash substring values require spaces (like a linguistic phrase with three words, for example) then separate the words with the + character in your URI, and replace the unicode \u002B character with a space when you create each text node, like this: var elem = document.getElementById("dyntext-span"); var text = document.createTextNode(dyntext.replace(/\u002B/g, " ")); elem.appendChild(text); var elem = document.getElementById("dynterm-span"); var text = document.createTextNode(dynterm.replace(/\u002B/g, " ")); elem.appendChild(text); var elem = document.getElementById("dynimage-span"); var text = document.createTextNode(dynimage.replace(/\u002B/g, " ")); elem.appendChild(text); Now form your URI like this: http://example.com/pagename.html#dyntext=FOO+MAN+CHU&dynterm=BAR+HOPPING&dynimage=FRED+IS+DEAD

    Read the article

  • JQuery Slide Onclick

    - by everreadyeddy
    I am using the code in example http://www.faridesign.net/2012/05/create-a-awesome-vertical-tabbed-content-area-using-css3-jquery/ I am trying to slide the div tags on a button click on the list so the current tab-content will slide in and the tab just clicked will slide out. I currently have the working example where I can switch between divs fine, but I need to slide in and out between divs. Is there any script I can do this with the current code. using .slide or .effect instead of .show() looks to display two divs at the same time. I'm not sure what I am doing wrong. <div id="v-nav"> <ul> <li tab="tab1" class="first current">Main Screen</li> <li tab="tab2">Div 1</li> <li tab="tab3">Div 2</li> <li tab="tab4">Div 3</li> <li tab="tab5">Div 4</li> <li tab="tab6">Div 5</li> <li tab="tab7">Div 6</li> <li tab="tab8" class="last">Div 7</li> </ul> <div class="tab-content"> <h4>Main Screen</h4> </div> <div class="tab-content"> <h4>Div 1</h4> </div> <div class="tab-content"> <h4>Div 2</h4> </div> <div class="tab-content"> <h4>Div 3</h4> </div> <div class="tab-content"> <h4>Div 4</h4> </div> <div class="tab-content"> <h4>Div 5</h4> </div> <div class="tab-content"> <h4>Div 6</h4> </div> <div class="tab-content"> <h4>Div 7</h4> </div> My Script looks like $(function () { var items = $('#v-nav>ul>li').each(function () { $(this).click(function () { //remove previous class and add it to clicked tab items.removeClass('current'); $(this).addClass('current'); //hide all content divs and show current one //$('#v-nav>div.tab-content').hide().eq(items.index($(this))).show(); //$('#v-nav>div.tab-content').hide().eq(items.index($(this))).fadeIn(100); $('#v-nav>div.tab-content').hide().eq(items.index($(this))).slideToggle(); window.location.hash = $(this).attr('tab'); }); }); if (location.hash) { showTab(location.hash); } else { showTab("tab1"); } function showTab(tab) { $("#v-nav ul li:[tab*=" + tab + "]").click(); } // Bind the event hashchange, using jquery-hashchange-plugin $(window).hashchange(function () { showTab(location.hash.replace("#", "")); }) // Trigger the event hashchange on page load, using jquery-hashchange-plugin $(window).hashchange(); });

    Read the article

  • show hidden div tag from another page

    - by neueweblernen
    I'm trying to link to an all-inclusive FAQ page from various pages. The answers are contained in tags, nested within a line item of an unordered list housed by categories. The FAQ page has the following categories: Practical Nurse Exam Online Renewal Practice Hours etc. Under Practical Nurse Exam, there are sub categories, subjects, with questions below in tags that expand onClick. (e.g. Examination Day, Exam Results, etc.) Let's say I'm on a different page called Registration and there's a link to the FAQs for Exam Results. I'm able to link to the page and included the hashtag on the anchor or Exam Results, but it does not expand the subcategory. I've read this thread but it didn't work for me. Please help! The code is below: <script type="text/javascript"> function toggle(Info,pic) { var CState = document.getElementById(Info); CState.style.display = (CState.style.display != 'block') ? 'block' : 'none'; } window.onload = function() { var hash = window.location.hash; // would be "#div1" or something if(hash != "") { var id = hash.substr(1); // get rid of # document.getElementById(id).style.display = 'block'; } } </script> <style type="text/css"> .FAQ { cursor:hand; cursor:pointer; } .FAA { display:none; padding-left:20px; text-indent:-20px; } #FAQlist li { list-style-type: none; } #FAQlist ul { margin-left:0px; } headingOne{ font-family:Arial, Helvetica, sans-serif; color:#66BBFF; font-size:20px; font-weight:bold;} </style> Here's the body (part of it anyway) <headingOne class="FAQ" onClick="toggle('CPNRE', this)">PRACTICAL NURSE EXAM</headingOne> <div class="FAA" id="CPNRE"> <h3><a name="applying">Applying to write the CPNRE</a></h3> <ul id="FAQlist" style="width:450px;"> <li class="FAQ"> <p onclick="toggle('faq1',this)"> <strong>Q: How much does it cost to write the exam?</strong></p> <div class="FAA" id="faq1"> <b>A.</b> In 2013, the cost for the first exam writing is $600.00 which includes the interim license fee. See <a href="https://www.clpnbc.org/What-is-an-LPN/Becoming-an-LPN/Canadian-Practical-Nurse-Registration-Examination/Fees-and-Deadlines.aspx"> fee schedule</a>.</div> <hr /> </li> and here's the body of the other page that contains the link and the same script syntax as the all-inclusive FAQ page. This is just a test, that's not exactly what it will say: <a onclick="toggle('CPNRE', this)" href="file:///S|/Designs/Web stuff/FAQ all inclusive.html#applying"> click here</a>

    Read the article

  • Ubuntu 12.04 on Amazon EC2: /dev/xvda1 will be checked for errors at next reboot?

    - by cwd
    I'm running the lastest Ubuntu 12.04 AMI (ami-a29943cb) from Canonical on Amazon EC2 and quite often when I log in I get the message: *** /dev/xvda1 will be checked for errors at next reboot *** I have read a bunch of documentation on this and seem to understand that every so many reboots (around 37 see Mount count / Maximum mount count below) Ubuntu wants to check a disk for errors. I can see that by using dumpe2fs -h /dev/xvda1 (reference) to get information such as: Last mounted on: / Filesystem UUID: 1ad27d06-4ecf-493d-bb19-4710c3caf924 Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: has_journal ext_attr resize_inode dir_index filetype needs_recovery extent flex_bg sparse_super large_file huge_file uninit_bg dir_nlink extra_isize Filesystem flags: signed_directory_hash Default mount options: (none) Filesystem state: clean Errors behavior: Continue Filesystem OS type: Linux Inode count: 524288 Block count: 2097152 Reserved block count: 104857 Free blocks: 1778055 Free inodes: 482659 First block: 0 Block size: 4096 Fragment size: 4096 Reserved GDT blocks: 511 Blocks per group: 32768 Fragments per group: 32768 Inodes per group: 8192 Inode blocks per group: 512 Flex block group size: 16 Filesystem created: Tue Apr 24 03:07:48 2012 Last mount time: Thu Nov 8 03:17:58 2012 Last write time: Tue Apr 24 03:08:52 2012 Mount count: 3 Maximum mount count: 37 Last checked: Tue Apr 24 03:07:48 2012 Check interval: 15552000 (6 months) Next check after: Sun Oct 21 03:07:48 2012 Lifetime writes: 2454 MB Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 256 Required extra isize: 28 Desired extra isize: 28 Journal inode: 8 Default directory hash: half_md4 Directory Hash Seed: 0a25e04c-6169-4d68-bfa6-a1acd8e39632 Journal backup: inode blocks Journal features: journal_incompat_revoke Journal size: 128M Journal length: 32768 Journal sequence: 0x0000158b Journal start: 1 I've tried these things to get rid of the message and usually the badblocks is what does it for me: Run this command and reboot: sudo touch /forcefsck Run badblocks to check the disk: badblocks /dev/sda1 Edit /etc/fstab and change the last "0" which is the fs_passno column accordingly and then reboot: The root filesystem should be specified with a fs_passno of 1, and other filesystems should have a fs_passno of 2. I don't understand: If this is a virtual drive shouldn't it be less prone to errors? Was the image created with one of the flags set? If not what is triggering it? Why is fs_passno set to 0 on Amazon EC2 Ubuntu images? This is not the first one that is like this.

    Read the article

  • Twitter gem - undefined method `stringify_keys’

    - by Piet
    Have you been getting the following errors when running the Twitter gem lately ? /usr/local/lib/ruby/gems/1.8/gems/httparty-0.4.3/lib/httparty/response.rb:15:in `send': undefined method `stringify_keys' for # (NoMethodError) from /usr/local/lib/ruby/gems/1.8/gems/httparty-0.4.3/lib/httparty/response.rb:15:in `method_missing’ from /usr/local/lib/ruby/gems/1.8/gems/mash-0.0.3/lib/mash.rb:131:in `deep_update’ from /usr/local/lib/ruby/gems/1.8/gems/mash-0.0.3/lib/mash.rb:50:in `initialize’ from /usr/local/lib/ruby/gems/1.8/gems/twitter-0.6.13/lib/twitter/search.rb:101:in `new’ from /usr/local/lib/ruby/gems/1.8/gems/twitter-0.6.13/lib/twitter/search.rb:101:in `fetch’ from test.rb:26 It’s because Twitter has been sending back plain text errors that are treated as a string instead of json and can’t be properly ‘Mashed’ by the Twitter gem. Also check http://github.com/jnunemaker/twitter/issues#issue/6. Without diving into the bowels of the Twitter gem or HTTParty, you could ‘begin…rescue’ this error and try again in 5 minutes. I fixed it by overriding the offending code to return nil and checking for a nil response as follows: module Twitter class Search def fetch(force=false) if @fetch.nil? || force query = @query.dup query[:q] = query[:q].join(' ') query[:format] = 'json' #This line is the hack and whole reason we're monkey-patching at all. response = self.class.get('http://search.twitter.com/search', :query => query, :format => :json) #Our patch: response should be a Hash. If it isnt, return nil. return nil if response.class != Hash @fetch = Mash.new(response) end @fetch end end end (adapted from http://github.com/jnunemaker/twitter/issues#issue/9) If you have a better solution: speak up!

    Read the article

  • Twitter Feeds in Umbraco using XSLT

    - by Vizioz Limited
    There are currently two packages tagged on the Umbraco forum that can be used to add a twitter feed to your website. I was playing around with "Twitter for Umbraco" by Warren Buckley and noticed a bug in the way it converted twitter @names to links, so I thought I would try and solve this using XSLT.It may also be useful for those of you using Darren Ferguson's "Feed Cache" package as the demo on Darren's site does not add links to the tweets.To use this XSLT you simple call the XSLT Template passing in your Twitter message:<xsl:call-template name="formaturl"> <xsl:with-param name="url" select="text"/></xsl:call-template>Then add the XSLT template to your XSLT macro (outside of the main template)<xsl:template name="formaturl"> <xsl:param name="twitterfeed"/> <xsl:variable name="transform-http" select="Exslt.ExsltRegularExpressions:replace($twitterfeed, '(http\:\/\/\S+)',ig,'<a href="$1">$1</a>')"/> <xsl:variable name="transform-https" select="Exslt.ExsltRegularExpressions:replace($transform-http, '(HTTps\:\/\/\S+)',ig,'<a href="$1">$1</a>')"/> <xsl:variable name="transform-AT" select="Exslt.ExsltRegularExpressions:replace($transform-https, '(^|\s)@(\w+)',ig,' <a href="http://www.twitter.com/$2">@$2</a>')"/> <xsl:variable name="transform-HASH" select="Exslt.ExsltRegularExpressions:replace($transform-AT, '(^|\s)#(\w+)',ig,' <a href="http://www.twitter.com/search?q=$2">#$2</a>')"/> <xsl:value-of select="$transform-HASH" disable-output-escaping="yes"/> </xsl:template>You should find that this now replaces all the @names, #names and URL's with links!

    Read the article

  • CodePlex Daily Summary for Sunday, June 13, 2010

    CodePlex Daily Summary for Sunday, June 13, 2010New ProjectsCurve Drawer: A Java project to explore the possibilities of drawing curves and knots.File Manager Redux: .NET version of the original File Manager.Hierachical Gantt Chart In SharePoint 2010: This solution makes it easier for shedule management. We will provide a wsp including a list definition and a custom gantt control. The list defi...Light Box Control for Asp.Net: Lightbox control for asp.net is used to display the thumbnail images. on clicking the thumbnail images the original images is displayed in the ligh...Linquify: Linquify is a Visual Studio 2008/2010 Addin and C# .NET business class / DTO generator for LINQ to SQL and the Entity Framework. It supports rapid ...Microsoft Dynamics CRM Query - T4 Template: A T4 Template that generates code that leverages LINQ to SQL and the Microsoft Dynamics CRM API to give a CRM data access solution. There is also ...Open Sound Control Library: A .NET Library for the Open Sound Control Protocol. This library makes it easy to use devices which communicate via OSC.Questionable Content Screensaver: A screensaver for the questionable content comic. It is written in C#, and uses the windows presentation foundation. See the comic at http://ww...Reflect: Reflect is an open source .NET reflection tool used for viewing metadata of .NET assemblies.runescape 602 client tools and server: runescape 602 client tools and serverSharpCrack: Hash cracker written in managed code.SilverCAT project: This is my Windows Azure study project. So far I did not find any value to share it to the public. If I find it out one day, I will add hereSilverStackAPI: My entry for the Stack Exchange API contest. A silverlight library and demo app.social bookmark control for asp.net: social bookmark control for asp.net, This control is used to bookmark the current asp.net page into popular social networking sites like facebook, ...SSIS Event Log Source: An SSIS 2005 Data Source component for loading Windows 2003/XP event logs (*.evt) into SQL Server 2005 for analysisUnOfficial ActiveWorlds Wrapper.Net: UnOfficial ActiveWorlds Wrapper .Net makes it easier for programmers to make active worlds bots. You'll no longer have to make it by yourself. It'...Using Named Pipe and self-elevation feature of Vista in a console application.: NPipeWithElevatedProc, make it easier for console application users, running programs with administrator privileges. The processing messages are al...Virtual Keyboard control for asp.net: Virtual Keyboard control for asp.net, This control is used to get the secured inputs through virtual keyboards.Visual Studio 2010 PowerShell Code Generator: Brings rich PowerShell functionalities into VS Templating. You can access the file system, the registry, and many other PowerShell features. You ca...WatchersNET.UrlShorty: This Module allows users to shorten a long URL and share it, this is a similiar service to web services like bit.ly, tinyurl.com and others. It als...New ReleasesBD File Hash: BD File Hash 1.0.5: The first public release of BD File Hash.Cassandraemon: Cassandraemon 0.6.0: Cassandraemon is LINQ Provider for Apache Cassandra. This is first release of Cassandraemon. Features You can Query by LINQ Support Regist, Del...Community Forums NNTP bridge: Community Forums NNTP Bridge V36: Release of the Community Forums NNTP Bridge to access the social and anwsers MS forums with a single, open source NNTP bridge. This release has ad...Curve Drawer: Alpha 1: Basic functionality is available to draw curves and clear them.CycleMania Starter Kit EAP - ASP.NET 4 Problem - Design - Solution: Cyclemania 09.32: see Source Code tab for recent change historyDEWD: DEWD for Umbraco v1.0 (beta-2): Beta release of the package. Functional feature set and fairly stable. Since the last release: Default values (support for dynamic values such as t...Fiddler TreeView Panel Extension: FiddlerTreeViewPanel 0.71: Added support for double-click to expand/collapse all child nodes. Keep selected node when losing focus from the TreeView. Please refer to http://...HKGolden Express: HKGoldenExpress (Build 201006130200): New features: User can reply to message with quoting others' message. Bug fix: Incorrect format of dynamically generated Sitemap XML. Improveme...Liekhus ADO.NET Entity Data Model XAF Extensions: Version 1.1.2: Latest patches and changes.Light Box Control for Asp.Net: Light Box Control for asp.net: Lightbox control for asp.net is used to display the thumbnail images. on clicking the thumbnail images the original images is displayed in the ligh...Lightweight Fluent Workflow: Objectflow 1.1.0.0: This release has support for multi-threaded operations. As this required significant changes to the fluent interface I have introduced breaking ch...Linquify: Linquify 1.6: Linquify 1.6 Includes: - Support for Entity Framework foreign keys - TransactionsLiteFx: LiteFx Alpha: Versão alpha do LiteFx.Microsoft Dynamics CRM Query - T4 Template: MS CRM Query T4 Template Version 0.5 Beta: Initial ReleaseNHibernate Membership Provider: NHibernate Membership Provider 0.9c: This is an updated source package with updated unit tests and some minor refactoring.NLog - Advanced .NET Logging: Nightly Build 2010.06.12.001: Changes since the last build:2010-06-12 10:42:41 Jarek Kowalski Added Width, Height, AutoScroll and MaxLines parameters to RichTextBoxTarget. 2010...Radical: Radical 1.0.1 (Vacuum): First drop with support for Windows Phone 7SharpCrack: SharpCrack v0.8: First release of SharpCrack. It does not support brute-force mode.social bookmark control for asp.net: social bookmark control for asp.net: social bookmark control for asp.net, This control is used to bookmark the current asp.net page into popular social networking sites like facebook, ...StardustExtensions: Simple hello: This is a very simple hello world script. Is just a basic script, is not packaged and works on IronPythonTiledLib: TiledLib 1.5: This release introduces breaking changes from 1.2. If you upgrade to this version from 1.2, you may have compiler errors and/or runtime differences...UDC indexes parser: UDC Parser RC1: Обновлена библиотека токенов, добавлены xml-doc комментарии, обновлен и исправлен код, обновлена логика лексера, обновлена грамматика парсера. Доба...UnOfficial ActiveWorlds Wrapper.Net: UnOfficial ActiveWorlds Wrapper.Net V0.5.85.1: NewLogin Structure. LaserBeam. ChangedOld Functions Changes Function Names Old New WorldInstanceSet SetWorldInstance WorldInstanceGet GetWo...UrzaGatherer: UrzaGatherer v2.0.2a: Inegration of VS Installer.VCC: Latest build, v2.1.30612.0: Automatic drop of latest buildVirtual Keyboard control for asp.net: virtual keyboard control: Virtual Keyboard control for asp.net, This control is used to get the secured inputs through virtual keyboards.Visual Studio 2010 PowerShell Code Generator: PSCodeGenerator: How to install PowerShell Code GeneratorDownload the zip Unzip Run .\Install-PSCodeGenerator.ps1 at the PowerShell console prompt Copies the te...VsTortoise - a TortoiseSVN add-in for Microsoft Visual Studio: VsTortoise Build 25 Beta: Build 25 (beta) New: Added support for Filter items (virtual folders) in Solution Explorer. New: Added "Get Lock..." to Solution Explorer context...WatchersNET.UrlShorty: WatchersNET.UrlShorty 01.00.00: First BETA Release Please Read the Readme or the Online Documentation for Install Instructions.Yet Another GPS: Release Beta 2.1: Release Beta 2.1: - Fix KML Template with Google Map Mobile Version - Add Signal Strength indecator - Add Time indecator - Fix Sound Language Prob...Most Popular ProjectsWBFS ManagerRawrAJAX Control ToolkitMicrosoft SQL Server Product Samples: DatabaseSilverlight ToolkitWindows Presentation Foundation (WPF)patterns & practices – Enterprise LibraryPHPExcelMicrosoft SQL Server Community & SamplesASP.NETMost Active Projectspatterns & practices – Enterprise LibraryjQuery Library for SharePoint Web ServicesNB_Store - Free DotNetNuke Ecommerce Catalog ModuleRhyduino - Arduino and Managed CodeBlogEngine.NETCommunity Forums NNTP bridgeCassandraemonMediaCoder.NETAndrew's XNA HelpersMicrosoft Silverlight Media Framework

    Read the article

  • Ubuntu One file sync error: SSL Handshake

    - by Jay Ó Broin
    Ubuntu One repeatedly tries to sync my files but keeps disconnecting before anything is uploaded. Here are some of the messages from syncdaemon.log: 2012-01-08 12:12:34,068 - ubuntuone.SyncDaemon.ActionQueue - INFO - Connection started to host fs-2.ubuntuone.com, port 443. 2012-01-08 12:12:34,256 - ubuntuone.SyncDaemon.ActionQueue - INFO - Connection made. 2012-01-08 12:12:34,257 - ubuntuone.SyncDaemon.StorageClient - INFO - Connection made. 2012-01-08 12:13:08,832 - ubuntuone.SyncDaemon.StorageClient - INFO - Connection lost, reason: [Failure instance: Traceback (failure with no frames): <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')]]. 2012-01-08 12:13:08,833 - ubuntuone.SyncDaemon.ActionQueue - INFO - The request 'protocol_version' failed with the error: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')] 2012-01-08 12:13:08,844 - ubuntuone.SyncDaemon.ActionQueue - WARNING - Connection lost: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')] 2012-01-08 12:13:38,550 - ubuntuone.SyncDaemon.Main - NOTE - ---- MARK (state: <State: 'WAITING' (queues WORKING connection 'With User With Network')>; queue: 1378; hash: 0) ---- 2012-01-08 12:15:08,870 - ubuntuone.SyncDaemon.ActionQueue - INFO - Connection started to host fs-2.ubuntuone.com, port 443. 2012-01-08 12:15:09,033 - ubuntuone.SyncDaemon.ActionQueue - INFO - Connection made. 2012-01-08 12:15:09,034 - ubuntuone.SyncDaemon.StorageClient - INFO - Connection made. 2012-01-08 12:15:33,676 - ubuntuone.SyncDaemon.StorageClient - INFO - Connection lost, reason: [Failure instance: Traceback (failure with no frames): <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')]]. 2012-01-08 12:15:33,677 - ubuntuone.SyncDaemon.ActionQueue - INFO - The request 'protocol_version' failed with the error: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')] 2012-01-08 12:15:33,692 - ubuntuone.SyncDaemon.ActionQueue - WARNING - Connection lost: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')] 2012-01-08 12:15:38,551 - ubuntuone.SyncDaemon.Main - NOTE - ---- MARK (state: <State: 'WAITING' (queues WORKING connection 'With User With Network')>; queue: 1378; hash: 0) ---- I'm using Ubuntu 11.10.

    Read the article

  • Nautilus can't start due to segmentation fault

    - by Dmitriy Sukharev
    Out of the blue I can't start nautilus today. When I try to open any directory it tries to open it, and sometimes I even can see the content of directory, but finally it's closed, after that there are no icons on desktop. When I tried to launch nautilus from terminal, I got: $ nautilus . Initializing nautilus-dropbox 0.7.1 Initializing nautilus-gdu extension Segmentation fault (core dumped) I've tried to move ~/.local/share/gvfs-metadata folder, I don't have nautilus-open-terminal package and don't have file /usr/local/lib/libgtk-3.so.0 Also I can't update system right now. All the time I'm getting the the same hash-sum error: $ sudo apt-get update [sudo] password for dmitriy: Ign http://mirror.mirohost.net precise InRelease Ign http://mirror.mirohost.net precise-updates InRelease Ign http://mirror.mirohost.net precise-security InRelease Hit http://mirror.mirohost.net precise Release.gpg ... Ign http://ppa.launchpad.net precise/main Translation-en Hit http://mirror.mirohost.net precise-security/restricted Translation-en Hit http://mirror.mirohost.net precise-security/universe Translation-en Fetched 1 B in 1s (0 B/s) W: Failed to fetch gzip:/var/lib/apt/lists/partial/mirror.mirohost.net_ubuntu_dists_precise_universe_source_Sources Hash Sum mismatch E: Some index files failed to download. They have been ignored, or old ones used instead. Any ideas how to rescue my system? UPD: In syslog I have the following errors: Jul 7 21:35:02 dmitriy-desktop kernel: [ 58.059141] nautilus[1991]: segfault at 7fc09d9bb700 ip 00007fc0abb5feb6 sp 00007fff6caa4cf8 error 4 in libc-2.15.so[7fc0aba24000+1b3000] Jul 7 21:35:39 dmitriy-desktop kernel: [ 94.356490] update-notifier[3358]: segfault at 7f6507611700 ip 00007f64cc221eb6 sp 00007fffbcc0dd88 error 4 in libc-2.15.so[7f64cc0e6000+1b3000] Jul 7 21:37:45 dmitriy-desktop kernel: [ 220.501859] nautilus[3629]: segfault at 7f9b9744c700 ip 00007f9b7c9c6eb6 sp 00007fff72e990f8 error 4 in libc-2.15.so[7f9b7c88b000+1b3000] UPD2: Ubuntu version is 12.04.

    Read the article

  • How to tell if SPARC T4 crypto is being used?

    - by danx
    A question that often comes up when running applications on SPARC T4 systems is "How can I tell if hardware crypto accleration is being used?" To review, the SPARC T4 processor includes a crypto unit that supports several crypto instructions. For hardware crypto these include 11 AES instructions, 4 xmul* instructions (for AES GCM carryless multiply), mont for Montgomery multiply (optimizes RSA and DSA), and 5 des_* instructions (for DES3). For hardware hash algorithm optimization, the T4 has the md5, sha1, sha256, and sha512 instructions (the last two are used for SHA-224 an SHA-384). First off, it's easy to tell if the processor T4 crypto instructions—use the isainfo -v command and look for "sparcv9" and "aes" (and other hash and crypto algorithms) in the output: $ isainfo -v 64-bit sparcv9 applications crc32c cbcond pause mont mpmul sha512 sha256 sha1 md5 camellia kasumi des aes ima hpc vis3 fmaf asi_blk_init vis2 vis popc These instructions are not-privileged, so are available for direct use in user-level applications and libraries (such as OpenSSL). Here is the "openssl speed -evp" command shown with the built-in t4 engine and with the pkcs11 engine. Both run the T4 AES instructions, but the t4 engine is faster than the pkcs11 engine because it has less overhead (especially for smaller packet sizes): t-4 $ /usr/bin/openssl version OpenSSL 1.0.0j 10 May 2012 t-4 $ /usr/bin/openssl engine (t4) SPARC T4 engine support (dynamic) Dynamic engine loading support (pkcs11) PKCS #11 engine support t-4 $ /usr/bin/openssl speed -evp aes-128-cbc # t4 engine used by default . . . The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 487777.10k 816822.21k 986012.59k 1017029.97k 1053543.08k t-4 $ /usr/bin/openssl speed -engine pkcs11 -evp aes-128-cbc engine "pkcs11" set. . . . The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 31703.58k 116636.39k 350672.81k 696170.50k 993599.49k Note: The "-evp" flag indicates use the OpenSSL "EnVeloPe" API, which gives more accurate results. That's because it tells OpenSSL to use the same API that external programs use when calling OpenSSL libcrypto functions, evp(3openssl). DTrace Shows if T4 Crypto Functions Are Used OK, good enough, the isainfo(1) command shows the instructions are present, but how does one know if they are being used? Chi-Chang Lin, who works on Oracle Solaris performance, wrote a Dtrace script to show if T4 instructions are being executed. To show the T4 instructions are being used, run the following Dtrace script. Look for functions named "t4" and "yf" in the output. The OpenSSL T4 engine uses functions named "t4" and the PKCS#11 engine uses functions named "yf". To demonstrate, I'll first run "openssl speed" with the built-in t4 engine then with the pkcs11 engine. The performance numbers are not valid due to dtrace probes slowing things down. t-4 # dtrace -Z -n ' pid$target::*yf*:entry,pid$target::*t4_*:entry{ @[probemod, probefunc] = count();}' \ -c "/usr/bin/openssl speed -evp aes-128-cbc" dtrace: description 'pid$target::*yf*:entry' matched 101 probes . . . dtrace: pid 2029 has exited libcrypto.so.1.0.0 ENGINE_load_t4 1 libcrypto.so.1.0.0 t4_DH 1 libcrypto.so.1.0.0 t4_DSA 1 libcrypto.so.1.0.0 t4_RSA 1 libcrypto.so.1.0.0 t4_destroy 1 libcrypto.so.1.0.0 t4_free_aes_ctr_NIDs 1 libcrypto.so.1.0.0 t4_init 1 libcrypto.so.1.0.0 t4_add_NID 3 libcrypto.so.1.0.0 t4_aes_expand128 5 libcrypto.so.1.0.0 t4_cipher_init_aes 5 libcrypto.so.1.0.0 t4_get_all_ciphers 6 libcrypto.so.1.0.0 t4_get_all_digests 59 libcrypto.so.1.0.0 t4_digest_final_sha1 65 libcrypto.so.1.0.0 t4_digest_init_sha1 65 libcrypto.so.1.0.0 t4_sha1_multiblock 126 libcrypto.so.1.0.0 t4_digest_update_sha1 261 libcrypto.so.1.0.0 t4_aes128_cbc_encrypt 1432979 libcrypto.so.1.0.0 t4_aes128_load_keys_for_encrypt 1432979 libcrypto.so.1.0.0 t4_cipher_do_aes_128_cbc 1432979 t-4 # dtrace -Z -n 'pid$target::*yf*:entry{ @[probemod, probefunc] = count();}   pid$target::*yf*:entry,pid$target::*t4_*:entry{ @[probemod, probefunc] = count();}' \ -c "/usr/bin/openssl speed -engine pkcs11 -evp aes-128-cbc" dtrace: description 'pid$target::*yf*:entry' matched 101 probes engine "pkcs11" set. . . . dtrace: pid 2033 has exited libcrypto.so.1.0.0 ENGINE_load_t4 1 libcrypto.so.1.0.0 t4_DH 1 libcrypto.so.1.0.0 t4_DSA 1 libcrypto.so.1.0.0 t4_RSA 1 libcrypto.so.1.0.0 t4_destroy 1 libcrypto.so.1.0.0 t4_free_aes_ctr_NIDs 1 libcrypto.so.1.0.0 t4_get_all_ciphers 1 libcrypto.so.1.0.0 t4_get_all_digests 1 libsoftcrypto.so.1 rijndael_key_setup_enc_yf 1 libsoftcrypto.so.1 yf_aes_expand128 1 libcrypto.so.1.0.0 t4_add_NID 3 libsoftcrypto.so.1 yf_aes128_cbc_encrypt 1542330 libsoftcrypto.so.1 yf_aes128_load_keys_for_encrypt 1542330 So, as shown above the OpenSSL built-in t4 engine executes t4_* functions (which are hand-coded assembly executing the T4 AES instructions) and the OpenSSL pkcs11 engine executes *yf* functions. Programmatic Use of OpenSSL T4 engine The OpenSSL t4 engine is used automatically with the /usr/bin/openssl command line. Chi-Chang Lin also points out that if you're calling the OpenSSL API (libcrypto.so) from a program, you must call ENGINE_load_built_engines(), otherwise the built-in t4 engine will not be loaded. You do not call ENGINE_set_default(). That's because "openssl speed -evp" test calls ENGINE_load_built_engines() even though the "-engine" option wasn't specified. OpenSSL T4 engine Availability The OpenSSL t4 engine is available with Solaris 11 and 11.1. For Solaris 10 08/11 (U10), you need to use the OpenSSL pkcs311 engine. The OpenSSL t4 engine is distributed only with the version of OpenSSL distributed with Solaris (and not third-party or self-compiled versions of OpenSSL). The OpenSSL engine implements the AES cipher for Solaris 11, released 11/2011. For Solaris 11.1, released 11/2012, the OpenSSL engine adds optimization for the MD5, SHA-1, and SHA-2 hash algorithms, and DES-3. Although the T4 processor has Camillia and Kasumi block cipher instructions, these are not implemented in the OpenSSL T4 engine. The following charts may help view availability of optimizations. The first chart shows what's available with Solaris CLIs and APIs, the second chart shows what's available in Solaris OpenSSL. Native Solaris Optimization for SPARC T4 This table is shows Solaris native CLI and API support. As such, they are all available with the OpenSSL pkcs11 engine. CLIs: "openssl -engine pkcs11", encrypt(1), decrypt(1), mac(1), digest(1), MD5sum(1), SHA1sum(1), SHA224sum(1), SHA256sum(1), SHA384sum(1), SHA512sum(1) APIs: PKCS#11 library libpkcs11(3LIB) (incluDES Openssl pkcs11 engine), libMD(3LIB), and Solaris kernel modules AlgorithmSolaris 1008/11 (U10)Solaris 11Solaris 11.1 AES-ECB, AES-CBC, AES-CTR, AES-CBC AES-CFB128 XXX DES3-ECB, DES3-CBC, DES2-ECB, DES2-CBC, DES-ECB, DES-CBC XXX bignum Montgomery multiply (RSA, DSA) XXX MD5, SHA-1, SHA-256, SHA-384, SHA-512 XXX SHA-224 X ARCFOUR (RC4) X Solaris OpenSSL T4 Engine Optimization This table is for the Solaris OpenSSL built-in t4 engine. Algorithms listed above are also available through the OpenSSL pkcs11 engine. CLI: openssl(1openssl) APIs: openssl(5), engine(3openssl), evp(3openssl), libcrypto crypto(3openssl) AlgorithmSolaris 11Solaris 11SRU2Solaris 11.1 AES-ECB, AES-CBC, AES-CTR, AES-CBC AES-CFB128 XXX DES3-ECB, DES3-CBC, DES-ECB, DES-CBC X bignum Montgomery multiply (RSA, DSA) X MD5, SHA-1, SHA-256, SHA-384, SHA-512 XX SHA-224 X Source Code Availability Solaris Most of the T4 assembly code that called the new T4 crypto instructions was written by Ferenc Rákóczi of the Solaris Security group, with assistance from others. You can download the Solaris source for this and other parts of Solaris as a few zip files at the Oracle Download website. The relevant source files are generally under directories usr/src/common/crypto/{aes,arcfour,des,md5,modes,sha1,sha2}}/sun4v/. and usr/src/common/bignum/sun4v/. Solaris 11 binary is available from the Oracle Solaris 11 download website. OpenSSL t4 engine The source for the OpenSSL t4 engine, which is based on the Solaris source above, is viewable through the OpenGrok source code browser in directory src/components/openssl/openssl-1.0.0/engines/t4 . You can download the source from the same website or through Mercurial source code management, hg(1). Conclusion Oracle Solaris with SPARC T4 provides a rich set of accelerated cryptographic and hash algorithms. Using the latest update, Solaris 11.1, provides the best set of optimized algorithms, but alternatives are often available, sometimes slightly slower, for releases back to Solaris 10 08/11 (U10). Reference See also these earlier blogs. SPARC T4 OpenSSL Engine by myself, Dan Anderson (2011), discusses the Openssl T4 engine and reviews the SPARC T4 processor for the Solaris 11 release. Exciting Crypto Advances with the T4 processor and Oracle Solaris 11 by Valerie Fenwick (2011) discusses crypto algorithms that were optimized for the T4 processor with the Solaris 11 FCS (11/11) and Solaris 10 08/11 (U10) release. T4 Crypto Cheat Sheet by Stefan Hinker (2012) discusses how to make T4 crypto optimization available to various consumers (such as SSH, Java, OpenSSL, Apache, etc.) High Performance Security For Oracle Database and Fusion Middleware Applications using SPARC T4 (PDF, 2012) discusses SPARC T4 and its usage to optimize application security. Configuring Oracle iPlanet WebServer / Oracle Traffic Director to use crypto accelerators on T4-1 servers by Meena Vyas (2012)

    Read the article

  • How to properly deny Railo directory access through Apache

    - by Sn3akyP3t3
    I've been battle tested on this and failed to achieve my goal which is to deny all access to all directories except the Public directory and only allow access to all all other directories with specific IP addresses. To get Railo+Apache+Tomcat installed I pretty much followed this script: https://github.com/talltroym/Railo-Ubuntu-Installer-Script then verified settings with this tutorial: http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html From the installation script these mods are enabled: sudo a2enmod ssl sudo a2enmod proxy sudo a2enmod proxy_http sudo a2enmod rewrite sudo a2ensite default-ssl Outside of the script I copied the sites-available to sites-enabled then reloaded Apache. I have a directory created for Railo cmfl located at /var/www/Railo/ Navigating the browser to http ://Server_IP_Address/Railo forces ssl and relocates to https ://Server_IP_Address/Railo which shows off index.cfm. Not providing index.cfm and omitting https indicates that the DirectoryIndex directive and RewriteCond of Apache appears to be working for the sites-enabled VirtualHost. The problem I'm encountering is that I cannot seem to deny access to all directories except Public. My directory structure is rather simple and looks like this: Railo error Public NotPublic Sandbox These are my sites-enabled configurations: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www #Default Deny All to prevent walking backwards in file system Alias /Railo/ "/var/www/Railo/" <Directory ~ ".*/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html index.cfc RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> and <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www Alias /Railo/ "/var/www/Railo/" <Directory ~ "/var/www/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html #Proxy .cfm and cfc requests to Railo ProxyPassMatch ^/(.+.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1 ProxyPassReverse / http://127.0.0.1:8888/ #Deny access to admin except for local clients <Location /railo-context/admin/> Order deny,allow Deny from all # Allow from <Omitted> # Allow from <Omitted> Allow from 127.0.0.1 </Location> </VirtualHost> </IfModule> The apache2.conf includes the following: # Include the virtual host configurations: Include sites-enabled/ <IfModule !mod_jk.c> LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkMount /*.cfm ajp13 JkMount /*.cfc ajp13 JkMount /*.do ajp13 JkMount /*.jsp ajp13 JkMount /*.cfchart ajp13 JkMount /*.cfm/* ajp13 JkMount /*.cfml/* ajp13 # Flex Gateway Mappings # JkMount /flex2gateway/* ajp13 # JkMount /flashservices/gateway/* ajp13 # JkMount /messagebroker/* ajp13 JkMountCopy all JkLogFile /var/log/apache2/mod_jk.log </IfModule> I believe I understand most of this except the jk_module inclusion which I've noticed has an error that shows up in the logs that I can't sort out: [warn] No JkShmFile defined in httpd.conf. Using default /etc/apache2/logs/jk-runtime-status I've checked my Regular expression against the paths of the directories with RegexBuddy just to be sure that I wasn't correct. The problem doesn't appear to be Regex related although I may have something incorrect in the Directory directive. The Location directive seems to be working correctly for blocking out Railo admin site access.

    Read the article

  • rkhunter: right way to handle warnings further?

    - by zuba
    I googled some and checked out two first links it found: http://www.skullbox.net/rkhunter.php http://www.techerator.com/2011/07/how-to-detect-rootkits-in-linux-with-rkhunter/ They don't mention what shall I do in case of such warnings: Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable Warning: The command '/usr/sbin/adduser' has been replaced by a script: /usr/sbin/adduser: a /usr/bin/perl script text executable Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable Warning: The file properties have changed: File: /usr/bin/lynx Current hash: 95e81c36428c9d955e8915a7b551b1ffed2c3f28 Stored hash : a46af7e4154a96d926a0f32790181eabf02c60a4 Q1: Is there more extended HowTos which explain how to deal with different kind warnings? And the second question. Were my actions sufficient to resolve these warnings? a) To find the package which contains the suspicious file, e.g. it is debianutils for the file /bin/which ~ > dpkg -S /bin/which debianutils: /bin/which b) To check the debianutils package checksums: ~ > debsums debianutils /bin/run-parts OK /bin/tempfile OK /bin/which OK /sbin/installkernel OK /usr/bin/savelog OK /usr/sbin/add-shell OK /usr/sbin/remove-shell OK /usr/share/man/man1/which.1.gz OK /usr/share/man/man1/tempfile.1.gz OK /usr/share/man/man8/savelog.8.gz OK /usr/share/man/man8/add-shell.8.gz OK /usr/share/man/man8/remove-shell.8.gz OK /usr/share/man/man8/run-parts.8.gz OK /usr/share/man/man8/installkernel.8.gz OK /usr/share/man/fr/man1/which.1.gz OK /usr/share/man/fr/man1/tempfile.1.gz OK /usr/share/man/fr/man8/remove-shell.8.gz OK /usr/share/man/fr/man8/run-parts.8.gz OK /usr/share/man/fr/man8/savelog.8.gz OK /usr/share/man/fr/man8/add-shell.8.gz OK /usr/share/man/fr/man8/installkernel.8.gz OK /usr/share/doc/debianutils/copyright OK /usr/share/doc/debianutils/changelog.gz OK /usr/share/doc/debianutils/README.shells.gz OK /usr/share/debianutils/shells OK c) To relax about /bin/which as I see OK /bin/which OK d) To put the file /bin/which to /etc/rkhunter.conf as SCRIPTWHITELIST="/bin/which" e) For warnings as for the file /usr/bin/lynx I update checksum with rkhunter --propupd /usr/bin/lynx.cur Q2: Do I resolve such warnings right way?

    Read the article

  • Change the Integrated Weblogic Port number

    - by pavan.pvj
    There came a situation where I wanted to work with two JDevelopers simultaneously and start two different applications in two JDEVs. (Both of them have to in separate installation location, else it will create a problem because of system directory).Now, when we want to start WLS in JDEV, only the first one will be started and the other one fails with an exception of port conflict. Until few days back, $1million dollar question was how to change the integrated WLS port number?So, heres the answer after some R&D. In the view menu, click on "Application Server Navigator". Right click on Integrated Weblogic server.1) If it is the first time that you are trying to start the server, then there is a menu "Create Default Domain". If you click on this, a window will be displayed where it asks for the preferred port number. Change it here.2) If the domain is already created, then click on Properties and change the preferred port number.Again, if you want to change the port before starting JDEV from the file system, then goto $JDEV_USER_HOME/systemxxx/o.j2ee and open the file adrs-instances.xml and change the http-port in the startup-preferences:<hash n="startup-preferences">   <value n="http-port" v="7111"/></hash>Note 1: adrs-instances.xml will be created ONLY after you create the default domain.Note 2: systemxxx - refers to system.<JDEV version> like system.11.1.1.3.56.59 for PS2.Note 3: $JDEV_USER_HOME - in windows - would be C:\Documents and Settings\[user_name]\Application Data\JDeveloper"Now, you can run multiple Integrated WLS simultaneously. But please be aware that running more than one WLS server will degrade system performance.

    Read the article

  • What's wrong with my ext4 partition?

    - by bumbling fool
    What is wrong with this picture? Top is output from "df -h", bottom is gparted. I suspect I'm missing a lot of free space. No problems other than that (yet). Can somebody suggest the best (non-destructive) way to correct this? sudo dumpe2fs -h /dev/sda3: (source http://pastebin.com/nAvrdT4E) Filesystem volume name: <none> Last mounted on: / Filesystem UUID: 9f6eff64-60d7-4eec-81d5-1e8acd818b38 Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: has_journal ext_attr resize_inode dir_index filetype needs_recovery extent flex_bg sparse_super large_file huge_file uninit_bg dir_nlink extra_isize Filesystem flags: signed_directory_hash Default mount options: (none) Filesystem state: clean Errors behavior: Continue Filesystem OS type: Linux Inode count: 1602496 Block count: 6406144 Reserved block count: 320306 Free blocks: 4842284 Free inodes: 1361222 First block: 0 Block size: 4096 Fragment size: 4096 Reserved GDT blocks: 1022 Blocks per group: 32768 Fragments per group: 32768 Inodes per group: 8176 Inode blocks per group: 511 RAID stride: 32692 Flex block group size: 16 Filesystem created: Sun Nov 8 18:18:13 2009 Last mount time: Tue Mar 1 01:04:27 2011 Last write time: Mon Feb 28 04:27:34 2011 Mount count: 16 Maximum mount count: 28 Last checked: Thu Feb 24 06:23:39 2011 Check interval: 15552000 (6 months) Next check after: Tue Aug 23 07:23:39 2011 Lifetime writes: 227 GB Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 256 Required extra isize: 28 Desired extra isize: 28 Journal inode: 8 First orphan inode: 268015 Default directory hash: half_md4 Directory Hash Seed: cc101517-e617-482b-a883-a72919419c84 Journal backup: inode blocks Journal features: journal_incompat_revoke Journal size: 128M Journal length: 32768 Journal sequence: 0x001d3000 Journal start: 7787 fdisk and parted output per requests: http://pastebin.com/EGVH7Ken

    Read the article

  • How does eMail encryption work?

    - by Dummy Derp
    I have been going over YouTube watching videos on eMail encryption and everyone seems to explain it from a different perspective. Some do it for a CompTIA exam while others just provide a primer. Here is what I understood: Step1: You compose an email that you want to send. Without encryption, it will be simple ASCII text that will be visible to anyone along the way. Step2: You generate a digital signature to make sure that nobody gets to re-transmit your email and claim it was you. Digital Signature is generated using Sender's private key which is usually a hash of the password and is then combined with the original message to form one long hash string. These signatures are one-time-use-only and a new one is calculated for every email. Step 3: You encrypt the compose of your email using Receiver's public key so that the only person who can read it is the intended receiver using their private key Step 4: When you hit the send the email, what is transmitted now is gibberish to everyone apart from the intended receiver who will decrypt is using their private key And there are various ways to do it like PEM, PGP, etc. Correct me where I am wrong or refine where necessary.

    Read the article

  • Why is my root filesystem always scanned at boot?

    - by luri
    I always have a pause at boot saying my filesystems are being checked (with a "press C to cancel" note, too). Actually (seeing boot.log) I think it's the / fs, which is located at /dev/sdb5 Several questions altoghether, here (hope this does not break any rule): Is this normal? Can I (or even should I) prevent this anyhow? According to boot.log (below) the fs does not seem to be 'clean', or, at least, it's in an state or condition that makes fsck always can it for errors for a while (just a few seconds). How can I fix it? Edit: This is my boot.log: fsck desde util-linux-ng 2.17.2 udevd[515]: can not read '/etc/udev/rules.d/z80_user.rules' /dev/sdb5: 249045/32841728 ficheros (0.3% no contiguos), 20488485/131338752 bloques init: ureadahead-other main process (1111) terminated with status 4 init: ureadahead-other main process (1116) terminated with status 4 Password: * Starting AppArmor profiles [160G Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox [154G[ OK ] * Setting sensors limits [160G [154G[ OK ] And this is dumpe2fs results for the filesystem being checked (well, the relevant part of the log): Filesystem volume name: <none> Last mounted on: / Filesystem UUID: 42509bf9-f3e6-460a-8947-ec0f5c1fbcc8 Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: has_journal ext_attr resize_inode dir_index filetype needs_recovery extent flex_bg sparse_super large_file huge_file uninit_bg dir_nlink extra_isize Filesystem flags: signed_directory_hash Default mount options: (none) Filesystem state: clean Errors behavior: Continue Filesystem OS type: Linux Inode count: 32841728 Block count: 131338752 Reserved block count: 6566937 Free blocks: 110850356 Free inodes: 32592701 First block: 0 Block size: 4096 Fragment size: 4096 Reserved GDT blocks: 992 Blocks per group: 32768 Fragments per group: 32768 Inodes per group: 8192 Inode blocks per group: 512 Flex block group size: 16 Filesystem created: Fri Dec 10 19:44:15 2010 Last mount time: Mon Feb 14 17:00:02 2011 Last write time: Mon Feb 14 16:59:45 2011 Mount count: 1 Maximum mount count: 33 Last checked: Mon Feb 14 16:59:45 2011 Check interval: 15552000 (6 months) Next check after: Sat Aug 13 17:59:45 2011 Lifetime writes: 331 GB Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 256 Required extra isize: 28 Desired extra isize: 28 Journal inode: 8 First orphan inode: 28049496 Default directory hash: half_md4 Directory Hash Seed: d3d24459-514b-4413-b840-e970b766095b Journal backup: inode blocks Journal features: journal_incompat_revoke Tamaño de fichero de transacciones: 128M Journal length: 32768 Journal sequence: 0x0005e0c4 Journal start: 1 This is the relevant (at least I think this is the fs being checked) line in fstab: #Entry for /dev/sdb5 : UUID=42509bf9-f3e6-460a-8947-ec0f5c1fbcc8 / ext4 errors=remount-ro 0 1

    Read the article

  • Failure to Boot 12.04 on HP AMD Dual Core. Rescue Mode doesn't even come up

    - by L R Bellmore Jr
    I have 12.04 installed on HP 64 bit dual core AMD laptop.. worked great until about 1-2 months ago.. now takes 1/2 hour to 25 hours to boot if it ever does. A minor number of times I get the HP logo with hash lines on screen and it just hangs... When it finally boots 95% it will run until I turn it off days later to see if any of the upgrades fixed the problem. Currently, if it boots, it is random.. .left on over night .. 2 nights ago and came back to a HP logo with Hash Lines horizontal across the screen.. frozen.. rebooted back to black screen.. no HP logo... Most often when it does boot.. no HP logo.. just cursor shows up.. and then I know it will finally load... computer has been made worthless and it is my work computer..HELP PLEASE... Rescue Mode can't be invoked.. computer doesnt respond.. has shown up 3 times in about 100 and when I have tried it... 1 time it resulted in a boot up but then failed in a couple hours.

    Read the article

  • How to prevent duplication of content on a page with too many filters?

    - by Vikas Gulati
    I have a webpage where a user can search for items based on around 6 filters. Currently I have the page implemented with one filter as the base filter (part of the url that would get indexed) and other filters in the form of hash urls (which won't get indexed). This way the duplication is less. Something like this example.com/filter1value-items#by-filter3-filter3value-filter2-filter2value Now as you may see, only one filter is within the reach of the search engine while the rest are hashed. This way I could have 6 pages. Now the problem is I expect users to use two filters as well at times while searching. As per my analysis using the Google Keyword Analyzer there are a fare bit of users that might use two filters in conjunction while searching. So how should I go about it? Having all the filters as part of the url would simply explode the number of pages and sticking to the current way wouldn't let me target those users. I was thinking of going with at max 2 base filters and rest as part of the hash url. But the only thing stopping me is that it would lead to duplication of content as per Google Webmaster Tool's suggestions on Url Structure.

    Read the article

  • What conventions or frameworks exist for MVVM in Perl?

    - by Will Sheppard
    We're using Catalyst to render lots of webforms in what will become a large application. I don't like the way all the form data is confusingly into a big hash in the Controller, before being passed to the template. It seems jumbled up and messy for the template. I'm sure there are real disadvantages that I haven't described properly... Are there? One solution is to just decide on a convention for the hash, e.g.: { defaults => { type => ['a', 'b', 'c'] }, input => { type => 'a' }, output => { message => "2 widgets found of type a", widgets => [ 'foo', 'bar' ] } } Another way is to store the page/form data as attributes in a class (a ViewModel?), and pass a whole object to the template, which it could use like this: <p class="message">[% model.message %]<p> [% FOREACH widget IN model.widgets %] Which way is more flexible for large applications? Are there any other solutions or existing Catalyst-compatible frameworks?

    Read the article

  • Does Firefox Phishing Protection / Safebrowsing have any privacy implications?

    - by Nowo
    The current google results are outdated. What is the current status? I was on www.mozilla.org/en-US/legal/privacy/firefox.html and saw "Protection Against Suspected Forgery and Attack Sites Features". Can you translate please more to human speak? First they download a list and compare local... Ok... Here it gets messy "If there is a match, Firefox will check with its third party provider to ensure that the website is still on the blacklist. The information sent between Firefox and its third party provider(s) are hashed URLs. In fact, multiple hashed URLs are sent with the real hash so that the third party provider(s) will not know what site you are visiting." - If that hash were send to mozilla, they would knew which site were accessed? "In order to safeguard your privacy, Firefox will not transmit the complete URL of web pages that you visit to anyone other than Mozilla and its service providers." - In other words, Mozilla and its service providers get all complete URLs (of sites, which were in blacklist)? "While it is possible that a third party service provider may determine the actual URL from the hashed URL sent, Mozilla’s policy is to require [...]" - Privacy is depends on policy rather than technology?

    Read the article

  • Is it reasonable to require passwords when users sign into my application through social media accounts?

    - by BrMcMullin
    I've built an application that requires users to authenticate with one or more social media accounts from either Facebook, Twitter, or LinkedIn. Edit Once the user has signed in, an 'identity' for them is maintained in the system, to which all content they create is associated. A user can associate one account from each of the supported providers with this identity. I'm concerned about how to protect potential users from connecting the wrong account to their identity in our application. /Edit There are two main scenarios that could happen: User has multiple accounts on one of the three providers, and is not logged into the one s/he desires. User comes to a public or shared computer, in which the previous user left themselves logged into one of the three providers. While I haven't encountered many examples of this myself, I'm considering requiring users to password authenticate with Facebook, Twitter, and LinkedIn whenever they are signing into our application. Is that a reasonable approach, or are there reasons why many other sites and applications don't challenge users to provide a user name and password when authorizing applications to access their social media accounts? Thanks in advance! Edit A clarification, I'm not intending to store anyone's user name and password. Rather, when a user clicks the button to sign in, with Facebook as an example, I'm considering showing an "Is this you?" type window. The idea is that a user would respond to the challenge by either signing into Facebook on the account fetched from the oauth hash, or would sign into the correct account and the oauth callback would run with the new oauth hash data.

    Read the article

  • Handling timeout in network application

    - by user2175831
    How can I handle timeouts in a network application. I'm implementing a provisioning system on a Linux server, the code is huge so I'm going to put the algorithm, it works as like this Read provisioning commands from file Send it to another server using TCP Save the request in hash. Receive the response then if successful response received then remove request from hash if failed response received then retry the message The problem I'm in now is when the program didn't receive the response for a timeout reason then the request will be waiting for a response forever and won't be retried. And please note that I'll be sending hundreds of commands and I have to monitor the timeout commands for all of them. I tried to use timer but that didn't help because I'll end up with so many waiting timers and I'm not sure if this is a good way of doing this. The question is how can I save the message in some data structure and check to remove or retry it later when there is no response from the other end? Please note that I'm willing to change the algorithm to anything you suggest that could deal with the timeouts.

    Read the article

  • ???: Oracle NoSQL Database??

    - by zhangqm
    ?????????Oracle?????Oracle NoSQL Database,?????NoSQL Database ??????????Oracle NoSQL Database??2???,Community Edition ?Enterprise Edition?????????NoSQL Database 11g R2 (11gR2.1.2.123). ?????????????????: Oracle NoSQL Database OTN portal (includes download facility) Oracle NoSQL Database OTN documentation Oracle NoSQL Database license information ??Oracle NoSQL Database ???????????,????,?????(key-value)???TB????,????????????(???)????,??????????????????????????,????,??????????? ?Oracle NoSQL Database?,???????????key-value???,??key???????:??????????key?(?????string),????????(??????????bytes)??????key-value ??primary key?hash?,????????????????????????????????,???????,????????????????????????? ???????????????????Java API??????Oracle NoSQL Database driver ????????,?????key-value????????????????Oracle NoSQL Database ?????Create, Read, Update and Delete (CRUD)??,???????durability??????????????????????:?????web console???command line??? Oracle Berkeley DB Java Edition Oracle NoSQL Database?? Oracle Berkeley DB Java Edition ????????,??????????????????????????????,?????????????????? ????????????Oracle NoSQL Database Driver?????key-value????????????Oracle NoSQL Database Driver??:?????????hash??????????????????,?????????????????????? ????????Oracle NoSQL Database Oracle NoSQL Database????????????????????????????????????????????????????????????????: ???? ???? ???? ?????? ???? ?????? ????,??,?? ???? ???? ??? (sub-millisecond) ???????? ????? ??????? ????????  ?????Oracle?????? ???? (Oracle Big Data Appliance) ???? ?????????????????????????????????,???“??”???????????,Oracle NoSQL Database???????????Oracle NoSQL Database?????(Cloud)??,????????(TB?PB??)???Oracle NoSQL Database ??????ETL??(??MapReduce, Hadoop)??,??acquire-organize-analyze ?????????? ???????Oracle NoSQL Database?????: • Large schema-less data repositories• Web?? (click-through capture)• ????• ????• ?????????? • Sensor/statistics/network capture (?????, ?????)• ?????????• ???? (MMS, SMS, routing)• ???? Oracle NoSQL Database (Community Edition ??)??????????? Oracle Big Data Appliance???

    Read the article

  • Sorting eigenvectors by their eigenvalues (associated sorting)

    - by fbrereto
    I have an unsorted vector of eigenvalues and a related matrix of eigenvectors. I'd like to sort the columns of the matrix with respect to the sorted set of eigenvalues. (e.g., if eigenvalue[3] moves to eigenvalue[2], I want column 3 of the eigenvector matrix to move over to column 2.) I know I can sort the eigenvalues in O(N log N) via std::sort. Without rolling my own sorting algorithm, how do I make sure the matrix's columns (the associated eigenvectors) follow along with their eigenvalues as the latter are sorted?

    Read the article

< Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >