Home
FAQ
Download
Repository
BugtrackerDear Computer Industry
Stop blindly copying Apple designs. If I want an Apple design, I buy an Apple. I don't want Apple designs. Therefore, you give me no choice but to ignore your products, which are like Apple, just with worse quality.Fuck you, Lenovo, you're forcing me to buy Macbooks!
First the crappy quality, now Apple-inspired chiclet keyboards. What's next, glossy screens? Fuck you. I want an X60 Tablet with a modern CPU, not a crappy plastic brick with smooth corners, glossy surfaces and chiclet keyboards.
Samuel Vincent Creshal at 16. May 2012, 11:27 UTC
dcgui 1.0.5 "All of this has happened before"
Fixed the avatar display. An server updated intended to make finding avatars easier temporarily broke it.Source Tarball.
Windows installer.
PKGBUILD for Archlinux based distributions.
Samuel Vincent Creshal at 22. Apr 2012, 16:09 UTC
RSA encryption in JavaScript and PHP
For a new project (password management application), I'm investigating the usage of RSA in JavaScript and PHP. Had I known the amount of bullshit ahead of me beforehand, I'd have resorted to sticky notes for password management…Anyway. I quickly settled for Tom Wu's Bigint and RSA library. It is, for the most part, pretty decent. However, it's still somewhat bugged (a leading zero in BigIntegers is sometimes skipped, which makes messages unparseable), some functions simply make no sense (UTF-8 in the decryption function might be well meant, but is kinda useless if you have non-UTF-8 strings... like binary data) and it's lacking functionality for messages longer than the key size. This blog post thankfully outlines how to add this functionality for encryption (I added similar functions for decryption, see the source).
For signing/verifying, I chose to ignore the RFCs (implementing another padding scheme in both PHP and JS would have taken too long) and just used swapped encrypt/decrypt functions.
Another limitation of Wu's lib was the lack of a "proper" import function – I use a modified version (making use of Wu's jsbn library) of Lapo Luchini's ASN1 library plus some glue code to extract the actual key data.
For the PHP side, I use PHPSecLib, which works actually pretty well (I only replaced the user_error reporting with proper Exceptions). The only tricky part is that you need to liberally use hex2bin/bin2hex (I build a thin wrapper around it to do exactly that).
After only… oh, about five days of debugging, the libs work as far as I supposed them to work from the beginning. Project deadlines are overrated anyway.
Code, including examples, on GitHub
Samuel Vincent Creshal at 19. Apr 2012, 13:59 UTC
dcgui 1.0.4 "God’s in His heaven — All’s right with the world"
The chat server API was changed to close a CSRF hole that allowed attackers to remote-control arbitrary users. The client was adapted for the new API.Attention: This update is mandatory, since all older versions are incompatible with the new API!
Source Tarball.
Windows installer.
PKGBUILD for Archlinux based distributions.
Samuel Vincent Creshal at 13. Mar 2012, 18:46 UTC
Server Migration!
I finally managed to get my lazy *** up and do the server upgrade I had planned for... about one and a half years now.The changes:
- Debian 6 instead of Ubuntu 8.04, i.e. much more up-to-date software than before (wsgi 'n stuff). Also, since this is a full root server, no upgrade limitations anymore.
- All core services authenticate via PAM now: This means the arbitrary and annoying differentiation between Jabber and Mail accounts is gone, everything runs with one password you can easily change with
passwd. - Four CPU cores (well, 2+Hyper-Threading) instead of one.
- Eight times as much RAM, i.e. 16 GiB. We can finally run two Java applications at the same time! (</sarcasm>)
- New jabber server which shouldn't have the old authorization problems anymore (FYI: It's ejabberd again – no, I haven't forgotten the old problems of it, but since everything runs over ODBC now, this shouldn't happen again).
Samuel Vincent Creshal at 08. Mar 2012, 13:33 UTC
DIY-NAS: Part 3, review ALL the software
Boredom, etc. – This time looking for a decent DLNA server to be able to use my PlayStation® 3 as ersatz HTPC.miniDLNA
Really nice – easy to setup, minimal configuration needed, Just Works™. Well, except transcoding, which isn't supported. Since manually transcoding each and every audio and/or video file doesn't sound particularly entertaining to me, I dropped it again. Apart from this limitation my favorite, however.MediaTomb
Did the developer have a bet running who could make the worst configuration file format possible? If so, they won. They can stop. GODDAMN, IT'S AWFUL. Never bothered trying to get it to run.Coherence
Yep, the mediatomb guys had a bet running… with these guys. Apart from the configuration madness, awful documentation and a severe case of pluginitis. I'd rather build a LFS system without any documentation than trying to figure out how to stick the Coherence plugins together to make it usable.Rygel
I have to admit, I have a soft spot for Vala software. Additionally, Rygel has a clean configuration file format and supports transcoding for about every format you can ask for. Only problem with it was Debian missing a proper daemon package of it (which is about 5 minutes of work to add manually). With that problem fixed, it's now running on Jakuri.Which leaves the problems that a) the PS3 is goddamn awful loud, which makes listening to music/videos unpleasant, and b) the Atom® is waaay too slow to be able to transcode FullHD videos on-the-fly.
Well, you can't have everything.
Samuel Vincent Creshal at 04. Mar 2012, 21:31 UTC
DIY-NAS: Part 2, software reviews
Sooo, I finally got to buy the additional hard disks for Jakuri (what moron built half of all friggin hard disk factories in the same damn valley?):
The components: Six 1TB hard disks, one bay, one SATA controller
Installation was… slightly challenging: The cables were too long and the case slightly too small (I tried to amend some of the problems in the parts list by swapping the fans for much smaller ones and adding fan grills to prevent accidental cable shredding).
In the end, it actually turned out to work anyway, but no thanks to Chieftek and/or Sharkoon. Whoever invented "screwdriver-free drive installation" deserves being hanged, drawn, quartered, shot and burned. Not necessarily in that order. The pins of the rails intended to hold the drive broke (among other causes due to extremely small screw holes in the bay) and the drive only fits upside down. The bay itself is of bad quality, I had to hammer some of the drives in since the rails and/or trays are kinda uneven and tend to jam. The fan is not regulated, and the single loudest piece of hardware in the entire setup. I removed it, let's see how the temperatures are going to be in summer…
I replaced the bay in the parts list with a Chieftec model, in the hope they'll at least manage to be compatible to their own products (yeah, well, probably no, but at least that one has decent SATA cables included, it was a pain in the back to scrape enough together from my inventory). Oh, did I mention the Sharkoon drive comes with tilted SATA connectors which are incompatible with both the drive and most mainboards? Yeah. F*** Sharkoon.
With the hardware resolved (mostly), the only remaining issue was the software. The original set up had to go, since I wanted to encrypt everything and add a partition of the 3.5" drive to the raid, to boost net capacity. So I was kinda free to experiment with new stuff.
FreeNAS
FreeNAS is distilled awesome in a can, hands down. The installation is extremely easy (burn disk, answer question, watch it being installed – takes about 10 minutes), and the web UI is better than most commercial stuff (Qnap, Cisco, I'm looking at you). It also seems to be pretty much feature complete (again, compared to commercial competition). However, the one thing I absolutely miss is encryption (Oracle hasn't released the ZFS encryption code as open source yet, a**holes). To be fair, as far as I know, commercial NAS systems don't have that feature either, so if you just look for an alternative to them, it's fine.OwnCloud
Really, really good web UI (with somewhat spotty browser support). However, every file access runs over the web server, so if you don't want a permission and/or ACL nightmare, it's only really usable if every access to the files is via OwnCloud – over the UI, over OwnCloud Apps or over WebDAV. Since that is not an option for me (torrent/file download, backups and other stuff over independent daemons), it's not really an option for me, either. But if you can live with the limitations, it gives you an easy to use tool to synchronize files, calendars, address books and other stuff over your own infrastructure. OwnCloud can be run on top of FreeNAS, as far as I can see, so you can get a flexible, easy to administer system up and running quite fast with those components (with storage/RAID management via FreeNAS and file access via OwnCloud).However, due to said limitations, I'm going back to good ol' Debian + SFTP. Who needs comfort, when you can have paranoia instead?
Samuel Vincent Creshal at 07. Feb 2012, 20:25 UTC
Benchmarking ysnotifier against notification-daemon
In an attack of Christmas boredom I decided to look how well the latest version (0.5) of my notification server implementation fares against the reference implementation (aka notification-daemon 0.7.3). I took every test from libnotify's (0.7.4) test collection (except test-gir, since I didn't manage to get it running) as well as the apps I normally test with (dcgui and deadbeef). Here's the results:| Test name | ysnotifier | Notes | notification-daemon | Notes | |
|---|---|---|---|---|---|
| 1 | test-action-icons | 0% | Not supported | 33% | 2 of 3 icons not recognised, even though they're in my icon theme |
| 2 | test-basic | 100% | 100% | Does nothing against overly long texts. I hope you don't need your right screen edge | |
| 3 | test-default-action | 100% | Creates button for default action. | 100% | Clicking the widget triggers default action |
| 4 | (test-error) | 100% | 100% | ||
| 5 | test-image | 50% | file:/// not supported | 0% | Neither icon rendered |
| 6 | test-markup | 100% | 100% | ||
| 7 | test-multiple-actions | 100% | 100% | ||
| 8 | test-persistence | 0% | Not supported | 100% | Default |
| 9 | test-removal | 100% | 67% | Last notification not shown | |
| 10 | test-replace | 100% | 100% | ||
| 11 | test-replace-widget | 100% | 100% | ||
| 12 | test-resident | 0% | 0% | Notification disappears into tray, indistinguishable from default behaviour | |
| 13 | test-rtl | 100% | 100% | ||
| 14 | test-server-info | 100% | 100% | ||
| 15 | (test-size-change) | 0% | Note itself adjusted, other notifications not | 100% | Widget itself is adjusted, only one note visible |
| 16 | test-transient | 100% | Default behaviour | 100% | |
| 17 | test-urgency | 0% | Not supported | 0% | Not supported? Not visibly at least |
| 18 | test-xy | 100% | 0% | ||
| 19 | test-xy-actions | 100% | 0% | ||
| 20 | test-xy-stress | 100% | 0% | ||
| 21 | deadbeef | 100% | 0% | Notification disappears into tray, has to be manually dismissed every time if you want it to stay visible (yes) | |
| 22 | dcgui | 100% | 100% | ||
| Average (all tests) | 71% | 64% | |||
| Average (w/o 4, 15) | 73% | 60% |
Note about tests 4 and 15:
- 4 does not work (no error triggered)
- In 15, the behaviours of the two daemons are not comparable – would ysnotifier be used with -n 1, they'd behave the same (but I don't want to make it the default)
That's actually quite nice for 5 afternoons worth of work. With only residence, urgency and more icon formats missing as features and one bug (which should hopefully not appear in the wild), I guess I'll be able to release it as stable soon™.
Download ysnotifier (requires python2>=2.7, python-dbus, pygtk2)
Download PKGBUILD for Archlinux-based distributions
Samuel Vincent Creshal at 24. Dec 2011, 16:53 UTC
dcgui 1.0.3 "Australia strikes back"
Now with 100% more Albion Prelude support!Source Tarball.
Windows installer.
PKGBUILD for Archlinux based distributions.
Samuel Vincent Creshal at 17. Dec 2011, 11:05 UTC
dcgui 1.0.2 "Special release for special users"
A certain someone inspired the inclusion of an ignore list. Configure it in the misc tab, user names are separated with comma.Source Tarball.
Windows installer.
PKGBUILD for Archlinux based distributions.
Samuel Vincent Creshal at 16. Dec 2011, 20:25 UTC
