Blog of recursive recursion

srchub.org and heartbleed

If you haven't heard already heartbleed is a bug in OpenSSL that could allow an attacker to acquire the private certificate keys and decrypt previous or future communications. You can view more information here.

srchub.org runs Debian and the folks at Debian released a patch almost immediately fixing this issue.

srchub.org server was updated last night and a new certificate was installed this evening that was generated using a new CSR/private key.

New srchub features

There has been a lot of activity at srchub with new features.

New syntaxhighlighter is in place and being used for source preview. This was needed because the old source preview would highlight one line at a time which caused multi-line comments to be rendered incorrectly.

You now have the ability to select a different theme if you decide to use the new syntax highlighter for code in your wiki or project front page.

Example:

Using the Django theme:

At srchub we believe that any data you upload is your data and you shouldn't be trapped to a single service provider. Especially if that provider decides to sail off into the sunset...with your data. A new "beta" feature was developed that would allow you to download your project contents in JSON format.

The JSON file contains:

  • Wiki (and revisions)
  • Files
  • Reviews

It does not contain source code - though that can be downloaded separately in it's entirety from hg/git. If you have a subversion repo and would like an offline copy you may contact an admin.

Finally we have made RSS feeds more prominent throughout the site to make sure you can use the RSS feeds in other applications or aggregate them into a single feed to show users what you are up to.

Samsung Galaxy Note 3

Recently I purchased a Samsung Galaxy Note 3 and before I did anything to it I acquired root. This wasn't for nefarious reasons but it was mainly due to the fact that one time password generator programs I use do not have a built in sync option. The only thing I can do is use titanium backup to backup the application and data and use titanium backup to restore the app on the new phone. The operation on both phones requires root. Also, I use titanium backup to freeze the bloat that comes on the phone especially applications I would never use and as a result I can hide from getting future updates.

After I got my phone all setup and transfered all my applications I went to attempt to update and received this error message:

Naturally I was furious - what kind of greedy company would do something like that? The proper message to show is "look, it seems like you modified the device, this update may break your device. Are you really sure you want to do this?" Nope, instead they use typical DRM tactics because this message also appears for people who HAVE NOT modified their device. That's right, even the "honest" people who do not use root or anything have gotten this message. It appears that a workaround is to remove your SD card or unmount and try updating again. Yeah, having an SD card to Samsung means you "modified" your device and as a result you just voided your warranty. Using the device as it was intended and you void your warranty - brilliant thinking from Samsung.

In any case, there is a way to "fix" this.

This is what my about page looked like:

To fix it just use the steps mentioned in this post:

  1. Install Xposed Framework (a.k.a. Xposed Installer)
  2. Tap on "Framework", then do it on "Install/Update"
  3. Install Wanam Xposed
  4. Open Xposed Installer, tap on "Modules" and check Wanam Xposed
  5. Reboot the phone
  6. Open Wanam Xposed, go to "Security Hacks"
  7. Check (on System) "Fake System Status"
  8. Reboot again...
  9. Voilá, you can go back to updating OTA

Now this is what my about page looks like:

C++ parameter passing

C++ parameter passing is a very subtle idea but an important one.

There are three types of passing in C++:

  • Value (or copy)
  • Reference (or passing the address of the variable)
  • Const-reference (same as above except the object can't be modified)

Passing by value means you want C++ to make a copy of the variable you send in:

The value of z will be 4. This is because in f you are only working with a copied local version of z. However, if we wanted to modify the variable we could change the signature of the function like so:

z will now be 5. This is because we are telling C++ to send in the address of z rather than a copy. This is a very subtle idea because lets say you had the following:

A copy of the vector will be sent to the function (well really the copy constructor will get called - which the end result would be a copy of the vector array).

What should be done is the following:

However, there may be instances in which you want to send the address but don't want to allow the function to modify the vector. You could use the const keyword for that like:

By adding const the following code will not work/compile:

There is a third way to pass parameters which would allow a user of your function/method to pass in a NULL/nullptr value. This notation marks it as a pointer, which is fine but you call it slightly differently:

backuppc

Recently my backupc backups have gotten so big that the web interface really is no longer an option for me. I could delete old backups, but I don't want to do that (yet).

I think this will be a multi-part blog post.

Dropping into the command line will allow me faster access to the files. The problem is how to figure out which backup sets that I want. Doing an ls -l on the pc/host directory would take too long, which I still would need to sort. Instead I went with the find command, cut, sort, head, xargs, and column commands. This combination is quick, and shows me all the backup sets for a given host.

The command:

yields output similar to this:

Of course it just wouldn't be enough to just zip a directory due to incremental backups. This is where the BackupPC_zipCreate script will come in. Run

to get the directory where it's located and it has the following options (copied from http://www.bearnas.com/wiki/doku.php?id=backuppc:recovercopy2tar ):

MySQL queries

Recently I decided to do some work on a sqlsnapshot utility and tried to figure out the best way to do a bulk update on the database.

Here are the test scripts I used to generate the SQL:

SQL Schema:

System specs:

mysqld Ver 5.5.31-0ubuntu0.12.10.1 for debian-linux-gnu on i686 ((Ubuntu)) Ubuntu 12.10 Running on a VM in VMWare Player

First off: single SQL statements are bad.

For example:

This SQL should look like this:

On average the mass UPDATE took anywhere from 20-30 seconds to execute! The replace only took 0.30-0.12 seconds!

Now of course, different schemas may yield different results - but even the delete/insert was 0.20-0.12 seconds (ie DELETE FROM test, INSERT INTO...). From what I see it appears that MySQL doesn't wait for the user to stop entering SQL queries. There really wouldn't be a good way to detect this though, besides assuming that if a user hasn't entered a SQL statement for the past second to run the transaction.

Wait transactions....let's take a look at those. In transactions you can run a bunch of queries, and a SQL will run them in a shadow table, and when you tell the SQL engine "COMMIT" it will commit all of the queries you just made.

So I modified the update SQL script.

Running it now takes about 0.70 seconds instead of 20 seconds! What a difference. Adding transaction to the replace script turned it into a consistent 0.12 seconds. However, it didn't seem to do anything for deleting/inserting and inserting data.

Transactions are good for:

  • UPDATES
  • REPLACES

Transactions do no improve:

  • DELETE/INSERT
  • INSERT

And when you can use REPLACE over UPDATE.

Home ← Older posts