Archive for the ‘Uncategorized’ Category

mowgli-2 and libmowgli-glib

Monday, April 2nd, 2012

It sure has been a while since I actually posted anything here.  As some of you may know, the current maintainers of Audacious decided to quit using components belonging to the Atheme base system because they did not fit into their multithreaded design.  I’m not going to bother explaining why this design is flawed right now — it can just be summarized as using threads to handle a mostly I/O bound task is generally a bad approach of doing things.

Other than that, we maintainers of Mowgli (and other components of the Atheme base system) have been working on Mowgli-2, which is a threadsafe version removing a lot of cruft from incomplete projects that we got over the years.  Mowgli-2 has had some impressive accomplishments, such as being 10-15% faster than libevent in their own benchmark.  However, because Mowgli has a different eventing model than GLib does, people wonder how you can use both in a GTK+ application and have it all get along.  To solve this problem, I am working on a new project: libmowgli-glib.  It’s on GitHub.

In other news, people who are wondering about Services (especially since IRC Services is now an entirely discontinued product) – Atheme 7 should be out by mid-May.  We’re mostly just waiting for Mowgli-2 to enter some level of API freeze state now.

determine LBAs of LVM physical extents

Tuesday, January 4th, 2011

For the last couple of days, I had a VM sitting on an LVM volume with bad sectors.  Here’s how you find out what LVM volume is causing the problem so that you can migrate off of it.  Firstly, we want to look at the dmesg output to find out what LBA is bad:

[1381493.960771] Buffer I/O error on device sda5, logical block 380731029
[1381493.960771] Buffer I/O error on device sda5, logical block 380731030

This means the bad LBA is 380731029. so, we need to determine the partition offset next. To do this, we do the following:

# sfdisk -luS /dev/sda

Disk /dev/sda: 1430807 cylinders, 64 heads, 32 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Warning: The partition table looks like it was made
  for C/H/S=*/255/63 (instead of 1430807/64/32).
For this listing I'll assume that geometry.
Units = sectors of 512 bytes, counting from 0

   Device Boot    Start       End   #sectors  Id  System
/dev/sda1            63  19535039   19534977  83  Linux
/dev/sda2      19535040  21494969    1959930  82  Linux swap / Solaris
/dev/sda3      21494970 2930288129 2908793160   5  Extended
/dev/sda4             0         -          0   0  Empty
/dev/sda5      21495033 1475891549 1454396517  8e  Linux LVM
/dev/sda6     1475891613 2930288129 1454396517  8e  Linux LVM

We subtract 21495033 from 380731029 to yield 359235995.  Next, we determine the extent size in kilobytes:

# pvdisplay /dev/sda5
  --- Physical volume ---
  PV Name               /dev/sda5
  VG Name               aurora-1
  PV Size               693.51 GB / not usable 2.55 MB
  Allocatable           yes
  PE Size (KByte)       4096 <-- 4096KB.
  Total PE              177538
  Free PE               2114
  Allocated PE          175424
  PV UUID               mz2kUU-h19J-CpBc-Q0lX-Spq7-D3hg-qoexGa

A kilobyte is 1024 bytes.  An LBA block is 512 bytes.  So we multiply 4096 by 2 (8192), and divide 359235995 by 8192 giving us 43852, which is the extent number on the physical volume.  The next step is obvious, read through /etc/lvm/backup/vgname until you find a volume that extent 43852 falls between!  Then recover the data off of that volume and stop using it (or maybe try badblock recovery or something).

how to download enhanced content from amazon mp3 with libamz

Wednesday, December 8th, 2010

Amazon sets the download manager version at 1.0.3 when you say you have it already installed in the dmusic_download_manager_enabled cookie.  We need to edit the cookie to 1.0.10 in order to be allowed to download the enhanced content AMZ entitlement files.

It should be noted that right now, libamz 0.1.0 does not really support the enhanced content so you should buy the normal MP3 albums unless the enhanced content album is cheaper for some reason.  But since I have purchased such a file, I will release a 0.2.0 release shortly which also downloads the other data.

You can edit the cookie with a Firefox extension called, ironically, “Edit Cookies“.  In Chrome, you can use the “Edit This Cookie” extension, but I don’t use Chrome very much so I haven’t tried it.

did icann really seize torrent-finder.com or was it verisign?

Sunday, November 28th, 2010

It seems that the media has been trying to pin this one on ICANN, but there is no sign of DNS root server tampering, only GTLD root server tampering which is wholely administered by Verisign.  Proof follows:

$ whois torrent-finder.com
[Querying whois.verisign-grs.com]
[Redirected to whois.godaddy.com]
[Querying whois.godaddy.com]
[whois.godaddy.com]
The data contained in GoDaddy.com, Inc.'s WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, Inc.  By submitting an inquiry,
you agree to these terms of usage and limitations of warranty.  In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam.  You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes. 

Please note: the registrant of the domain name is specified
in the "registrant" field.  In most cases, GoDaddy.com, Inc.
is not the registrant of domain names listed in this database.

Registrant:
 Torrent Finder
 15 Alexandria St.
 N/A
 Alexandria,  55555
 Egypt

 Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
 Domain Name: TORRENT-FINDER.COM
 Created on: 30-Dec-05
 Expires on: 30-Dec-11
 Last Updated on: 04-Oct-10

 Administrative Contact:
 Gadelkareem, Waleed  kurtubba@gmail.com
 Torrent Finder
 N/A
 N/A
 Alexandria,  55555
 Egypt
 20121578967      Fax -- 2034411838

 Technical Contact:
 Gadelkareem, Waleed  kurtubba@gmail.com
 Torrent Finder
 N/A
 N/A
 Alexandria,  55555
 Egypt
 20121578967      Fax -- 2034411838

 Domain servers in listed order:
 NS51.DOMAINCONTROL.COM
 NS52.DOMAINCONTROL.COM
$

Alright, the WHOIS information looks as if the domain hasn’t been seized by GoDaddy.  So, we can write them off the list for this one (which is shocking, given the fact that GoDaddy has been more than happy to suspend domains in the past.)  Lets try a DNS trace using a public DNS server (in this case, 4.2.2.1 hosted by Level3):

$ dig torrent-finder.com +trace @4.2.2.1

; <<>> DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 <<>> torrent-finder.com +trace @4.2.2.1
;; global options: +cmd
.            33799    IN    NS    c.root-servers.net.
.            33799    IN    NS    j.root-servers.net.
.            33799    IN    NS    e.root-servers.net.
.            33799    IN    NS    b.root-servers.net.
.            33799    IN    NS    d.root-servers.net.
.            33799    IN    NS    a.root-servers.net.
.            33799    IN    NS    f.root-servers.net.
.            33799    IN    NS    g.root-servers.net.
.            33799    IN    NS    i.root-servers.net.
.            33799    IN    NS    h.root-servers.net.
.            33799    IN    NS    k.root-servers.net.
.            33799    IN    NS    m.root-servers.net.
.            33799    IN    NS    l.root-servers.net.
;; Received 228 bytes from 4.2.2.1#53(4.2.2.1) in 28 ms

4.2.2.1 is giving us exactly what we asked for here: the root-servers, which are maintained by IANA (part of ICANN), now lets query one of them:

com.            172800    IN    NS    l.gtld-servers.net.
com.            172800    IN    NS    e.gtld-servers.net.
com.            172800    IN    NS    i.gtld-servers.net.
com.            172800    IN    NS    k.gtld-servers.net.
com.            172800    IN    NS    f.gtld-servers.net.
com.            172800    IN    NS    h.gtld-servers.net.
com.            172800    IN    NS    m.gtld-servers.net.
com.            172800    IN    NS    c.gtld-servers.net.
com.            172800    IN    NS    g.gtld-servers.net.
com.            172800    IN    NS    j.gtld-servers.net.
com.            172800    IN    NS    d.gtld-servers.net.
com.            172800    IN    NS    a.gtld-servers.net.
com.            172800    IN    NS    b.gtld-servers.net.
;; Received 496 bytes from 128.8.10.90#53(d.root-servers.net) in 72 ms

When asked about a noncached response for ‘torrent-finder.com’, they redirected us to the gtld-servers, which are run by VeriSign, lets ask one of those servers now:

torrent-finder.com.    172800    IN    NS    ns1.seizedservers.com.
torrent-finder.com.    172800    IN    NS    ns2.seizedservers.com.
;; Received 118 bytes from 192.43.172.30#53(i.gtld-servers.net) in 167 ms

Hmm, the GTLD-SERVERS are not replying with NS51.DOMAINCONTROL.COM and NS52.DOMAINCONTROL.COM, instead we get NS1.SEIZEDSERVERS.COM and NS2.SEIZEDSERVERS.COM:

torrent-finder.com.    86400    IN    A    74.81.170.110
torrent-finder.com.    86400    IN    NS    ns1.torrent-finder.com.
torrent-finder.com.    86400    IN    NS    ns2.torrent-finder.com.
;; Received 120 bytes from 74.81.170.108#53(ns2.seizedservers.com) in 78 ms

$

Alright, it’s obviously not ICANN, but Verisign.  Lets see what they say when asked directly about this:

$ nc whois.verisign-grs.com nicname
torrent-finder.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

 Domain Name: TORRENT-FINDER.COM
 Registrar: GODADDY.COM, INC.
 Whois Server: whois.godaddy.com
 Referral URL: http://registrar.godaddy.com
 Name Server: NS1.SEIZEDSERVERS.COM
 Name Server: NS2.SEIZEDSERVERS.COM
 Status: clientDeleteProhibited
 Status: clientRenewProhibited
 Status: clientTransferProhibited
 Status: serverDeleteProhibited
 Status: serverTransferProhibited
 Status: serverUpdateProhibited
 Updated Date: 24-nov-2010
 Creation Date: 30-dec-2005
 Expiration Date: 30-dec-2011

>>> Last update of whois database: Sun, 28 Nov 2010 07:28:43 UTC <<<
$

Hmm, what does serverUpdateProhibited status mean? According to RFC2832bis:

SERVERUPDATEPROHIBITED: The registry sets the domain to this status.
Requests to update the domain name (except to remove this status)
MUST be rejected. The domain name can be transferred, renewed, or
deleted. The domain SHALL be included in the zone when in this
status if the domain has at least one delegated name server.

This means that the registry administrator (e.g. VeriSign) has locked the domain out.  If it were ICANN, it would be blocked at the root-servers, not at the registry level, that is, it wouldn’t be making it to VeriSign-GRS at all.

I wonder what other domains are serverUpdateProhibited now.

upse2 snapshot build for foobar2000 available

Friday, November 5th, 2010

kode54 has uploaded a foobar2000 component using a recent mercurial snapshot of the upse2 PSF playback engine. You can download it from his website.

A prerelease of upse2, upse-1.90 will be made within the next few days.  I would like to give thanks to TMM and kode54 for contributing code and ideas to this release, as well as the people who generally test UPSE snapshots for accuracy and playback compatibility.

pr0ncollage (or so-called “efficient apparatus for the visualization of trends on social media sites”)

Sunday, October 31st, 2010

pr0ncollage is a side-project I started hacking on a couple of days ago.  It works by scraping images from Twitter and collaging them.  As the program continues to iterate, it blends it’s new image selections into the same canvases resulting in a crossfaded display between two constantly evolving images.

The interesting aspect of this project is that the images are displayed without context and disappear as quickly as they are added into the image.  Full details will be available on a project page on this site when I finish this program up.

In the meantime, you can clone the hg repository by doing:

$ hg clone http://hg.atheme.org/users/nenolod/pr0ncollage
$ sh autogen.sh
$ ./configure
$ make
$ sudo make install

You will need GNOME development headers (e.g. gtk+/cairo/libsoup/libxml2)  installed, these are available in almost every Linux/UNIX distribution.

using the kernel routing table instead of iptables for effective IP blacklist management

Monday, October 18th, 2010

iptables is great, but not if you want to ban thousands of IPs from your box.  By design, firewalls aren’t really meant for that sort of thing, as they typically do ruleset iteration on each traffic flow (such as a sctp or tcp connection).

Instead, to do this efficiently, we use the kernel routing table.  The reason why we use the kernel routing table is because, typically, it is a radix trie which uses IP masks as keys.  This is a lot faster than iterating through thousands of iptables rules and has the same effect – since an outbound route is blocked, replies can’t be received by the hostile IP, which means that connections can’t be set up, as they require a three-way handshake.

Linux defines RTN_BLACKHOLE as the flag used to define nullroutes.  This flag is supported by the IPv4, IPv6 and DECnet routing tables.

To add an outbound nullroute, simply do the same thing as you would an inbound nullroute on your firewalling box:

# ip route add blackhole 192.168.1.1/32

Deleting works like this:

# ip route del blackhole 192.168.1.1/32

If you use FreeBSD or NetBSD or MacOS, it’s something like that. On FreeBSD, it’s:

# route add -host 192.168.1.1 127.0.0.1 -blackhole
# route del -host 192.168.1.1 127.0.0.1 -blackhole

I don’t know what it is on NetBSD, but I would guess that it’s the same.

The cool thing about this is that if you can aggregate your banlists to network boundaries, you can actually set them as nullroutes in CIDR format and it makes things even faster.  Mind, ruleset aggregation also improves netfilter’s performance, but this is considerably more scalable than using netfilter.  Netfilter (iptables) should be used when you actually need to do filtering, the routing table should be used when you want to ban IPs outright – that’s why the networking stack has blackhole functionality.

status update on upse’s ps2 support!

Sunday, October 10th, 2010

if you’ve been watching the upse repository recently, you will have noticed that i have published a lot of code for PSF2 support a week or so ago.

there’s a lot to do still, mostly getting the IOP calls working and calling into the IOP modules from the CPU. the MAME-based CPU code used in HE and friends is rather buggy so we can’t really know if it’s right – it doesn’t seem to be. but we load, parse and start psf2.irx now! which is a pretty big deal if you ask me.

this means that upse2 might get released by the end of the year. i’m also working on trying to figure out a way to implement it as a codec in android as an opencore module, but i have no idea how long that will take yet.

the hypocracy of sorcerynet

Monday, September 6th, 2010

I was reading my e-mail earlier this evening, when I read this:

To all users,

The admin voting session for a delink of iuturna.sorcery.net, called yesterday,  has closed. The verified results state that unfortunatly, Iuturna has to be delinked.
As iuturna is probably soon to removed from pools and the iuturna.sorcery.net address rerouted, users connecting directly to iuturna are advised
to change their connection settings to either the worldwide irc.sorcery.net or local server pools.

We would like to take this opportunity to thank Onno and the rest of his team for their years of devoted service to this network.

–Votemasters

What? I mean no offense here, but all of the other server admins have delinked from SorceryNet over politics before.  Onno on the other hand, has stuck with it.  Now he is being punished for being on holiday when it became time to upgrade the server software.  The worst part of this is that it was done behind his back, and more importantly, the users’ backs, which is not allowed by SorceryNet’s charter, created to, in part, protect users from DALnet-style corruption:

5.1 Applying Servers.

a) Linking or delinking a server permanently to the network requires a vote of the Admins, with the CFD held on the public mailing list.  Linking a server requires a 2/3 majority in favor of the application.

I’ve added some emphasis in bold.  There was no public CFV, just an announcement.  If you’re a SorceryNet user, this means that the administrative body has now wronged you, and it is likely that this is only the first step.

I suggest that you ask questions and vote with your feet, especially if you are a channel owner.  It is obvious that the administrative body cannot be trusted anymore because they are in the process of violating the charter.  If you’re running an RP channel, DarkMyst may be an appropriate replacement for your needs [disclosure: I do presently sponsor infrastructure for DarkMyst, but would not do so if I felt that the administrative process was acting in an unethical manner].  Technical channels may find a home on freenode or OFTC.  StaticBox is a spinoff of SorceryNet started due to previous ethical concerns and features many of the old SorceryNet operators [disclosure: I am an admin on StaticBox].

Even if you do not vote with your feet, you should be asking the administration why they do not follow their own charter.  SorceryNet is nothing without its’ users, so it owes its’ users a proper explanation for what happened here.

Also, apparently I was akilled in my absence because I had the gall to enforce charybdis’ trademarks.  Keep it classy, SorceryNet.

libamz and amzdl

Tuesday, August 31st, 2010

Due to frustrations with the amazon mp3 store’s mandatory (well, for albums anyway) download client not being installable on Fedora 14, I have reverse engineered the AMZ file format and am working on a library and download tool for the AMZ files distributed by Amazon.  This code is in under the ISC license and will allow you to download from amazonmp3 anywhere that glib and libsoup work.

Note: This does not allow you to get MP3s for free.  It only allows you to download MP3s you have bought, as you have to have proof of purchase (e.g. the AMZ file that they give you).

I intend to write a GTK+ frontend soonish, but a usable commandline client was better than nothing.  You may download the code from my mercurial repository by doing:

$ hg clone http://hg.atheme.org/users/nenolod/libamz
$ cd libamz
$ sh autogen.sh
$ ./configure
$ make
$ sudo make install

You can then use amzdecrypt to view the raw underlying XSPF playlist, amzls to view a track listing and amzdl to download the music referenced by the AMZ file.

Have fun!