A pleasant surprise from Slashdot

Saturday, July 13, 2002

I'm working on a project for a client, and I need to see exactly what transpires between a web browser and a web server, since what I've written isn't exactly working correctly.

So towards that end, I've written a program that acts as a very simple web proxy server—all it does is pass the data on to a real web proxy server, but it also dumps everything to disk so I can examine the traffic (it's not enough to look at the pages, I need to see what else is going on in HTTP).

As a test, I went to Slashdot. As expected, the program saved all the sessions, didn't crash and didn't leave any zombie processes. And then going through the saved files when I found out that there's an Easter Egg in the pages Slashdot send out.

You normally can't see this, even if you view the source of the page, since the Easter Eggs aren't part of the page. They're in the header portion of the transfer (not to be confused with the <HEAD> section of an HTML page—there is a difference). For instance, on the HTML pages (and it's only sent with pages that are text) on one page I found:

HTTP/1.1 200 OK
Date: Sat, 13 Jul 2002 10:08:51 GMT
Server: Apache/1.3.26 (Unix) mod_perl/1.25 mod_gzip/1.3.19.1a
X-Powered-By: Slash 2.003000
X-Fry: That's it! You can only take my money for so long before you take it all and I say enough!
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 10760

And on another one I found:

HTTP/1.1 200 OK
Date: Sun, 30 Jun 2002 02:11:36 GMT
Server: Apache/1.3.26 (Unix) mod_perl/1.25 mod_gzip/1.3.19.1a
X-Powered-By: Slash 2.003000
X-Bender: OK, but I don't want anyone thinking we're robosexuals.
Last-Modified: Mon, 03 Dec 2001 17:55:42 GMT
ETag: "33673f-13e-3c0bbc9e"
Accept-Ranges: bytes
Content-Length: 318
Connection: close
Content-Type: text/plain

And yet another one:

HTTP/1.1 200 OK
Date: Sat, 13 Jul 2002 10:09:23 GMT
Server: Apache/1.3.26 (Unix) mod_perl/1.25 mod_gzip/1.3.19.1a
X-Powered-By: Slash 2.003000
X-Fry: I'm never gonna get used to the thirty-first century. Caffeinated bacon?
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 18303

It seems to be quotes from Futurama, but I can't be entirely sure, as I've never seen Futurama. But still, it's neat finding stuff like this buried in programs (or websites as the case may be).

Thursday, July 13, 2006

The teflon shan

Okay, yesterday wasn't quite as bad as I made it out to be.

I'll get to this in a moment, but it did involve installing a new version of Apache.
I could use the exercise anyway.
There wasn't much I could do about the power that hadn't already been done (except for running around in a mad panic).

So, that leaves setting up a “reverse proxy” as per request. The server was running Apache 1.3 (at the time of install, there were still some issues pertaining to PHP and Apache 2.0, and I'm a very firm believer of “if it ain't broke, don't fix it!” theory of management) and what they were asking required features only available under Apache 2.0 or higher.

So I downloaded the latest version (2.2.2) and spent several hours getting it compiled correctly. It's not that it didn't compile cleanly, but in setting it up, I would have expected:

./configure --enable-mods-shared=all [other options not important]

to, you know, compile all the available modules. Only, it doesn't. It compiles most of the modules. I had to explicitely include support for SSL, proxy and the caching modules. Go figure.

The only other rough spot I encountered was a rash of 403 Forbidden result codes when trying to browse the websites normally on the box. Going back to Apache 1.3 they all worked. Apache 2.2? All the sites were forbidden.

Now, the configuration files between 1.3 and 2.2 haven't changed that much (thankfully! There's over a thousand sites on the box) but still, it took me several hours to track down the problem which is due to some changes in the default configuration. Apache 2.2 has the following as part of the default settings:

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

Apache 1.3 doesn't.

And since the websites are not under the default location, but elsewhere, that bit of configuration meant that none of the sites were accessible by anyone. Yes, sometimes the obvious things take awhile to notice.

But that's all working now.

Friday, July 13, 2007

Power

I came across a blurb about a new type of battery that may be used in the national power grid. And I hope it works out (and I'm bearish on this), because power generation is not a trivial thing, as Steven Den Beste lays out in a series of articles he wrote a few years ago (and are well worth reading to get a sense of the immense scale of power generation here in the States):

Carb on Emissions
Ene rgy Dependence
More on Energy Dependence
More Practical Problems
Obscure Energy Sources
Biomass
It's so sensible, it must be fatally flawed (and it is, as Steven Den Beste shows)

As Steve says:

If any proposed energy source can't be scaled up to generate 10 gigawatts average (1% of that), it won't be large enough to make any significant difference in the grand scheme of things even if it works and is really, really cool and clever and innovative and nifty.

Obscure Energy Sources

Even though these were written about five years ago, it's still nuclear power that has the best chance of weaning us off expensive carbon-based fuels as a power source.

Sunday, July 13, 2008

Implications

Friday was a bad hair day. Let us not talk about Friday.

…

Actually, lets talk about Friday.

Okay, I'm not going into details about what happened Friday (it was my fault for not fully testing the configuration, but really, what did Cisco do to break DHCP in IOS 12.3?) but I do want to talk about the ~~insane~~ ~~incipid~~ ~~stupid?~~ ~~ill-thought out~~ … I'm not sure how to diplomatically state what I think this is.

I think this stems from an incident last week when F (a company that's also a customer of ours) experienced an outtage. I suspect that everyone suspected their consumer grade router that was suspected of going out (resetting it seemed to have fixed the issue, which points to the base problem, but it's not what you think it is) and Smirk thought that a Cisco router (that would connect us to them via Ethernet) that could switch over to a DSL connection as a backup was a good solution (I'm guessing here; I don't know the actual details that lead to this solution).

And that right there is the problem I have with this scenario.

Let's see … our Ethernet connection to F goes down (I can't see how it can, seeing how Cisco routers rarely fail, and we have a cable that runs down the hall from our Data Center to their office). Their Cisco router sees this, and thus the default network route through us (populated via OSPF) is removed, and the backup default route through the DSL (static route with a higher metric than the OSPF default route) kicks in. But since the DSL is being provided via another party, F's public IP address suddenly changes. Any ongoing TCP connections they might have had are now gone.

I'm not even going to mention the email issues that come up.

The change-over is noticable, and annoying enough to possibly prompt a call to us asking us what the aitch-ee-double-hocky sticks is going on (or even worse, what the fudge is going on).

And that's the best case scenario!

Most likely is a routing issue with our upstreams that cause the outtage (and affecting not only F, but us and all our customers). F's connection to us is still fine and thus, the Cisco router sitting in their office has no reason to switch over to the DSL connection. It would have to be done manually and well … that's a call to us.

Then there's the fact that they have 8 static IPs through their DSL provider because, hey, why not? They only have one static IP through us. I don't see this as being a Good Thing™.

But I still don't like country music

When culture was a product consumed by the upper classes, it wasn't viewed by them as being subversive or tasteless since it was created for them. However, when you start getting a growing middle class who were not aristocrats but who did begin to have the kind of money and leisure to consume culture, there is the beginning of strain. Cultural products could be produced to appeal to the middle class sensibility, and to the upper classes this was low brow, unsophisticated, something to be scorned, and also perhaps something to be feared, because it could be politically subversive. So the upper classes generally used their disproportionate influence with the government to impose varying degrees of censorship to suppress that which was considered vulgar or dangerous (to their dominance).

…

None of [the US media, reflecting US culture] was being produced with the intent of delivering some sort of ideological message, but it turns out there is one, and it runs deep, and it's one of the big reasons it's popular in the world and why it is scorned by the elite everywhere.

…

The message we're delivering is that the individual is not the group to which he belongs, and doesn't have to be bound by that group. We're delivering a message of personal freedom, and it reverberates at least somewhat with all who hear it who are under the control of their betters. (And some of us here who embrace “identity politics” deeply disagree with that message …)

And we in the US prove that when the lower classes cast off the upper class, and rule ourselves, that we can actually be better. The US is the triumph of the gutter, the land of the vulgar and unsophisticated, the huddled masses who became free, who are led but not ruled by their government; and in nearly every way we're leaving all of the nations ruled by the upper classes in the dust.

We're not just complacent about being from the gutter; we're proud of it. A lot of our culture still glories in coming from the ghetto. Some of the attraction of Rap is that it comes out of the black ghetto, and even when it's put on there's almost a requirement that it keep referring to that experience. We gleefully absorb culture from all over the world, and equally gleefully share ours with the world.

The Culture of the Commons

For years I've been trying to track down an article I read (on the web) about culture, and how what has traditionally been called “culture” is really the “pop art” of the aristrocracy, and why most governments around the world dispise our “culture,” yet most people around the world love our “culture.”

Here is that article, found deep in my bookmarks file (containing almost 2,600 bookmarks—I should go through my bookmarks file more often).

Monday, July 13, 2015

You feel the earth move under your feet

In fact, the science is robust, and one of the chief scientists behind it is Chris Goldfinger. Thanks to work done by him and his colleagues, we now know that the odds of the big Cascadia earthquake [approximately 8.3 —Editor] happening in the next fifty years are roughly one in three. The odds of the very big one [approximately 9.0 —Editor] are roughly one in ten. Even those numbers do not fully reflect the danger—or, more to the point, how unprepared the Pacific Northwest is to face it. The truly worrisome figures in this story are these: Thirty years ago, no one knew that the Cascadia subduction zone had ever produced a major earthquake. Forty-five years ago, no one even knew it existed.

Via Jason Kottke, The Earthquake That Will Devastate Seattle - The New Yorker

I knew about the San Adreas fault, and even the the New Madrid fault, but I did not know about the Cascadia subduction zone and as the article above points out, it has a history of “blowing” every 250–300 years, with the previous one being in 1700. And from reading, it doesn't sound good when the earth finally does move in the Pacific Northwest.

Monday! I should have known!

First day back on the job at The Corporation, and I am unable to log in and check my email. Hilarity ensues, and over the course of a few hours it gets worked out, and I find the following email:

From

The Corporate Overload Corporation <XXXXXXXXXXXX>

To

Sean Conner <XXXXXXXXXXXXXXXXXXX>

Subject

Your WIN2K Password is Expiring in 13 days

Date

Wed, 1 Jul 2015 10:20:03 -0500

Your password is expiring soon. If you’re in the office, you can set a new password by pressing CTRL+ALT+DELETE and selecting "Change a password…" If you’re working remotely you can change your password by logging into Outlook Web Access (XXXXXXXXXXXXXXXXXXXXXXXX) the selecting "Options" (on the top-right) -> "Change Password" (on the left menu).

If you use ActiveSync on any mobile device, be sure to update your password there as well to prevent account lockouts.

Accounts that have expired passwords will be automatically disabled. If your account is disabled, you’ll need to contact XXXXXXXXXXXX (XXXXXXXXXXXX) for support.

Thank you,
Enterprise Services

Niiiiiiice! My password expired right when I started my vacation, and of course, I missed the entire two week nagging process to change my password …

But now, I can't log onto the VPN because the email password is somehow tied into the network password …

Monday, July 13, 2020

A twisty maze of little redirects, all alike

I have The Electric King James Bible. I then ported it to gopher. Sometime after that, I ported it again, this time to Gemini. I then received an email from Natalie Pendragon, who runs GUS, about the infinite redirection that happens when you try to read the the Book of Job via Gemini.

Sure enough, when I visted the The Book of Job on Gemini, I ended up in a maze of twisty little redirects, all alike.

So there's this file I have that lists not only the books of the Bible, but the abbreviations for each book, so instead of having to type http://bible.conman.org/kj/Genesis.1:1 you can type http://bible.conman.org/kj/Ge.1:1 and it'll do The Right Thing™. Only for Job, there is no abbreviation—instead, I have “Job” listed as the abbreviation (and the same issue goes for Joel).

So I guess that I handled that case in the web version (don't let the timestamps fool you—I imported it into git ten years ago, but wrote the code over twenty years ago), and the gopher version doesn't do redirections, so it doesn't matter there, but the Gemini version does do redirections, and I didn't check that condition.

Oops.

The issue has now been fixed.

Wednesday, July 13, 2022

I think Mac OS-X is wrong in this case, and Linux is right

There was apparently a frantic bug-hunt involving “Project: Lumbergh” yesterday that I was not involved in. From the description of the bug, it certainly sounded like it was a manifestation of “undefined behavior” as “Project: Lumbergh” was actinging differently between Linux and Mac OS-X (our testing and development platforms). The issue stemmed from this bit of code (not the exact code, but similar in nature):

x = strtol(input,&endptr,10);
if ((errno == 0) && (endptr != input))
/* ... */

And the fix:

errno = 0; /* BUG FIX */
x = strtol(input,&endptr,10);
if ((errno == 0) && (endptr != input))
/* ... */

In fact, there are man pages that show setting errno to 0 in sample code. Here's what the C99 Standard says about library functions setting errno:

The value of errno is zero at program startup, but is never set to zero by any library function. The value of errno may be set to nonzero by a library function call whether or not there is an error, provided the use of errno is not documented in the description of the function in this International Standard.

C99 Standard, section 7.5.3

So no function will ever set errno to 0. To me, this sounds like some earlier failed function causing a false problem in this bit of code, thus the fix to set errno to 0. Now, the C99 Standard says this about strtol():

The strtol, strtoll, strtoul, and strtoull functions return the converted value, if any. If no conversion could be performed, zero is returned. If the correct value is outside the range of representable values, LONG_MIN, LONG_MAX, LLONG_MIN, LLONG_MAX, ULONG_MAX, or ULLONG_MAX is returned (according to the return type and sign of the value, if any), and the value of the macro ERANGE is stored in errno.

C99 Standard, section 7.20.1.4.8

And indeed, on both Linux and Mac OS-X, for values outside the given range, ERANGE is returned. The issue happens when no conversion happens. Both systems return 0, but Linux doesn't set errno whereas Mac OS-X does. In fact, Mac OS-X sets errno to EINVAL, which isn't even defined in the C99 Standard (but it is defined for POSIX). I think Mac OS-X has the wrong behavior here. errno is documented in the description of strtol() (but only for one error case), so Mac OS-X shouldn't be (in my opinion) errno when there's a conversion issue.

It may be a moot point though, as the fix appears to be working as intended on both systems.

The Boston Diaries

Saturday, July 13, 2002