This gist contains my notes about how the FIPS selftest signature check works in OpenSSL 1.x. Assumes basic awareness of the OpenSSL FOM (FIPS Object Module). My focus for this case is Solaris on SPARC.

The goal is to examine some of the inner workings of FIPS signature verification.

The FOM is built as fipscanister.o using designated code and linked into common OpenSSL build. When the libcrypto.so library is loaded, the FOM will perform self test. If the self test fails, the running program is abort()ed.

These are my personal notes on how to run/use OpenBSD on Ubiquiti Edgerouter, specifically for Edgerouter 4. I installed OpenBSD bunch of releases back and keep upgrading. Perhaps some of the issues highlighted below would not happen on fresher install.

The upgrade should be done one release at a time, i.e. from x.y to x.(y+1).

Note: has to be done using serial console (in order to access U-boot)

# pre-flight check
VBoxManage list ostypes | grep FreeBSD

# new VM
VM=FreeBSD
zfs create tank/vm/vkotal/$VM
VBoxManage createvm --basefolder /tank/vm/vkotal --name $VM --ostype FreeBSD_64 --register

# CPU

This is a collection of random notes about FreeBSD's in kernel TLS implementation based on reading the source code (so far). The focus is TLS for NFS/RPC.

• supports TLSv1.0 to TLSv1.3
• development time frames:
  • first FreeBSD commit (b2e60773) 27-Aug-2019, this might be just the "upstreaming" work
  • development on going (March 2021)
• TCP only
• no rekeying so far (as of April 2021)

Lucene has Luke built in however I cannot start it directly via lucene/luke/bin/luke.sh on Ubuntu 20.04 with OpenJDK 11.

git clone https://github.com/apache/lucene.git Lucene
cd Lucene
./gradlew assemble
java -cp './lucene/luke/build/lucene-luke-9.0.0-SNAPSHOT/*' \
    -Xmx1024m -Xms512m -XX:MaxMetaspaceSize=256m org.apache.lucene.luke.app.desktop.LukeMain

This is a story about an operating system problem that occupied me at work in 2015 for couple of days. The goal is to give you an overview of debugging techniques and associated tools. I'd like to use this opportunity (writing this article for my students of the Unix programming class at the Mathematical-physical faculty of the Charles university in Prague in 2021) to provide some historical points, some background and some details about operating system work (I feel old writing this). As a bit of a spoiler, the cause of the problem turned out to be completely different than what it seemed initially and involved traversing multiple layers in the operating system. I love this kind of problems because it is fun and great learning experience. I vaguely remember a job advertisement in Netfix bunch of years back that demanded that the applicants posses intimate knowledge of the operating system internals down to (

nice infographics on https://www.reddit.com/r/MechanicalKeyboards/comments/jihbhi/custom_mechanical_keyboard_infographic_v30_is_now/

Cherry MX Brown - to make it similar to the Sun Type 7 keyboard I was using previously (excellent keyboard however too wide).

Fn key - the "house/home" key

my build: https://pcpartpicker.com/b/8hgJ7P#cx4069854

To assist ZFS in discovering controller errors, each drive from a given mirror zvol is connected to different controller. There are 2 controllers in use: one on-board (AHCI) and one in the form of PCIe card from LSI. Each has 4 ports, so ample for the 6 drives installed.

• SAS 3008 models: https://forums.servethehome.com/index.php?threads/lsi-raid-controller-and-hba-complete-listing-plus-oem-models.599/

https://stackoverflow.com/questions/23111631/cannot-download-docker-images-behind-a-proxy

mkdir /etc/systemd/system/docker.service.d
cat << EOF > /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"

These problems were encountered during OpenGrok development however most likely they are generic.

Initial setup:

python3 -m venv env
. env/bin/activate