In a previous\npost, I tried\ndifferent solutions for tunnelling DNS over\nTLS. One of those solutions was\nusing a dedicated DNS-over-UDP fake\nservice replying to all\nqueries with the truncate flag set: this was causing the stub\nresolvers to retry the query using a TCP-based virtual-circuit. This\nsolution is interesting because it is dead simple (it fits in a few\nline of codes) but it is clearly a hack. Here, I am using a dedicated\nDNS forwarder aggregating all\nthe incoming DNS-over-UDP requests over a single persistent TCP\nvirtual-circuit.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/11/25/rr-use-after-free/", "title": "Debugging use-after-free with RR reverse execution", "url": "https://www.gabriel.urdhr.fr/2015/11/25/rr-use-after-free/", "date_published": "2015-11-25T00:00:00+01:00", "date_modified": "2015-11-25T00:00:00+01:00", "tags": ["computer", "debug", "gdb", "rr", "simgrid"], "content_html": "RR is a very useful tool for debugging. It\ncan record the execution of a program and then replay the exact same\nexecution at will inside a debugger. One very useful extra power\navailable since 4.0 is the support for efficient reverse\nexecution\nwhich can be used to find the root cause of a bug in your program\nby rewinding time. In this example, we reverse-execute a program from a\ncase of use-after-free in order to find where the block of memory was\nfreed.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/10/12/mutt-multiaccount/", "title": "Multiple accounts with mutt", "url": "https://www.gabriel.urdhr.fr/2015/10/12/mutt-multiaccount/", "date_published": "2015-10-12T00:00:00+02:00", "date_modified": "2015-10-12T00:00:00+02:00", "tags": ["computer", "mutt", "email"], "content_html": "If you try to use mutt, you will wonder how you are supposed to handle\nmultiple\naccounts.\nYou will find suggestions to bind some keys to switch to different\naccounts, use hooks.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/09/29/private-postgresql/", "title": "Private PostgreSQL instance", "url": "https://www.gabriel.urdhr.fr/2015/09/29/private-postgresql/", "date_published": "2015-09-29T00:00:00+02:00", "date_modified": "2022-12-06T00:47:56+01:00", "tags": ["computer", "sql", "postgres"], "content_html": "How to create a private on-demand PostgreSQL instance accessible only\nfor the local user over UNIX socket.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/09/28/elf-file-format/", "title": "The ELF file format", "url": "https://www.gabriel.urdhr.fr/2015/09/28/elf-file-format/", "date_published": "2015-09-28T00:00:00+02:00", "date_modified": "2015-09-28T00:00:00+02:00", "tags": ["computer", "system", "elf", "linker", "dwarf"], "content_html": "Some notes on the ELF \ud83e\udddd file format with references, explanations and\nsome examples.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/09/01/simgrid-mc-rewrite/", "title": "SimGridMC: The Big Split (and Cleanup)", "url": "https://www.gabriel.urdhr.fr/2015/09/01/simgrid-mc-rewrite/", "date_published": "2015-09-01T00:00:00+02:00", "date_modified": "2015-09-01T00:00:00+02:00", "tags": ["computer", "simgrid", "system"], "content_html": "In my previous SimGrid post, I\ntalked about different solutions for a better isolation between the\nmodel-checked application and the model-checker. We chose to avoid\nthe (hackery) solution based multiple dynamic-linker namespaces in the\nsame process and use a more conventional process-based isolation.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/08/16/ftl-data/", "title": "FTL data file", "url": "https://www.gabriel.urdhr.fr/2015/08/16/ftl-data/", "date_published": "2015-08-16T00:00:00+02:00", "date_modified": "2015-08-16T00:00:00+02:00", "tags": ["computer", "video-game", "ftl", "reverse-engineering"], "content_html": "Faster Than Light (FTL)\nis a very nice (and quite difficult)\nrogue-like-ish game with space battles, teleporters, management of the energy of\nyour ship, asteroid fields, alien species, droids (drones), etc.\nIt is quite cheap, DRM-free\nand available natively on Intel-based GNU/Linux.\nThese are notes taken while trying to find out the format of the .dat files of\nthe game containing the game assets, ships statistics, events, etc.\nwhen I had not access to the internet to find the solution.\nThere is a companion C program, ftldat,\nfor extracting the files within the archives and generating archives.\nUnsurprisingly, similar tools\nwith the same name already exists. However, the description of the process\nof reverse-engineering a (very simple) binary format might be interesting for\nsomeone out there.
In Plasma 5, support for the XEmbed-based\n\u201clegacy\u201d systray protocol\nwas removed:\nonly the new SNI protocol is handled.\nHowever, a lot of applications still do not handle the new protocol:\nQt4 and Qt5 applications can be fixed\nby installing the sni-qt (currently in experimental) and libdbusmenu-qt5 respectively\nbut other applications (such as GTK ones) must be patched/recompiled with SNI support.\nWithout this, windows disappear into oblivion \ud83d\ude3f.\nYou can have a seamless systray-enabled Plasma panel\nwith a single (OK, two) line of shell \ud83d\ude3c.
How to use html-pipeline in\nmiddleman.
The Executable and Linkable Format (ELF) \ud83e\udddd is used for\ncompilation outputs (.o files), executables, shared libraries and core dumps.\nThe first cases are documented in the System V ABI\nspecification\nand the Tools Interface Standard (TIS) ELF\nspecification but there does not\nseem to be much documentation about the usage of the ELF format for core dumps.\nHere are some notes on this.
The official guide for verifying\nthe authenticity of a Debian \ud83c\udf65 CD image is not so clear if you don't\nalready have an idea about what you are doing. Here is a translation in\nterms of shell commands.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/04/29/journald-workflow/", "title": "Logging message workflow with journald", "url": "https://www.gabriel.urdhr.fr/2015/04/29/journald-workflow/", "date_published": "2015-04-29T00:00:00+02:00", "date_modified": "2020-07-30T23:00:00+02:00", "tags": ["computer", "system", "log", "syslog", "systemd", "journald"], "content_html": "A short summary of the logging message workflow with\nsystemd-journald\n(and the different formats and sockets involved).
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/03/29/update-firefox-os/", "title": "Updating Firefox OS", "url": "https://www.gabriel.urdhr.fr/2015/03/29/update-firefox-os/", "date_published": "2015-03-29T00:00:00+01:00", "date_modified": "2015-03-29T00:00:00+01:00", "tags": ["computer", "firefox"], "content_html": "I updated a Geeksphone Peak from\nFirefox OS 1.1 to Firefox OS\n2.1 and it was not that easy.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/03/02/bundler-starter-kit/", "title": "Bundler starter kit", "url": "https://www.gabriel.urdhr.fr/2015/03/02/bundler-starter-kit/", "date_published": "2015-03-02T00:00:00+01:00", "date_modified": "2015-03-02T00:00:00+01:00", "tags": ["computer", "ruby"], "content_html": "Bundler is a tool to manage Ruby gem\ndependencies, install them and setup the execution environment. The\nhomepage shows how to use it to install the gems alongside the ruby\ninstallation/systemwide which is not so great. For some reason, I\ninitially didn't find the option to install the gems locally\n(--path) and have been using horrible environment variable\nmodifications to avoid the systemwide installation. In fact, this is\nquite simple\u2026
The Broadband Forum as a lot of technical\nreports about\nthe xDSL architecture but it is not so easy to find a good description\nof the global architecture. Those are ASCII-art protocol stack I\ninferred from those documents. What is in there may be wrong, feel free\nto correct me.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/02/14/recursive-dns-over-tls-over-tcp-443/", "title": "Recursive DNS over TLS over TCP 443", "url": "https://www.gabriel.urdhr.fr/2015/02/14/recursive-dns-over-tls-over-tcp-443/", "date_published": "2015-02-14T00:00:00+01:00", "date_modified": "2019-12-13T00:53:18+01:00", "tags": ["computer", "network", "dns", "tls", "privacy"], "content_html": "You might want to use an open recursive DNS servers if your ISP's DNS\nserver is lying. However, if your network/ISP is intercepting all DNS\nrequests, a standard open recursive DNS server won't help. You might\nhave more luck by using an alternative port or by forcing the usage of\nTCP (use-vc option in recent versions of glibc) but it might not\nwork. Alternatively, you could want to talk to a (trusted) remote\nrecursive DNS server over secure channel such as TLS: by using DNS\nover TLS over TCP port 443 (the HTTP/TLS port), you should be able to\navoid most filtering between you and the recursive server.
Some notes on ELF \ud83e\udddd loading and dynamic linking mainly for GNU userland\n(ld.so, libc, libdl) running on top of the Linux kernel. Some\nprior knowlegde on the topic (virtual memory, shared objects,\nsections) might be useful to understand this.
Today, I managed to forget a password but I had a Icedove (Thunderbird) process\nrunning containing the password.
\n"}, {"id": "http://www.gabriel.urdhr.fr/2015/01/11/logstash-vhost-combined/", "title": "nginx, Logstash and vhost-combined log format", "url": "https://www.gabriel.urdhr.fr/2015/01/11/logstash-vhost-combined/", "date_published": "2015-01-11T00:00:00+01:00", "date_modified": "2015-01-11T00:00:00+01:00", "tags": ["computer", "log", "apache", "nginx"], "content_html": "The Apache HTTP server ships with a\nsplit-logfile\nutility which parses Combined Log File entries prefixed with the virtual host:\nsome notes about this and its inclusion in nginx and\nlogstash.
In an attempt to simplify the development around the SimGrid\nmodel-checker, we were thinking about moving the model-checker out in\na different process. Another different approach would be to use a\ndynamic-linker isolation of the different components of the process.\nHere is a summary of the goals, problems and design issues surrounding\nthese topics.
\n"}]}