- Risk management
- Want to avoid breaking things
- Instinct is to avoid changing things to avoid breaking things
- The world is moving, things standing still can and will break
- You don't spend enough to write software without bugs
- Corollary: you will break things, embrace it, find ways to mitigate the impact
- Embrace change
- If you try to avoid change, when it does happen, it's more disruptive
- Safety and Fear
Alex Gaynor alex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/content/drafts/red-hat-open-source-community.rst b/content/drafts/red-hat-open-source-community.rst | |
| index 4bff01f..b6a2de7 100644 | |
| --- a/content/drafts/red-hat-open-source-community.rst | |
| +++ b/content/drafts/red-hat-open-source-community.rst | |
| @@ -6,8 +6,10 @@ software that is a decade old, and which its maintainers want nothing to do | |
| with. This post isn't about whether maintaining old software is a good or a bad | |
| idea. It's about the effect it has on the community. | |
| -The Python core developers have ceased providing *any* support for Python 2.6 as | |
| -of October 2013, but Red Hat will continue to support it in RHEL 5, until 2020. |
alex
/ safety.rst
Created
March 23, 2015 20:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/pages/sni.md b/pages/sni.md | |
| index acd285c..ce6a71c 100644 | |
| --- a/pages/sni.md | |
| +++ b/pages/sni.md | |
| @@ -4,10 +4,10 @@ title: Server Name Indication | |
| permalink: /sni/ | |
| --- | |
| -**Server Name Indication**, often abbreviated SNI, is a TLS extension with which the client can indicate to the server to which hostname it is attempting to connect. If the [server handles traffic for multiple hostnames](https://en.wikipedia.org/wiki/Virtual_hosting#Name-based), then without the client's explicit indication of which hostname it is attempting to connect to, the server may have difficulty determining the appropriate server certificate to present to the client in the TLS handshake. | |
| +**Server Name Indication**, often abbreviated SNI, is a TLS extension with which the client can indicate to the server which hostname it is trying to connect to. This allows the [server to handles traffic for multiple hostnames](https://en.wikipedia.org/wiki/Virtual_hosting#Name-based). Without SNI, the server would not know which certif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ $ http head whitehouse.gov/usds | |
| HTTP/1.1 301 Moved Permanently | |
| Connection: keep-alive | |
| Content-Length: 0 | |
| Content-Type: text/html; charset=utf-8 | |
| Date: Fri, 13 Mar 2015 20:38:26 GMT | |
| Location: http://www.whitehouse.gov/ | |
| Server: AkamaiGHost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/agent.go b/agent.go | |
| index bcc6d74..5188ace 100644 | |
| --- a/agent.go | |
| +++ b/agent.go | |
| @@ -122,11 +122,16 @@ type RequestResult struct { | |
| } | |
| // PerformRequest makes a request to VBMS and returns summarized results | |
| -func PerformRequest(config *Config) RequestResult { | |
| +func PerformRequest(logger *logrus.Logger, config *Config) RequestResult { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/content/drafts/devops-vs-platform-engineering.rst b/content/drafts/devops-vs-platform-engineering.rst | |
| index c778239..3f44a3b 100644 | |
| --- a/content/drafts/devops-vs-platform-engineering.rst | |
| +++ b/content/drafts/devops-vs-platform-engineering.rst | |
| @@ -13,7 +13,7 @@ assosciated with DevOps? | |
| ------- | |
| Database as a Service is to Database as Load Balancer as a Service is to Load | |
| -Balanacer as Platform as a Service is to ____________. If you answered | |
| +Balancer as Platform as a Service is to ____________. If you answered |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/Modules/_ssl.c b/Modules/_ssl.c | |
| index 0e6abda..61d7294 100644 | |
| --- a/Modules/_ssl.c | |
| +++ b/Modules/_ssl.c | |
| @@ -2219,6 +2219,13 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds) | |
| sizeof(SID_CTX)); | |
| #undef SID_CTX | |
| +#ifdef X509_V_FLAG_TRUSTED_FIRST | |
| + { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/Modules/_ssl.c b/Modules/_ssl.c | |
| index 0e6abda..f28979a 100644 | |
| --- a/Modules/_ssl.c | |
| +++ b/Modules/_ssl.c | |
| @@ -2218,6 +2218,8 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds) | |
| SSL_CTX_set_session_id_context(self->ctx, (const unsigned char *) SID_CTX, | |
| sizeof(SID_CTX)); | |
| #undef SID_CTX | |
| + X509_STORE *store = SSL_CTX_get_cert_store(self->ctx); | |
| + X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/Modules/_ssl.c b/Modules/_ssl.c | |
| index 0e6abda..f28979a 100644 | |
| --- a/Modules/_ssl.c | |
| +++ b/Modules/_ssl.c | |
| @@ -2218,6 +2218,8 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds) | |
| SSL_CTX_set_session_id_context(self->ctx, (const unsigned char *) SID_CTX, | |
| sizeof(SID_CTX)); | |
| #undef SID_CTX | |
| + X509_STORE *store = SSL_CTX_get_cert_store(self->ctx); | |
| + X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit a86d54fa34727c7f91e77f83e6c4e76e7fbd5b5f | |
| Author: Alex Gaynor <alex.gaynor@gmail.com> | |
| Date: Tue Oct 7 21:51:38 2014 -0700 | |
| these aren't going to be published | |
| diff --git a/content/drafts/long-live-curl.rst b/content/drafts/long-live-curl.rst | |
| deleted file mode 100644 | |
| index d9cf18b..0000000 | |
| --- a/content/drafts/long-live-curl.rst |