Skip to content

Instantly share code, notes, and snippets.

Geoff Nixon geoff-nixon

Block or report user

Report or block geoff-nixon

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View opensslwithrootcerts.sh
#!/bin/sh
# How to "bake in" root certs in OpenSSL libcrypto (for OS X, etc), like node.js?
#
# https://hynek.me/articles/apple-openssl-verification-surprises/
#
# https://developer.apple.com/library/mac/documentation/Security/Conceptual/cryptoservices/SecureNetworkCommunicationAPIs/SecureNetworkCommunicationAPIs.html
#
# http://daniel.haxx.se/blog/2011/11/05/apples-modified-ca-cert-handling-and-curl/
#
# https://github.com/nodejs/node/commit/3beb880716654dbb2bbb9e333758825172951775
@geoff-nixon
geoff-nixon / ghe.md
Created Aug 18, 2015
GHE Decryption Vulnerability — **Note: this is old and out of date.**
View ghe.md

Affected Target

Per github/github/README.md:

This is GitHub.com and GitHub Enterprise.

But note I would have selected 'Enterprise' if it were an option. It could also be said to be Gist, or API, etc.

Vulnerability Class

View ruby_revealer.sh
#!/usr/bin/sudo sh
## ruby_revealer.sh -- decrypt obfuscated GHE .rb files. 2.0.0 to 2.3.1+.
## From `strings ruby_concealer.so`:
##
## > This obfuscation is intended to discourage GitHub Enterprise customers
## > from making modifications to the VM.
##
## Well, good, as long as its not intended to discourage *me* from doing this!
View dev-install.sh
#!/bin/sh -x # Bootstrap a toolchain from scratch on Chrome OS. WIP.
die(){ printf "%s\n" "$@" && exit 1 ;}
warn(){ printf "%s\n" "$@"; return 0 ;}
download(){ curl -L\# "$1" ;}
alias grep=\grep
# Some rather terse error messages.
nocrossystem(){ die "No crossystem. Are you sure you're running Chrome OS?" ;}
nox86_64arch(){ die "Sorry, x86_64 is the only supported arch at present." ;}
View ghc.rb
class Ghc < Formula
homepage "https://haskell.org/ghc/"
url "https://downloads.haskell.org/~ghc/7.10.1/ghc-7.10.1-src.tar.xz"
sha256 "92f3e3d67a637c587c49b61c704a670953509eb4b17a93c0c2ac153da4cd3aa0"
option "with-tests", "Verify the build using the testsuite."
if MacOS.version <= :lion
fails_with :clang do
cause <<-EOS.undent
View llvm.sh
#!/bin/sh -x
unset AR
unset LIBTOOL
unset LD
PREFIX=/cores/llvm-trunk
TMP_PREFIX=/tmp/llvm
BUILD=x86_64-apple-darwin11
View rubypatch.patch
diff --git a/ext/digest/md5/extconf.rb b/ext/digest/md5/extconf.rb
index dbef087..5da1cc7 100644
--- a/ext/digest/md5/extconf.rb
+++ b/ext/digest/md5/extconf.rb
@@ -17,7 +17,7 @@ if !with_config("bundled-md5") &&
OpenSSL.check_func("MD5_Transform", "openssl/md5.h")
$objs << "md5ossl.#{$OBJEXT}"
else
- $objs << "md5.#{$OBJEXT}"
+ $objs << "md5cc.#{$OBJEXT}"
View which
#!/bin/sh ## which(1) written in pure POSIX shell.
## A `which` utility is *not* included in the POSIX standard.
## This version upports -s (silent) and -a (all), and -v (verbose).
## (c) 2015 Geoff Nixon. Public Domain; no warranty expressed or implied.
which(){
which_try=
which_result=
@geoff-nixon
geoff-nixon / realpath.c
Last active Apr 18, 2019
Portable realpath(1) / readlink -f, written is portable POSIX C.
View realpath.c
// So, this used to be a really terrible shell script I wrote years ago.
// Its was buggy in all kinds of corner cases, If you really need it, check
// out the revision history. Otherwise, if you have a functioning C compiler,
// you *really* should be using the system's realpath(3) function to do this.
// Here's a bare-bones version. To compile, just: `cc realpath.c -o realpath`
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char *argv[]) {
@geoff-nixon
geoff-nixon / git-remote-hg
Created Dec 21, 2014
git-remote-hg updated for Mercurial 3.2+ (pull... error)
View git-remote-hg
#!/usr/bin/env python
# Updated for compatibility with hg 3.2+.
#
# Copyright (c) 2012 Felipe Contreras
#
# Inspired by Rocco Rutte's hg-fast-export
You can’t perform that action at this time.