psy0rz

--- build	2019-09-16 13:30:06.000000000 +0200
+++ build.patched	2019-09-19 12:30:42.454000313 +0200
@@ -11430,6 +11430,20 @@
 	tar xzf ${FILE} --no-same-owner
 	echo "Done."
 
+	# Use microsoft version instead of vanilla php 5.6.40, so we get all the security backports. edwin@datux.nl
+	if [ "${INT_RELEASE}" = "5.6" ]; then
+		echo "HACK ms security backports 5.6.40"
+		rm PHP-5.6-security-backports

psy0rz

class MultiCall():
    """This class calls all methods in multiple other class objects.
    (all classes should have the same methods and arguments)

    e.g.:
     m=MultiCall([A(), B()])

     m.msg("hi")

     will result in a call to A.msg("hi") and B.msg("hi")

psy0rz

### Automaticly update haproxy with letsencrypt/certbot certificates.
### Just create the files below in the hook-directories and certbot will use them. (no extra options needed, also works with certbot renew)


[root@proxy1 ~]# cat /etc/letsencrypt/renewal-hooks/deploy/haproxy 
#!/bin/bash

set -e
NAME=`basename $RENEWED_LINEAGE`
cd $RENEWED_LINEAGE

psy0rz

# This file contains common pin mappings for the 2017 Creality
# CR-10. To use this config, the firmware should be compiled for the
# AVR atmega1284p.

# Note, a number of Melzi boards are shipped without a bootloader. In
# that case, an external programmer will be needed to flash a
# bootloader to the board (for example, see
# http://www.instructables.com/id/Flashing-a-Bootloader-to-the-CR-10/
# ). Once that is done, one should be able to use the standard "make
# flash" command to flash Klipper.

psy0rz

# This file contains common pin mappings for the 2017 Creality
# CR-10. To use this config, the firmware should be compiled for the
# AVR atmega1284p.

# Note, a number of Melzi boards are shipped without a bootloader. In
# that case, an external programmer will be needed to flash a
# bootloader to the board (for example, see
# http://www.instructables.com/id/Flashing-a-Bootloader-to-the-CR-10/
# ). Once that is done, one should be able to use the standard "make
# flash" command to flash Klipper.

psy0rz

long timeDiff(unsigned long prev, unsigned long next)
{
  long signed_diff = 0;
  // To cast a value to a signed long, the difference may not exceed LONG_MAX
  const unsigned long half_max_unsigned_long = 2147483647u; // = LONG_MAX
  if (next >= prev) {
    const unsigned long diff = next - prev;
    if (diff <= half_max_unsigned_long) {
      //  0........prev******next......................ULONG_MAX

psy0rz

/var/log/secure
Dec  8 10:44:16 svr-dc12 pluto[27238]: "testtunnel" #3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x6f0231d8 <0x7c3e0a2c xfrm=AES_CBC_128-HMAC_
SHA1_96 NATOA=none NATD=none DPD=active}
Dec  8 10:44:23 svr-dc12 pluto[27238]: assign_holdpass() delete_bare_shunt() failed
Dec  8 10:44:23 svr-dc12 pluto[27238]: initiate_ondemand_body() failed to install negotiation_shunt,
Dec  8 10:44:23 svr-dc12 pluto[27238]: initiate on demand from 192.168.250.1:53877 to 192.168.11.19:161 proto=17 because: acquire
Dec  8 10:44:23 svr-dc12 pluto[27238]: assign_holdpass() delete_bare_shunt() failed
Dec  8 10:44:23 svr-dc12 pluto[27238]: initiate_ondemand_body() failed to install negotiation_shunt,
Dec  8 10:44:23 svr-dc12 pluto[27238]: initiate on demand from 192.168.250.1:53877 to 192.168.11.13:161 proto=17 because: acquire
Dec  8 10:44:23 svr-dc12 pluto[27238]: assign_holdpass() delete_bare_shunt() failed

psy0rz

Last login: Tue Oct  3 05:00:10 2017
[root@backup ~]# zfs list
The ZFS modules are not loaded.
Try running '/sbin/modprobe zfs' as root to load them.
[root@backup ~]#  yum remove zfs zfs-kmod spl spl-kmod libzfs2 libnvpair1 libuutil1 libzpool2 zfs-release
Loaded plugins: fastestmirror
Resolving Dependencies
--> Running transaction check
---> Package kmod-spl.x86_64 0:0.7.2-1.el7_3 will be erased
---> Package kmod-zfs.x86_64 0:0.7.2-1.el7_3 will be erased

psy0rz

Sep  7 12:09:38 3cx pluto[3819]: "loc12" #1: initiating v2 parent SA
Sep  7 12:09:38 3cx pluto[3819]: "loc12" #1: loc12 IKE proposals for initial initiator (selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP1536 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP1536 (default)
Sep  7 12:09:38 3cx pluto[3819]: "loc12" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
Sep  7 12:09:41 3cx pluto[3819]: packet from 94.168.0.90:500: initial parent SA message received on 185.112.64.25:500 but no suitable connection found with IKEv2 policy
Sep  7 12:09:41 3cx pluto[3819]: packet from 94.168.

psy0rz

[Syn-3] root@darkstar.example.net ~# cat /etc/ipsec.d/ipsec.pub 
: RSA   {
        # RSA 3376 bits   darkstar   Thu Jan 12 16:42:41 2017
        # for signatures only, UNSAFE FOR ENCRYPTION
        #ckaid=657cfd81eaa05d3e7b02026d9c7d30db2c639f0b
        #pubkey=0sAQGgZ6ux7PcGscyY9CPl+V15h2Bo7UBe2urarB/D0r+AVsrDS1eHVQiLfKz+92f2d770/yiWC1fnClCW2qItz02az0+rtmsa90AT9rhb2W00MUOQiQ14bldO/YbiwT/22go2YqylzbsCv4BsxsPDJUArcoJavxStF5YiWVStwlDO0kDnwCh3ZmcmQJBcCAWwknQ+q3DI9HWUIOUX4D8fKBKD09gNeb7EJBswWPg30HvtiP01CNI4QShrgvzhJf9blT4udhKWajSuJxt+WlxE1apL7ERS9lGeNV5k04z18p6ghGPY/MN8LG5khNy/91HiKkar2oQB7xoBKbXAQwZeZuPnRRc96bAjvqUMmynlL2hWYEpN06YPjR6L40+JZHzQBaIbz0uOoP/IbxXQvY+YnI8Ld0/yfd9QX0myT+bAGpG7sCSMDvREWLGxj9UsS/kR+deCNDHwG5HDwP+X5OwU2tD1uzNHNaRhNWPHItd3GMZGRl+6qcpEniHlw00i6zVvzyYdwwIFVf0ls4sR5Z9jTPzFWq+LUTR2DFn6v6Hn/oLFRoIJLrHaNQ==
        Modulus: 0xa067abb1ecf706b1cc98f423e5f95d79876068ed405edaeadaac1fc3d2bf8056cac34b578755088b7cacfef767f677bef4ff28960b57e70a5096daa22dcf4d9acf4fabb66b1af74013f6b85bd96d34314390890d786e