Skip to content

Instantly share code, notes, and snippets.

Simon Massey simbo1905

View GitHub Profile
@simbo1905
simbo1905 / GnuPG-2.2.md
Last active Jun 23, 2020 — forked from vt0r/GnuPG-2.2.md
Build/install instructions for GnuPG 2.2.x on Centos 7 and similar distros (formerly for 2.1.x)
View GnuPG-2.2.md

GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.9, released on July 12th, 2018. These instructions are built for a headless Centos 7 LTS server (specificaly the openshift/base-centos7 docker image).

You use the below install script to install GnuPG 2.2.x by running the following commands:

# if you are root in a docker image:
curl -OL "https://gist.githubusercontent.com/simbo1905/ba3e8af9a45435db6093aea35c6150e8/raw/83561e214e36f6556fd6b1ec0a384cf28cb2debf/install-gnupg22.sh" && bash ./install-gnupg22.sh
# else if you need to sudo to do the installs:
@simbo1905
simbo1905 / PwnedPasswords.md
Last active Jun 12, 2020
How To Load The HIBP Pwned Passwords Database Into Redis
View PwnedPasswords.md

How To Load The HIBP Pwned Passwords Database Into Redis

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

@simbo1905
simbo1905 / PwnedPaswordsMongoDB.md
Last active May 25, 2020
How To Load The HIBP Pwned Passwords Database Into MongoDB
View PwnedPaswordsMongoDB.md

How To Load The HIBP Pwned Passwords Database Into MongoDB

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

View 61708601.md

Mixing two frameworks will typically require that you are an expert in both to be successful. This is because making them interact will add an additional level of complexity of having to interopate between the two frameworks. That often requires detailed knowledge of the internal workings of the frameworks that you would normally just "take for granted" such as session management and caching.

The point of using a framework is that it provides out-of-the-box "known good practice" in many low-level details so you can focus on your "business logic" not the "basic plumbing". The moment you "go against the framework" and try to do complex things like "make two frameworks coexist" you are basically throwing away the main benefit of using any framework. In short, using two is likely not better than using one. It is like to be more of a case that using two will be "three times the work".

While the actual result will depend on lots of factors I would expect that you would be better off if you picked the worst fra

@simbo1905
simbo1905 / rhel8-imagechecker.sh
Created Dec 27, 2019
script to compare local openshfit registry tags against upstream redhat image catalogue at registry.redhat.com
View rhel8-imagechecker.sh
#!/bin/bash
set -Eeuo pipefail
oc() {
if ! bin/oc_wrapper.sh "$@"; then
>&2 echo "ERROR oc wrapper returned none zero status"
fi
}
IMAGE_STREAM="$1"
@simbo1905
simbo1905 / nom_audit.log
Created Dec 24, 2019
output of `npm audit` on botkit-starter-slack as at 2019-12-24
View nom_audit.log
This file has been truncated, but you can view the full file.
 
  === npm audit security report ===  
 
# Run npm install express-hbs@2.3.0 to resolve 6 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ handlebars │
@simbo1905
simbo1905 / BlockingJournal.java
Last active Nov 5, 2019
out of order processing of a Flux of input using Reactor 0.9.1.RELEASE
View BlockingJournal.java
import reactor.core.publisher.Mono;
public class BlockingJournal {
private static String blockingWrite(String in){
try {
// fakes blocking for disk write
Thread.sleep(5L);
System.out.println("journal wrote: "+in+" on "+Thread.currentThread().getName());
@simbo1905
simbo1905 / TrexTcpServer.java
Created Nov 3, 2019
how to write an echo server with reactor-netty 0.9.1.RELEASE
View TrexTcpServer.java
package demo;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.util.CharsetUtil;
import reactor.netty.DisposableServer;
import reactor.netty.tcp.TcpServer;
public class TrexTcpServer {
@simbo1905
simbo1905 / JPACryptoConverter.java
Last active Oct 10, 2019
JPA Converter which encrypts a column in the db
View JPACryptoConverter.java
import java.security.Key;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;
import org.slf4j.Logger;
@simbo1905
simbo1905 / helmfile.yaml
Last active Sep 3, 2019
cod-builder-demo
View helmfile.yaml
repositories:
- name: ocd-meta
url: https://ocd-scm.github.io/ocd-meta/charts
releases:
- name: {{ requiredEnv "ENV_PREFIX" }}-realworld
labels:
builder: realworld
chart: ocd-meta/ocd-builder
version: "1.0.0"
values:
You can’t perform that action at this time.