I hereby claim:
- I am tiran on github.
- I am ChristianHeimes (https://keybase.io/ChristianHeimes) on keybase.
- I have a public key whose fingerprint is BB97 AF8B C4E7 A5C0 D962 23D3 C788 C4C1 D455 0D45
To claim this, I am signing this object:
Christian Heimes tiran
tiran
/ Military grade encryption
Created
February 24, 2014 20:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2.7 | |
| import os | |
| from PIL import Image | |
| from Crypto.Cipher import AES | |
| # random key | |
| key = os.urandom(16) | |
| # load image | |
| img = Image.open("militarygrade.png") | |
| # encrypt |
tiran
/ Apple OpenSSL Verification Surprises
Created
March 3, 2014 15:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3.3 | |
| """Test / demo script for Apple OpenSSL Verification Surprises (CVE-2014-2234) | |
| https://hynek.me/articles/apple-openssl-verification-surprises/ | |
| Christian Heimes <christian@python.org> | |
| """ | |
| import os | |
| import platform | |
| import socket |
tiran
/ keybase.md
Created
March 7, 2014 13:50
tiran
/ More creative looping
Created
July 30, 2014 12:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # http://nedbatchelder.com//blog/201407/creative_looping.html | |
| >>> l = [1, 2, 3, 4] | |
| >>> it = iter(l) | |
| >>> while True: | |
| ... try: | |
| ... print(next(it)) | |
| ... except StopIteration: | |
| ... break | |
| ... | |
| 1 |
tiran
/ 20130416-todo.md
Last active
August 29, 2015 14:07
— forked from mrflip/20130416-todo.md
- Measure time spend on index, flush, refresh, merge, query, etc. (TD - done)
- Take hot threads snapshots under read+write, read-only, write-only (TD - done)
- Adjust refresh time to 10s (from 1s) and see how load changes (TD)
- Measure time of a rolling restart doing
disable_flushanddisable_recovery(TD) - Specify routing on query -- make it choose same node for each shard each time (MD)
- GC new generation size (TD)
- Warmers
- measure before/after of client query time with and without warmers (MD)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## /etc/tor/torrc | |
| # hidden service | |
| HiddenServiceDir /var/lib/tor/ssh | |
| HiddenServicePort 22 127.0.0.1:22 | |
| # relay | |
| ORPort 9001 | |
| Nickname some name | |
| RelayBandwidthRate 100 KB # Throttle traffic to 100KB/s (800Kbps) | |
| RelayBandwidthBurst 200 KB # But allow bursts up to 200KB/s (1600Kbps) |
tiran
/ gist:022745447d091b38c4ed
Last active
January 31, 2016 13:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _DEFAULT_SOURCE | |
| #include <netdb.h> | |
| #include <netinet/in.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| /* |
tiran
/ openssl_rng.c
Last active
August 16, 2017 16:59
OpenSSL CPRNG RAND_bytes() and pid wrap-around demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Demo for repeated CPRNG output after pid wrap around | |
| * | |
| * Christian Heimes <christian@python.org> | |
| * | |
| * | |
| * $ gcc -lcrypto openssl_rng.c -o openssl_rng | |
| * $ ./openssl_rng | |
| * $ head -n1 rng.txt | |
| * 29104: 76949c6012516ca3 | |
| * $ egrep '2920.+:' rng.txt |
tiran
/ gist:32eb2ab8265a31984bb5cf3cf468b72a
Created
June 17, 2016 11:29
glibc getaddrinfo() parsing with trailing data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _DEFAULT_SOURCE | |
| #include <netdb.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| /* |
tiran
/ FreeRadius + FreeIPA
Last active
February 5, 2023 08:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create keytab for radius user | |
| ipa-getkeytab -p 'radius/HOSTNAME' -k /etc/raddb/radius.keytab | |
| chown root:radiusd /etc/raddb/radius.keytab | |
| chmod 640 /etc/raddb/radius.keytab | |
| # make radius use the keytab for SASL GSSAPI | |
| mkdir -p /etc/systemd/system/radiusd.service.d | |
| cat > /etc/systemd/system/radiusd.service.d/krb5_keytab.conf << EOF | |
| [Service] | |
| Environment=KRB5_CLIENT_KTNAME=/etc/raddb/radius.keytab |
OlderNewer