3 liens privés
Test htaccess rules
Outil de comparaison voiture électrique/thermique :
Epub
Generate a self certificate without adding altName with the IP can lead to an error
The reason this error in java 1.8.0_181 is because this update includes security improvements for LDAP support
-Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true
Java class to test SSL
Additional parameter :
-Djavax.net.debug=ssl,handshake
-Djavax.net.debug=ssl,manager
-Djavax.net.debug=all
A lire
Architecture logicielle
DWService
# check that name is a valid variable name:
# note: this code does not support variable_name[index]
shopt -s globasciiranges
[[ "$name" == [a-zA-Z_]*([a-zA-Z_0-9]) ]] || exit
value='babibab'
eval "$name"='$value' # carefully escape the right-hand side!
echo "$var_37" # outputs “babibab”
Detect virtualized platform
systemd-detect-virt
hostnamectl
lshw -class system
dmidecode -s system-product-name
Pour avoir la description d'une méthode version bytecode :
import java.lang.reflect.Constructor;
import java.lang.reflect.Executable;
import java.lang.reflect.Method;
import java.util.concurrent.ThreadPoolExecutor;
public class ByteCodeDescriptor {
public static void main(String... args) {
Class clazz = ThreadPoolExecutor.class;
String result= ByteCodeDescriptor.getDescriptorForClass(clazz);
System.out.println("class = " + result);
for (Method m : ThreadPoolExecutor.class.getMethods()) {
String resultM= ByteCodeDescriptor.getDescriptor(m);
System.out.println("method = " + m);
System.out.println("method result = " + m.getName() + resultM);
}
for (Constructor c : ThreadPoolExecutor.class.getConstructors()) {
String resultM= ByteCodeDescriptor.getDescriptor(c);
System.out.println("constructor = " + c);
System.out.println("constructor result = " + resultM);
}
}
static String getDescriptorForClass(final Class c)
{
if(c.isPrimitive())
{
if(c==byte.class)
return "B";
if(c==char.class)
return "C";
if(c==double.class)
return "D";
if(c==float.class)
return "F";
if(c==int.class)
return "I";
if(c==long.class)
return "J";
if(c==short.class)
return "S";
if(c==boolean.class)
return "Z";
if(c==void.class)
return "V";
throw new RuntimeException("Unrecognized primitive "+c);
}
if(c.isArray()) return c.getName().replace('.', '/');
return ('L'+c.getName()+';').replace('.', '/');
}
static String getDescriptor(Executable e) {
String s = "(";
for (final Class c : e.getParameterTypes())
s += getDescriptorForClass(c);
s += ')';
if (e instanceof Method) {
Method m = (Method) e;
return m.getName() + s + getDescriptorForClass(m.getReturnType());
} else if (e instanceof Constructor) {
Constructor c = (Constructor) e;
return "<init>" + s + getDescriptorForClass(void.class);
}
throw new RuntimeException("Unrecognized primitive "+e);
}
}
Reminder
python3 -m http.server 5051
Notes for openssl
Private key :
# Add a password to a PEM private key file
openssl rsa -aes256 -in unprotected.pem -out protected.pem -passout "pass:toto"
# Read a PEM private key file with password
openssl rsa -in password.pem -passin "pass:toto"
openssl rsa -in password.pem -passin "file:password.txt"
Certificate :
# Read a certificate PEM file
openssl x509 -in certificate.pem
# Fingerprint for the certificate
openssl x509 -noout -in certificate.pem -sha256 -fingerprint
# Certificate chain
openssl x509 -noout -subject -issuer -in certificate.pem
Verify certificate
# sign fil with private key
openssl dgst -sha256 -sign tstpri.pem -out tst.sig fil
# verify the signature with matching public key
openssl dgst -sha256 -verify tstpub.pem -signature tst.sig fil
File extensions can be (very) loosely seen as a type system.
.pem
a base64 encoding with header and footer lines.
The contents of the PEM are detailed in the header and footer line
[Examples](https://stackoverflow.com/questions/5215771/how-can-i-check-if-the-certificate-file-i-have-is-in-pem-format)
CRT
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
PEM
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY----
.der
as PEM this is binary encoding method, conversion :
openssl x509 -in example.pem -out example.der -outform DER
.key
can be any kind of key, but usually it is the private key.
OpenSSL can wrap private keys for all algorithms (RSA, DSA, EC) in a generic and standard PKCS#8 structure
the encoding could be PEM or DER, both can protect the key with password-based
.crt or .cer
stands simply for certificate, usually an X509v3 certificate,
the encoding could be PEM or DER
a certificate contains the public key, but it contains much more information (most importantly the signature by the Certificate Authority over the data and public key, of course).
.csr or .req or sometimes .p10
stands for Certificate Signing Request as defined in PKCS#10;
the encoding could be PEM or DER
it contains information such as the public key and common name required by a Certificate Authority to create and sign a certificate for the requester,
.p12 or .pfx
is a PKCS#12 defined key store, commonly password protected.
It can contain trusted certificates, private key(s) and their certificate chain(s), but also other information such as secret keys and (
p12 is usually binary / DER encoded.
.crl
is a Certificate Revocation List which is defined within the X.509v3 certificate specifications, and this is usually DER encoded as well.
Si on n'a pas d'outils de monitoring (ou pas accès) :
#!/bin/bash
echo "To kill : cat *.pid | xargs kill"
cp top.output.hexagon top.output.hexagon.old 2>&1 > /dev/null ; rm -f top.output.hexagon
cp vmstat.output.hexagon vmstat.output.hexagon.old 2>&1 > /dev/null ; rm -f vmstat.output.hexagon
(vmstat 30 & echo $! > vmstat.pid) | awk '{ print strftime("%Y-%m-%d %H:%M:%S"), $0; fflush() }' 2>&1 > vmstat.output.hexagon &
echo $$ > monitor.pid
while :
do
top -b -n 1 | grep -v "0.0 0.0" 2>&1 | awk '{ print strftime("%Y-%m-%d %H:%M:%S"), $0; fflush() }' 2>&1 >> top.output.hexagon
sleep 30
done
Specify a custom private key :
Add a specific configuration for your host in ssh config
Host myname.gitlab.com
Hostname gitlab.com
IdentityFile /home/myuser/.ssh/keys.d/id_rsa_git
IdentitiesOnly yes
Test SSH :
ssh -Tvvv git@myname.gitlab.com
Git command :
git clone git@myname.gitlab.com:yourrepo.git
depannageliondumatinmerci
La vraie taille des pays
Dumping des informations mémoires.
Une JVM configuré pour 7Go en prend 13G en mémoire.
Ajout du flag :
-XX:NativeMemoryTracking=summary
Attention impact un peu les performances.
Résultat, la différence était dans "Symbol" : Here is the NMT report about the symbol allocations, such as the string table and constant pool.
Et en effet cette JVM manipule beaucoup de chaines qu'elle garde en mémoire qui pourrait être interned
https://stackoverflow.com/questions/10578984/what-is-java-string-interning
http://docs.oracle.com/javase/7/docs/api/java/lang/String.html#intern()
Basically doing String.intern() on a series of strings will ensure that all strings having same contents share same memory. So if you have list of names where 'john' appears 1000 times, by interning you ensure only one 'john' is actually allocated memory.
Heap dump pour la suite.
All in one backup : to restore from a local server file.
Put the .wpress file in :
<wp_home>/wp-content/ai1wm-backups
Check cpu speed in realtime (to check boost speed)
watch -n.1 "grep \"^[c]pu MHz\" /proc/cpuinfo"