Technology Blog

Linux

svn: Base checksum mismatch

by on Jun.17, 2009, under Linux

Today I went to do a checkin on svn and got the following:

svn: Base checksum mismatch on '/trunk/sites/mysite.com/framework/application/views/main_layout_header.php':
expected: 481f0430e5f320350e138b96c59141de
actual: 3b42d820bf099c3995f4acc02aabe991

This means my local svn db info has been corrupted. I tried removing the file, doing an svn up and then a checkin thinking this would work. This does not!

SOLUTION: What you need to do is remove the entire parent directory (WORKING_DIR/sites/mysite.com/framework/application/views). In my specific instance I made a local copy of the file main_layout_header.php and then deleted it with “rm main_layout_header.php”. I did an svn up, then a checking. This checked in all my modified files with an unmodified original version of main layout_header.php. Then I deleted the directory (WORKING_DIR/sites/mysite.com/framework/application/views), did an svn up. Then immediately do a check in to make sure it works! At this point I copied back my modified main_layout_header back into the views directory and performed an svn up!

1 Comment more...

Mysql_real_escape_string

by on May.21, 2009, under Linux

mysql_logo

Today I was moving some stuff to a live server and Whaamm my code was giving me the following error:

Access denied for user: 'apache@localhost' (Using password: NO)

I debugged it to be the line containing mysql_real_escape_string. But why did it work on the dev server and not the live? My memory immediately kicked in and remembered having similar problems. The code on live was not using persistent connections (not an issue) and the call to mysql_real_escape_string requires a connection to mysql to be open at the time of call. Since the line of code came before any connection to the database was being made, it caused this error.

Make sure you have a connection to mysql open before calling this method!

Leave a Comment more...

Configure Sendmail to use your ISP’s mail server

by on Apr.24, 2009, under Linux

logo

On a local server I have for testing I need to use my isp’s mail server for sending emails. They block port 25 so all mail has to be routed through their server. Luckily they do not require authentication, they use ip based ACL’s so setting up sendmail was a breeze!

All it tooke was opening

/etc/mail/sendmail.mc

adding/changing:

define(`SMART_HOST',`[mail.bellsouth.net]')

and then reseeting the sendmail config via:

m4 sendmail.mc > sendmail.cf
service sendmail restart

Now any mail sent from my machine (system status, php’s mail function, etc) will be routed through my isp’s mail server.

Leave a Comment more...

Web Based SSL VPN

by on Apr.23, 2009, under Linux

firewallSo I am putting the final touches on a program. It is completely web based and needs to be protected as if it were an intranet but have the portability of a regular website. The best solution I could come up with was a vpn. But do I really want to explain or document cases for end uses to set up ptpp or ipsec vpn’s on their computers? This would be an ABSOLUTE headache. Instead the best solution would be a web based SSL vpn. Well after some googling two options come up: SSL Explorer – and Barracuda (http://www.barracudanetworks.com/ns/products/sslvpn_overview.php).

Well guess what? Barracuda bought SSLExplorer and that’s what’s on their appliance you pay $2,000 USD for. Unfortunately, this means SSLExplorer is no longer supported and developed. I tried to compile and install it finding out it was originally compiled in java 1.5 and my machine has java 1.6.
This failed miserably:
class file has wrong version 50.0, should be 49.0

Well version 49.0 means java version 1.5.0. (Maybe some kind of internal version numbers – who knows?)
Version 50 means Java 1.6.0 -> now this error makes sense!

So is their a work around? I found a neat trick for updating this:

mv /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar.old
cp /usr/lib/jvm/java-6-sun-1.6.0.00/lib/tools.jar /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar
cd /usr/local/src/sslexplorer-0.2.14_01
ant install

Apparently, sslexplorer is shipped with tools.jar from a 1.5 java distribution, so you only need to replace it with the version you installed.

Finally, after some more headaches and research I found out about Adito (sourceforge.net/projects/adito/). Adito is a fork of SSLExplorer and is actively maintained. I figured it would be best using a package that is still updated regularly, so I switched over to adito and followed pretty much the same installation instructions that SSLExplorer provided.

This proved to give me another error which would result in roughly 3 hours being devoted to fixing:

load: class com.adito.agent.client.launcher.AgentLauncher not found.
java.lang.ClassNotFoundException: com.adito.agent.client.launcher.AgentLauncher
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 7 more
Exception: java.lang.ClassNotFoundException: com.adito.agent.client.launcher.AgentLauncher

Googling this error gives no clues (except this blog entry once it gets indexed). Well the problem was a simple one to fix. I was using a proxy to access my adito server as it was on a different network than me. When the client opened on my local machine it no longer had access to the server to properly launch. This resulted in the above error.

I dmz’ed the server, and accessed it via its public ip address and all works well now! I have connected and used it on my vista pc and on my Mac!

Thought I would share this for whatever unlucky soul gets this undocumented error again in the future!

2 Comments more...

Maintenance Firewall Script

by on Apr.18, 2009, under Linux

firewallIn dealing with a decent sized website property there were a few times we needed to bring down the site to the public and do a few roll outs. We didn’t want the public coming to the site and seeing a broken page, or getting any response at all. So we decided to forward all port 80 traffic and send them to a different server that hosted an under construction page for them.

The script is as follows:


/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

#We don’t want to forward our development team Replace your dev team’s ips with the xxx;s
/sbin/iptables -t nat -A PREROUTING -p tcp –dport 80 -s xxx.xxx.xxx.xxx -j REDIRECT –to-ports 80
/sbin/iptables -t nat -A PREROUTING -p tcp –dport 80 -s xxx.xxx.xxx.xxx -j REDIRECT –to-ports 80

#forward everyone else to destination ip yyy.yyy.yyy.yyy 😉
for IP in `/sbin/ifconfig | grep ‘inet addr:’| grep -v ‘127.0.0.1’ | cut -d: -f2 | awk ‘{ print $1}’`;
do

/sbin/iptables -A FORWARD -i eth0 -o eth0 -p tcp –dport 80 -d $IP -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -d $IP -j DNAT –to-destination yyy.yyy.yyy.yyy
/sbin/iptables -t nat -A POSTROUTING -p tcp –dport 80 -d yyy.yyy.yyy.yyy -j SNAT –to $IP

done
echo 1 > /proc/sys/net/ipv4/ip_forward

When we were done and ready for the public to start vising the site again we simply stopped and restarted iptables.

Leave a Comment more...

Revert SVN to Previous Revision

by on Apr.18, 2009, under Linux

You done some development with svn and now your at revision 300 and you realize you didn’t do things right. You want to go back to revision 290, since that’s what the live server is running gracefully.

To revert to 123 you just need to do this:

$ svn merge -rHEAD:290 .

This will undo the changes you have made since 290. Now you need to do a check in and you have a revision 301 that is exactly the same as revision 290.

Leave a Comment more...

Grep Argument List too Long

by on Apr.18, 2009, under Linux

Blast! I hate when this happens. It’s always when one of the biggest clients has a problem and I am debugging. How the heck am I suppose to help them now? My best search tool isn’t even working.

Well thankfully for the following snippet:


find . -type f -print0 | xargs -0 grep "search string here"

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...