Monday, July 24, 2017

How smart-contract is possible in blockchain ?

The idea was derived from the scripting support in bitcoin. Part of bitcoin transaction contain a Script, a stack based language that will be executed to verify the transaction. Complex conditions can be expressed in this language, which has 80 different opcodes including arithmetic, bitwise operations, string operations, conditionals, and stack manipulation.

This language however still pretty limited, such as not having loop and thus not Turing complete. So new blockchain implementation like Etherium expand the idea further to include support for real programming language, thus enabling more complex conditions to the blockchain transaction, which now commonly known as smart-contract.

Sunday, June 11, 2017

How to build your own programming language

I've always fascinated in how programming languages are built and have made it into my 2017's new year resolution to learn building one myself. So here are all the notes collected along the way.

My presentation at Malaysia Open Source Conference - How to build your programming language ? I plan to extend this presentation at upcoming PyCon APAC in this August with an example in Python.

A write up in Malay - Bagaimana bahasa pengaturcaraan dibina ?

A series on building simple interpreter in Python by Ruslan Plivak - Let's Build a Simple Interpreter !

A book on writing an interpreter with Go (Golang). I'm still making up my mind whether to buy this or not - https://interpreterbook.com/.

Free book on building interpreter using Java and then C. This is not complete yet but the author also recommend Interpreter book above in his reply to my reddit's comment.

A classic on building compiler, the original essay was using Pascal. This is my first time trying Pascal and to my surprise the example code (from 1986) still compile in the modern FreePascal - Let's Build a Compiler.

A question on reddit on how to build own programming language.

Creating toy programming language using Python PyParsing library.

Friday, December 23, 2016

My Python Workflow

This is basically what I did whenever starting on new Python project.

mkdir project_name
cd project_name
wget https://bootstrap.pypa.io/bootstrap-buildout.py
vim buildout.cfg

Where my buildout.cfg look like:-

[buildout]
parts = main

[main]
recipe = zc.recipe.egg
eggs =
    python-telegram-bot

interpreter = python


Then I just execute the following to get my new python environment initialize:-

python bootstrap.py
./bin/buildout

A python interpreter that already has access to my packages dependencies - in this case python-telegram-bot is ready in ./bin/python.

I'm a fan of buildout and shall write more about it in later post.

Friday, September 11, 2015

Trying out Ajenti

Ajenti is server control panel, in the same space as Webmin. It allow you to manage your linux server directy via web interface.

In term of installation, Ajenti really win. All available as OS packages, so if using Ubuntu or Debian it just a matter of apt-get. The initial installation is covered by a script that you download from Ajenti's website.

wget -O- https://raw.github.com/ajenti/ajenti/1.x/scripts/install-ubuntu.sh | sudo sh
One thing that tripped me up is that I thought the web hosting plugins also in the same packages. Turn out it a separate package called ajenti-v (It clearly shown on the website, so my bad). To get the webhosting packages you need to install ajenti-v package.

sudo apt-get install ajenti-v ajenti-v-nginx ajenti-v-mysql ajenti-v-php-fpm php5-mysql ajenti-v-python-gunicorn

If you have already install apache2 before, you need to remove it as Ajenti-v use nginx.

The whole experiences of getting a Django website running is still not very smooth. Those who are not familiar with Python deployment might be in hard time trying to fit everything together. This is I some room that I want to explore me in Ajenti-V. In order for this to be really usable, we don't have to touch the terminal at all to get things running.

The first problem I got is 
supervisor FATAL Exited too quickly (process log may have details). This turn out that I don't have gunicorn installed in the virtualenv set for my site. There are lot of things that need to be set - virtualenv, install gunicorn, the path to wsgi script.

One that taking so much of my time is figuring out why nginx keep doing 301 redirect for static files. In the end, I have to choose the 'root' method instead of 'alias' in nginx location.

http://nginx.2469901.n2.nabble.com/stop-automatic-trailing-slash-addition-td7592389.html
http://wiki.nginx.org/HttpCoreModule#alias

There's a subtle difference between root and alias.

Thursday, August 21, 2014

AWS: Allowing IAM user to manage their own MFA device

When enabling MFA (Multi-factor Authentication) on AWS Web Console, only users with admin privilege can configure the MFA device for each IAM user. This pose a problem if your users are not in the same physical location. To allow each IAM user to be able to configure the device on their own, you must add specific IAM policy:-

http://docs.aws.amazon.com/IAM/latest/UserGuide/Credentials-Permissions-examples.html#creds-policies-mfa-console

If you're using the default PowerUserAccess, that policy also basically remove access to the whole IAM so make sure to change that too. The default policy:-

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "NotAction": "iam:*",
      "Resource": "*"
    }
  ]
}

Change that to:-
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ec2:*",
      "Resource": "arn:aws:ec2:*"
    }
  ]
}
Finally, user also has at least read only access to the IAM.

Thursday, June 13, 2013

Apache read raw request data

It's not possible to get the whole raw request data from within PHP. You can get the request body using php://input but not the headers. Searching around, I found that you can log the request data from apache  using mod_dumpio. It will dump the incoming request data to error.log. As mentioned in the docs, for apache version < 2.4, you have to set LogLevel to debug. One catch with this is to make sure none of your virtualhost config has LogLevel higher than debug otherwise you'll not get output from this module. Also make sure you didn't set the LogLevel to debug but going down the config, another LogLevel exists and set to something else. Happened to me.

Monday, May 27, 2013

Craft HTTP requests using nc

To do some low level check on websites, I'd usually use telnet to compose a http requests against the server. The main intention is to talk directly to the server port to make sure the problem we have not caused by some higher level application. For example, to connect to server and issue a GET request:-

telnet k4ml.github.io 80
Trying 199.27.75.133...
Connected to github.map.fastly.net.
Escape character is '^]'.
GET /
Connection closed by foreign host.

There's always a problem with telnet. In the above example, I can only issue a GET request without having a chance to add other HTTP headers such as HOST before the server close the connection. Some websites also time out very quickly when they are not receiving any data after establishing connection. And since the above command is in interactive session, it's not repeatable or scripted. Using nc seem to be much better.

Specify the virtual host:-

echo -en "HEAD / HTTP/1.1\r\nHOST: k4ml.github.io\r\n\r\n" | nc k4ml.github.io 80

You'll get the output as:-

HTTP/1.1 200 OK
Server: GitHub.com
Content-Type: text/html
Last-Modified: Fri, 12 Apr 2013 23:26:51 GMT
Expires: Sun, 26 May 2013 19:40:06 GMT
Cache-Control: max-age=600
Content-Length: 9991
Accept-Ranges: bytes
Date: Sun, 26 May 2013 19:30:07 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-s34-SJC2
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1369596606.987305880,VS0,VE145
Vary: Accept-Encoding

Without virtualhost:-

echo -en "HEAD / HTTP/1.1\r\n\r\n" | nc k4ml.github.io 80

And the output:-

HTTP/1.1 400 Bad Request
Server: GitHub.com
Content-Type: text/html
Content-Length: 166
Accept-Ranges: bytes
Date: Sun, 26 May 2013 19:32:16 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-s35-SJC2
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1369596736.277374744,VS0,VE72
Vary: Accept-Encoding

It allow us to fully compose the request and then send it through the opened connection nc created.

Reference:-

http://www.philandstuff.com/2013/05/17/statsd-netcat.html