Security of distributed systems becomes more interesting again. The ancient Internet technologies more and more show their architectural weaknesses. I recommend every serious computer science student to understand the recent problems with BGP (here and here, or better here) and DNS (here, or better here). This is the stuff you have to deal with in the future of the Internet (and no, IPv6 is not a solution).
Archive for August, 2008
Password check against LDAP server in PHP
August 26th, 2008 by PeterI have a long and unfriendly history with PHP. Since I moved to serious languages such as Python, these dark times are over. However, a colleague asked me for some help with his PHP application. He wanted to check user name and password against the LDAP interface of a Lotus Notes server. Here is the code snippet.
I left out the HTML form code that fills the $_POST variables. The “uid” attribute as anchor to find further information might not work in other directories than Notes. Use a tool on your server to find the right one.
Please note that PHP silently performs an anonymous bind if the provided password in ldap_bind() is empty. Please also note the very “advanced” result structure of ldap_get_entries(). No further comment …
[sourcecode language='php']
if ($_POST["user"]) {
if (trim($_POST["pw"])==”") die(“Empy password not allowed”);
$server=ldap_connect(“our.ldap.server.se”);
if (@ldap_bind($server, $_POST["user"], $_POST["pw"])) {
print “Good one
“;
} else {
print “Go away
“;
}
// for fun, get all available info about this guy
$query=ldap_search($server, “”, “(uid=” . $_POST["user"] .”)”);
$res=ldap_get_entries($server, $query);
for($entry=0; $entry < $res["count"]; $entry++)
for($attr=0; $attr < $res[$entry]["count"]; $attr++) {
$attrname=$res[$entry][$attr];
for ($val=0; $val < $res[$entry][$attrname]["count"]; $val++) {
$actval=mb_convert_encoding($res[$entry][$attrname][$val], "HTML-ENTITIES", "UTF-8");
print $attrname . ": " . $actval . "
“;
}
}
}
[/sourcecode]
Windows Limits
August 25th, 2008 by PeterEvery article by Mark is really fun to read, but the recent one also has a unique screen shot about the true scalability of Windows …
Good Bye Miranda, welcome Pidgin
August 5th, 2008 by PeterAfter several years of loyalty, I switched my instant messenger application from Miranda to Pidgin on all Windows machines. The main reason was the broken MSN protocol in the recent Miranda versions. The developers officially reject to fix this quickly, since some updated major Miranda has higher priority. Not good enough for me … My second reason is the terrible IRC support in Miranda. Anyway, it is still a nice application.
My new friend is Pidgin. It also has a plenty of protocols supported (including a working MSN library), and comes with a really clean interface. Ugly, but clean. You can clearly see the Unix background – plenty of (really) useful features, hidden behind a surprisingly simple interface. I also have a good feeling when the application runs on every major operating system. The underlying protocol libraries are also used in Adium, my favorite MacOS X client. So it seems that the user community is huge enough for an ongoing protocol support …
In order to reach a similar comfort to Miranda, two things were helpful for me: