Yahoo OpenID has extra security constaints

Posted by face on March 05, 2008

OpenID logo

I have a feeling this will help some of y’all if you are getting the following error: 

Sorry! Something is not quite right with the request we received from the website you are trying to use. Please try again in a few minutes. If this error persists, please contact the site administrator for the website you are trying to use. If you are the site administrator, click here to contact us.

I get this error if I try to login on my development environment because localhost:3000 just won’t cut it for Yahoo’s OpenID security policy. If I run from a production URL on port 80, say http://myutil.com/ then signin works (though I haven’t gotten Simple Registration Attribute Exchange working with Yahoo).

From the Yahoo OpenID Developers FAQ:
Yahoo! Security Policies Yahoo! will only support Relying Parties running on webservers with real hostnames (IP addresses are not supported) running on standard ports (Port 80 for HTTP and Port 443 for HTTPS).

Hope this saves ya some time!


Digg! Delicious! Technorati Blinklist Furl Reddit

OpenBSD port of Sphinx

Posted by face on February 28, 2008

Sphinx Free open-source SQL full-text search engine

Update July 16th, 2008: Sphinx sphinx-0.9.8 has been released and this port has been updated.

Here is a OpenBSD port of Sphinx, Free open-source SQL full-text search engine. Sphinx is a wonderfully fast and memory efficient deep text search engine. I have found integrates nicely with Ruby and Ruby-On-Rails.

I hope at some point to get this port committed to the OpenBSD CVS repository. In the meantime this will be the ports home. Till it hits the OpenBSDs repository, it will live in my SVN repository here.

You can download a snapshot of the source code for the port here: sphinx.tgz. So far this port has been tested with MySQL and Postgresql on OpenBSD 4.2 and OpenBSD 4.3-betaOpenBSD-4.4-beta on the i386 platform with the Ultrasphinx Ruby-On-Rails plugin.

Instructions to build the port

If your ports tree is not already prepped, please begin by prepping your ports tree.

The port will build much faster if you install the prerequisites via binaries: 

sudo su
export PKG_PATH="ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.3/packages/i386"
# or, setenv PKG_PATH "ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.3/packages/i386"
pkg_add libiconv mysql-server mysql-client
exit

Now we are ready to build the sphinx port:


cd /usr/ports/textproc
lynx --source "http://myutil.com/ports/4.4/sphinx.tgz" > sphinx.tgz
tar xvfz sphinx.tgz 
cd sphinx
make install  # or make package
There is also a Postgresql flavor. Follow the instructions above, installing Postgresql instead of MySQL and then instead of make install do: 

env FLAVOR=pgsql make install

Thanks, and feedback is always welcome!


Digg! Delicious! Technorati Blinklist Furl Reddit

raspell shared library problems on OpenBSD

Posted by face on February 26, 2008 


--- extconf.rb.orig     Tue Feb 26 12:03:53 2008
+++ extconf.rb  Tue Feb 26 11:52:16 2008
@@ -1,5 +1,7 @@
 require "mkmf"
 
+$LIBS += " -lstdc++ -laspell"
+
 have_header("ruby.h")
 have_header("aspell.h")
 have_library("aspell")



I recently installed the raspell gem on my development box as part of an evaluation of ultrasphinx.

Unfortunately, the native extension to raspell doesn’t link in the dynamic libraries it uses. A fix is provided below.

Note, using the raspell with ultrasphinx also caused a ruby core dump, this time in an assertion from the configuration for aspell. OpenBSD uses aspell-0.50.5 and after upgrading aspell to 0.60.5, raspell started working fine.

Here is the output from the dynamic library problem: 



** Starting Rails with development environment...
ruby:/usr/local/lib/ruby/gems/1.8/gems/raspell-1.1/lib/raspell.so: undefined symbol 'new_aspell_config'
lazy binding failed!
/home/face/urevz/vendor/plugins/ultrasphinx/lib/ultrasphinx/spell.rb:33: [BUG] Segmentation fault
ruby 1.8.6 (2007-09-24) [i386-openbsd4.2]

A little poking around and I noticed the native library, raspell.so, doesn’t link in libaspell!

A quick fix is to add the libs to extconf.rb and rebuild the library:

  1. cd /usr/local/lib/ruby/gems/1.8/gems/raspell-1.1/ext
  2. edit extconf.rb and add the line $LIBS = ” -lstdc+ -laspell”
  3. sudo make clean
  4. sudo make
  5. sudo cp raspell.so ../lib/.

Digg! Delicious! Technorati Blinklist Furl Reddit

Current Ruby and Ruby-Gem binaries for the current release of OpenBSD

Posted by face on February 12, 2008

Ruby-Forge Header

Here is how to install i386 binaries (please choose an OpenBSD mirror near you…and please buy a t-shirt): 


sudo su

#for ksh/bash
export PKG_PATH="ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386"

#or, for tcsh: setenv PKG_PATH=ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386

# Now for Ruby
pkg_add "http://rubyforge.org/frs/download.php/32289/ruby-1.8.6.111.tgz"

# Optional, but Recommend for Rails
pkg_add "http://rubyforge.org/frs/download.php/32290/ruby-gems-1.0.1.tgz"
pkg_add "http://rubyforge.org/frs/download.php/32291/ruby-iconv-1.8.6.111.tgz"

# Now you could install rails if you wanted:
gem install rails

Rubyforge doesn’t allow you to have the same filename, even if it is in a different sub-package and release. Therefore, amd64 and sparc64 binaries are distributed directly from MyUtil.com.

For AMD64 (which runs in IA64 of course): 

sudo su
export PKG_PATH="http://myutil.com/ports/4.2/amd64/:ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/amd64/"

# or, setenv PKG_PATH "http://myutil.com/ports/4.2/amd64/:ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/amd64/"

pkg_add ruby-1.8.6.111 ruby-iconv-1.8.6.111 ruby-gems-1.0.1

# Perhaps Ruby-On-Rails:
gem install rails
For sparc64: 

sudo su
export PKG_PATH="http://myutil.com/ports/4.2/sparc64/:ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/sparc64/"

# or, setenv PKG_PATH "http://myutil.com/ports/4.2/sparc64/:ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.2/packages/sparc64/"

pkg_add ruby-1.8.6.111 ruby-iconv-1.8.6.111 ruby-gems-1.0.1

# Maybe Rails?
gem install rails

Thanks, I find these useful and I hope you do too. I now do all my development from a OpenBSD (patched) Desktop and have made these binaries as secure as possible. All binaries are produced behind pf firewalls.

I have a old Mac Mini I can install macppc and produce binaries…if there is a demand.

Puffy swimming

Digg! Delicious! Technorati Blinklist Furl Reddit

The official OpenBSD Ruby 1.8.6-111 ports have been checked into CVS

Posted by face on December 31, 2007

Thanks to Bernd Ahlers, the official OpenBSD ruby 1.8.6-111 ports are now in the OpenBSD CVS Repository.

I have updated my post and associated binaries Ruby 1.8.6p110 on OpenBSD 4.2 to use the official 111 port instead of mine.


Digg! Delicious! Technorati Blinklist Furl Reddit

rubygems-1.0.1 on OpenBSD

Posted by face on December 23, 2007

I started a real update to the port but was unable to complete it quickly. I have more pressing coding tasks and can’t spend the time now to complete the port.

My short term solution is to just use ruby gems to update itself (assuming you already have gem installed, if not see below).

sudo gem update --system

Then, if you want to, update some installed gems (like rails -> 2.0.2)

sudo gem update rails

I updated my systems which run my ruby-1.8.6p110 port. However it should work with the stock ruby and gem which you can install via OpenBSD ports:

sudo su
# setenv PKG_PATH "ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386" 
export  PKG_PATH="ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386" 
pkg_add ruby ruby-gems ruby-iconv

gem update --system

If anyone has a pointer to a completed native port, please let me know.


Digg! Delicious! Technorati Blinklist Furl Reddit

Ruby 1.8.6-111 on OpenBSD 4.2 (and Ruby-On-Rails)

Posted by face on November 04, 2007

Update: December 31, 2007: Official OpenBSD 1.8.6 patch level 111 ports have been checked into CVS. This post and the associated binaries have been updated to use the official port. My unofficial port has been discarded.

This article describes building a ruby port from source. If you want the binaries produced by this article, I have released them via this Rubyforge project.

If your ports tree is not already prepped, please begin by prepping your ports tree.

There is a message that you may run out of memory without modifying login.conf. My login.conf was already modified. My login is a member of the staff group: 
staff:\
        :datasize-cur=1024M:\
        :datasize-max=infinity:\
        :maxproc-max=256:\
        :maxproc-cur=128:\
        :ignorenologin:\
        :requirehome@:\
        :tc=default:

We will be using the official OpenBSD port from CVS.

We will start by installing the prerequisites as binaries because if you have a fast internet connection, it is faster than building the ports from src: 
sudo su
setenv PKG_PATH "ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386" 
# or export PKG_PATH="ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386" 
pkg_add libiconv gdbm tk-8.4.7p1
exit

Now lets update the ruby port from CVS HEAD and build it. I did this on December 31, 2007 and the snapshot of the source code to the port can be found here: ruby.tgz

export CVSROOT=anoncvs@anoncvs3.usa.openbsd.org:/cvs   # pls choose a mirror near you
# setenv CVSROOT anoncvs@anoncvs3.usa.openbsd.org:/cvs
cd :/usr/ports/lang/ruby
cvs up -rHEAD .
make package
Now we can install it: 
sudo su
setenv PKG_PATH './:ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386'
# or:  export PKG_PATH='./:ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.2/packages/i386'
cd /usr/packages/i386/all
pkg_add ruby-1.8.6.111 
# Or, of you already have ruby installed, try:  pkg_add -r ruby-1.8.6.111
And for a bonus, lets install Ruby-On-Rails: 
pkg_add ruby-gems ruby-iconv-1.8.6.111  mysql-server mysql-client

# Update gems to version 1.0.1, apparently needed for rails 2.0.2 but will break things like ruby-openid-1.1.4
gem update --system

gem install rails
# For Rails 1.2.6
# gem install -v 1.2.6 rails

# Now let's optimize ruby for mysql
gem install mysql

# finally, mongrel rocks
gem install mongrel --include-dependencies
gem install mongrel_cluster

If this is a new MySQL install, don’t forget to follow the instructions in /usr/local/share/doc/mysql/README.OpenBSD.

Enjoy!


Digg! Delicious! Technorati Blinklist Furl Reddit