Question of Vendor ID in RFC2408 (ISAKMP) - md5

I am reading the RFC2408(https://www.rfc-editor.org/rfc/rfc2408). I have a question about "Vendor ID section" at page 43(https://www.rfc-editor.org/rfc/rfc2408#page-43).
The document says,
For instance:
"Example Company IPsec. Version 97.1"
(not including the quotes) has MD5 hash:
48544f9b1fe662af98b9b39e50c01a5a, when using MD5file.
But I use many md5 tools like 'md5sum' command or online tools, that they all got result "3245b3577c9e4f751675322f259ff016".
I tried the command on Linux:
echo -n "Example Company IPsec. Version 97.1" | md5sum
3245b3577c9e4f751675322f259ff016 -
I got different result, I believe the RFC ducument would not be wrong, So I wonder where am I wrong, or do I miss some thing?

The MD5 hash is actually of the value:
Example Company IPsec. Version 97.1\n
That is, only one space separates IPsec. and Version and there is a newline character at the end.
So you get this with:
echo "Example Company IPsec. Version 97.1" | md5sum
48544f9b1fe662af98b9b39e50c01a5a -
Please note two things:
While th vendor ID values must be unique, they are otherwise completely arbitrary. This is just an example of how one might be generated. So its correctness is not really relevant.
ISAKMP/IKEv1 has been obsolete for years, please refer to IKEv2 instead (RFC 7296).

Related

UIOP does not recognize local-nicknames keyword

I'm attempting to make a Lisp package with uiop/package:define-package. I'm using SBCL, and have confirmed that package-local nicknaming ought to be supported:
* *features*
(:QUICKLISP :ASDF3.3 :ASDF3.2 :ASDF3.1 :ASDF3 :ASDF2 :ASDF :OS-UNIX
:NON-BASE-CHARS-EXIST-P :ASDF-UNICODE :X86-64 :GENCGC :64-BIT :ANSI-CL
:COMMON-LISP :ELF :IEEE-FLOATING-POINT :LINUX :LITTLE-ENDIAN
:PACKAGE-LOCAL-NICKNAMES :SB-CORE-COMPRESSION :SB-LDB :SB-PACKAGE-LOCKS
:SB-THREAD :SB-UNICODE :SBCL :UNIX)
* (uiop:featurep :package-local-nicknames)
T
Nevertheless, when I try to define a package that has local nicknames, it doesn't work:
(uiop/package:define-package #:foo
(:use #:cl)
(:local-nicknames (#:b #:binparse)))
debugger invoked on a SIMPLE-ERROR in thread
#<THREAD "main thread" RUNNING {1001878103}>:
unrecognized define-package keyword :LOCAL-NICKNAMES
Type HELP for debugger help, or (SB-EXT:EXIT) to exit from SBCL.
restarts (invokable by number or by possibly-abbreviated name):
0: [ABORT] Exit debugger, returning to top level.
(UIOP/PACKAGE:PARSE-DEFINE-PACKAGE-FORM #:FOO ((:USE #:CL) (:LOCAL-NICKNAMES (#:B #:BINPARSE))))
source: (ERROR "unrecognized define-package keyword ~S" KW)
0] 0
(binparse being another package I've made, which worked fine, but which did not happen to use local nicknaming).
What I've found of the uiop/package source seems to indicate that this shouldn't happen? Going by that, it should either work, or have a specific error message indicating the non-supported-ness of local nicknames (if somehow uiop:featurep is inaccurate or changing), but it shouldn't give a generic unknown-keyword error. At this point I'm not sure what I could be getting wrong.
The version of asdf that's included in releases of sbcl is based on asdf version 3.3.1 (November 2017), except bundled into only two (larger) lisp files (one for asdf and one for uiop) rather than breaking them up by purpose as is done in official releases of asdf. asdf added #+sbcl support for package-local nicknames in 3.3.3.2 (August 2019), and switched to the more general #+package-local-nicknames in 3.3.4.1 (April 2020) (the latest release version is 3.3.4, though, so that wouldn't be in yet anyway). So it's "just" a delay in pulling from upstream. Following the instructions on upgrading ASDF did the trick – extract the latest release tarball into ~/common-lisp/asdf and run (load (compile-file #P"~/common-lisp/asdf/build/asdf.lisp")) once, and future shells will use the updated version.

the location of the file for DSpace

Tell me which file contains the non-exclusive license from the dspace developers (note: place your own license here
This sample license is provided for informational purposes only.
NON-EXCLUSIVE DISTRIBUTION LICENSE...)
Saying "please" would have been nice.
This is the file https://github.com/DSpace/DSpace/blob/master/dspace/config/default.license
We're happy to help, but for something like this you could save yourself some waiting. 'grep' is your friend:
mhwood#toolshed ~/dspaces/DS-3879 $ grep "This sample license" . -r
./config/default.license:This sample license is provided for informational purposes only.
mhwood#toolshed ~/dspaces/DS-3879 $

Incorrect lmstat stats while using flexlm's lmstat utility

I have been using flexlm's lmstat utility to get the license statistics on every 5min basis and so far i have observed that incorrect lmstat numbers on installed license counts and reservation counts as well! and such events occurs very intermittently :( we tried to upgrading lmstat and other stuffs like vendor daemons and so on! but nothing really helping
Can any one had this similar situation and good solution ?
It's hard to give you a response like 'you must do that' because there is no technical informations.
I try to propose you some ideas.
The lmutil lmstat command give a standard information. The problem is that the interpretation of the result is depending of the editor's license file, not from Flexnet.
For Matlab, you can have Name Networked User (NNU) and Concurent (CN) licenses. For the NNU, you have a login attached a each token. For CN, 'first arrived, first served'. If on the same server you have 10 NNU tokens and 10 CN token, lmstat -c <port#server> -a will report 30 tokens available.
It's only due to Mathworks. When you have 1 NNU token, you can use Matlab from 2 different hosts. So 10 NNU give 2 * 10 = 20 tokens, with the 10 CN tokens, it seems that you have 30 tokens. Very confusing for the users.
When you make a reservation, you consume the token when the license service start even if no one use the token. The number of available tokens is reduced.
[Update]
About of the version of 'lmgrd/lmutil', each vendor define a version to use, but often you can use a higher version.
I've checked Cadence, Comsol and other license services. The counts are good.
You must verify the counts for the lines like :
Users of <an increment>: (Total of 5 licenses issued; Total of 4 licenses in use)
After, you have the used token ('reserved' token are seen like 'used') :
1 RESERVATIONs for GROUP Better_Group (server/2700)
jason abc057 abc057 (v2015.0623) (shoe/28512 3886), start Fri 11/20 14:41
simon abc057 abc057 (v2014.1110) (shoe/28512 4166), start Fri 11/20 15:37, 2 licenses
When you manually check the count and if it is good, your license server is good. In the example : 2 real users but 3 tokens + 1 reservation = 4 token used. Be careful in your parsing, don't miss the , 2 licenses, I have a Awk script that miss that.
You must check in the same time the status of your license server, the logfile and the user's actions. To check the status, you can use :
lmutil lmstat -c <port>#<server> -a
When and how long a token is used is an software's property :
a token can be taken (OUT) when the software start and released (IN) when the software is stopped;
a token can be taken (OUT) only when a feature is called and released when the feature has finish his work;
a token can be taken (OUT) and released (IN) immediately to check if the software or the feature could be used.
So, if you check your licenses every fives minutes, many 'OUT' and 'IN' actions could be missing. But it's not a problem lmutil lmstat give only informations on the licenses at a specific instant.
If you want follow all usages, you must work with the logfiles like PHPlicensewatcher : http://phplicensewatch.sourceforge.net/. The tool make a 'scp' in a crontab to get the logfile on the licenses server.
Depending of the daemon vendor, when you update the license file, you could make a lmutil lmreread -c <file>, but some (like Matlab) don't accept this and you must make a restart. This could introduce a difference between the number of increments/tokens on the server and the resources available seen by a lmstat lmstatus -c <port#server> -i.

C program exits giving error ORA-12162: TNS:net service name is incorrectly specified

I am working on a remote red-hat server and there I'm developing a c application to insert data in to a remote oracle database. So first i installed the OCI instant client rpm on the server and tried to compile a sample program. after certain linkages I could compile it. But then when I am going to run it. It exits giving an error saying
ORA-12162: TNS:net service name is incorrectly specified
The sample code I used is from the blog (refer to this code in case you need to clarify the things.where I’m quoting only few pieces to this post) René Nyffenegger's collection of things on the web
René Nyffenegger on Oracle
(refer to this code in case you need to clarify the things.where I’m quoting only few pieces to this post)
In the code I added some prints to check for the error And it seems like It gets stuck in the OCIServerAttach() function r gives a printed walue of -1
r=OCIServerAttach(srv, err, dbname, strlen(dbname), (ub4) OCI_DEFAULT);
printf("r value %d",r);
if (r != OCI_SUCCESS) {
checkerr(err, r);
goto clean_up;
}
Another point is that in the compilation process it gives a warning saying that a certain libry is not include. but the exicutable file is created. Here is the massage I get in the compilation process.
[laksithe#loancust ~]$ gcc -L$ORACLE_HOME/lib/ -L$ORACLE_HOME/rdbms/lib/ -o oci_test oci_test.o -L/usr/lib/oracle/12.1/client64/lib -lclntsh `cat $ORACLE_HOME/lib/sysliblist`
cat: /lib/sysliblist: No such file or directory
Going through the web I found that by creating a tnsnames.ora file with the connection details I could solve the problem. But even It didn't work for me. Here is the link for that blog blog
It has been a week since this error and I cold'nt solve it. could someone please help me.
connection string format I used is abc.ghi.com:1521/JKLMN
My recommendation is to bypass tnsnames completely. Oracle has always allowed you to put in the direct connection details, but EZConnect makes that even easier.
When you format your connection string, instead of listing the TNS name, use the actual connection properties in the following format:
servername:port/service name
For Example
MyOracle.MyCompany.Com:1521/SalesReporting
Your connection string might also require direct=true, but I'm honestly not sure.
I like the idea of tnsnames, but it's a double edged sword. When it works, it's great. When it doesn't, you want to throw something. With EZConnect, it always works.
By the way, if you don't know the properties of the three items above, find a machine that connect via tnsnames and:
tnsping <your TNS-named database>

What kind of data can you extract from a UUID?

I know that we could easily extract the uuid version number. Is there a reliable way to extract information like timestamp, MAC address?
Thanks!
A standard-conforming UUID may be one of several variants, it looks like this:
AAAAAAAA-BBBB-CCCC-DDDD-FFFFFFFFFFFF
The first (hex)digit of the DDDD part determines the variant.
If it is one of 8,9,A,B it is conforming to the current spec
(0-7 are reserved for backward compatibility, C,D are reserved for Microsoft, and E,F are reserved for future use)
If it conforms to the current spec, check the first digit of the CCCC part which determines the UUID version:
Time-based with unique or random host identifier (MAC)
DCE Security version (with POSIX UIDs)
Name-based (MD5 hash)
Random
Name-based (SHA-1 hash)
Version 4 is simply randomly chosen.
Version 3 and 5 are generated by hashing and throwing away some bits which means you have basically no chance in recovering any information from it. Details on how to build it can be found in RFC4122 or at the UUID Generator webpage.
I could not find any version 2 UUIDs so I didn't check how to extract the data.
Version 1 is generated from a time-stamp and current host MAC address.
(The standard also allows to use a random address instead if you set the "broadcast/multicast" bit of the MAC address.)
The following perl snipped parses the MAC address and Time from a version 1 uuid:
my $uuid="AAAAAAAA-BBBB-CCCC-DDDD-FFFFFFFFFFFF";
$uuid=~tr/-//d;
my $time_low=hex substr($uuid,2* 0,2*4);
my $time_mid=hex substr($uuid,2* 4,2*2);
my $version =hex substr($uuid,2* 6,1);
my $time_hi =hex substr($uuid,2* 6+1,2*2-1);
my $time=($time_hi*(2**16)+$time_mid)*(2**32)+$time_low;
my $epoc=int($time /10000000) - 12219292800;
my $nano=$time-int($time/10000000)*10000000;
my $clk_hi =hex substr($uuid,2* 8,2*1);
my $clk_lo =hex substr($uuid,2* 9,2*1);
my $node =substr($uuid,2*10,2*6);
$node=~/^(..)(..)(..)(..)(..)(..)$/ || die;
$node="$1:$2:$3:$4:$5:$6";
print "time: ",scalar localtime $epoc," +",$nano/10000,"ms\n";
print "clock id: ",$clk_hi*256+$clk_lo,"\n";
print "Mac: $node\n";
my $byte=hex $1;
if(hex($1)&1){
print "broadcast/multicast bit set.\n";
};
And last but not least, there are several assigned UUIDs, for example for GPT partitions.
Not necessarily a reliable way, because depending on the kind of UUID it is, it may be generated totally from random bits, or be timestamp-based, or be based on the MAC address. So you may be able to get some of that information, but you can't guarantee you can get anything.
The official reference for this is RFC 4122, which should probably give you enough information to extract data, although you probably shouldn't rely on it too heavily.
I know that we could easily extract the uuid version number. Is there a reliable way to extract information like timestamp, MAC address?
Yes, and Yes; if the UUID is version 1 or version 2 (as described in RFC 4122). There is also an alternate (non-RFC 4122) version 4, dubbed "COMB" that includes a time-stamp (as well as random values) that can be parsed, and the creation date/time can be revealed.
Bonus: Mahonri Moriancumer's UUID and GUID Generator and Forensics.
The OSSP uuid tool can decode UUIDs of all versions. On Debian-based Linux systems you can use apt-get install uuid to install it; for other distributions, the package name might be different.
To decode a UUID, use the -d (decode) flag:
uuid -d AAAAAAAA-BBBB-CCCC-DDDD-FFFFFFFFFFFF
For version 1 UUIDs, this gives the MAC address and timestamp -- since that's what's in a v1 uuid.
If it's a version 1 UUID, the MAC address will be the last twelve hex digits.
You could look at the version of the Uuid, but that can only be trusted if you are sure the Uuid is valid (see https://www.rfc-editor.org/rfc/rfc4122). The version will tell you what kind of Uuid you have, and using that you can extract specific bits of information.

Resources