Recent blog entries for redi

5 Jun 2015 (updated 5 Jun 2015 at 09:28 UTC) »
BT is stealing my bytes

My ISP (BT Infinity) is stealing my data, and I want them back.

Using Curl to download a file from I see this, just before Curl hangs forever, waiting for more data:

sendto(3, "EPSV\r\n", 6, MSG_NOSIGNAL, NULL, 0) = 6
* Connect data stream passively
recvfrom(3, "229 Entering Extended Passive Mode (|||13825|)\r", 16384, 0, NULL, NULL) = 47
recvfrom(3, 0x12f39e7, 16337, 0, 0, 0) = -1 EAGAIN (Resource temporarily unavailable)

The problem is that the FTP response should be terminated with "\r\n", but there's only a "\r" so Curl keeps waiting for the rest of the response.

If I do the same download from the same machine over a different network (such as my mobile phone's 3G connection) then I get the right response:

sendto(3, "EPSV\r\n", 6, MSG_NOSIGNAL, NULL, 0) = 6
* Connect data stream passively
recvfrom(3, "229 Entering Extended Passive Mode (|||9859|).\r\n", 16384, 0, NULL, NULL) = 48

Notice that not only do I get "\r\n" but there's also a "." at the end of the packet, which was missing before.

If I download over the BT line, but using a VPN so the traffic is encrypted, it also works.

So it seems as though BT is applying some kind of filtering that converts "|).\r\n" into "|)\r" maybe because of a shitty regex written by some clown. (Anyone got any ideas why they'd be looking at "|).\r\n"? Does that appear in bittorrent traffic that they might be watching out for to stop naughty downloads?)

I can workaround this by telling Curl not to use EPSV mode (--disable-epsv) or by downloading over HTTP instead of FTP, or encrypting all my traffic so the shitty regex can't see it. But I'm not happy that I need to do this.

What the hell, BT? Stop mangling my network traffic.
1 Feb 2015 (updated 1 Feb 2015 at 14:38 UTC) »
C++11 Antipattern

When appending to a std::vector<std::unique_ptr<X>> you cannot just say v.push_back(new X), because there is no implicit conversion from X* to std::unique_ptr<X>.

A popular solution is to use v.emplace_back(new X) because that compiles (emplace_back constructs an element in-place from the arguments, and so can use explicit constructors).

However this is not safe. If the vector is full and needs to reallocate memory that could fail and throw a bad_alloc exception, in which case the pointer will be lost and will never be deleted.

The safe solution is to create a temporary unique_ptr that takes ownership of the pointer before the vector might try to reallocate:

v.push_back(std::unique_ptr<X>(new X))

(You could replace push_back with emplace_back but there is no advantage here because the only conversion is explicit anyway, and emplace_back is more typing!)

In C++14 you should just use std::make_unique and it's a non-issue:

New eBay password policy

eBay got hax0red and are asking users to reset their passwords. While doing so I discovered that they no longer allow spaces in passwords, preventing the use of passphrases.

I contacted them to ask why and was told:
Like any other sites, the space is not being considered by the system as a character since it has no value on it. Though this is the case, there are many alternative characters you can use like numbers and some symbols.

What a load of bullshit. So I asked again (pointing out that this was bullshit as space has the value 0x20 and plenty of other sites accept it) and was told:
The reason why spaces cannot be use a part of a password anymore because there are issues where in members are having difficulty logging in to their account specially when using mobiel.

So it's for usability, not security.
20 May 2014 (updated 24 May 2014 at 11:25 UTC) »
Static IPs and DNS for VM guests in Fedora 20

I recently needed to let my guest VMs talk to each other, which I did by assigning them static IPs as described below. Most of this is documented in Virtual Networking page of the libvirt wiki.

Add VM host and guests to /etc/hosts on the host, choosing a static IP for each guest vhost.virtdomain vhost guest1.virtdomain guest1

Find each guest's MAC address:
[root@localhost ~]# virsh domiflist guest1
Interface Type Source Model MAC
- network default virtio 52:54:00:ab:cd:ef
(You can find this info via the virt-manager GUI instead if you prefer.)

Add <host> entries mapping MAC to the static IP
Run virsh net-edit default to edit the virtual network configuration
<range start='' end=''/>
<host mac='52:54:00:ab:cd:ef' name='guest1.virtdomain' ip=''/>

Restart dnsmasq
killall -HUP dnsmasq
Now dnsmasq will make the host's /etc/hosts available to all guests.

restart libvirtd
systemctl restart libvirtd.service

Exporting an NFSv3 mount to guest VMs in Fedora 20

With my virtual network configured how I wanted it, I could use NFS to share the host's filesystem with the guests. Most of the documentation I found on exporting an FS said to use the 9p protocol, but although that's supported in the Fedora kernel, it isn't supported by my RHEL6 and BSD guests, so I went for NFS. Figuring out the NFS config was harder than the network setup as all the documentation I found was outdated and/or didn't work on Fedora 20.

* On the host:

Edit /etc/exports to define the mount point:
(In my case I'm using ro so I'll only export a read-only filesystem.)

Enable the NFS server
systemctl enable nfs-server.service
systemctl restart nfs-server.service

You should be able to list the available exports on the localhost
showmount -e

Configure firewall
Add the virtual network interface to a firewalld zone (I used "internal") and allow 'nfs', 'rpc-bind' and 'mountd' in that zone.
Make changes to the "permanent" profile to survive past restart, the runtime profile is not persistent, but can be useful for testing changes.

* On each guest:

You should be able to list the available exports
showmount -e
(If you set up DNS as described above you should be able to use host or host.virtdomain instead of the IP address.)

Mount the exported filesystem
mkdir /mnt/host
mount -t nfs -o nfsvers=3 /mnt/host

By default the clients seemed to want to use NFSv4, so trying to mount failed with an "access denied" error.
On RHEL6 I needed nfsvers=3 in the options, on BSD I needed nfsv3.
If that works correctly you can add it to etc/fstab to make it permanent.

Every time I type #include <utility> I wish there was a second C++ library header of utilities called <utilitu>, and another header of file utilities called <futility>.

20 Feb 2014 (updated 20 Feb 2014 at 09:46 UTC) »

To generate a PDF from the LaTeX sources for the C++ working draft:

git clone
cd draft/sources
latexmk -pdf std

On Fedora 20 I needed to install the following packages:


chalst, ncm still posts here, unsyndicated, but infrequently.

I've been a bit more active recently, but don't rely on it being most months :) As I don't have much to say I don't see the point of setting up a dedicated blog site and syndicating it, Advogato's diary entries work for me.
ACCU 2014

Register now for ACCU 2014!

It's sad that Advogato's recentlog is now all but useless because of the frequency of embedded videos in people's posts, which bork the rest of the page.

New job

I started a new job at Red Hat today. After many years of contributing to libstdc++ as a volunteer I will now be working full-time on the GNU C++ library and runtime. I couldn't be happier to be working on a project I really care about and to be joining a great team of first class experts at Red Hat. I'm really excited about helping to provide an even better C++ implementation in GCC!

277 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!