Monthly ArchiveNovember 2005
Uncategorized Ralf on 25 Nov 2005
issues with if_bridge on FreeBSD 5.4
I updated our OpenVPN gateway - it’s running on a sparc64 box - from FreeBSD 5.3 to 5.4 yesterday. Since we had problems with the bridge(4) code in 5.3, I tried to give if_bridge(4) a shot but ran into a different error here. Running the following commands
ifconfig bridge0 create ifconfig bridge0 addm hme0 addm tap0 up
on the gateway creates a bridge alright. However what it also does: it also causes FreeBSD to corrupt the checksums of all outgoing TCP packets on hme0. Not good. Reverted back to the old bridge(4) code. Since FreeBSD 5.4 is an intermediary step for this box anyway - I’m upgrading to 6.0 - I will not investigate this problem further at this stage. The ethernet address flip-flop problems that occured under FreeBSD 5.3 with bridge(4) when having tap interfaces in the bridge seems to be resolved in FreeBSD 5.4 however.
cryptology Ralf on 13 Nov 2005
Actual C code for the Wang attack
Reading Bruce Schneier’s notes on the NIST Hash function Workshop I came across a real gem in the comments section: A student of Lars Knudsen, Søren Steffen Thomsen, has released working C code for generating MD5 collisions using Wang’s method. Very useful, indeed. I will have to reread Magnus’s paper on finding differentials (I can’t find that online right now, but it should be contained in his thesis) one of these days to find out whether it’s feasible to obtain a differential with good probability that has a non-zero value at position 1.
audio & linux Ralf on 13 Nov 2005
Using amaroK with an Airport Express
Back when I first looked at JustePort and raop_play, the Apple Lossless encoding was missing. Having stumbled across the reverse-engineered ALAC decoder again this weekend I decided to have another look how difficult it is to make my Airport Express play nicely with Linux.
Oh joy! JustePort 0.2 and raop_play from version 0.4 on already have an ALAC encoder built in. Yay! So I cobbled together an ebuild for my desktop box (an AOpen EA65 II) and pondered my next move. Obviously I was going to need a decent audio player on my system, having been spoiled by iTunes. Being mostly desktop environment agnostic, I had two choices here: rythmbox and amaroK. Flipping a coin, amaroK it was. Fortunately amaroK can be built with gstreamer support, which enabled the following crude hack:
gstreamer provides an output sink called tcpclientsink which can be made to connect to an arbitrary host and port. By default it connects to localhost:4953 and sends all of it output data there (44100Hz, 16-bit stereo in my case). For each song played in amaroK, however, a new connection is opened. raop_play by default calls external programs to decode mp3, aac and ogg files. These output the decoded data to stdout.
So I placed the following minimalistic glue scripts in my $HOME/bin/ape-hack directory:
mpg321:
#!/bin/sh
socat -s TCP4-LISTEN:4953,fork -
ape-gstreamer:#!/bin/sh
PATH=$HOME/bin/ape-hack:$PATH \
exec raop_play <airport express ip> dummy.mp3
Socat is a nifty little universal connector; if you think of netcat as your typical Swiss Army Knife, socat is the Victorinox CyberTool with a built-in kitchen sink. After having configured gstreamer using gconf-editor (system->gstreamer->0.8->default->audiosink) I was set to go.
All of the above of course ain’t pretty, but amaroK now plays tunes on my APE. Regrettably the transition between songs isn’t smooth yet… I guess somebody has to write a gst-apesink soon 
Of course, nothing of the above is really Linux specific.
