Profile

Cover photo
David Woodhouse
Works at Intel Corporation
Attends University of Cambridge
1,520 followers|166,331 views
AboutPostsPhotosVideosReviews

Stream

David Woodhouse

Shared publicly  - 
 
Hm, I thought Android Pay was supposed to stop working on rooted phones? Used CF-Auto-Root on my SM-G930F and it still works fine.
+Chainfire is that expected?

It didn't wipe my encrypted storage either, contrary to the dire warnings.

But now it's asking me to let it update the su binary... Sod's Law suggests Android Pay will finally stop working if I let it do that. Should I?
1
John “Warthog9” Hawley's profile photoDavid Woodhouse's profile photo
2 comments
 
OK, I let it update the su binary. We'll see next time I go to the shop :)
Add a comment...

David Woodhouse

Shared publicly  - 
2
Simons Mith's profile photoDavid Woodhouse's profile photo
2 comments
 
Hm, more likely a 2-year-old I suspect.
Add a comment...

David Woodhouse

Shared publicly  - 
 
Managed to update the OpenConnect web pages to admit to the new Juniper VPN support: http://www.infradead.org/openconnect/juniper.html

More testing would definitely be welcome. And if anyone can let me have a test account on a server, especially one with IPv6, that would be much appreciated.

Thanks +Tiebing Zhang and +Russ Dill for the help with getting this running.
VPN client compatible with Cisco AnyConnect SSL VPN
10
2
David Woodhouse's profile photo
 
Keepalive for ESP, with fallback to sending data over the HTTPS session, is now implemented. As is reconnecting the HTTPS if the connection is lost. In terms of features this is basically now ready for people to be trying to use it in anger.

The keepalive and reconnect could definitely do with some torture testing with tcpkill and selectively blocking UDP with a firewall, and it still offends me that we've only seen Legacy IP and now IPv6, but we're getting there... with some testing and some code cleanup now I have a clearer picture of how it all fits together, we might be able to make a release soon.
Add a comment...

David Woodhouse

Shared publicly  - 
 
I wish gnome-shell didn't keep crashing. Or failing that, I wish that filing bugs actually got things fixed. Am I getting grumpier in my old age, or is the Linux desktop getting progressively worse?
7
Bastien Nocera's profile photoDavid Woodhouse's profile photoSriram Ramkrishna (sri)'s profile photoJesse Brandeburg's profile photo
66 comments
 
+David Woodhouse the gnome-shell crash still happens to me in F20. :-(
Add a comment...

David Woodhouse

Shared publicly  - 
 
Thanks Google for the shiny new Chromecast. Now, if you could just stop it resetting itself to factory defaults every hour or two...
1
David Woodhouse's profile photoDenys Dmytriyenko (denix)'s profile photo
2 comments
 
are you sure you didn't get a lemon?
Add a comment...

David Woodhouse

Shared publicly  - 
 
Dear "executive headhunter". Calling my employer's switchboard and pretending to be my friend, and tricking them into putting you through to my mobile phone at 5:30am even though I deliberately removed my number from the first place they'll look... is not the best way to start a conversation with me.

Fuck. Off. And. Die.
7
Sriram Ramkrishna (sri)'s profile photoSarah Mount's profile photoJared Hulbert's profile photoDavid Woodhouse's profile photo
26 comments
 
+Jared Hulbert This one appeared to be British. It was 5:30am on the US west coast when he called. No idea who he was trying to find meat for though.
Add a comment...
In his circles
664 people
Have him in circles
1,520 people
Ipha lanka tours's profile photo
Yasushi SHOJI's profile photo
Gary Thomas's profile photo
Jon Harrop's profile photo
Tim Smith's profile photo
lawrence atusongo's profile photo
Seth Arnold's profile photo
Tomas Winkler's profile photo
Daisy Luke (New York)'s profile photo

David Woodhouse

Shared publicly  - 
 
Seriously? This is why some people come to hate computers...

PAY ATTENTION TO YOUR ERROR HANDLING, PEOPLE!

[dwoodhou@i7 f24]$ koji build --scratch f24 samba-4.4.3-1.1.fc24.x86_64
Error: [('SSL routines', 'SSL_shutdown', 'shutdown while in init')]

Er, what? Is something broken on the server side? Did the client break when I updated to F24 beta?.... <a day later> ... Ah, no. My certificate just expired.

[dwoodhou@i7 f24]$ fedora-cert
Certificate has expired, getting a new one
FAS Password:
[dwoodhou@i7 f24]$ koji build --scratch f24 samba-4.4.3-1.1.fc24.src.rpm
Uploading srpm: samba-4.4.3-1.1.fc24.src.rpm
11
Geert Uytterhoeven's profile photoDavid Woodhouse's profile photoJes Sorensen's profile photo
3 comments
 
Try using sshfs to connect to a server that has been upgraded and changed it's sshd key (lets not comments on those who don't migrate the the sshd key when replacing a server with the same IP/hostname). Grrrr
Add a comment...

David Woodhouse

Shared publicly  - 
 
Wanted: UI hacker to provide WebKit (or similar) based authentication GUI for OpenConnect to connect to Juniper VPN.

For full support,, we really are going to have to support arbitrary HTML forms, often with JavaScript. Sometimes with Java and Flash. All I want is the DSID cookie you get when you finish logging in.
2
1
Matthew Galgoci's profile photoDavid Woodhouse's profile photoSony K. Philip's profile photo
3 comments
 
I am so waiting for this. I hope it comes into nm soon.
Add a comment...

David Woodhouse

Shared publicly  - 
 
+Tiebing Zhang​ and I got a hacked-up test branch of OpenConnect to pass its first Juniper SSL VPN packets today. http://git.infradead.org/users/dwmw2/openconnect-juniper.git

Authentication isn't quite working yet; currently using https://smallhacks.wordpress.com/2012/07/15/jvpn-perl-script-to-connect-to-the-juniper-vpn-with-host-checker-enabled/ for that bit but it's coming together quite quickly now. We think we know how the ESP negotiation works too.

Anyone able to let me have an account on one? Or want to join in the fun? Not for the faint of heart quite yet but it should be soon.
7
1
David Woodhouse's profile photo
8 comments
 
Now seems to be reliably passing data packets over TCP and UDP transports, and I've just implemented UDP (ESP) rekeying. It's almost ready for more widespread testing...
Add a comment...

David Woodhouse

Shared publicly  - 
 
Almost threw my laptop out the window last night.

Started attempting to write my monthly status report. Want to Cc it to the 'all department' mailing list, so start typing the address, wait for auto-completion (it changes frequently so I don't remember what it is this week). Gr, Evolution's address book and calendar seem to stop working every time I drop off the VPN and don't start working again when I rejoin. Probably related to https://bugzilla.gnome.org/show_bug.cgi?id=708175 in some way (a similar bug, if not a symptom of the same bug).

OK, restart evolution-addressbook-factory. Hm, it needs to download a new version of the addressbook. Oh, and for some reason the incremental update doesn't work (that one probably my fault) and it downloads a completely new copy. And then copies its 121MiB of data from the downloaded file into a sqlite database.

Now, Linux's performance under any kind of I/O load is really sucky, but this was even suckier than normal. During this period it took me three minutes just to focus on the xchat window and type a simple response to a question. Normally it's only a minute or two — and I'm not sure how much of that to blame on gnome-shell. Yes, I do have /proc/sys/vm/dirty_ratio set to 1, not the default 20.

I run 'iotop', and half the time it seems to be telling me there is no I/O. That's blatantly nonsense. Eventually I find that abrt is running — taking a core dump of Evolution, which has crashed. So it's writing the 4½GiB core dump to disk. Yes, four and a half fucking gigabytes. I have no idea what it's using it all for. I do periodically run it under Valgrind, and have experimented with some GObject trackers too, but there is no smoking gun; it just grows and grows and grows (as does Thunderbird, I'm told).

I ran gnome-abrt and started trying to file the report. But by the time it'd finished trying to process it, the fucking thing had been deleted! It seems that Yet Another Gnome Shell crash (qv) had caused the evolution dump to be removed while it was still being processed:

Nov 18 00:02:00 shinybook.infradead.org abrt-hook-ccpp[19897]: Saved core dump of pid 13172 (/usr/bin/gnome-shell) to /var/tmp/abrt/ccpp-2013-11-18-00:01:17-13172 (384856064 bytes)
Nov 18 00:02:00 shinybook.infradead.org abrt-hook-ccpp[19897]: /var/tmp/abrt is 1642394496 bytes (more than 1279MiB), deleting 'ccpp-2013-11-17-22:54:19-2299'

Thankfully, I had also loaded gdb on the coredump manually, and still had it open so I was able to keep a copy.

But even after all this crap had finished, the machine still hadn't recovered from the I/O load, so I gave up and went to bed. Twenty minutes later I came downstairs for Bonjela and Calpol and prodded it, and it still didn't come back. The backlight came on, but it just sat there at a black (but backlit) screen the whole time I finding and measuring out a syringe of medicine. Perhaps that was partly the normal shell crash on waking from idle, but probably not.

I no longer give Linux machines to my family to use. I still try to support the ones I have given out in the past, but it is increasingly painful — just as painful as it is trying to use Linux myself on the desktop.

This sure as hell isn't the year of the Linux desktop. It might just be the year of the MacOS desktop, for me.
GNOME Bugzilla – Bug 708175. "You must be working online to complete this operation". Last modified: 2013-11-05 09:54:25 UTC. Home; | New; | Browse; | Search; |. | Reports; | Requests; | Help; | New Account; | Log In. Remember [x]. | Forgot Password. Login: [x]. First Last Prev Next No search ...
12
Andreas Tunek's profile photoDavid Woodhouse's profile photo
23 comments
 
For my corporate users, the SSL certificate handling in Fedora 19 is a must-have. Installing the company's certs once and expecting them to Just Work, systemwide - not only for some apps, or some crypto libraries. Up to date and well-maintained (not just 'packaged') versions of other things like Evolution-EWS and pidgin-sipe are also extremely useful. The GSS-NTLMSSP module will land I Fedora first and be properly integrated there with a holistic view of the distro too, I'm sure...
Add a comment...

David Woodhouse

Shared publicly  - 
 
Cute...
Rod Cope, the founder of OpenLogic, shares seven reasons why closed source is better than open source, or so it seems.
12
2
Alex Riesen's profile photoSergio Schvezov's profile photo
3 comments
 
+Alex Riesen, just in case to avoid misunderstandings, my comment was a pun intended after reading the article.
Add a comment...

David Woodhouse

Shared publicly  - 
 
Hm. Finally fixed the DVD drive firmware on my MacBook to be region-free (UJ-898 HE13), and vlc under OSX can play both region 1 and region 2 discs quite happily.

But nothing under Linux works; it still gets "Read of scrambled sector without authentication" errors. Even the 'csstest' tool from libdvdcss. WTF?
1
David Woodhouse's profile photoDavid Willmore's profile photo
5 comments
 
That triggers a memory of why they moved to using self-resetting RPC2 firmwares--some OS or player would do just what you're describing when it encountered certain behaviors in RPC1 drives. Sadly, that memory has been swapped to tape.
Add a comment...
People
In his circles
664 people
Have him in circles
1,520 people
Ipha lanka tours's profile photo
Yasushi SHOJI's profile photo
Gary Thomas's profile photo
Jon Harrop's profile photo
Tim Smith's profile photo
lawrence atusongo's profile photo
Seth Arnold's profile photo
Tomas Winkler's profile photo
Daisy Luke (New York)'s profile photo
Education
  • University of Cambridge
    present
Links
Other profiles
Work
Occupation
Linux kernel hacker
Employment
  • Intel Corporation
    Linux Kernel Engineer, 2008 - present
  • Red Hat Software
    Senior Software Engineer, 2001 - 2008
Basic Information
Gender
Male
Great meal in enclosed courtyard, looked after us and the babies well.
Public - a year ago
reviewed a year ago
1 review
Map
Map
Map