short_open_tag = 1


This option allows for the use of the short hand "<?" and "?>" used as abbreviations for "<?php" and "php?>". And yes, shorts hand are good, I am super lazy, insofar as I am not good at setting “use strict;” when writing perl code.

Secondly, I was stung due to the fact that PHP 5.3 has clamped down on the returning of values when expecting a reference to be returned by a function, this phenomena and the necessary fix is illustrated in my previous blog post.

I have managed to get my OpenID server working, my OpenID URI being http://mmt.me.uk/blog/, but I have yet (after hours of trying), managed to get OpenID commenting fixed on my blog.

So my apologies if you try and comment on my blog using your OpenID, as it doesn’t work.

The most annoying thing about this whole issue is the fact that I get perhaps the least helpful error message ever. The following error message pops up when I attempt to use my colleagues OpenID to post a comment to one of my articles, this following error message gets sent to my STERR :

[Fri Aug 20 12:01:14 2010] [error] [client XXX.XXX.XXX.XXX] Successfully fetched 'http://steve.harris.name/': GET response code 200, referer: http://mmt.me.uk/blog/2010/07/30/the-facebook-like-button/

“200, and Successfully fetched!” my ass!

In order to get the OpenID server working I had to apply a patch, which has been raised as a ticket on the diso project issue tracker. In short, there are two required changes, due to PHP 5.3 funkiness, required to make the OpenID server work.

These couple of changes to the OpenID libraries which came with my version of WordPress is due to the fact that PHP 5.3 has clamped down on the returning of values when expecting a reference to be returned by a function, this phenomena was illustrated in the following errors :


[Sun Apr 18 23:40:05 2010] [error] [client 140.203.155.13] PHP Warning: Parameter 1 to Auth_OpenID_Server::openid_associate() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1702
[Sun Apr 18 23:40:05 2010] [error] [client 140.203.155.13] PHP Fatal error: Call to a member function needsSigning() on a non-object in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1495
[Sun Apr 18 23:40:06 2010] [error] [client 78.86.167.133] PHP Warning: Parameter 1 to Auth_OpenID_CheckIDRequest::fromMessage() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1576, referer: http://apassant.net/blog/2010/04/18/sparql-pubsubhubbub-sparqlpush?destination=node%2F374
[Sun Apr 18 23:49:36 2010] [error] [client 193.203.240.209] PHP Warning: Parameter 1 to Auth_OpenID_Server::openid_associate() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1702
[Sun Apr 18 23:49:36 2010] [error] [client 193.203.240.209] PHP Fatal error: Call to a member function needsSigning() on a non-object in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1495
[Sun Apr 18 23:49:52 2010] [error] [client 193.203.240.209] PHP Warning: Parameter 1 to Auth_OpenID_Server::openid_associate() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1702
[Sun Apr 18 23:49:52 2010] [error] [client 193.203.240.209] PHP Fatal error: Call to a member function needsSigning() on a non-object in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1495
[Sun Apr 18 23:50:27 2010] [error] [client 216.97.225.85] PHP Warning: Parameter 1 to Auth_OpenID_Server::openid_associate() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1702
[Sun Apr 18 23:50:27 2010] [error] [client 216.97.225.85] PHP Fatal error: Call to a member function needsSigning() on a non-object in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1495
[Sun Apr 18 23:50:28 2010] [error] [client 78.86.167.133] PHP Warning: Parameter 1 to Auth_OpenID_CheckIDRequest::fromMessage() expected to be a reference, value given in /media/data/www/mmtmeuk/public_html/blog/wp-content/plugins/openid/Auth/OpenID/Server.php on line 1576, referer: http://www.pillwatch.com/proc_openid-login.php


There is a page which describes the patch one needs to run to overcome this:

http://patchlog.com/wp-content/uploads/2009/11/openid-server-php.5.3.diff

I need to get on with other stuff now, will revisit this in the future …

Thanks to Seb (old housemate), I have now downgraded the graphics driver, and as a result it is now totally usable, yay to small computers!! I followed this howto guide when attempting to fix the EeeeeePc.

These are the steps I took :

1. Edited and added the below lines to : /etc/apt/sources.list:

deb http://ppa.launchpad.net/siretart/ppa/ubuntu jaunty main
deb-src http://ppa.launchpad.net/siretart/ppa/ubuntu jaunty main


2. Imported the needed key:

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xce90d8983e731f79


3. Installed the older driver:

$ sudo apt-get update
$ sudo apt-get install xserver-xorg-video-intel-2.4


4. Restarted X.

sudo /etc/init.d/gdm restart


And then, like magic a usable working EEEbuntu on the 701. Notes that I tend to install Fedora OSs on my machines, this is the first time I have decided to stick with an Ubuntu flavoured OS.

This is the command I run to determine the level of trust of my signed foaf file.

gpg --verify --no-tty --status-fd 2 --command-fd 0 foaf.rdf.asc foaf.rdf


Which results in the folowing output :

gpg: Signature made Wed 3 Jun 23:19:52 2009 BST using RSA key ID 51F2F7EF
[GNUPG:] SIG_ID foL1PiWCT+546VnE17UG2QvWJeE 2009-06-03 1244067592
[GNUPG:] GOODSIG 9ED0B04E51F2F7EF Mischa Tuffield (Mischa@Garlik) <mischa.tuffield@garlik.com>
gpg: Good signature from "Mischa Tuffield (Mischa@Garlik) <mischa.tuffield@garlik.com>"
gpg: aka "Mischa Tuffield (http://id.ecs.soton.ac.uk/person/6914) <mmt04r@ecs.soton.ac.uk>"
[GNUPG:] VALIDSIG 18A2AF280CA59E77AE512BB39ED0B04E51F2F7EF 2009-06-03 1244067592 0 4 0 1 2 00 18A2AF280CA59E77AE512BB39ED0B04E51F2F7EF
[GNUPG:] TRUST_ULTIMATE


This is an automatic way of evaluating how trust worthy statement at the end of a URI are.

I had one of my hard-drives fail miserably a couple of weeks ago, and have only now recovered all of my blog content from Google’s and Yahoo’s caches. I have recreated all of the content, and have set up a cronjob to backup my sql tables, I had copies of most of the important stuff on my machine, and only lost my sql tables … d’oh….

I have set the following 301 redirects from all of the old URLs, I don’t think I have missed any out. Do shout if you find any old broken URLs on my site.

redirect 301 /blog/2009/04/02/barcamp-09/ /blog/2009/07/07/barcamp-09/
redirect 301 /blog/2009/03/24/time-machine-to-a-linux-box/ /blog/2009/07/07/timemachine-to-a-linux-box/
redirect 301 /blog/2009/03/23/signing-a-public-key/ /blog/2009/07/08/signing-someone’s-public-key/
redirect 301 /blog/2009/03/20/making-foaf-useful/ /blog/2009/07/08/making-foaf-useful/
redirect 301 /blog/2009/03/19/yum_64bit_binaries/ /blog/2009/07/07/configuring-yum-to-only-install-64bit-binaries/
redirect 301 /blog/2009/03/19/webdav_webid/ /blog/2009/07/08/enabling-a-writable-webid-with-webdav/
redirect 301 /blog/2009/03/18/foafwot/ /blog/2009/07/08/enabling-trust-in-a-foaf-document/
redirect 301 /blog/2009/03/17/signingverifyinggpg/ /blog/2009/07/08/signing-and-verifying-documents-using-gnupg/
redirect 301 /blog/2009/02/05/ah-good-work-tobyink/ /blog/2009/07/07/ah-good-work-tobyink-…/
redirect 301 /blog/2009/01/28/duplicate-dylib-libiconv2/ /blog/2009/07/07/duplicate-dylib-libiconv-2-dylib/
redirect 301 /blog/2008/12/31/ld-duplicate-symbol-mac-osx/ /blog/2009/07/07/ld-duplicate-symbol-_g_bit_nth_lsf-mac-osx-leoparddarwin/


In order to sign a gpg identity, one needs to :

• Import the user’s public key, (mine can grabbed from here):
  gpg --import somePubKey.asc
• Check the identities fingerprint:

  gpg --fingerprint PubKeyHexValue

• Given that you are convinced the key belongs to whoever you think it should, sign the key:

  gpg --sign-key PubKeyHexValue

• Send the signed key back to your keyserver:
  gpg --send-keys PubKeyHexValue

I sign all of my emails using my gpg public key, it should be noted that only emails sent from my laptop can sign be signed using this identity. I should thank my former colleagues from the University of Southampton who signed by gpg identity, they have done their little bit to help bootstrap the Web of Trust.

So, why would you ever want to sign a document using the OpenPGP standard?

One can sign a file using the OpenPGP standard before putting it in the public domain so that if and when another person/agent views the file they can check whether or not the file has been tampered with on route. This method of signing files provides the creator of a document with an ability to sign their work, which in turn allows the reader to know whether or not the file has been altered since being signed.

In essence every user has a public and a private key, and when a GnuPG user wants to sign a file they end-up creating a checksum of whole file using their keys. This checksum can then be used to verify that a document has not been tampered with, this is done by the GnuPG software comparing the checksum, the file in question, and the user’s public key.

Step 0

After creating your gpg keys you have to ensure that you have pushed your public key to one of the public keyservers, you can do this like so:

gpg --keyserver pgp.mit.edu --send-keys YOUR-EMAIL-ADDRESS

Make sure that your private key is private, and that it is not accessible by any of the other users setup on your machine. You can do this by :

chmod 600 ~/.gnupg/YOURPRIVATEKEY.asc

Make sure this is safe, for this is the only file someone needs to pretend to be you.

Signing a file using GnuPG

In this example the file which we are signing is called foaf.rdf. After setting up your gpg keys you can sign the file like so :

gpg -a --detach-sign foaf.rdf

This creates a file called foaf.rdf.asc (ASCII-armored digital signature) in the directory where the command was executed.

Checking a file against it’s ASCII-armored digital signature

If you have both the original file and the ASCII-armored digital signature of the file in the current working directory you can verify the files integrity by execting the following command :

gpg --verify

The output this last command will notify the user to whether or not the file has been altered since the last time it was signed.

Here I will present how you can first identify what your machine’s architecture is, and then I will show how you can b
oth remove existing 32bit binaries, and how you can configure YUM so that it will only ev
er install 64bit software.

This blog post is only relevant if your linux box uses YUM as a package manager.

Identifying your machine’s architecture

In order to find out what your machine’s architecture is you need to execute the following command from your command line:

uname -a

If the result looks something like below, it means you have a 64bit machine, where the x86_64 implies the machine is 64bit.
If it had any of i386, i586, or i686, it would imply that the machine was a 32bit one.

Linux foo.bar.com 2.6.18-92.el5 #1 SMP Tue Jun 10 18:51:06 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux

Remove all 32bit binaries :

yum erase *.i386
yum erase *.i586
yum erase *.i686


Tell YUM to never install 32bit binaries again:

You need to add the below line to your yum.conf file (usually found in /etc/) :

exclude=*.i386 *.i586 *.i686

At this point, all future software install via the YUM package manager will be optimised for your machine’s architecture.