Fix macport ruby “Connection reset by peer” with openssl 1.0.1

Due to openssl 1.0.1 introducing TLS v1.2 as the default for SSL connections you can find yourself facing an error like this:

This will happen if you’re using macports with openssl 1.0.1 (latest one right now is 1.0.1c) and try to either use curl or ruby (no matter if it’s 1.8 or 1.9). OpenSSL 1.0.1 introduces support for TLS v1.2 which is not yet supported by most code, unfortunately it’s used as default and it’ll break your code with bizarre error messages about certificate trust.

The recommended resolution so far is to simply downgrade openssl, thanks to macports running svn this can be easily done by running the following lines into your terminal:

This will install the last 1.0.0 version of OpenSSL available on macports (1.0.0h) so your problematic code can work again. If you’re writing your own code in ruby you can also add this option before pulling your https connection:

 

Configuring samba server in Mac OS X Leopard

If you don’t have Mac OS X Leopard server you have a Samba implementation limited mostly to home directories and a lot of borking around, if you’re a typical Unix Admin as I am you’ll want to take things in your hands and add the shares you want yourself in the command line.

Leopard uses Samba 3 and its own authentication and locking methods connected to its auth layer and afp locking so a typical samba config file won’t work, it also has a dynamically modificable part which is configured via System Preferences.

This is not the smartest method neither prepared for faint hearted people, but it’ll work if you’re used to Linux.

If you had samba already working on Tiger the changes are only at locking, vfs and user auth, which is what enables all the new Leopard system to work properly.

This are the exact changes from Tiger to Leopard

You want to take a look at the realm SHA1 strings since they’re dependant on your installation, you can always check the new /etc/smb.conf in Mac OS X Leopard and then merge it up with your previous config, or replace the config as I did and just add this.

The Leopard samba configuration is brilliant, but at the same time limited to push you to buy the Server version, at the same time it’s interesting to play with the includes it adds too, but this at least will get your previous samba config out and running fine.

Optimize network throughput on your Apple TV

This is specially helpful if you are using your Apple TV wireless adapter instead of plugging it directly to the network with an Ethernet cable.

This small tweak assumes that you already have sshd access to your Apple TV, if not please check out AwkwardTV on how to do that.

I had some problems watching HD DivX files in my AppleTV, they were skipping frames and freezing in the most awkward moments, I have all of my files in a mac mini and shared on the network using AFP. The files are mounted in the Apple TV using the ATVFiles plugin and the aTV-ShareMounter plugin.

What needs to be added to give the network buffer enough buffer space on the network is tweak the kernel options at startup, that can be done as in Mac OS X editing the file /etc/sysctl.conf which in the Apple TV version of Mac OS X does not exist by default, you’ll have to create it, don’t worry I’ll put here two quick ways to do it.

How to edit /etc/sysctl.conf (if it does not exist)

First Option – The fast kamikaze strategy (will work for everybody, but be really careful!).

Second Option – The slow wise monk strategy (this will work in all cases)

Edit a sysctl.conf in your computer (just be sure that if you’re in a Posix system you’re not editing your local /etc/sysctl.conf).

Add these values to the file

Copy it to your Apple TV through scp and make sure it ends up in its correct position at /etc/sysctl.conf on your Apple TV

The changes you do will be available on the next reboot, I find it better to do it this way so you’re 100% sure that all the changes are loaded at the same time.

I hope this solves Leo Laporte streaming problems to his Apple TV ;)

Pushing the limits of Expose

After this interesting article in Digg I decided out of boredom to try this up myself, here’s the result.

expose_limits

After this I noticed that the concurrent file limit by default in Mac OS X is quite low! Only around 200 processes per user, which even if it’s more than enough for most users sometimes depending on what you do you need more ;)

Mac OS X respects the sysctl.conf kernel parameter file as most unix do, so it’s just a question of adding the following parameter there:

kern.maxproc=2048kern.maxprocperuid=512kern.sysv.shmmax=167772160kern.sysv.shmmin=1kern.sysv.shmmni=32kern.sysv.shmseg=8kern.sysv.shmall=65536

I noticed after raising the processes value that the shared memory values where low as well, so it’s a good option to change them all at the same time.

Of course this configuration is not really recommended for machines with less than 1Gb of RAM, so be careful!

Also you need to raise the limit on launchd, launchd is Apple replacement for initd and it manages the initial limits for users.

Just edit (or create /etc/launchd.conf) and add:

limit maxproc 1024 2048limit maxfiles 2048 4096