分类目录归档:Software

Enlighter语法高亮插件对Crayon Syntax Highlighter的兼容性设置

我用了很多年的Crayon Syntax Highlighter早已不再维护,WordPress 5.0带来新的Gutenberg编辑器后,因为API的变更,这一古老的插件已经事实上完全无法使用了。今天我在插件目录搜索了一下新的语法高亮插件,就看到了更新相当及时的Enlighter。经过对插件设置的研究,我发现它提供的自定义CSS Selector功能可以让之前用Crayon Syntax Highlighter创建的代码块也带上高亮功能。以下是设置方法。

继续阅读

AD DS允许外部用户访问本域Users and Computers的方法

近日给一个Forest级别Trust的Domain设置了Selective Trust,然后跨域访问开始爆炸。AD Administrative Center(dsac.exe)打开就报错(System.Security.Authentication.AuthenticationException )退出;几个MMC Snap-in则不是报告莫名其妙的local error就是提示Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine. 。用Delegation of Control Wizard给外部用户分配所有权限也没有用。

继续阅读

在HiDPI Windows系统下正确运行Cisco ASDM(以及其它Java 8图形界面程序)

创建注册表项来允许外部manifest文件覆盖exe程序内的设置:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide]
"PreferExternalManifest"=dword:00000001

然后对每个需要patch的可执行程序,创建一个对应的文件名.exe.manifest 放在同一目录下。对于Java 8的默认安装,需要patch的是C:\Program Files\Java\jre1.8.0_181\bin 下的java.exe 和javaw.exe 。

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">

<dependency>
  <dependentAssembly>
    <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*">
    </assemblyIdentity>
  </dependentAssembly>
</dependency>

<dependency>
  <dependentAssembly>
    <assemblyIdentity type="win32" name="Microsoft.VC90.CRT" version="9.0.21022.8" processorArchitecture="amd64" publicKeyToken="1fc8b3b9a1e18e3b">
    </assemblyIdentity>
  </dependentAssembly>
</dependency>

<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
  <security>
    <requestedPrivileges>
      <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
    </requestedPrivileges>
  </security>
</trustInfo>

<asmv3:application>
  <asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
    <ms_windowsSettings:dpiAware xmlns:ms_windowsSettings="http://schemas.microsoft.com/SMI/2005/WindowsSettings">false</ms_windowsSettings:dpiAware>
  </asmv3:windowsSettings>
</asmv3:application>

</assembly>

对于Cisco ASDM,如果你的系统里还安装了Java 10或者其它版本,它是没法正确运行的。打开C:\Program Files (x86)\Cisco Systems\ASDM\run.bat ,在最后一行start javaw.exe… 前面添加一行:

set PATH=C:\Program Files\Java\jre1.8.0_181\bin\;%PATH%

参考:

用Nginx作为ZNC的SSL终结点

本来打算配HAProxy的,HAProxy要求证书和私钥写在一个文件里面,certbot默认又不带这个功能,所以就换Nginx了,感觉配置写起来更方便一些。


需要编译进ngx_stream_core_module 模块(Nginx官网apt源那个包是有的)。

stream {
    upstream znc {
        server 127.0.1.1:6697;
    }

    server {
        listen 6697 ssl;
        listen [::]:6697 ssl;

        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

        proxy_pass znc;

        proxy_connect_timeout 10s;
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL-TCP:50m;
        ssl_session_tickets off;

        # https://mozilla.github.io/server-side-tls/ssl-config-generator/
        ssl_protocols TLSv1.2;
        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
        ssl_prefer_server_ciphers on;

        # run `openssl dhparam -out /etc/ssl/dhparam.pem 4096` to generate dhparam
        ssl_dhparam /etc/ssl/dhparam.pem;
    }
}

注意stream 和http 是并列的块,不要写到http 里边了。