TortoiseHG and wildcard certificates

Having resolved recent SSL certificate issues with Mercurial/TortoiseHG, I now encountered a similar issue with the wildcard certificate for * where getting a clone would result in a "SSL: Server certificate verify failed" error.

One way around this issue is to add the fingerprint for this certificate to your configuration. Currently for * this is 00:d5:88:35:29:b9:7f:03:92:60:c2:04:e4:b7:01:f0:07:53:15:a8 and one way to get this from a Unix command line is with openssl s_client -connect < /dev/null 2> /dev/null | openssl x509 -in cert-code -fingerprint -noout -in /dev/stdin | tr "[:upper:]" "[:lower:]". This corresponds with Chrome’s certificate view’s thumbprint field, you just need to add colons.

Right click in Explorer, select TortoiseHG » Global Settings and then click Edit File and add the following:

[hostfingerprints] = 00:d5:88:35:29:b9:7f:03:92:60:c2:04:e4:b7:01:f0:07:53:15:a8

This should make Mercurial/TortoiseHG work, at least until the certificate expires and you need to update it with the latest fingerprint.

TortoiseHG and non-standard SSL certificates

For my own development I use Mercurial and TortoiseHG for my version control system. I also use, at the moment, a CAcert certificate to use HTTPS with my repositories. I am not sure what changed when, but apparently the certificates now get verified. So this causes obvious problems trying to push or pull due to "SSL: Server certificate verify failed" errors.

To make this work on a Windows 7 machine with TortoiseHG in stalled, first download the CAcert root PEM certificate and place it some permanent directory. Next open the TortoiseHG global settings (right click somewhere in Explorer and select TortoiseHG » Global Settings). In the window that opens click the Edit File button. If it does not exist yet create a section similar to this:

cacerts = C:\path\to\cacert-root.pem

Press Save and OK and any push and pull action with HTTPS URLs should work as they ought to.

Unbound unable to read root zone

After upgrading various ports on my FreeBSD system and days later a full world and kernel, a reboot showed me that unbound didn’t start. The system reported that:

error: reading root hints
/usr/local/etc/unbound/named.cache 88: Empty line was returned

It turns out that from ldns 1.6.13 to 1.6.14 there is an API change that caused problems for unbound. After upgrading ldns you also need to recompile unbound to pick up on these changes. If you do not, you will run into the problem above.

The rendering equation

The rendering equation, the keystone of computer graphics rendering:

\(L_o(x, \vec w) = L_e(x, \vec w) + \int_\Omega f_r(x, \vec w’, \vec w) L_i(x, \vec w’) (\vec w’ \cdot \vec n) \mathrm{d}\vec w’\)

(This is at the same time also a test for MathJax support on my weblog in order to provide correct mathematical typesetting using proper typography instead of some lame pixelated image.)

Detecting keyboard layout used on Windows

[code lang=”c”]//Pseudo C/C# code:

int localeId = GetKeyboardLayout(0);

// The low word contains a Language Identifier for the input language
// and the high word contains a device handle to the physical layout
// of the keyboard.
localeId &= 0xffff; // mask off high word to get the locale
// identifier

switch (localeId) {

Relevant links:
Default Input Locales
Locale IDs assigned by Microsoft

JetBrains IntelliJ IDEA and Monokai

I’m a fan of the Monokai colour scheme for my source code editing and thus set up it whenever I can in the IDEs I use.

For JetBrains’ IntelliJ IDEA I use Long Cao’s Monokai colour scheme. Grab the XML file and drop it, on Windows, in your %HOMEPATH%\.IntelliJIdea11\config\colors directory. Restart IDEA and the Monokai colour scheme ought to be present in the dropdown box under File » Settings » Editor » Colors & Fonts » Scheme Name.

Setting up Eclipse 4.2 as I like it

Download Eclipse 4.2 Classic 64-bits version from the Eclipse website. Extract the contents to a location, such as C:\Eclipse. Adjust the eclipse.ini in that directory according to my post in order to pin it to the taskbar.

Next, within Eclipse, go to Window » Preferences » Install/Update » Available Software Sites » Add... and add the following URL under something like “4.2-M builds”: After adding you can hit Reload to reload the information from the website. Exit all windows through pressing OK. Then follow up by going to Help » Check for Updates and you will most likely get an Eclipse SDK update right away. Accept the licensing terms and wait until it downloaded and installed everything and restart Eclipse.

Go to Help » Install New Software... » Work with, select the Juno entry and from the resulting list of software select General Purpose Tools » Marketplace Client followed by Next » Next, accept the license and Finish. Restart Eclipse when done. Now under Help is an entry called the Eclipse Marketplace.

Open the Eclipse Marketplace and search for and install the following: “code recommenders”, “MercurialEclipse”, “mylyn” (not selecting the Bugzilla connector). It might ask if it is OK to install unsigned content, acknowledge it.