Ya está a la venta mi última novela, LA ATALAYA RECORTADA CONTRA EL CIELO. Se puede comprar en librerías de España, en la web de la editorial (Ediciones Cydonia / Libros del Futuro) o en Amazon.

Comprar LA ATALAYA RECORTADA CONTRA EL CIELO (editorial Libros del Futuro)

Sinopsis:

Bran tuvo una adolescencia complicada, y su vida adulta no es mejor. Una sucesión de pérdidas familiares, una gran cicatriz en la cara y sus circunstancias personales han forjado en ella una personalidad esquiva.

Y como si fuera una maldición añadida, la protagonista hereda y debe hacerse cargo de una casa familiar, epicentro de buena parte de las desgracias que se abatieron sobre sus seres queridos.

Una visita a la enmohecida y arruinada vivienda, ubicada en un pequeño pueblo madrileño, sumergirá a Bran en una travesía angustiante por túneles oscuros, estancias claustrofóbicas y seres terroríficos.

En marzo, Ediciones Cydonia / Libros del Futuro publicará mi nueva novela, LA ATALAYA RECORTADA CONTRA EL CIELO. Es una historia de terror con arquitecturas imposibles, sótanos siniestros y una relación materno-filial envenenada. Esta novela fue finalista del Premio Pedro Carbonell Castillero de Novela Corta 2023.

Discuss

Use case: you use Git as your version control system and you want to sign your tags and/or commits using a SSH key because it sounds very cool and probably enhances security somewhat.

Read here about how to do the same thing, but with GPG.

If you already have a SSH key (that you are already using to push your commits into Codeberg or Github), skip next section.

Creating a SSH key

Type the following:

ssh-keygen -t ed25519

This will prompt for a file name to store the key, suggesting one, probably with a path into your .ssh directory. Change it to something meaningful, like /home/you/.ssh/my-git-signing-key or similar. You may use a passphrase to protect it. If you do, this passphrase will be requested whenever you sign a commit or tag. SSH keys are stored in two different files: one for the secret key, and another for the public one. This one has the .pub extension.

Telling your Git project about your SSH signing key

Move to the working directory of your git project and type:

git config gpg.format ssh

and then

git config user.signingkey /home/you/.ssh/my-git-signing-key.pub

or whatever the file name of your key is. That's all.

Signing tags

This is exactly the same as you do with GPG signing.

You have to do it this way from now on:

git tag 0.01 -s -m "New development release 0.01 (codename Potato Head)"

Note the -s argument. Also, signed tags must have a message. If you don't provide one, a $EDITOR will be spawned for you to do it.

Signing commits

You can also sign individual commits. You must add the -S (capital S) argument to your git commit line, because using -s like you did in git tag would be too easy to remember.

So:

git commit -S -a -m "Incredible commit"

If you dislike or forget typing the -S over and over, you can configure Git to always sign automatically with the following command:

git config commit.gpgsign true

Verifying tags and commits

If you try verifying a tag with the -v option or your commit log with the --show-signature option, you'll see that Git complains with the following message:

error: gpg.ssh.allowedSignersFile needs to be configured and exist for ssh signature verification

For this to work, you must create the file mentioned there. This file can contain references to many signing keys, so I think it's better to have only one and configure it globally.

Move to your ~/.ssh directory and type:

echo "your@email namespaces=\"git\" $(cat my-git-signing-key.pub)" >> git-allowed-signers

This file, git-allowed-signers, is the one you must configure Git to use; do it with the following command:

git config --global gpg.ssh.allowedSignersFile /home/you/.ssh/git-allowed-signers

From now on, verified tags and commits will be prefixed with the following message:

Good "git" signature for your@email with ED25519 key SHA256:xxxxxxxxxxxxx

More interesting things to do

Software forges like Codeberg and others allow you to setup your key for commit validation. This way, people can confirm that you were the real commiter when they browse your code from the web UI. This is cool. Read their documentation on how to do it.

Command summary

Creating a signed commit:

git commit -S -a -m "Commit message"

Creating a signed tag:

git tag -s 1.23 -m "Tag description"

Verifying a signed tag:

git tag -v 1.23

Showing signature information in logs:

git log --show-signature

Final words

Some people prefer SSH keys to GPG ones (they are surely easier to manage). Very intelligent security experts recommend not using GPG for anything. Listen to them. Probably.

Also, don't write singing instead of signing everytime, like I do.

If you found this post useful, you may buy Ángel a coffee.

El Ypaqué es una bestia huidiza que suele medrar en los alrededores de las mentes de los artistas. Es raro aquel que no haya experimentado su presencia; hay quien dice que se alimenta de las frustraciones, de la necesidad y de la falta de esperanza.

Nadie sabe a ciencia cierta qué aspecto tiene; no siempre es fácil percibir que un Ypaqué anda cerca. La única forma de detectar que merodea alrededor de un artista es si a este se le escucha decir frases como las siguientes:

«¿Y pa qué voy a seguir escribiendo, si para las editoriales nunca encajo en su línea editorial?»

«¿Y pa qué voy a subir más audios de mi música, si el algoritmo siempre favorece a los mismos?»

«¿Y pa qué presentarme a más concursos, si están todos amañados?»

«¿Y pa qué voy a formarme en esta nueva materia, si el Sol acabará convirtiéndose en una gigante roja?»

«¿Y pa qué tanto crowdfunding / presentaciones / promociones, si al final no voy a ganar dinero ni para comprarme un billete de autobús?»

El Ypaqué puede resultar contagioso entre personas con patologías previas.

Cuando un Ypaqué empieza a parasitar a un artista, la cura es difícil. No basta con ser consciente de que está ahí; hay quien dice que, una vez entra, ya nunca sale, porque proporciona una clarividencia al artista de la que rara vez se recupera.

A veces un pequeño triunfo, por nimio que sea, puede hacer que un Ypaqué se repliegue provisionalmente de la mente del artista en la que se hecho un hueco y proporcione la falsa sensación de que ha desaparecido. Pero, una vez que el Ypaqué ha plantado su semilla y horadado su hueco, puede volver inmediatamente en el siguiente revés.

El día 6 de junio, desde las 19h hasta el cierre, estaré firmando ejemplares de mi novela YO NO SOY PAVEL en la Feria del Libro de Madrid 2024, en la caseta 291 de la editorial, Bunker Books.

Use case: you use Git as your version control system and you want to sign your tags and/or commits using a PGP key because it sounds very cool and probably enhances security somewhat.

If you already have a GPG key, jump to next section.

Creating a GPG key

Create a new, generic GPG key by invoking this command:

gpg --full-generate-key

This is an interactive command. It says many nerdy things. To the "what kind of key you want" question, enter 1 (or whatever the option is) for "RSA and RSA (default)". Informed people say that these days EC25519 keys are cooler, but I have no idea. I also have no idea why you cannot create this kind of elliptic curve keys using this interactive mode, because you can do it from the command line. I don't give a damn.

Give it a keysize of 4096, set an expiration date to "key does not expire" and give reasonable answers to the rest of questions. Enter a clever, long passphrase. You'll end up with a new keyring with your new key.

pub   rsa4096 2024-04-12 [SC]
      8A7E286E3A81676C5718B64E278FD009868D43DE
uid                      Waaaah <sexmachine@example.com>
sub   rsa4096 2024-04-12 [E]

Creating a signing key

We'll create a special key for signing your code, because it's cool and make things overly complicated and you'll look like you know what you are doing. We'll also set a short expiration life, so that you have to keep returning to this page over and over in the future because you'll have forgotten all these cumbersome steps. Run:

gpg --edit-key sexmachine@example.com

This is interactive again. Type:

gpg> addkey

Enter the option for "RSA (sign only)", 4096 bits keysize, and 1y (1 year) expiration date. You will need to supply the passphrase for the key. Confirm everything and save and such. You'll see something like

sec  rsa4096/278FD009868D43DE
     created: 2024-04-12  expires: never       usage: SC  
     trust: ultimate      validity: ultimate
ssb  rsa4096/A34BD7637BCADEBF
     created: 2024-04-12  expires: never       usage: E   
ssb  rsa4096/1CA4911800F8A2E5
     created: 2024-04-12  expires: 2025-04-12  usage: S   
[ultimate] (1). Waaaah <sexmachine@example.com>

We now have a signing-only key (usage: S) with an expiration date. Take note of its key Id (in this case, it's the 1CA4911800F8A2E5 string).

If you need to get this information again, run gpg --list-secret-keys --keyid-format=long.

Uploading your GPG keys to a keyserver

It's a good thing to upload your keys to a keyserver for the rest of people to find it. Keyservers come and go. These days, https://keys.openpgp.org:443 seems to work fine. So, send your keys there using the following command:

gpg --keyserver https://keys.openpgp.org:443 --send-key 1CA4911800F8A2E5

People will be able to get your key by typing

gpg --keyserver https://keys.openpgp.org:443 --search-keys sexmachine@example.com

This command allows people to interactively add your key to their keyring. But, it sometimes fails with the cryptic message no valid OpenPGP data found. Why not. I found that going to that web site, searching and downloading the ASCII armored key and importing it by hand works. Meh.

Telling your Git project about your GPG signing key

Move to the working directory of your git project and type:

git config user.signingkey '1CA4911800F8A2E5!'

But use your key Id, not this one. Note the ! at the end. It seems it's necessary because it's a subkey. I don't know why.

Signing tags

Now you are ready to sign tags! You have to do it this way from now:

git tag 0.01 -s -m "New development release 0.01 (codename Potato Head)"

Note the -s argument. Also, signed tags must have a message. If you don't provide one, a $EDITOR will be spawned for you to do it.

If everything is OK, GPG will ask you for the passphrase. I've found that this sometimes fails, I have no idea why. It's probably related to the gpg-agent program or shit. Try killing it. Or signing some dummy text from the standard input by running gpg --sign -a, entering the passphrase and recalling the git tag command. All this GPG thing looks very fragile.

If you are still here, you'll see that a git log or git tag does not show anything new. You must use git show {tag name}. You'll see something like

tag 0.01
Tagger: Waaaah <sexmachine@example.com>
Date:   Fri Apr 12 19:42:58 2024 +0200

New development release 0.01 (codename Potato Head)
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEkCwFKCMlLL6wb6f47iFRZCH8+ZIFAmYZcqIACgkQ7iFRZCH8
+ZL9QxAAlLlENIcEJe/hHRNfvlDgk7/PS1MJUYyam32E8tO8MsLRHZ164icAoaGC
XuEY2fiFrH7q0az5+LzA9Cy2EZND1UCHgM7m4Vu6beNR7xKw80eHu/0FTc+stLGO
vDxGmHOpVtSG03PU8E/bmTk2TXB9qcJzR/jBeqz4V+31+8gaF6XOSBhMfP+hdUu4
/FpAAXCOT6NGIG3vYCMaobxudnIZBLtqBtVzHHrk5qu3SJB4ReddO2HFu9528E/j
nzzpXlVqAGSJ5iY80K49CE/kirvICZwJf6LlaKuXJvrLntia+sr3Axq4DPjdujex
r8wMjxYiIce0iGRywWng3ZXwafFdRHmCSUbv85NeHLymdapSs7ly1NbqFBo5NKzX
Fhj81KD4HUeP+7BsppYzM0zW5tjngHA2qzhHIK4xMIqtVLCXI460rBsz+xbGbGOW
PMjGXEw6pBwbiRXmwe8iE0JP4AHsxN+05B6mHKeqemsinOx5/B7n+KgbjhLtWANX
kNFzdaRScfDcdnqlApV8aL6//d2P14Mh3ncqgfQNJh2SIgEsdxsGPDfUA2jTZ0K/
fLxxm+C7P52/LvTLHbzH6EHINUz27j5NKsS8Z5K2ozHRGwSErrKGw++GfDxeeQnP
W56MS4uvjVdafjP581ldggjHayo653heJxBvQhRIwfLbMRvZbMc=
=HAcq
-----END PGP SIGNATURE-----

Oh yeah.

Verifying tags

Cool guys that have your GPG public key available in their keyring can verify the tag using git tag -v {tag name}. GPG barfs a noisy message telling something about a good signature.

Signing commits

You can also sign individual commits. You must add the -S (capital S) argument to your git commit line, because using -s like you did in git tag would be too easy to remember.

Verifying commits

Again, it seems like everything remains the same, unless you add the magic incantation --show-signature to the git log command. This dumps specially joyful messages from GPG talking about good signatures and such. If your logs contain many signed commits it may became very slow.

Command summary

Creating a signed commit:

git commit -S -a -m "Commit message"

Creating a signed tag:

git tag -s 1.23 -m "Tag description"

Verifying a signed tag:

git tag -v 1.23

Showing signature information in logs:

git log --show-signature

Final words

Is this worth the effort? I'm not sure. It surely looks techy.

If you found this post useful, you may buy Ángel a coffee.

Let's say it clear: gdb lacks an acceptable hexadecimal view for memory blocks. Commands like x/32c get near, but it shows a confusing, misaligned mix of ASCII characters and octal garbage. I wish it was something like the x command in lldb.

BUT: you can get that (or at least something very similar) by defining a new command using an external call to the hd external tool, that is probably already installed on your system.

The magic is done by adding the following snippet to your ~/.gdbinit config file:

define hd
  dump binary memory dump.bin $arg0 ((void *)$arg0)+128
  shell hexdump -C dump.bin
  shell rm dump.bin
end

Now you have a new hd command that accepts as its unique argument a pointer to your data and shows 128 bytes of pretty hexadecimal dump.

2023-08-20 Update: rewritten to make it compatible with OpenBSD, that doesn't have the hd program and which gdb lacks the eval command (or has it disabled, I don't know nor care).

El jueves 22 de junio presentaré mi libro YO NO SOY PAVEL en la sede de la Casa del Libro de la calle Alcalá, 96, en Madrid. Me acompañará mi amigo Fernando Cámara y hablaremos de la novela, del proceso creativo y de cualquier otra cosa que se nos ocurra.

Mi novela YO NO SOY PAVEL ya se puede comprar desde la página web de la editorial Distrito 93.

https://distrito93.com/catalogo/yo-no-soy-pavel/

I'm very happy to announce new cover artwork for a good set of Ann Hell albums and songs. They have been generously contributed by Michael Miracle. I'm deeply impressed by his work; he managed to find the most similar fonts and images for the original artwork and recreated them in high resolution. For those music lacking any image, he designed original ones, which I find especially great.

Thank you very much, Michael, for your support, help and fine work.

2023-05-10 Update: Michael has sent me more amazing artwork for another two albums:

This is a compilation of the C language programming tips I posted on the Fediverse during 2022:

The elvis operator

https://triptico.com/social/angel/p/1673265846.832608

If you program in C, you've probably used what is called the ternary operator a million times in expressions like this:

value = user_value ? user_value : default_value;

Where you test user_value and, if it's non-zero, you store it in value; otherwise, you set value to default_value.

What you may not know is that, thanks to a gcc (and others) extension, you can abridge that expression to this:

value = user_value ?: default_value;

This ?: thing is colloquially named the 'Elvis' operator (if you don't see why, just look at it with you head slightly slanted to the left).

https://en.wikipedia.org/wiki/Elvis_operator

Linker optimization

https://triptico.com/social/angel/p/1672111113.792792

TIL that there is something named linker optimization that forces the deletion of unused functions in your final executable. As a bonus, you get the list of unused functions as compiler warnings (dead code is always bad, so you get the change to delete them or comment them out).

If you have a standard build system, do the following:

make CFLAGS="-ffunction-sections -fdata-sections" LDFLAGS="-Wl,--gc-sections -Wl,--print-gc-sections"

Concatenated PPM images as a video stream

https://triptico.com/social/angel/p/1671347271.960902

TIL that most video processing tools accept as a valid input stream a set of concatenated PPM ^[1] files, so you can generate video from your own programs easily. You just have to pipe your program's output to the appropriate tools (indicating the FPS) like

./fancy-prg | mpv --no-correct-pts --fps=$FPS -

or

./fancy-prg | ffmpeg -i - -r $FPS video.mp4

[1] Netpbm format (Wikipedia)

Full paths in shared libraries' soname

https://triptico.com/social/angel/p/1667714202.685173

TIL that you can have a full-path soname in a dynamic library, so that binaries linked to it can find it even if it's in a non-standard place:

gcc -shared -o libcrazy.so -Wl,-soname,/an/esoteric/place/to/store/libcrazy.so crazy.c
gcc -o main -L. -lcrazy main.c

This way, you don't need kludges regarding the use of LD_LIBRARY_PATH nor anything else.

Executing hand-crafted machine code

https://triptico.com/social/angel/p/1667464895.428412

If you want to create an executable program in memory and execute it without going through the filesystem, this is how you do it (Linux only):

int fd = memfd_create("foo", MFD_CLOEXEC);
// write your image to fd however you want
fexecve(fd, argv, envp);

https://unix.stackexchange.com/questions/230472/can-i-exec-an-entirely-new-process-without-an-executable-file

Finding memory leaks

https://triptico.com/social/angel/p/1667328755.759676

If you develop in C, you'll probably end up using memory leak detection tools like valgrind, libleak or the scan-build tool from the LLVM compiler. There is a less known tool inside the GCC compiler itself: the -fsanitize=address.

If you use a standard make setup, you can recompile your project doing

make CFLAGS="-fsanitize=address -fno-omit-frame-pointer"

After exiting your program, a summary of memory leak errors (including the line of the source code were it happened) will be printed out.

Poor man's profiler

https://triptico.com/social/angel/p/1665694300.323309

Poor man's profiler, or profiling a running program with a cheap combination of gdb, awk and scripting:

Sampling tools like oprofile or dtrace's profile provider don't really provide methods to see what [multithreaded] programs are blocking on - only where they spend CPU time. Though there exist advanced techniques (such as systemtap and dtrace call level probes), it is overkill to build upon that [...]

[...] one needs to improvise, like.. use debuggers - they can walk threads and provide stacks.

http://poormansprofiler.org/

Fast character case conversion

https://triptico.com/social/angel/p/1666985574.734641

Fast character case conversion (or how to really compress sparse arrays):

Converting strings and characters between lower and upper cases is a very common need.

In particular, case conversion is often used to implement case-insensitive comparision, an operation that is often present on the program's fast paths as a part of data container lookups and content manipulation.

So it is usually desirable to make case conversions as fast as possible.

In this post we are going to look at one of the options - very fast case conversion using compressed lookup tables and also at some options for compressing these even further.

https://github.com/apankrat/notes/tree/master/fast-case-conversion

gdb surprises

https://triptico.com/social/angel/p/1667549267.231691

TIL by accident that you can type make from inside gdb and does what you think it does.

Modern C for C++ Peeps

https://triptico.com/social/angel/p/1673121099.281843

I find the article interesting not only for C++ "peeps", but for us greybeard C programmers as well, who learnt the language in the eighties. Remarkable sections in the document are:

• Use struct wrappers for strong typing (I've never done this, but it's interesting; accessing the components inside the structs may become a bit tedious, though).
• Initialization in C99 (I haven't used this to its full potential).
• Don’t be afraid to pass and return structs by value (as an old fart, I always pass pointers to structs, and this section reasons otherwise for small structs).
• Named optional arguments (or, as the author more accurately describes this, the "option bag").

https://floooh.github.io/2019/09/27/modern-c-for-cpp-peeps.html