Avatar (Fabio Alessandro Locati|Fale)'s blog

GoLang vanity urls on AWS Lambda

March 21, 2019

After the article on the reasons to use vanity URLs in Go and the one about how to implement a lightweight vanity URLs provider, I’d like to share with you how you can leverage AWS Lambda to implement a vanity URLs provider.

The first thing we will need is to import the github.com/aws/aws-lambda-go package. This package will provide us with the needed functions to easily integrate our Go code with AWS Lambda. In our main we will just need to start the Lambda with a handler like this:

Read More

Reasons to prefer vanity URLs for GoLang packages

January 18, 2019

Golang forces its users to use the repository URL of the dependency in the import statement.

For instance, if we want to import the “test” package that is hosted at github.com/fale/test, we will need to use github.com/fale/test. On the one hand, this is very nice since it allows anyone reading the code to immediately understand where the code is hosted and therefore find it very quickly. Also, this URL-based import path guarantees that no two different packages can have the same import path, preventing this kind of confusion for both programmers and the compiler itself. On the other hand, this is a limitation since it makes the code very reliant on the repository location.

Read More

Calling a SOAP service in Go

December 3, 2018

Today the IT world is very focused on high performance, high throughput interfaces. In this situation, it is common to find REST and gRPC API, given their performances compared to the other solutions. Sometimes, though, we still encounter old API written with older techniques or new API that for some reasons have been developed with outdated technologies. One of those cases that I’ve encountered a few times over the last few months is SOAP.

Read More

CORS with Go and Negroni

November 18, 2018

There are some pieces that you need to put in every microservice you write. Those are for instance logging, error handling, authentication.

Over the last year, I found myself writing over and over CORS headers. This requirement brought me to think that I should have used a Negroni middleware since we are already using Negroni for other middlewares. I started looking online for an already written one, and I found a bunch, but I was not happy with what I found, so I decided to write my own.

Read More

A lightweight approach to Go vanity import paths

September 23, 2018

Golang uses URLs for the dependencies packages resolution. To unbundle the code repository hosting the package and the import path, Golang supports the idea of Vanity Import Paths. The way this has been implemented is that, as long as the import path points to a page where Go can find the real package URL, it will follow through.

So, we will need to create a web server that can serve pages in a way that the Go toolchains can understand. To do so, I use the following code:

Read More

A small HTTP debug server in Go

August 31, 2018

Lately, I found myself to work on an application that was communicating via SOAP with a server. My goal was to understand how this application worked with the SOAP server to emulate its behavior. Even if I had access to the source code of the application, I thought it would have been easier, faster and more fun to do the work without actually reading the code. It’s important to note that actually, the application is fairly small and self-contained. Otherwise, I would have probably taken a different approach.

Read More

SSH with Yubikey

November 3, 2017

Authentication factors

One of the common way to create more secure authentication in systems is adding more “factors”, creating in this way a Multi-Factor Authentication (MFA). The idea behind MFA is that there are many different ways to authenticate a user, and those can be split in different “categories” based on the kind of challenge we require. Generally speaking, it’s common to divide the authentication methods in mainly three categories:

Read More

Let's Encrypt GA

April 13, 2016

Yesterday, Let’s Encrypt moved from beta to GA. During the beta phase, which started last September, more than 1.7 million certificates were issued.

I think this is a crucial step for the project and overall for the Internet as well. Until now, the only way to obtain a valid TLS certificate was to pay a CA. This artificial constraint made no sense since the CAs were forcing users to buy an insurance policy that made no sense (and often, it was completely worthless).

Read More

Logjam attack

May 20, 2015

Today it was published a new kind of downgrade attack against TLS: logjam. The attack relies on the fact that for Diffie-Hellman key exchanges, a prime is necessary. Many applications use a pre-generated prime to speed up the Diffie-Hellman process. Using a pre-generated prime is not a security issue by itself, but it can become one if coupled with a server that accepts very short Diffie-Hellman keys such as the 512 bits ones (the maximum allowed for DHE_EXPORT).

Read More

WordPress

October 26, 2013 - Vignate, IT

Read More
Older Newer