Self-signed cert

A self-signed certificate that works with older version Chrome may not work with newer versions.
Here are the steps to create such a certificate and test it, done in Cmd console.
Create a signing request:
openssl.exe req -config riowingNetSelfSign.cnf -new -key smtpRioWing.key -out riowingNetSelfSign.csr
View request:
openssl.exe req -text -noout -in riowingNetSelfSign.csr > riowingNetSelfSignCsr.txt
Make the certificate:
openssl.exe x509 -req -days 7023 -extfile riowingNetSelfSign.cnf -extensions SAN -in riowingNetSelfSign.csr -signkey smtpRioWing.key -out riowingNetSelfSign.crt
View certificate:
openssl.exe x509 -in riowingNetSelfSign.crt -text -noout >riowingNetSelfSignCrt.txt
Import the certificate:
certmgr.msc import it to Trusted Root Certification Authorities, it shows up as riowing.netCN
Run a server to test the cert with https (
it can also be tested with nginx, by adding smtpRioWing.key and riowingNetSelfSign.crt to nginx.conf)
openssl.exe s_server -no_dhe -accept 8282 -www -key smtpRioWing.key -cert riowingNetSelfSign.crt
Test the cert with openssl:
echo -n | openssl.exe s_client -servername -connect localhost:8282 -CAfile smtpRioWing.crt
Test the cert with Chrome. e.g. version 84 in my case: (can point to localhost or to real remote host)
File download (not including private key):

ssh-rsa being deprecated

Announced 2020-05-27 on
This is about ssh client authenticates server, not the other way.
This is not about the server’s public key itself, but the hash of it, which only matters when being added to known_hosts.

Here I talk about two ways of ssh in: the default way, and the deprecated way.
Here are the public keys on my server:
rio@u:/etc/ssh$ ls *.pub
rio@u:/etc/ssh$ lsb_release -d
Description: Ubuntu 14.04.5 LTS

The default way:
$ ssh -V output: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017
$ ssh -vvv -F config u
output: ECDSA key fingerprint is 70:97…
by $ ssh-keygen -l -f, we see this finger print is 256 MD5:70:97…
Therefore the default login is: ECDSA + md5

The deprecated way:
$ ssh -vvv -o HostKeyAlgorithms=ssh-rsa -o FingerprintHash=sha1 -F config u
output: RSA key fingerprint is SHA1:lWDfeoWl4nGcMNCAL81PA6YT4jc.
by $ ssh-keygen -l -E sha1 -f, we see this finger print is2048 SHA1:lWDf…
Therefore the login is: RSA + SHA1

I inspected all my severs, including Ubuntu 14 and Cent 7, and they all support ECDSA.
Therefore, not affected by this release note.

Range Based For

Range Based For is new in c++11

void RangeBasedFor()
	nullptr_t pN = nullptr;
	void *pV = reinterpret_cast(1);
	int *pI = reinterpret_cast(2);
	void *arr[] = { pV, pN, pI };
	std::cout << "enumerating void *arr[] with Range Based For syntax" << std::endl;
	//other options: auto i, auto&& i
	for (const auto &i : arr) //auto or int, arr can be replaced directly by {2, 3}
		std::cout << i << std::endl;

	std::vector arr2 = { 3, 4 };
	std::cout << "enumerating vector with Range Based For syntax" << std::endl;
	for (const auto &i : arr2) //works for both int[] and vector
		std::cout << i << std::endl;
	std::cout << "enumerating vector with regular for loop" << std::endl;
	for(std::vector::iterator i = arr2.begin(); i != arr2.end(); ++i) //only for vector
		std::cout << *i << std::endl;


enumerating void *arr[] with Range Based For syntax
enumerating vector with Range Based For syntax
enumerating vector with regular for loop


Function Hiding

If there is a functions in base class and one in subclass that has the same name,
the one in subclass always hides the one in base class, regardless of the parameter list and virtual function or not.
Access base class function through sub class object with a different parameter is a compiling error.
Consider this code snippet:

struct CBase
	void funcNonVirtual(int i)
struct CSub: CBase
	void funcNonVirtual(char * string)
void TestHide()
	CSub Sub;
	Sub.funcNonVirtual(2); //comiling error