How do I run a Mathematica (.m) package from Python using the "Wolfram Client Library for Python"?

This question is about calling a Mathematica package (.m file) from Python using the "Wolfram Client Library for Python" (https://github.com/WolframResearch/WolframClientForPython).

To be concrete, consider the following Mathematica package:

BeginPackage("basicPackage`")
AddTwo::usage = "AddTwo(a, b) returns a+b";
Begin("Private`")
AddTwo(a_, b_) := a + b;
End()
EndPackage()

Goal: Call AddTwo from Python using the Wolfram client library for Python. If it is not currently supported, add this functionality to the library.

Library documentation can be found at: https://reference.wolfram.com/language/WolframClientForPython/index.html.

A similar question, asked before the release of the Wolfram client library for Python, is as follows:
How to run a Mathematica (.m) package from python?

centos – Derive the OpenVPN configuration of the server from the client configuration

I'm trying to set up a ASUS RT-AC66U as an OpenVPN client. However, the openvpn binary contained in the firmware gives me a hard time because it does not accept any of our configuration files. I downloaded the configuration of a commercial VPN and it would accept it. Now I need to configure a server so that it accepts connections from a configuration provided. How could I approach this?

client
dev tun
proto udp
remote  
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no

remote-cert-tls server

auth-user-pass
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512


...


key-direction 1


...

Internal API Trusted Execution Environment (TEE) vs external API (client)

i'm studying Reliable execution environment (TEE) in the Android mobile phone. From reading, I found that there are 2 APIs in TEE (isolated OS):

  • Internal API: a programming and services API for Trusted Application (TA) in TEE, cannot be called by any application running under a rich operating system (original operating system of origin) 39; Android). For example, the internal API provides cryptographic services

  • External API or client API: called by applications running in a rich operating system, in order to access TA and TEE services.

Suppose I want to apply TEE this way:

  • I have an application running under a rich operating system
  • I want to securely store certain cryptographic keys of my application
  • Therefore, the keys are stored in TEE
  • APP in rich operating system recovers TEE keys when it needs it and removes them from the rich operating system memory after use

If the above situation is correct, please help explain that

  • How the internal and external API should work in the above situation.
  • With the exception of the APP in a rich operating system, do I also need to create an executable TA in TEE to store and provide the keys?

c ++ – unable to connect client to server using SFML

I did a simple pong game in C ++ SFML, but now to learn networking, I want to make it multiplayer, SFML has networking methods but for the life of me I can't understand them, everything what i know is that i need to declare a socket, then connect it to an ip address and port, then declare in the other program another socket and a listener, apart from that i don't not know what ip i should use or how to get it, or if i just give a random ip even for the port.
I also tried client to client but it didn't work either

sf::TcpSocket my_socket;
sf::Socket::Status status = my_socket.connect("192.168.0.5", 53000,sf::seconds(10));
if (status != sf::Socket::Done)
{
    std::cout<<"error";
}

here is also the source code if you wanted https://pastebin.com/uAvUE250

tls – client certificate and key storage on client machine

Relating to a question I posted here, but I thought it would also be a good idea to ask it here.

Basically, I'm developing a web application that will display a dashboard with sensor data from an installation that uses MQTT. I have deployed a certificate provisioning system which provides server and client certificates (microcontroller) inside this facility. The broker I use is Mosquitto and in the configuration file, I added an option to ask clients to display a valid client certificate during TLS negotiation. Storing certificates and keys in the microcontroller or installation in general is not a problem as I will control these devices in order to maintain and secure the system. However, for web clients, it is not the same thing.

Ideally, there should be an option in the Mosquitto broker that would allow some customers not to be required to provide a customer certificate while making contact, but a user name and password. I have not found a way to do this.

My idea for the web application is to have two layers of security:

  1. Access to the webapp via username and password

  2. Access to the Mosquitto broker once the user is logged in via the client
    certificates

The client certificate and the key would only be sent in two cases: first connection and renewal of the certificate. There is therefore no way to request a certificate outside of these two cases.

If someone can get the user name and password, they will still need to certify to view the MQTT data. If a malicious user can steal a valid certificate and key, they will still need a valid username / password combination. Is this correct from a security point of view?

What is the correct way to store private keys to access certain (your) system inside a client machine over which you have no control?

Ubuntu – how to limit bandwidth / internet speed per second to each VPN client

I configured the IPsec VPN server using Libreswan on CentOS 7 and Ubuntu 18.04 at the same time. Now I want to limit the internet speed on each connection. I searched the internet and found Linux Traffic Control (TC) and IPTABLES can do that. But the two seem very complex to understand.

What have I tried so far?

I have tried many commands from TC a IPTABLES. I share some of them more clearly for myself.


tc qdisc del dev eth0 root
tc qdisc add dev eth0 root tbf rate 50kbit burst 32kbit latency 400ms

I have tried to limit the speed of 50KB per second for all IP addresses separately, but this limits all of the Internet from the server.


sudo iptables --new-chain RATE-LIMIT
sudo iptables --append RATE-LIMIT --match hashlimit --hashlimit-mode srcip --hashlimit-upto 50/sec --hashlimit-burst 20 --hashlimit-name conn_rate_limit --jump ACCEPT
sudo iptables-save

Here I have tried to create a new group RATE-LIMIT to limit 50 KB per second to each client, but that doesn't work for me

I am new TC and IPTABLES and did not understand it well. Can you help me please?

How to register the client address identifier at the client level If an address is deleted on Magento2?

I do not know how to implement this task. I need to save the customer address identifier at the customer level if an address is deleted on Magento2. Could you help me please?

WooCommerce store as a client plugin

The WooCommerce store as a customer plugin allows you to use your online store as a customer to create an order on behalf of your customers who are unable to shop. The WooCommerce store as a customer plugin allows you to access your front end store as one of your customers. It allows you to collect details via smartphones or emails and create an order on their behalf. When using your site as a client, a toolbar appears, with one click to return to the administrator. It only costs $ 49.

api design – Microserice call using REST or a dedicated client file

When microservices must communicate with each other, the common practice is to establish a REST (or gRPC) communication.

I wonder what should be a better approach? (suppose all the services are in Java) –

  1. Each service uses a freestyle REST client (e.g. OkHttp)
  2. When service A is to speak with service X, it must include a "client of service X" dependency jar library that masks the network communication of service A.

Let's say this is our system – where service A uses services X and Y as data resources:

   /-X
A--
   -Y

Here are some cases:

New functionality in X

If service X has new functionality for A, in both approaches, it will be necessary to update the code of A to support it and add new HTTP calls. If we use a dependency JAR, we will also need to create a new version of the jar.

New versions of X / Y

The versions are updated in X and Y, as long as they do not break the interface does not require any change in A – in both approaches.

Different versions of HTTP library in X & Y clients

X & Y client libraries may include different versions of the same HTTP client – this can cause dependency libraries to work in service A.

What is best practice these days? I found this post and this post where each of them supports the other approach. I also came across Feign as a REST client which could be a third option