The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,839 other subscribers

Archive for the ‘Development’ Category

« Previous Entries
Next Entries »

Some insights on how readlink approached canonicalisation of a filename having symlinks

Posted by jpluimers on 2022/03/03

Cool, I didn’t realise how readlink operated, but found out a bit more in the answers to [Wayback] symlink – How to get full path of original file of a soft symbolic link? – Unix & Linux Stack Exchange, thanks to [Wayback] daisy, [Wayback] Peter.O and [Wayback] Gilles ‘SO- stop being evil’:

  • Try this line: 
    readlink -f `which command`

    If command is in your $PATH variable , otherwise you need to specify the path you know.

    -f will return a path to a non-existent final target, so long as the intermediate link targets exist… Use -e to avoid this, ie. -e will return null if the final target does not exist. – Peter.O

  • Under Linux, readlink reads the contents of a symlink, and readlink -f follows symlinks to symlinks to symlinks, etc., until it finds something that isn’t a symlink.

–jeroen

Posted in *nix, *nix-tools, ash/dash, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

Git Explorer: a cool tool to visually learn git commands

Posted by jpluimers on 2022/03/03

This is sooooo cool: [Wayback] Git Explorer

GitExplorer: Find the right git commands you need without digging through the web

What I like is the simple clean UI with a two step selection of what git functionality you want to use followed by a simple usage and explanation.

Very well suites for both referencing and interactive learning.

Bonus: it is open source at [Wayback/Archive.is] summitech/gitexplorer: Find the right git commands without digging through the web..

Via: [Archive.is] Marko ⚡ Denic on Twitter: “You can find the right git commands without digging through the web. “

–jeroen

Posted in Development, DVCS - Distributed Version Control, git, GitHub, Software Development, Versioning | Leave a Comment »

Windows applications: storing your data in the correct place (Roaming, Local, LocalLow, not Documents)

Posted by jpluimers on 2022/03/02

This is a follow on the below TomTom HOME complaint: Know where your application should store its data.

I know this can be tough, especially for applications that were developed before Windows Vista came around: that’s when CSIDL were introduced. But still: Windows XP already had %APPDATA% (the environment variable equivalent to CSIDL_APPDATA, it pointed to %USERPROFILE%\\Application Data)

Applications should store data under either of below locations. Values are KNOWNFOLDERID constants with CSIDL constants in parenthesis where available. Some have .NET equivalents in the System.Environment.SpecialFolder enumeration:

  • FOLDERID_LocalAppData (CSIDL_LOCAL_APPDATA)

    The file system directory that serves as a data repository for local (nonroaming) applications.

  • FOLDERID_LocalAppDataLow (n/a)

    The file system directory that serves as a data repository for local (nonroaming) applications that run under “low integrity” (like in a web browser).

  • FOLDERID_RoamingAppData (CSIDL_APPDATA)

     The file system directory that serves as a common repository for application-specific data.

Do not use FOLDERID_Documents (CSIDL_MYDOCUMENTS) as this is specific to user documents, not application data.

The virtual folder that represents the My Documents desktop item. This value is equivalent to CSIDL_PERSONAL.

Basically use FOLDERID_LocalAppData for data that is machine specific and FOLDERID_RoamingAppData for data that should travel to other machines when the user logs on to them.

Be very careful how much you store as potentially roamed data as these can go over slow networks (both low bandwidth and low latency).

Documentation

Read the rest of this entry »

Posted in .NET, Development, Software Development, Windows Development | Leave a Comment »

Too bad: ESXi busybox has `diff`, but not `patch`

Posted by jpluimers on 2022/03/02

On my ESXi boxes, I have a directory with local scripts that in part depend on the machine.

So I contemplated patching the dending parts with patch.

Then I found out that the BusyBox that VMware built for ESXi does have diff, but not patch:

# $(readlink -f "`which diff`")
BusyBox v1.29.3 (2021-01-17 01:25:00 PST) multi-call binary.
BusyBox is copyrighted by many authors between 1998-2015.
Licensed under GPLv2. See source distribution for detailed
copyright notices.

Usage: busybox [function [arguments]...]
   or: busybox --list
   or: function [arguments]...

    BusyBox is a multi-call binary that combines many common Unix
    utilities into a single executable.  Most people will create a
    link to busybox for each function they wish to use and BusyBox
    will act like whatever it was invoked as.

Currently defined functions:
    addgroup, adduser, arch, ash, awk, basename, bunzip2, bzcat, bzip2, cat, chgrp, chmod, chown, chvt, cksum, clear, cp, crond,
    cut, date, dd, delgroup, deluser, diff, dirname, dnsdomainname, du, echo, egrep, eject, env, expr, false, fdisk, fgrep, find,
    fstrim, getty, grep, groups, gunzip, gzip, halt, head, hexdump, hostname, inetd, init, kill, ln, logger, login, ls, lzop,
    lzopcat, md5sum, mkdir, mkfifo, mknod, mktemp, more, mv, nohup, nslookup, od, passwd, poweroff, printf, readlink, reboot,
    reset, resize, rm, rmdir, sed, seq, setsid, sh, sha1sum, sha256sum, sha3sum, sha512sum, sleep, sort, ssl_client, stat, stty,
    sum, sync, tail, tar, taskset, tee, test, time, timeout, touch, true, uname, uniq, unlink, unlzop, unzip, usleep, vi, watch,
    wc, wget, which, who, xargs, zcat

This list is much shorter than the applets that are supported in [Wayback] BusyBox – The Swiss Army Knife of Embedded Linux, so VMware did cut out quite a few.

Generating the above output

The command-line trick above first expands diff using the output of which diff, then finds out where it links to through the readlink -f wrapper there the back-quotes “`” get this output:

# readlink -f "`which diff`"
/usr/lib/vmware/busybox/bin/busybox

Finally the $(...) executes the output of readlink.

It is based on [Wayback] bash – How to resolve symbolic links in a shell script – Stack Overflow

readlink -f "$path"

Editor’s note: The above works with GNU readlink and FreeBSD/PC-BSD/OpenBSD readlink, but not on OS X as of 10.11.GNU readlink offers additional, related options…

Need to devise a way to apply patches

Given there is no patch, I need to think about a good way to apply patches, for instance to snip this into /etc/rc.local.d/local.sh in a reliable way:

## BEGIN-PATCH-PATH

# local binaries are in /vmfs/volumes/NVMe980PRO_1TB/local-bin/
# link that directory from /opt/bin
# then add /opt/bin to the PATH in /etc/profile so that on each logon it becomes available
# this means you need to logon twice after reboot:
# - first to patch /etc/profile
# - second to have the correct PATH loaded from /etc/profile
# direcory exist trick from https://stackoverflow.com/questions/59838/how-can-i-check-if-a-directory-exists-in-a-bash-shell-script

patch_etc_profile_PATH() {
    if [ -d "$1" ]; then
      ln -s "$1" "/opt/bin"
      sed -i -e 's!PATH=/bin:/sbin!PATH=/bin:/sbin:/opt/bin/!' /etc/profile
    fi
}

patch_etc_profile_PATH /vmfs/volumes/NVMe980PRO_1TB/local-bin/

## END-PATCH-PATH

–jeroen

Posted in *nix, *nix-tools, ash/dash, ash/dash development, BusyBox, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

Not sure why: graph.windows.net is missing a security certificate retraction on some Windows machines?

Posted by jpluimers on 2022/02/28

Got this on two Dutch Windows machines, not sure why yet:

Missing information on security certificate retraction

Missing information on security certificate retraction

Certificate path is OK

Certificate path is OK

–jeroen

Posted in Communications Development, Development, Encryption, Internet protocol suite, Power User, Security, TCP, TLS | Leave a Comment »

Bash functions to encode and decode the ‘Basic’ HTTP Authentication Scheme

Posted by jpluimers on 2022/02/24

IoT devices still often use the ‘Basic’ HTTP Authentication Scheme for authorisation, see [Wayback] RFC7617: The ‘Basic’ HTTP Authentication Scheme (RFC ) and [Wayback] RFC2617: HTTP Authentication: Basic and Digest Access Authentication (RFC ).

Often this authentication is used even over http instead of over https, for instance the Egardia/Woonveilig alarm devices I wrote about yesterday at  Egardia/Woonveilig: some notes about logging on a local gateway to see more detailed information on the security system. This is contrary to guidance in:

  • RFC7617:
       This scheme is not considered to be a secure method of user
   authentication unless used in conjunction with some external secure
   system such as TLS (Transport Layer Security, [RFC5246]), as the
   user-id and password are passed over the network as cleartext.
  • RFC2617:
       "HTTP/1.0", includes the specification for a Basic Access
   Authentication scheme. This scheme is not considered to be a secure
   method of user authentication (unless used in conjunction with some
   external secure system such as SSL [5]), as the user name and
   password are passed over the network as cleartext.

Fiddling with those alarm devices, I wrote these two little bash functions (with a few notes) that work both on MacOS and in Linux:

# `base64 --decode` is platform neutral (as MacOS uses `-D` and Linux uses `-d`)
# `$1` is the encoded username:password
function decode_http_Basic_Authorization(){
  echo $1 | base64 --decode
  echo
}

# `base64` without parameters encodes
# `echo -n` does not output a new-line
# `$1` is the username; `$2` is the password
function encode_http_Basic_Authorization(){
  echo $1:$2 | base64
}

The first decodes the <credentials> from a Authorization: Basic <credentials> header into a username:password clean text followed by a newline.

The second one encodes a pair of username and password parameters into such a <credentials> string.

They are based on these initial posts that were not cross platform or explanatory:

  1. [Wayback] Decode HTTP Basic Access Authentication – Stack Pointer
  2. [Wayback] Create Authorization Basic Header | MJ’s Web Log

–jeroen

Posted in *nix, *nix-tools, Apple, Authentication, bash, bash, Communications Development, Development, HTTP, Internet protocol suite, Linux, Mac OS X / OS X / MacOS, Power User, Scripting, Security, Software Development, TCP, Web Development | Leave a Comment »

Days since last time zone issue

Posted by jpluimers on 2022/02/24

If you do business with for instance Jordan for he first time, then is likely -1 because tomorrow their clock moves forward one hour.

The 2022 daylight saving time changes (summer time / winter time) are at time.is/DST_2022 [Wayback/Archive.is]

[Archive.is] Dr. Jessie Christianstein 👩🏻‍🔬🧟‍♀️ on Twitter: “… “

–jeroen

Read the rest of this entry »

Posted in Algorithms, Development, Software Development | Leave a Comment »

Viewing the last lines of the postfix log with journalctl (with help from Unix & Linux Stack Exchange)

Posted by jpluimers on 2022/02/24

Two command-lines I use to view my Postfix logs:

  1. journalctl --unit postfix --since "2 days ago"
  2. journalctl --unit postfix --pager-end

Note that neither of these work well with the --follow (or equivalent -f) option, as this will effectively disable the pager (which by default is less).

The second is via [Wayback] systemd – How to see the latest x lines from systemctl service log – Unix & Linux Stack Exchange (which got the--pagerend bit wrong, as it misses a dash and should be --pager-end, but still thanks [Wayback] Daniel Kmak):

Just:

journalctl -u SERVICE_NAME -e

Parameter -e stands for:

-e –pagerend

That’s the one ! Other answers will go through the whole log to get to its end, which can be veeeeery long for large syslogs.

The last bit (by [Wayback] Léo Germond, thanks!) is why I like it most.

Similarly, specifying --since in the first example will not go through the whole log.

Some background information:

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, Development, journalctl and journald, Linux, postfix, Power User, Scripting, Software Development, systemd | Leave a Comment »

Egardia/Woonveilig: some notes about logging on a local gateway to see more detailed information on the security system

Posted by jpluimers on 2022/02/23

A follow-up on Source: Some links with notes on WoonVeilig/Egardia security system communications, protocols and support by 3rd party home automation apps:

Notes on the Woonveilig/Egardia GATE-03 model alarm hub (where 192.168.x.y is the IPv4 address that hub):

  1. It still uses the plain-text insecure http to communicate, so it is wise to try and put it in a separate LAN apart from other systems.
  2. Logon is done using HTTP Basic access authentication.
  3. Woonveilig/Egardia by now prefers the XMPP prototol over the CID protocol (the CID protocol is still used by jeroenterheerdt/python-egardia.
    • You can find the configuration at http://192.168.x.y/setting/xmpp.htm.
    • XMPP protocol uses
      • xmpp01.egardia.com as primary and xmpp01.alt.egardia.com as secondary server on port 443.
      • arg-####-auth  where ###### are the last 6 *lowercase* hexadecimal digits of the MAC address of the GATE-03.
      • a long password you can find in the plain-text of the http://192.168.x.y/action/xmppGet http GET request fired by http://192.168.x.y/setting/xmpp.htm.
  4. CID protocol address is ip://######@ics.alt.egardia.com:52010/CID where ###### are the last 6 *uppercase* hexadecimal digits of the MAC address of the GATE-03.
  5. User PIN-codes are not visible at the Woonveilig/Egardia alarm site, but they are at http://192.168.x.y/setting/userCode.htm together with their user names.
  6. Special PIN codes for Installer/Duress/Guard/Master/Temporary are at http://192.168.x.y/setting/codeSetting.htm and obtained via http://192.168.x.y/action/areaListGet and http://192.168.x.y/action/codeSettingGet
  7. On the CID protocol:

I got all of the above via: [Wayback/Archive.is] GATE-03 system does not report to Egardiaserver · Issue #26 · jeroenterheerdt/python-egardia (which by coincidence used the same firmware I had: HSGW 0.0.2.18.1 HPGW-L2-XA35H).

Which brings me to some Google search with some remarkable results:

So I did a quick look at LUPUS XT* based products:

Then at the Woonveilig/Egardia and Climax shops:

Conclusions:

  • Egardia/Woonveilig sensors look remarkably similar to the LUPUS ones
  • LUPUS is a re-brand of Climax with slightly different firmware

Side note on open ports

  • Open ports on the [Wayback] GATE-03 alarm device:
    PORT    STATE    SERVICE      VERSION
9/tcp   filtered discard
25/tcp  filtered smtp
80/tcp  open     http
445/tcp filtered microsoft-ds
  • Open ports on the [Wayback] CAM-06 outdoor camera:
    PORT      STATE    SERVICE      VERSION
9/tcp     filtered discard
21/tcp    open     ftp          oftpd
25/tcp    filtered smtp
80/tcp    open     tcpwrapped
445/tcp   filtered microsoft-ds
554/tcp   open     rtsp
711/tcp   open     cisco-tdp?
1935/tcp  open     rtmp?
6000/tcp  open     X11?
49152/tcp open     upnp         Portable SDK for UPnP devices 1.6.17 (Linux 3.4.35; UPnP 1.0)

jeroen

 

Posted in Communications Development, Development, Python, Scripting, Software Development | Leave a Comment »

Having wrong address field order is an almost Dark Pattern to me: #mijnOLVG again.

Posted by jpluimers on 2022/02/23

Yesterday I wrote about I consider stealing the user’s time because of a bad UX design among the Dark Patterns.

It was about a site blocking the paste of an e-mail field.

I forgot about an almost Dark Pattern on the same site that might be not obvious for English and French readers, but (though there is little documentation on this) there are a lot of countries having the house number put after the street name.

When filling out forms, it makes a lot of sense to put the house number and street name fields in the order of use for the majority of people living that country.

Not doing so rates a form almost as Dark Pattern, for instance the Dutch “MijnOLVG” site, as this is their account sign-up form:

Read the rest of this entry »

Posted in Dark Pattern, Development, Power User, Software Development, User Experience (ux), Web Development | Leave a Comment »

« Previous Entries
Next Entries »