The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,861 other subscribers

Archive for the ‘Scripting’ Category

« Previous Entries
Next Entries »

The Delphi documentation site docwiki.embarcadero.com has been down/up oscillating for 4 days is now down for almost a day.

Posted by jpluimers on 2022/03/08

The [Wayback/Archive] Embarcadero/IDERA Documentation Wiki has been mostly down since March 3rd, 2022 (not the main page, but almost all other pages are).

I modified [Wayback/Archive] Docwiki https – EmbarcaderoMonitoring to show the actual status of a deeper page as the (mostly static) top page is up, so monitoring that is useless as the deeper pages are down.

The deeper pages are dynamic and require a functioning MySQL database connection. That connection is mostly down (the error message is not clear, so this could be a network or a database server problem, or maybe even a loadbalancer gradually entering bit heaven).

Since it had been down for like 6 days in February*, I’d expect Idera to keep an eye on it and prepare for more downtime. Apparently that’s either not a 24×7 thing for them or  they missed the “pre” in preparation as it is dead-silent on .

It also runs on an unsupported version of Mediawiki 1.31** which by itself does not explain the outage, but does indicate that their idea of handling their internal lifetime management is different than what they advocate to clients in their software subscription model, see [Wayback/Archive] Delphi – Embarcadero store, [Wayback/Archive] Update Subscription – Embarcadero and [Wayback/Archive] Special Offers on RAD Studio, Delphi & C++Builder – Embarcadero:

Read the rest of this entry »

Posted in *nix, Bookmarklet, Delphi, Development, JavaScript/ECMAScript, Lightweight markup language, MediaWiki, Monitoring, Power User, Scripting, SocialMedia, Software Development, Twitter, Uptimerobot, Web Browsers | Leave a Comment »

Some insights on how readlink approached canonicalisation of a filename having symlinks

Posted by jpluimers on 2022/03/03

Cool, I didn’t realise how readlink operated, but found out a bit more in the answers to [Wayback] symlink – How to get full path of original file of a soft symbolic link? – Unix & Linux Stack Exchange, thanks to [Wayback] daisy, [Wayback] Peter.O and [Wayback] Gilles ‘SO- stop being evil’:

  • Try this line: 
    readlink -f `which command`

    If command is in your $PATH variable , otherwise you need to specify the path you know.

    -f will return a path to a non-existent final target, so long as the intermediate link targets exist… Use -e to avoid this, ie. -e will return null if the final target does not exist. – Peter.O

  • Under Linux, readlink reads the contents of a symlink, and readlink -f follows symlinks to symlinks to symlinks, etc., until it finds something that isn’t a symlink.

–jeroen

Posted in *nix, *nix-tools, ash/dash, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

Too bad: ESXi busybox has `diff`, but not `patch`

Posted by jpluimers on 2022/03/02

On my ESXi boxes, I have a directory with local scripts that in part depend on the machine.

So I contemplated patching the dending parts with patch.

Then I found out that the BusyBox that VMware built for ESXi does have diff, but not patch:

# $(readlink -f "`which diff`")
BusyBox v1.29.3 (2021-01-17 01:25:00 PST) multi-call binary.
BusyBox is copyrighted by many authors between 1998-2015.
Licensed under GPLv2. See source distribution for detailed
copyright notices.

Usage: busybox [function [arguments]...]
   or: busybox --list
   or: function [arguments]...

    BusyBox is a multi-call binary that combines many common Unix
    utilities into a single executable.  Most people will create a
    link to busybox for each function they wish to use and BusyBox
    will act like whatever it was invoked as.

Currently defined functions:
    addgroup, adduser, arch, ash, awk, basename, bunzip2, bzcat, bzip2, cat, chgrp, chmod, chown, chvt, cksum, clear, cp, crond,
    cut, date, dd, delgroup, deluser, diff, dirname, dnsdomainname, du, echo, egrep, eject, env, expr, false, fdisk, fgrep, find,
    fstrim, getty, grep, groups, gunzip, gzip, halt, head, hexdump, hostname, inetd, init, kill, ln, logger, login, ls, lzop,
    lzopcat, md5sum, mkdir, mkfifo, mknod, mktemp, more, mv, nohup, nslookup, od, passwd, poweroff, printf, readlink, reboot,
    reset, resize, rm, rmdir, sed, seq, setsid, sh, sha1sum, sha256sum, sha3sum, sha512sum, sleep, sort, ssl_client, stat, stty,
    sum, sync, tail, tar, taskset, tee, test, time, timeout, touch, true, uname, uniq, unlink, unlzop, unzip, usleep, vi, watch,
    wc, wget, which, who, xargs, zcat

This list is much shorter than the applets that are supported in [Wayback] BusyBox – The Swiss Army Knife of Embedded Linux, so VMware did cut out quite a few.

Generating the above output

The command-line trick above first expands diff using the output of which diff, then finds out where it links to through the readlink -f wrapper there the back-quotes “`” get this output:

# readlink -f "`which diff`"
/usr/lib/vmware/busybox/bin/busybox

Finally the $(...) executes the output of readlink.

It is based on [Wayback] bash – How to resolve symbolic links in a shell script – Stack Overflow

readlink -f "$path"

Editor’s note: The above works with GNU readlink and FreeBSD/PC-BSD/OpenBSD readlink, but not on OS X as of 10.11.GNU readlink offers additional, related options…

Need to devise a way to apply patches

Given there is no patch, I need to think about a good way to apply patches, for instance to snip this into /etc/rc.local.d/local.sh in a reliable way:

## BEGIN-PATCH-PATH

# local binaries are in /vmfs/volumes/NVMe980PRO_1TB/local-bin/
# link that directory from /opt/bin
# then add /opt/bin to the PATH in /etc/profile so that on each logon it becomes available
# this means you need to logon twice after reboot:
# - first to patch /etc/profile
# - second to have the correct PATH loaded from /etc/profile
# direcory exist trick from https://stackoverflow.com/questions/59838/how-can-i-check-if-a-directory-exists-in-a-bash-shell-script

patch_etc_profile_PATH() {
    if [ -d "$1" ]; then
      ln -s "$1" "/opt/bin"
      sed -i -e 's!PATH=/bin:/sbin!PATH=/bin:/sbin:/opt/bin/!' /etc/profile
    fi
}

patch_etc_profile_PATH /vmfs/volumes/NVMe980PRO_1TB/local-bin/

## END-PATCH-PATH

–jeroen

Posted in *nix, *nix-tools, ash/dash, ash/dash development, BusyBox, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

Bash functions to encode and decode the ‘Basic’ HTTP Authentication Scheme

Posted by jpluimers on 2022/02/24

IoT devices still often use the ‘Basic’ HTTP Authentication Scheme for authorisation, see [Wayback] RFC7617: The ‘Basic’ HTTP Authentication Scheme (RFC ) and [Wayback] RFC2617: HTTP Authentication: Basic and Digest Access Authentication (RFC ).

Often this authentication is used even over http instead of over https, for instance the Egardia/Woonveilig alarm devices I wrote about yesterday at  Egardia/Woonveilig: some notes about logging on a local gateway to see more detailed information on the security system. This is contrary to guidance in:

  • RFC7617:
       This scheme is not considered to be a secure method of user
   authentication unless used in conjunction with some external secure
   system such as TLS (Transport Layer Security, [RFC5246]), as the
   user-id and password are passed over the network as cleartext.
  • RFC2617:
       "HTTP/1.0", includes the specification for a Basic Access
   Authentication scheme. This scheme is not considered to be a secure
   method of user authentication (unless used in conjunction with some
   external secure system such as SSL [5]), as the user name and
   password are passed over the network as cleartext.

Fiddling with those alarm devices, I wrote these two little bash functions (with a few notes) that work both on MacOS and in Linux:

# `base64 --decode` is platform neutral (as MacOS uses `-D` and Linux uses `-d`)
# `$1` is the encoded username:password
function decode_http_Basic_Authorization(){
  echo $1 | base64 --decode
  echo
}

# `base64` without parameters encodes
# `echo -n` does not output a new-line
# `$1` is the username; `$2` is the password
function encode_http_Basic_Authorization(){
  echo $1:$2 | base64
}

The first decodes the <credentials> from a Authorization: Basic <credentials> header into a username:password clean text followed by a newline.

The second one encodes a pair of username and password parameters into such a <credentials> string.

They are based on these initial posts that were not cross platform or explanatory:

  1. [Wayback] Decode HTTP Basic Access Authentication – Stack Pointer
  2. [Wayback] Create Authorization Basic Header | MJ’s Web Log

–jeroen

Posted in *nix, *nix-tools, Apple, Authentication, bash, bash, Communications Development, Development, HTTP, Internet protocol suite, Linux, Mac OS X / OS X / MacOS, Power User, Scripting, Security, Software Development, TCP, Web Development | Leave a Comment »

Viewing the last lines of the postfix log with journalctl (with help from Unix & Linux Stack Exchange)

Posted by jpluimers on 2022/02/24

Two command-lines I use to view my Postfix logs:

  1. journalctl --unit postfix --since "2 days ago"
  2. journalctl --unit postfix --pager-end

Note that neither of these work well with the --follow (or equivalent -f) option, as this will effectively disable the pager (which by default is less).

The second is via [Wayback] systemd – How to see the latest x lines from systemctl service log – Unix & Linux Stack Exchange (which got the--pagerend bit wrong, as it misses a dash and should be --pager-end, but still thanks [Wayback] Daniel Kmak):

Just:

journalctl -u SERVICE_NAME -e

Parameter -e stands for:

-e –pagerend

That’s the one ! Other answers will go through the whole log to get to its end, which can be veeeeery long for large syslogs.

The last bit (by [Wayback] Léo Germond, thanks!) is why I like it most.

Similarly, specifying --since in the first example will not go through the whole log.

Some background information:

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, Development, journalctl and journald, Linux, postfix, Power User, Scripting, Software Development, systemd | Leave a Comment »

Egardia/Woonveilig: some notes about logging on a local gateway to see more detailed information on the security system

Posted by jpluimers on 2022/02/23

A follow-up on Source: Some links with notes on WoonVeilig/Egardia security system communications, protocols and support by 3rd party home automation apps:

Notes on the Woonveilig/Egardia GATE-03 model alarm hub (where 192.168.x.y is the IPv4 address that hub):

  1. It still uses the plain-text insecure http to communicate, so it is wise to try and put it in a separate LAN apart from other systems.
  2. Logon is done using HTTP Basic access authentication.
  3. Woonveilig/Egardia by now prefers the XMPP prototol over the CID protocol (the CID protocol is still used by jeroenterheerdt/python-egardia.
    • You can find the configuration at http://192.168.x.y/setting/xmpp.htm.
    • XMPP protocol uses
      • xmpp01.egardia.com as primary and xmpp01.alt.egardia.com as secondary server on port 443.
      • arg-####-auth  where ###### are the last 6 *lowercase* hexadecimal digits of the MAC address of the GATE-03.
      • a long password you can find in the plain-text of the http://192.168.x.y/action/xmppGet http GET request fired by http://192.168.x.y/setting/xmpp.htm.
  4. CID protocol address is ip://######@ics.alt.egardia.com:52010/CID where ###### are the last 6 *uppercase* hexadecimal digits of the MAC address of the GATE-03.
  5. User PIN-codes are not visible at the Woonveilig/Egardia alarm site, but they are at http://192.168.x.y/setting/userCode.htm together with their user names.
  6. Special PIN codes for Installer/Duress/Guard/Master/Temporary are at http://192.168.x.y/setting/codeSetting.htm and obtained via http://192.168.x.y/action/areaListGet and http://192.168.x.y/action/codeSettingGet
  7. On the CID protocol:

I got all of the above via: [Wayback/Archive.is] GATE-03 system does not report to Egardiaserver · Issue #26 · jeroenterheerdt/python-egardia (which by coincidence used the same firmware I had: HSGW 0.0.2.18.1 HPGW-L2-XA35H).

Which brings me to some Google search with some remarkable results:

So I did a quick look at LUPUS XT* based products:

Then at the Woonveilig/Egardia and Climax shops:

Conclusions:

  • Egardia/Woonveilig sensors look remarkably similar to the LUPUS ones
  • LUPUS is a re-brand of Climax with slightly different firmware

Side note on open ports

  • Open ports on the [Wayback] GATE-03 alarm device:
    PORT    STATE    SERVICE      VERSION
9/tcp   filtered discard
25/tcp  filtered smtp
80/tcp  open     http
445/tcp filtered microsoft-ds
  • Open ports on the [Wayback] CAM-06 outdoor camera:
    PORT      STATE    SERVICE      VERSION
9/tcp     filtered discard
21/tcp    open     ftp          oftpd
25/tcp    filtered smtp
80/tcp    open     tcpwrapped
445/tcp   filtered microsoft-ds
554/tcp   open     rtsp
711/tcp   open     cisco-tdp?
1935/tcp  open     rtmp?
6000/tcp  open     X11?
49152/tcp open     upnp         Portable SDK for UPnP devices 1.6.17 (Linux 3.4.35; UPnP 1.0)

jeroen

 

Posted in Communications Development, Development, Python, Scripting, Software Development | Leave a Comment »

I consider stealing the user’s time because of a bad UX design among the Dark Patterns

Posted by jpluimers on 2022/02/22

I an with [Wayback] Craig Buckler to consider Dark Patterns being wider than the strict sense.

For me anything that costs a user extra time or makes accessibility harder is a Dark Pattern.

So I agree with the issues he explains at [Wayback] The Web’s Most Annoying Dark Patterns – SitePoint

Does the web delight or displease you? Craig lists his least favourite UI and marketing dark patterns. Have you developed on the dark side?

Paste is enabled, but does not function

Paste is enabled, but does not function

A while ago, I got into one myself. Let me explain.

Having had RSI, I’m dependent on keeping my hands and arms in good shape. This means minimising the use of pointing devices and also trying to minimise typing.

In addition, I have heavily segmented my use of email addresses (among others for cutting down SPAM). Basically any point of contact gets a new email address.

This means I realy on tooling like password managers and email address generators. It means copying and pasting information.

So I bumped into a web-site that disallowed pasting the (unique and long!) email address into the email verification field.

[Archive.is] Jeroen Wiert Pluimers on Twitter: “The @olvg #mijnOLVG site is now on my Dark Patterns list as they make #accessibility harder by blocking pasting into the email address verification field. Blocking the paste-blocker. CC some people advocating mijnolvg.nl @MauricevdBosch @ronklitsie63 @kyntha”

Despite the popup menu, paste didn’t work. Chrome autofill did, but didn’t have the information for this particular (new and unique) email address yet, so could not be used yet.

Disabling the paste block

It is relatively easy to disable a paste block. In this case, I was using chrome, but this can be done with any browser. Some browsers even have optional extensions that can do this for you.

In the case of Chrome, when right clicking, there is an “Inspect” option

Inspect is enabled and actually works.

Inspect is enabled and actually works.

It inspects the current element, which on this site looks like this:

The element does not contain event handlers. But the code hooks them behind our backs.

The element does not contain event handlers. But the code hooks them behind our backs.

On the “Event Listeners” tab on the right, you can see there are two JavaScript methods hooked to the paste handler:

The paste handlers. The first is OK, the second blocks paste.

The paste handlers. The first is OK, the second blocks paste.

The first one is OK, though I did not really look into what the proxy does.

Second paste event handler: remove this one.

First paste event handler: keep this one.

First paste event handler: keep this one.

The second is not OK, as it effectively prevents the event from being handled any further at all by calling preventDefault

Second paste event handler: remove this one.

Second paste event handler: remove this one.

By clicking on the second Remove button above, the paste blocker is gone and you can paste again.

–jeroen

Read the rest of this entry »

Posted in Chrome, Chrome, Dark Pattern, Development, Google, JavaScript/ECMAScript, Power User, Scripting, Software Development, User Experience (ux), Web Browsers | Leave a Comment »

I always forget how simple it is to show the definition of bash function or alias (via: Stack Overflow)

Posted by jpluimers on 2022/02/17

I always facepalm myself after looking up this: [Wayback] Can bash show a function’s definition? – Stack Overflow (thanks [Wayback] Benjamin Bannier!):

Use type. If foobar is e.g. defined in your ~/.profile:

$ type foobar
foobar is a function
foobar {
    echo "I'm foobar"
}

type will also expand aliases, which is a nice bonus :) – [Wayback] Esdras Lopez

–jeroen

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

Archive.is is more like a thread unroll service than an archival service

Posted by jpluimers on 2022/02/14

An interesting take a while ago on [Wayback] Archive.is blog — People often compare various features of…

People often compare various features of archive.is to those of archive.org being mistaken by name similarity (and recently added “save a page” function to archive.org).

This project is different in at least two respects:

  1. We have no goal to save the entire Internet. Only manually submitted pages which may be deleted/altered soon. We are about 100x smaller than archive.org in the storage space (700TB vs. 70PB) and expenses (X,000 $/mo vs. X00,000 $/mo).
  2. The pages are not saved in their network form. Archive.today launches real browsers (not even headless) and tries to load lazy images, unroll folded content, login into accounts if prompted with login form, remove “subscribe our maillist” modals, … So archive.today is not suitable for making notarized or digitally signed snapshots.

It would be more correct to compare it with other thread unrollers.

The RSS feed of blog.archive.today is at blog.archive.today/rss

Read the rest of this entry »

Posted in archive.is / archive.today, Bookmarklet, Conference Topics, Conferences, Development, Event, Internet, InternetArchive, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers | Leave a Comment »

Chrome debugging tip: disabling framework/library code (from Minko Gechev on Twitter)

Posted by jpluimers on 2022/02/03

Cool tip: [Archive.is] Minko Gechev on Twitter: “Tooling tip: When debugging, you can prevent stepping into framework/library code by using blackboxing. In @ChromeDevTools: ‣ Open the script you don’t want to enter ‣ Right click → Blackbox ‣ Pain free debugging ✨… “

–jeroen

Read the rest of this entry »

Posted in Development, JavaScript/ECMAScript, Scripting, Software Development, TypeScript | Leave a Comment »

« Previous Entries
Next Entries »