So, a few weeks ago I finally got an Android smartphone and was faced with quite the problem. I wanted to set up my numerous eMail accounts on the phone but was pretty much unable to enter my passwords.

For a long time I’ve been using KeePass to store my passwords. Additionally, I also generate random passwords (usually to the maximum complexity allowed). So first I thought I should just get an application to read my password store on my phone. But my master password for my password store requires both a key file and an incredibly complex password.

So I started copying my passwords into a QR code generator and setting up my accounts that way. And that worked out quite well.

Given how well it worked for me, I assumed there must be a KeePass plugin to streamline the process. Sadly, I couldn’t find one. So I wrote it. I quickly found a nice C# QR code library that I could use for this project. Given that library, I only needed a couple lines of code to finish this project.

Long story short, this is the KeePass QR code plugin. Hopefully, in the future, I can make another small adjustment so that the size of the resulting code is optimized for the length of the password. But for now, I’m quite happy.

Someone complained to me about the following error message when trying to use OpenVPN to connect to a VPN:

Cannot load certificate file error:0906D06C:
PEM routines:PEM_read_bio:no start line: error:140AD009:
SSL routines:SSL_CTX_use_certificate_file:PEM lib

All research regarding the matter pointed to a broken certificate. But even after re-exporting it and comparing the contents, we could not find any problem. I had the client repeat several parts of the certificate over the phone to my while comparing them to the one I had on the server. Everything matched exactly.

So I had the client send me the certificate and after a while I found the problem. The certificate the client had was saved as UTF8. If it was the BOM or the encoding of some characters, I have no idea. But after saving it as ANSI/ASCII the problem went away and the client was able to connect.

tl;dr: UTF8 is bad for OpenVPN certificates.

I often run Ubuntu server installations in VirtualBox. Sadly, this only provides you with the default console window. So most of the time I would additionally connect with Putty into the same VM, so that I can make use of a larger console. But recently it pissed me off so badly that I went hunting for a solution. And I found it in this article. It’s not quite up speed with the current environment, so I’ll duplicate the information here and update it as well.

So first thing we want to do is remove the vesa framebuffer module from the modprobe blacklist.

sudo editor /etc/modprobe.d/blacklist-framebuffer

Comment out or delete the following line:

blacklist vesafb

Now to enable the needed modules:

sudo editor /etc/initramfs-tools/modules

And add the following lines at the end:

fbcon
vesafb

Finally, update your initramfs images:

sudo update-initramfs -u

Now, we need to make Grub pass the required parameters to the kernel to enable the high-res console.
In case of Ubuntu 8.04 (and 8.10 I guess) or any pre-Grub2 version:

sudo editor /boot/grub/menu.lst

For Grub2 installations:

sudo editor /etc/default/grub

There will be a line like this:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

You’re gonna want to add the vga parameter to that:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash vga=791"

Or as the original article suggests (and what I prefer as well):

GRUB_CMDLINE_LINUX_DEFAULT="verbose vga=791"

But that only changes the amount of information you get during boot time.
The number that is passed as an argument with vga signals the desired resolution and color depth. 791 is 1024×768 with 64K colors. A full list can be found here.
Now, for Grub2 installations you’ll want to update Grub:

sudo update-grub2

And then, reboot!

sudo reboot now

On the server-backend of a project I am currently working on, I was also faced with the task of installation and setup procedures for said backend software. It’s a PHP application with a MySQL database behind it.

I was looking for a simple solution to have a PHP script that would set up the database for me. Using SQL export/import files is just a pain in the ass. They’re just quite verbose. So usually I would construct the database in a GUI and then export the .sql file and later re-import it. One positive aspect of this was, that the .sql file could be put under version control.

But I wasn’t satisfied. So I came up with my own solution to the issue and designed a language with a few keywords and even less parameters, which would allow me to model exactly the database as it was at that point.

SDML is really only intended to be used with InnoDB tables (because of the way foreign key constraints are used) and it always defaults to UTF8 usage. And there is no support for user-defined triggers, function or stored procedures. Given MySQL and PHP, I don’t like to use functions and SPs in the database anymore. Which is the reason no support is planned in SDML.
However, SDML does automatically create triggers for certain constructs that I use quite often (creating/updating timestamp).

Documentation is quite lacking right now, as, well, I literally just released it. You can find it on this Google Code site.

TL;DR: I wrote a simple language for fast database prototyping – Simple Database Markup Language.

You know how everyone would tell you to not use RAID0 unless the data you store on it is worthless? And do you know how the same people would most likely tell you to never put your operating system on a RAID0 volume?

Well, I ignored those people and did it anyway. And what did I, shortly after, get in return? A failed RAID volume. Yay.

One day I simply shut off my computer for a little restructuring of my work area, and after I turned it on again, it told me it can’t boot, cause, well, yeah. In fact, it reported that one of the RAID disks was no longer a member of the array. So I rebooted multiple times, shut off the computer and power supply, booted back up. The volume remained failed.

So I booted into an Ubuntu Live CD and browsed the web for solutions. Cause I was certain no data could have actually been lost. The RAID controller was just stupid. The solutions I found were mostly along the lines of “re-create the volume and restore a backup”. Of course I had no backup.
So I thought I would just back up the drives contents now and try to simply re-create the volume and write the data back.

Using dd, I did exactly that:

dd if=/dev/sda of=/media/backup/sda.dd bs=2MB
dd if=/dev/sdb of=/media/backup/sdb.dd bs=2MB

This took the whole night of course. So, the next day I rebooted to re-create the RAID volume. But I was very surprised to find that the RAID controller reported the volume to be in perfect health. And surely enough, seconds later my Windows was up and running again.
I praised the gods, instantly made backups and went on with my life.

Until yesterday. When the same shit happened AGAIN. I was minding my own business, when suddenly my computer shut off (due to overheating I assume). When I started it back up again, it, again, reported the RAID volume as failed.
Again, multiple reboots didn’t do anything. And, again, I went into a Live CD to back up the RAID member disks.
And, AGAIN, today my volume comes up as healthy as ever.

I have no clue if there is any logic behind this or if this was just magic happening. I also have no idea if my actions actually had anything to do with this RAID recovery. But, sure as hell, when I come across a failed ICH9R RAID0 volume again, I’ll dd the disks and reboot the shit out of it.

And, also, I’ll be converting back to a non-RAID setup ASAP.

I am currently implementing a SOAP interface for a PHP application I am working on. The built-in SOAP support in PHP didn’t really provide everything I needed (namely WSDL generation), so I went with NuSoap.
After a lot of pain trying to get a WSDL out of it, that Visual Studio would consume, and correctly parse the SOAP messages I return, I came along the next big issue today.
Whenever I tried to pass a fault from the server to my C# application, I would receive a nasty exception:

Server returned an invalid SOAP Fault. Please see InnerException for more details.

Ok, so let’s look at that InnerException:

Element ‘faultstring’ with namespace name ” was not found. Line 6, position 126.

What? No “faultstring” element? Impossible!
After double-checking my code for obvious errors and confirming with SoapUI that the “faultstring” element was indeed present, I started looking for the source of the issue. First I checked the nusoap_fault source, if there was anything weird in there that might confuse the CLR. But it seemed fine.

So I was sure the problem must be in the .Net libraries. I went on to decompile the binaries that are in use when making SOAP requests (namely System.ServiceModel). The actual issue was in System.ServiceModel.Channels.ReceivedFault.CreateFault11(). That function expects the elements of a SOAP fault’s body to be in a precise order! If the order is anything else than what it expects, it will throw the exception mentioned above.

I did not take the time to check whether this behavior is actually defined by the SOAP definition (although I highly doubt it). I just went on to extend the NuSoap classes to fix the issue. And here they are:

NuSoapServer.php:

<?php
  require_once( "nusoap/nusoap.php" );

  require_once( dirname( __FILE__ ) . "/NuSoapFault.php" );

  /**
  * Wraps a NuSoap server.
  * This class overrides the fault method of nusoap_server to use a customized version of nusoap_fault.
  */
  class NuSoapServer extends nusoap_server {
    /**
     * Specify a fault to be returned to the client.
     * This also acts as a flag to the server that a fault has occured.
     *
     * @param        string $faultcode
     * @param        string $faultstring
     * @param        string $faultactor
     * @param        string $faultdetail
     * @access   public
     */
    function fault( $faultcode, $faultstring, $faultactor='', $faultdetail='' ) {
      if( $faultdetail == "" && $this->debug_flag ) {
        $faultdetail = $this->getDebug();
      }
      $this->fault = new NuSoapFault( $faultcode, $faultactor, $faultstring, $faultdetail );
      $this->fault->soap_defencoding = $this->soap_defencoding;
    }

  }
?>

NuSoapFault.php:

<?php
  require_once( "nusoap/nusoap.php" );

  /**
  * Wraps a SOAP fault.
  * This class overrides nusoap_fault's serialize() method to fix the order in which it's members are serialized.
  * This is necessary to allow for communication with .Net clients.
  */
  class NuSoapFault extends nusoap_fault {
    /**
     * serialize a fault
     *
     * @return       string  The serialization of the fault instance.
     * @access   public
     */
    function serialize() {
      $ns_string = '';
      foreach( $this->namespaces as $k => $v ) {
        $ns_string .= "\n  xmlns:$k=\"$v\"";
      }
      $return_msg =
        '<?xml version="1.0" encoding="' . $this->soap_defencoding . '"?>' .
        '<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"' . $ns_string . ">\n" .
          '<SOAP-ENV:Body>' .
            '<SOAP-ENV:Fault>' .
              $this->serialize_val( $this->faultcode,   'faultcode'   ) .
              $this->serialize_val( $this->faultstring, 'faultstring' ) .
              $this->serialize_val( $this->faultactor,  'faultactor'  ) .
              $this->serialize_val( $this->faultdetail, 'detail'      ) .
            '</SOAP-ENV:Fault>' .
          '</SOAP-ENV:Body>' .
        '</SOAP-ENV:Envelope>';
      return $return_msg;
    }

  }
?>

So now in my actual code I don’t use nusoap_server anymore, but my own NuSoapServer. And now everything works fine.

This is pretty much a straight-forward conversion of http://www.dirty-motherfucker.org/blog/2009/04/24/build-count-of-vc-project-for-version-string/
I was quite pissed that there is no easy option to get something as simple as the build date into your C# project.
So here is my pre-build script I use in my C# projects:

@echo off
SETLOCAL
set TARGET_PATH=%~dp0
set IN_FILENAME="%TARGET_PATH%Version.txt"
set OUT_FILENAME="%TARGET_PATH%Version.cs"
set /p BUILD= < %IN_FILENAME%
set BUILD=%BUILD:~22%
if /I "%BUILD%" == "" set BUILD=0
set /a BUILD=%BUILD%+1
echo #define VERSION_BUILD %BUILD% > %IN_FILENAME%
echo using System; > %OUT_FILENAME%
echo namespace Angler { >> %OUT_FILENAME%
echo 	class Version { >> %OUT_FILENAME%
echo 		public const int BuildCount 	= %BUILD%; >> %OUT_FILENAME%
echo 		public const string BuildDate 	= "%DATE%"; >> %OUT_FILENAME%
echo 		public const string BuildTime 	= "%TIME%"; >> %OUT_FILENAME%
echo 	} >> %OUT_FILENAME%
echo } >> %OUT_FILENAME%
ENDLOCAL

I went the easy route with this by simply dropping the build count into an additional file.
I wanted to avoid parsing the value out of the .cs file. But you’re welcome to improve on this :P

When you first run it, it will create the VersionInfo.txt file which will contain the initial build count (for you to adjust).
I place the script in my project directory as “Increase build count.cmd” and add this as a pre-build event: “$(ProjectDir)Increase build count.cmd” (INCLUDING the quotes!)
Now you simply add Version.cs to your project and use its members in your program.

This almost feels too simple to even mention it. But I guess it doesn’t hurt putting it our there. Someone might hit it in a desperate Google hunt.
So this is the deal. You have a device on your network that controls another device by means of sending out simple TCP payloads.
Now you want to perform the same tasks with your program to get rid of the device. This is how you do it.

First, you wanna fire up your old friend Wireshark. Now set up the device you want to emulate to send the data to the IP of your machine. Now you can start a Live Capture in Wireshark (Ctrl+E). Now you command your device to send the message by whatever means needed (like pressing the correct button on the device). Now stop the Live Capture in Wireshark (Ctrl+E) and add a filter to get the packet you need.

Let’s assume the devices IP address is 10.0.0.1 and your IP address is 10.0.0.2. Now the correct filter would be

ip.src == 10.0.0.1 && ip.dst == 10.0.0.2

Now, hopefully you’ll see a single packet. In the center panel of Wireshark there should be a Data segment. This is what we want. Right-click it and select Copy -> Bytes (Hex Stream). You’ll get something like:

4e656574732c4b2c0100

(In case you’re interested, this is the payload when you press the first button on a Neets Control EU Standard device.)

Now let’s put this into code. The below example already has 2 payloads that would signal the target device to be turned on or off. For this 2 packets have been captured and can now be selected via the command line. The implementation is straight-forward.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net.Sockets;

namespace Neets_Control {
  class Program {

    private static byte[] WORKLOAD_ON   = new byte[] { 0x4e, 0x65, 0x65, 0x74, 0x73, 0x2c, 0x4b, 0x2c, 0x01, 0x00 };
    private static byte[] WORKLOAD_OFF  = new byte[] { 0x4e, 0x65, 0x65, 0x74, 0x73, 0x2c, 0x4b, 0x2c, 0x02, 0x00 };

    private static string TARGET_HOST   = "10.11.110.11";
    private static int    TARGET_PORT   = 5009;

    static void Main( string[] args ) {
      
      TcpClient sender = new TcpClient( TARGET_HOST, TARGET_PORT );
      NetworkStream stream = sender.GetStream();
      if( args[ 0 ] == "on" ) {
        Console.WriteLine( "Switching on" );
        stream.Write( WORKLOAD_ON, 0, WORKLOAD_ON.Length );

      } else if( args[ 0 ] == "off" ) {
        Console.WriteLine( "Switching off" );
        stream.Write( WORKLOAD_OFF, 0, WORKLOAD_OFF.Length );

      } else {
        Console.WriteLine( "Missing parameter (on/off)." );
      }

      stream.Close();
      sender.Close();

    }
  }
}

So, yeah, I can now just refer back to my introduction. Possibly this wasn’t event worth mentioning ;)

I am currently working on a project of larger scale than what I am usually working on. During this project I wrote several small tools which I personally feel are somewhat interesting.
I’ll try to write up a few posts about some solutions I came up with to kinda special problems.
This is the first one and I already feel the topic is not capturing the essence of what this tool does.

In this project we have a Windows domain of about 100 machines which are running our software are mainly used to display “stuff” (let’s not go into details).
When I arrived on site where we deployed our product I found that some technicians where using .bat files to deploy files to machines in the domain. After deploying their files they would restart the machine remotely through Windows remote desktop feature. They would repeat that process for every machine in the domain manually until the desired group was up-to-date.
Needless to say, for a programmer, this seemed unnecessarily cumbersome. This was when I wrote the first helpful tool.

The tool will read a .xml file which contains target IP addresses (or machine names if DNS is available) and will use them as a parameter to a supplied batch file. Alternatively it would use a list of targets supplied via the command line. Thus enabling you to run a .bat file for a large set of targets.
Let’s have a look at the source:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading;
using System.IO;
using System.Xml;
using System.Diagnostics;

namespace BatchProcessor {
  class Program {

    private const   String      APPLICATION_NAME    = "Batch Processor";
    private const   String      APPLICATION_VERSION = "0.1";
    
    private static ConsoleColor defaultColor        = ConsoleColor.Gray;

    static void Main( string[] args ) {

      Console.WindowWidth = 160;
      Console.Title = String.Format( "{0} {1}", APPLICATION_NAME, APPLICATION_VERSION );

      Console.ForegroundColor = ConsoleColor.Cyan;
      Console.WriteLine( String.Format( "{0} {1}", APPLICATION_NAME, APPLICATION_VERSION ) );
      Console.ForegroundColor = ConsoleColor.DarkCyan;
      Console.WriteLine( "CPP Studios Event GmbH 2009" );
      Console.ForegroundColor = defaultColor;

      string        batchFile   = String.Empty;
      string        targetsFile = String.Empty;
      List<string>  targets     = new List<string>();

      if( args.Length < 2 ) {
        errorExit( "Incorrect number of arguments" );
        return;
      }

      batchFile   = args[ 0 ];
      targetsFile = args[ 1 ];

      // Check if targetsFile is actually a file
      FileInfo targetsFileInfo = new FileInfo( targetsFile );
      if( !targetsFileInfo.Exists ) {
        for( int targetIndex = 1; targetIndex < args.Length; ++targetIndex ) {
          targets.Add( args[ targetIndex ] );
        }

      } else {
        XmlDocument targetFile = new XmlDocument();
        try {
          Console.WriteLine( String.Format( "Reading targets from {0}...", targetsFile ) );
          targetFile.Load( targetsFile );

          XmlNodeList targetNodes = targetFile.SelectNodes( "/targets/target" );
          foreach( XmlNode targetNode in targetNodes ) {
            targets.Add( targetNode.Attributes[ "ip" ].InnerText );
          }

        } catch( Exception ex ) {
          Console.ForegroundColor = ConsoleColor.Red;
          Console.WriteLine( "Error while reading targets: " + ex.Message );
          Console.ForegroundColor = defaultColor;
        }
      }
      Console.WriteLine( String.Format( "Got {0} targets", targets.Count ) );

      foreach( String target in targets ) {
        string commandLine = String.Format( "{0} {1}", batchFile, target );
        Console.ForegroundColor = ConsoleColor.DarkGreen;
        Console.WriteLine( String.Format( "Executing '{0}'...", commandLine ) );
        Console.ForegroundColor = defaultColor;

        ProcessStartInfo  p     = new ProcessStartInfo( batchFile );
        Process           proc  = new Process();

        p.Arguments               = target;
        p.RedirectStandardOutput  = true;
        p.UseShellExecute         = false;
        proc.StartInfo            = p;

        proc.Start();
        StreamReader outputReader = proc.StandardOutput;

        proc.WaitForExit();
        Console.Write( outputReader.ReadToEnd() );

        Console.ForegroundColor = ConsoleColor.DarkGreen;
        Console.WriteLine( String.Format( "Finished processing '{0}'.", commandLine ) );
        Console.ForegroundColor = defaultColor;
      }

      Console.ForegroundColor = ConsoleColor.Magenta;
      Console.WriteLine( "Operation completed." );
      Console.ForegroundColor = defaultColor;

    }

    private static void errorExit( String errorMessage ) {
      Console.ForegroundColor = ConsoleColor.Red;
      Console.WriteLine( errorMessage );
      Console.ForegroundColor = defaultColor;
      Thread.Sleep( 5000 );
    }

  }
}

Pretty much a straight forward implementation of what I explained above.
What amazed me most about the tool was the simplicity and how much can be achieved by the approach. Everyone who is capable of writing a .bat file could plug it right into the system and apply the command set to our pre-defined groups. I like to think that it turned out to be a very simple, yet versatile tool.

Another thing to notice is the console redirection used here. It’s pretty much what you will find if you google for “c# redirect console output” in a few seconds. Soon I noticed that it’s a very shitty way to redirect console output and leaves a lot to wish for. I will cover that topic in more detail in an upcoming post.

When I wanted to build the latest PHP for a server I found several guides online. Sadly none of them worked right away.
So after finally getting it all to work like I wanted to, I decided to quickly write up this guide.

I start with a clean Ubuntu 8.04 install. So, first things first:

sudo apt-get update
sudo apt-get dist-upgrade
sudo shutdown -r now

Now that we’re up-to-date, let’s begin:

sudo apt-get build-dep php5
sudo apt-get install libmcrypt-dev libc-client-dev checkinstall

Now we have all the crap to build PHP with. Let’s get PHP itself:

cd /tmp/
wget http://us3.php.net/get/php-5.3.0.tar.gz/from/this/mirror
tar xvzf php-5.3.0.tar.gz
cd php-5.3.0/

Now all that is left is to build PHP…

./configure --prefix=/usr --with-apxs2=/usr/bin/apxs2 --with-config-file-path=/etc/php5/apache2 --with-config-file-scan-dir=/etc/php5/apache2/conf.d --mandir=/usr/share/man --disable-debug --with-regex=php --disable-rpath --disable-static --with-pic --with-layout=GNU --with-pear=/usr/share/php --enable-calendar --enable-sysvsem --enable-sysvshm --enable-sysvmsg --enable-bcmath --with-bz2 --enable-ctype --with-db4 --without-gdbm --with-iconv --enable-exif --enable-ftp --with-gettext --enable-mbstring --with-pcre-regex=/usr --enable-shmop --enable-sockets --enable-wddx --with-libxml-dir=/usr --with-zlib --with-kerberos=/usr --with-openssl=/usr --enable-soap --enable-zip --with-exec-dir=/usr/lib/php5/libexec --without-mm --with-curl=shared,/usr --with-zlib-dir=/usr --with-gd=shared,/usr --enable-gd-native-ttf --with-gmp=shared,/usr --with-jpeg-dir=shared,/usr --with-xpm-dir=shared,/usr/X11R6 --with-png-dir=shared,/usr --with-freetype-dir=shared,/usr --with-t1lib=shared,/usr --with-ldap=shared,/usr --with-ldap-sasl=/usr --with-mhash=shared,/usr --with-mysql=shared,/usr --with-mysqli=/usr/bin/mysql_config --with-pspell=shared,/usr --with-unixODBC=shared,/usr --with-xsl=shared,/usr --with-snmp=shared,/usr --with-sqlite=shared,/usr --with-mssql=shared,/usr --with-tidy=shared,/usr --with-xmlrpc=shared --with-pgsql=shared,/usr --enable-gd-native-ttf --enable-dba=shared --with-openssl-dir=shared,/usr --enable-gd-jis-conv --enable-json --with-mcrypt=shared,/usr --enable-pcntl --with-pdo-mysql --with-pdo-odbc=unixODBC,/usr --with-pdo-pgsql=shared,/usr --with-pdo-sqlite --enable-xmlreader --with-tsrm-pthreads --with-imap --with-imap-ssl

I’m sure this doesn’t enable ALL features in PHP, but it works for me so far. If I’ll ever find I was missing something, I’ll be sure to update this post.

When building make sure to pass the correct number of CPUs to make with the -j parameter to safe some time.

make -j2

And now we wait…

Now we need to add these lines to our httpd.conf (which is empty in this case)

#LoadModule directive to aid module installations
#LoadModule dummy_module /usr/lib/apache2/modules/mod_dummy.so

Now we can build our .deb for PHP.

sudo checkinstall -D --install=no --fstrans=no --maintainer=your@email --reset-uids=yes --nodoc --pkgname=php5 --pkgversion=5.3 --pkgrelease=200908060830 --arch=amd64

And that’s it. Now you have a .deb which you can install on a different system or (as checkinstall told you) just put on this system with dpkg -i.

Have fun