493: Undecipherable




-About me-


Mathematica 11.1: Issue parsing German characters using ImportString[]

Dennis Guse

German characters in ImportString[data, "RawJSON"] break during parsing. A string containing the German character "ß" (also tested "ä") will be broken, ie., the letter as well as the following letters are not correct.

Affects Mathematica 11.1.

ImportString["{\"test1\":\"ABCäABC\",\"test2\":\"ABCßABC\"}", "RawJSON"]
<|"test1" -> "ABC。C", "test2" -> "ABCށBC"|>

This also remains using Export[].

Workaround: Association = ImportString[SOMTHING, "JSON"].

SeaBIOS on Libreboot via Grub2

Dennis Guse

Libreboot mainly offers Grub2 as payload (at least for Lenovo X60). That's quite nice and often sufficient as one can start Linux.

The default startup procedure of Libreboot is first start a deblobbed coreboot, which then loads Grub2. Coreboot, Grub2, and all configuration are flashed to the bios chip. This ROM is actually a large binary blob, which includes the Coreboot File System (CBFS). During the boot process, coreboot loads the CBFS from the bios chip into the RAM. So, every subsequent bootloader can access this file system to load configuration files or even load subsequent bootloaders.

On my Lenovo X60, I now wanted to have the following start procedure: coreboot -> Grub2 -> SeaBIOS. The simplest solution would be to just add the SeaBIOS ROM to the CBFS and flash the new CBFS (e.g., here). However, I don't like the risky procedure of flashing my hardware and potentially bricking it (Lenovo X60 with 64bit C2D are really rare).

This can be easily solved by using Grub2's capability to access harddrives. Thus, SeaBIOS can be loaded from Grub2 (using a USB thumbdrive):

chainloader (usb0,msdos1)/bios.bin.elf

This works, but as the VGA-rom is not available only debug output via serial port if configured will be shown (e.g., screen /dev/ttyUSB0 115200). For VGA support, the SeaVGABIOS needs to be findable by SeaBIOS. If SeaBIOS was compiled with CBFS support, it could be put into the CBFS and flash it - not an option for me.

I asked on the SeaBIOS mailing list, and Kevin O'Connor told me that SeaBIOS supports multiboot (recently implemented by Vladimir Serbinenko).

multiboot (usb0,msdos1)/bios.elf.bin
module (usb0,msdos1)/vgabios.bin name=vgaroms/seavgabios.bin

This works like charm and configuration files for SeaBIOS can be provided using this approach.

How I build SeaBIOS with VGA support for the Lenovo X60:

  1. git clone git://git.seabios.org/seabios.git (commit-id: d7adf6044a4c772b497e97272adf97426b34a249)
  2. make menuconfig (all other options default)
    1. General Features -> Build target: coreboot
    2. General Features -> coreboot CBFS support: disabled
    3. VGA ROM -> VGA Hardware Type: coreboot linear framebuffer
  3. make

Please note that CBFS support should be disabled, because coreboot loaded a CBFS. Thus, SeaBIOS might also use CBFS provided ROMs and also other bootloaders (such as the provided Grub2).

This works like charm: even a Windows 10 installer start loading (but is not functional).

Tiny issue as of today: the keyboard of my X60 works in Grub2, but for SeaBIOS I needed to use a external USB keyboard.

8Bitdo: udev rules for game controller

Dennis Guse

8bitdo sells some really nice game controllers featuring USB as well as Bluetooth such as SNES30.

At least on Ubuntu, I needed to install custom udev-rules. Otherwise the controller is only recognized as keyboard with four keys.

The following udev-rules were taken from the here.

 1 # If applications do NOT detect the 8Bitdo controller when connected via Bluetooth and won't even recognize manual binding, 
 2 # fix this by adding these udev rules to force detection - https://github.com/paalfe/mixedcontent/blob/master/udev_rules.d/99-8bitdo-bluetooth-controllers.rules. 
 3 # Add the udev rules file to "/etc/udev/rules.d/99-8bitdo-bluetooth-controllers.rules" and reboot. 
 4 # Forum thread: http://libretro.com/forums/showthread.php?t=3649 
 5 # Useful reading: https://hg.libsdl.org/SDL/file/704a0bfecf75/README-linux.txt
 7 # 8Bitdo FC30 1P GamePad Bluetooth mode(START) mode(START+R)
 8 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
10 # 8Bitdo FC30 2P GamePad Bluetooth mode(START)
11 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 II", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1" 
13 # 8Bitdo FC30 2P GamePad Bluetooth mode(START+R)
14 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 II Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
16 # 8Bitdo SFC30 GamePad Bluetooth mode(START)
17 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SFC30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
19 # 8Bitdo SFC30 GamePad Bluetooth mode(START+R)
20 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SFC30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
22 # 8Bitdo NES30 GamePad Bluetooth mode(START)
23 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
25 # 8Bitdo NES30 GamePad Bluetooth mode(START+R)
26 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
28 # 8Bitdo SNES30 GamePad Bluetooth mode(START)
29 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SNES30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
31 # 8Bitdo SNES30 GamePad Bluetooth mode(START+R)
32 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SNES30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
34 # 8Bitdo FC30 Pro GamePad Bluetooth mode(POWER) mode(POWER+R1)
35 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 Pro", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
37 # 8Bitdo NES30 Pro GamePad Bluetooth mode(POWER)
38 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 Pro", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
40 # 8Bitdo NES30 Pro GamePad Bluetooth mode(POWER+R1)
41 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 Pro Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
43 # 8Bitdo FC30 Arcade Joystick Bluetooth mode(HOME)
44 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo Joy", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"
46 # 8Bitdo Zero GamePad Bluetooth mode(START) mode(START+R)
47 SUBSYSTEM=="input", ATTRS{name}=="8Bitdo Zero GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

Asterisk: Conferencing Server with LUA

Dennis Guse

Asterisk is a powerful telephone server. However, its configuration via extensions.conf is a little bit annoying, if you would really like to program your dialplan (e.g., if-then-else, read a file, execute some command line program, ...). The diaplan can also be implemented using LUA: extensions.lua.

Here, is a short demo setup for a telephone conference server that is reachable via telephone number using sipgate.de and a lua-based dialplan.

The server registers at sipgate.de, who provide a telephone number for the server. All incoming calls at the server are forward to a telephone conference room.

I used this setup from Asterisk 11 until Asterisk 13 running on a FreeBSD 10.X.


 1 [general]
 2 allowguest=no
 3 alwaysauthreject=yes
 5 canreinvite=no
 7 disallow=allow
 8 allow=g711
10 ;SIPGATE This is the incoming uplink
11 register => USERNAME:PASSWORD@sipgate.de/USERNAME
13 [trunk_incoming]
14 type=peer
15 host=sipgate.de
16 context=trunk_incoming


 1 extensions = {}
 3 extensions.trunk_incoming = {
 4     ["_X"] = function(c, e)
 5  app.playback("beep")
 7  app.read("room", "conf-getconfno")
 8  room = channel["room"]:get()
 9  if room == nil then
10      app.playback("beepErr")
11      app.hangup()
12  end
14  app.verbose("Conference room " .. room .. ": " .. channel.CALLERID("num"):get() .. " entered")
15  app.playback("conf-enteringno")
16  app.sayDigits(room, "f")
18  app.confBridge(room)
19     end;
20 }

NOTE: Asterisk does not reload the extensions.lua automatically even not using core reload. After configuration changes the module must be reloaded: module reload pbxlua.so_.

NOTE: The LUA-parser in Asterisk is very nitty-gritty. Be careful about using only spaces and align the code properly.

NOTE: The traffic is not encrypted. Take care of it yourself by setting up a IPSec-tunnel!

Panasonic KX-2123 with KX-PT10

Dennis Guse

Still working like a boss: just got a 20 year old dot-matrix printer.

It is a Panasonic KX-2123 with an additional cut sheet feeder KX-PT10.

Pitfalls in SVG Positioning

Dennis Guse

Update: SVGGraphicsElement.getTransformToElement() was removed from the current draft.

In difference to pixel-based images formats, like JPEG or PNG, do SVG images allow to add animations, can be programmed and can react to user input. If an SVG image is embedded in a webpage, such an image can be modified with JavaScript as needed. For example change the text, color or change position of elements in the image.

In SVG elements can be positioned with by setting their a) x/y-coordinates and b) using transform. Whereas the first just sets the coordinates relative to the current coordinate system of the object, transform modifies the coordinate system for all this object and all childs.

Positioning via coordinates only:

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="300" height="80">
  <rect x="160" y="10" width="60" height="60" fill="blue"/>
  <rect x="230" y="10" width="60" height="60" fill="green"/>

Positioning via transform="translate(x, y)":

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="400" height="80">
  <rect x="0" y="0" width="60" height="60" fill="gray" transform="translate(0, 0)"/>
  <rect x="0" y="0" width="60" height="60" fill="green" transform="translate(120, 0)"/>

Both images are rendered exactly the same and from a viewer's perspective are therefore equal. However, those are not equal from a programmatic perspective they are not.

TL;DR: When you need to re-position SVG-elements, try to avoid transform.

Here is an example with three rectangles. id="rect1" and id="rect3" are positioned via coordinates whereas id="rect2" and id="rect2-inner" are positioned via transform(s).

Two functions are required without transform svg-object.getBBox() and with transform svg-object.getTransformToElement(svg-object). The first, returns the minimal rectangle that contains the current object including x/y-coordinates. The second, calculates the shift between the virtual coordinate systems due to transform.

var rect1 = document.getElementById("rect1")
var rect2 = document.getElementById("rect2");
var rect2inner = document.getElementById("rect2-inner");
var rect3 = document.getElementById("rect3");
var rect3inner = document.getElementById("rect3-inner");

rect3.getTransformToElement(rect1).e //x-shift = 0 (no transform)
rect2.getTransformToElement(rect1).e //x-shift = 120 (transform)
rect2inner.getTransformToElement(rect1).e //x-shift = 120 (transform)

//Get x-coordinates _relative_ each coordinate system.
rect1.getBBox().x //0
rect2.getBBox().x //0 (moved by transform)
rect2inner.getBBox().x //15 (moved by transform AND x)
rect3.getBBox().x //240

//Move rect3inner to center of rect1: x-only (no transform)
rect3inner.setAttributeNS(null, "transform", "translate(" + (rect1.getBBox().x - rect3inner.getBBox().x + rect3inner.getBBox().width/2) + ",0)");
//Move rect2inner to center of rect3: x-only (transform)
transform = rect2inner.getTransformToElement(rect3)
rect2inner.setAttributeNS(null, "transform", "translate(" + (-transform.e + Math.abs(rect3.getBBox().x + rect2inner.getBBox().x) - rect2inner.getBBox().width/2) + ",0)");

In the end both approaches work, but applying transform in addition makes moving more complicated. And as their are nicer things to do than debugging SVGs - try to avoid transform or at least RTFM.

NOTE: For some SVGs (created with (Inkscape)[https://inkscape.org]), I had some trouble due to transform (getTransformToElement() always returned the same values although different transform were applied). Inkscape removes transform attributes, when grouping and then ungroup elements; x/y-coordinates are re-calculated appropriately.

Tag 6 - oder das Ende

Laut Karte sollte der Tag eigentlich nicht so schlimm werden - ging erst nur bergab und dann nochmal fies bergauf. Zwischendurch musste ich allerdings feststellen, dass das Winterjöchli zwar bergab geht, aber keine fahrbahre Strecke ist. Also 1 Stunde das Rad an den Kühen vorbei getragen. Als das vorbei war ging es runter ins Tal und wieder rauf. Diesen kleinen Berg hatte ich leider übersehen...


Knapp 2 Stunden später begann ich den Aufstieg zur Heilbronner Hütte. Schön ist anders - mir ist nicht ganz klar, wie man diese Strecke runter fahren soll.


Und irgendwann hatte ich beschlossen bis nach Oberstdorf weiter zu fahren - es gibt nur eine Bahn nach Berlin und die geht um 9:40... Bei der Hütte angekommen habe ich dann kurz Bescheid gesagt, dass ich nicht da bleibe sondern gleich nach Oberstdorf weitermache. Es war ja erst 17:30 und Sonnenuntergang erst um 21:14. Was kann da schon schief gehen. Also wieder runter ins Tal und rauf auf den Schroffenpass (Tragen) und wieder runter (Schieben).



An der ersten Hütte nach dem Pass bekam ich einen Liter frischer Milch - frisch aus der Kuh - und dann ging es mit 30+kmh runter nach Oberstdorf.

Das Ende.


Eine Übernachtung habe ich spontan gefunden (schickes Hotel und sehr netter Besitzer). Das Bahnpersonal am kommenden Tag war auch sehr freundlich (Fahrradkarte können wir nicht mehr buchen, aber sprich mal mit dem Zugpersonal). Und dann ging es nach Hause!


Tag 5 - oder Radwandern

Die Tour startete mit einer  ziemlichen Hochpass. Cooles Gelände, guter Ausblick und  es ging nur bergab. Bis ins Tal war ich mit einem Heilbronner unterwegs gewesen.


Und dann begann das Schieben. Ich habe heute das Rad so knapp 4 Stunden geschoben - erst die Straße hoch, dann einen fiesen Gebirgspass hoch und dann zum Schluss zur Hütte. Zwischendurch war das Rad ein echt guter Wanderstock...


Am Nachmittag ging es dann durch malerische Landschaft abwärts.


Und es gab den ersten Defekt. Zwischendurch hatte sich mein Schnellspanner am Hinterrad gelöst. Autsch. Ist aber nichts passiert - hatte mich schon gewundert, warum die Bremse sich so komisch anfühlte.

Zum Schluß ging es dann wieder bergauf... Hat aber alles gut geklappt. Zwischendurch gab es noch Mittag in Form von Frischeiwaffeln und Schokomilch - vorzüglich.

Also der harte Teil der Tour ist geschafft. War aber ein echt guter Tag!

Aktueller Standort: Heilbronner Hütte

Over and out.

Tag 4 - oder Motivation?

Die Tour heute habe ich auch ein wenig vereinfacht - bevor mich gleich ins Gelände zu begeben, bin ich einfach die Straße bergab gerollt und nur den Anstieg zur Hütte gemacht. Bergauf war meine Motivation echt am Ende - ich kam nicht vom Fleck und war nur am schwitzen. Dann habe ich noch einen Mitstreiter gefunden und wir sind zusammen bis zur Hütte rauf. Zwischendurch noch Cola auf einer Alm und dann Mittag - war dann echt ein guter Tag! Mein Mitstreiter ist dann am Nachmittag noch weiter auf seiner Rundtour zurück ins Tal.


Ich bin dann noch zu Fuss ein wenig den Berg hoch und habe mir ein paar Murmeltiere angeschaut.



Und das war der Ausblick.


Aktueller Standort: Sesvenah Hütte

Over and out.

Tag 3 - oder nicht einen Meter hoch

Nach der Abkürzung gestern habe ich gleich so weitergemacht. Hoch auf das Stilfser Joch mit dem Rad war einfach nicht drin - also auf zum Busbahnhof und feststellen, dass es leider keinen Bus gibt. Ich habe allerdings echt viel Glück gehabt! Ein italienische Gruppen von Mountainbikefahrern hatte einen Bus gechartert, um einen Junggesellenabschied zu begehen - also rein in den Bus und es ging los.


Die Fahrt dauerte knapp eine Stunden und dann waren wir oben. Leider wurde eines der Fahrräder beschädigt - einige Bikes hingen hinten am Bus und bei einem hat der heiße Auspuff den hinteren Mantel angeschmolzen.


Oben angekommen, begann eine echt langweilige Abfahrt mit glühenden Bremsschreiben. Einfach nur runter den Asphalt und alle paar Meter Pause machen, damit die Bremsen abkühlen. Einen kurzen Trail habe ich dann zum Glück noch gefunden.


Dann war ich schon im Tal und im Hotel - es war kurz vor 12. Also noch eine Stunden wandern und dann den Nachmittag einfach nur rumliegen - nur mal den Ausblick genießen.

Aktueller Standort: Trafoi

Over and out.

Tag 2 - oder das gute Gefühl im Bus zu sitzen

Ich bin heute los und mir war schon klar, dass die geplante Route nicht machbar war. Ich hätte mich einfach zwischendurch in die Gegend gelegt und wäre dann bis morgen liegen geblieben. Hier die Stelle der Entscheidung - irgendwo 10km später fängt da richtig fieses Gelände an (bergauf).


Also in den sauren Apfel gebissen und Landstraße. War trotzdem ein sehr zäher Prozess, aber mit guter Aussicht.

Und dann eine kolossale Fehlentscheidung meinerseits - statt wie geplant den ursprünglichen Pass (wie laut Tour geplant) zunehmen, habe ich gepokert und wollte den folgenden nehmen. Naja. Auf dem Weg dahin ging es auf der Straße richtig bergab und damit hatte ich keine reale Chance mehr. Also rein in den Bus...

Aber sind hier alle sehr hilfsbereit und Kommunikation mit Händen, Füßen und Landkarten kein Problem.

PS: Fotos der Straße habe ich keine gemacht.

Aktueller Standort: Bormio

Over and out.

Tag 1 - oder Hügel werden zu Bergen

Heute ging es richtig los. Am Anfang war es nur Bundesstraßen (eher umspannenden). Trotzdem Klasse, weil es ging nur bergauf. Also Musik ins Ohr und los geht es.


Dann tauchte links plötzlich ein ziemlich blauer See auf und ich war bei dem strahlenden Sonnenschein fast baden - hätte nur zu lange gedauert.


Und so sieht eine ziemlich spektakuläre Straße aus (links ging es ziemlich runter).


Zwischendurch musste ich mich durch eine Rudel Bergziegen(?) schleichen und später gab es dann auch freilaufende Kühe - wie in der Werbung.


Ansonsten war der Tag echt lang. Irgendwann war selbst der kleinste Hügel enorm und an vielen Stellen hab ich dann einfach geschoben. Ich muss unbedingt meine Kräfte besser einteilen. Auf jeden Fall einen Hammer Ausblick und wenn es bergab geht, ist die Welt ziemlich in Ordnung.

Aktueller Standort: Dimaro.

Over and out.

Tag 0 - Anfang vom Ende

Geht los. Heute schon einmal einen Bahn-Marathon erledigt - 14 Stunden sitzen, warten und umsteigen sind richtig lang.


Hat aber alles einwandfrei funktioniert. Und zwischendurch traf ich noch zur Abwechslung den Orient-Express (im Bahnhof Innsbruck). Der Zug ist schon ein eindrucksvolles Gefährt!


Und am Ende bin ich gut angekommen. Allerdings ist der erste Eindruck Gardasee - Wolkenbruch. Oder falls das geht: Wolkenbrüche. Stand auch nicht im Wetterbericht. Bin also auf Präzision die kommenden Tage gespannt.


Ansonsten sind die Berge schon eindrucksvoll und die Ortschaft Arco echt cool. Ist so ein kleines italienisches Örtchen mit viel Flair. Und gutes Essen und nette Gastgeber gibt es hier auch.

Over and out

Subjective Quality of Webpage Loading: The Impact of Delayed and Missing Elements on Quality Ratings and Task Completion Time

Dennis Guse, Sebastian Schuck, Oliver Hohlfeld, Alexander Raake, Sebastian Möller

Simulating adaptive video coding

Dennis Guse

For a subjective user study on temporal effects of varying system performance, I needed to create a video with varying video encoding bandwidth, e.g. up to min 3 take 2 Mbit/s and then for 1 min 0.5 Mbit/s.

This can be easily achieved using ffmpeg/avconv:

//1. (optional) Determine keyframe position using _ffprobe_ ([see](http://superuser.com/questions/554620/how-to-get-time-stamp-of-closest-keyframe-before-a-given-timestamp-with-ffmpeg)
ffprobe -select_streams v -show_frames -v quiet VIDEO | awk -F= ' 
  /pict_type=/ { if (index($2, "I")) { i=1; } else { i=0; } } 
  /pkt_pts_time/ { if (i && ($2 >= 150)) print $2; } ' | head -n 1

//2. Encode all parts of the video
ffmpeg -i VIDEO -ss  0  -to 180 -b:v 2M  PART1
ffmpeg -i VIDEO -ss 180 -to 240 -b:v 1M PART2
ffmpeg -i VIDEO ...

//3. Paste all parts together (replace xx accordingly)
ffmpeg -i PART1 -i PART2 ... -i PARTxx -filter_complex '[0:0] [1:0] ... [xx:0] concat=n=xx:v=1 [v]' -map '[v]' -b:v 20M VIDEO_RECODED

//At this point the video encoding bandwidth should be rather big (here 20Mbit/s), so the introduced articifacts are encoded properly.

//4. Verify that video is frame identical
//If the cut timestamps are not correct, single frames might be dropped and thus audio and video get asynchronuous.
//For this cut one frame (best almost at the end with same motion) and save it for the original and the transcoded video.
//When comparing those they should look identical (especially viewing angle) except for additional coding artificats.
ffmpeg -ss 00:34:00 -t 1 -i VIDEO -f mjpeg VIDEO.jpg
ffmpeg -ss 00:34:00 -t 1 -i VIDEO_RECODED -f mjpeg VIDEO_RECODED.jpg

//5. (optional) Re-add the audio from original VIDEO
ffmpeg -i VIDEO_RECODED -i VIDEO -map 0:0 -map 1:1 -c:a copy -c:v copy 

FreeBSD 10: Downgrading a packet with pkg

Dennis Guse

I needed to downgrade a package (Asterisk) on a FreeBSD 10.1. After an update I found that my configuration had some issues.

Actually, pkg makes downgrading a package (incl. it's dependencies) a very convenient task. Just get the YOURFAV.VERSION.xz for your desired version (take a look into /var/pkg/cache).

And then run:

pkg install YOURFAV.VERSION.xz

After downgrading everything and searching for ours I found the mistake: spelling errors in a configuration file.

Methods for assessing the Quality of Transmitted Speech and of Speech Communication Services

Friedemann Köster, Sebastian Möller, Jan-Niklas Antons, Sebastian Arndt, Dennis Guse, Benjamin Weiss

Degrading calls: connecting Asterisk through JACK with Puredata

Dennis Guse

Sometimes it is necessary to get access to the audio of a VoIP telephony connection (more precisely SIP/RTP). My reason for this is quite simple: for laboratory studies on subjective quality of telephony, I need be able to introduce degradations like noise and speaker echo.

This is a short howto (for Ubuntu 14.04) to let Asterisk run in proxy mode (directmedia=no), route the audio via JACK to Puredata and back. In Puredata then audio can be modified as needed.

1. Install software:

sudo apt-get install asterisk qjackctl puredata

2. Setup realtime for group audio (optional)

If you need realtime for JACK, then enable it.

3. Configure Asterisk

Configure one extension (phone number) that: 1. answers the call 2. enables JACK for the caller to callee channel, 3. then dials the callee, 4. and on answering enables JACK for the callee to caller channel using a post dial macro.

The i(...) and o(...) tell asterisk to connect directly to the defined JACK ports - thus PD should already be running.

extensions = {
    default = {

    ["_XX"] = function(c, e)
        app.dial("SIP/" .. e, nil, "M(jack)")
    ["macro-jack"] = {
    ["s"] = function(c, e)

Reload the configuration:

asterisk -rx "core reload"
asterisk -rx "module reload pbx_lua.so"

ATTENTION: If JACK is not running and the asterisk JACK application is thus failing to connect, it fail silently by just emitting a warning and audio is passed on directly.

4. Start JACK and Puredata

All applications connecting to a JACK server running as user X need also to run as X. As Asterisk is running as user asterisk simply start JACK and Puredata as user asterisk.


Start JACK either directly or using qjackctl as user asterisk. If you need realtime, enable it properly.

sudo -u asterisk "jackd --no-realtime -d dummy"

Dummy is used as backend as I do not need local sound output from JACK - if you want it use Alsa instead.


Start Puredata as user asterisk and connect to JACK.

sudo -u asterisk bash pd -jack YourPatchFileHereOrNot

Then just enable DSP or do automatically.

Puredata version before 0.46 Overwriting the HOME-variable is necessary for Puredata version less than version 0.46, which will be included in Ubuntu 15.04. Otherwise the UI is not loaded as reading the config-files fails and the UI process stops.

sudo -u asterisk bash
> HOME=/tmp
> pd -jack YourPatchFileHereOrNot

Have fun.

Known issues:

  1. Asterisk Version prior 13 are limited to 8000Hz for interaction with JACK - see here.
  2. If JACK is not running Asterisk just ignores it and the call continues without.
  3. Due to the large numbers of buffers involved a relatively high delay is to be expected - a guess is ~80-100ms.

Asterisk: Enabling JACK connectivity to be (super-)wideband

Dennis Guse

During the summer I found that the JACK application of Asterisk (prior version 12; I used 11) only supported narrowband (8000Hhz). In general is the JACK application nothing else than two buffers incl. two resamplers (to and from JACK).

For the wideband case Asterisk was downsampling to 8000Hz handing the data to the JACK application, which resampled and handed over to JACK and vice versa.

I found that three things needed to be changed: 1. Prevent Asterisk from downsampling to 8000Hz 2. Dynamic buffer sizes depending on Asterisk and JACK sampling frequency 3. Resampling parameters

After that the necessary changes were straight forward and the patch made it into Asterisk 13. The functionality can be easily backported to Asterisk 11 by just replacing apps/app_jack.c using the one of Asterisk 13. Just follow this procedure (on Debian/Ubuntu).

Web-QoE under real-world distractions: Two test cases

Dennis Guse, Sebastian Egger, Alexander Raake, Sebastian Möller

Modelling Multi-episodic Quality Perception for Different telecommunication Services: First Insights

Dennis Guse, Benjamin Weiss, Sebastian Möller

ITU-T P.851: Continuous assessment scale as Inkscape/SVG

Dennis Guse

The continuous quality assessment scale defined in ITU-T P.851, p.19). Continous quality assessment scale as plain SVG

Inkscape version for download

License: CC-BY-SA

My Cube Reaction SC Pro Race Line (20") was stolen on 23th July 2014

Dennis Guse

On 23th July 2014 my Cube bike was stolen in Berlin. The serial number of the frame is A6G99079.

Asterisk using LUA: How to pre-dial and macro (incl. parameters)

Dennis Guse

Asterisk allows to implement a dialplan in Lua.

It works quite well, if you are aware that the parser is very nitpicking againt indentation: always use either spaces or tabs. The Asterisk documentation gives a a nice overview how to use Lua.

Macros and Pre-Dial-Handler are missing there, but they are quite useful... Here is the syntax example:

 1 extensions = {
 2  ["macro-mhandler"] = {
 3      ["s"] = function(c, e)
 4          app.verbose("Hello Macro!")
 5          app.verbose("Got parameter: " .. channel["ARG1"]:get())
 6      end;
 7  };
 9  predial = {
10      ["phandler"] = function(c, e)
11          app.verbose("Hello Pre-dial!")
12      end;
13  };
15  default = {
16      ["_X"] = function(c, e)
17          app.dial("SIP/" .. e, nil, "B(predial,phandler,1)M(mhandler^Put your parameter here)")
18      end;
19  };
20 }

PPA for Ubuntu: SIP-Tools.

Dennis Guse

The SIP-Tools PPA https://launchpad.net/~dennis.guse/+archive/sip-tools now contains:

If you have some problems with PJSIP, please report them to the mailing list.

Maintenance of the PPA will be done only for the current Ubuntu release (as of this writing: Trusty).

To install a package from the PPA do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install "Whatever you need"

PJSIP 2.21 for Ubuntu Trusty via PPA

Dennis Guse

PJSIP 2.21 (svn4852) is now available via PPA:


Features: * Python 2.7 bindings (pjsua and pjsua2) * OpenSSL * Video support (also python-pjsua: thanks to Frank Haase)

On Ubuntu do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install libpjsip-samples python-pjsua python-pjsua2

HTML: which letter was clicked in text?

Dennis Guse

For my spare-time project TheSchreibmaschine I need to get the position of the letter in a div that was clicked.

Limitation: it is not possible to add additional childs to the div.

1 <div>This is some awesome text</div>

The solution is actually quite straight forward: just capture the mouse event and ask the document to calculate the caret-position using the mouse coordinates.

Here is the solution I adopted:

 1 function insertBreakAtPoint(e) {
 3     var range;
 4     var textNode;
 5     var offset;
 7     if (document.caretPositionFromPoint) {    // standard
 8  range = document.caretPositionFromPoint(e.pageX, e.pageY);
 9  textNode = range.offsetNode;
10  offset = range.offset;
11     } else if (document.caretRangeFromPoint) {    // WebKit
12  range = document.caretRangeFromPoint(e.pageX, e.pageY);
13  textNode = range.startContainer;
14  offset = range.startOffset;
15     }
16     // do whatever you wanted here!
17 }

There is one limitation (at least I have a small problem in Chromium) that the range.textNode must not necessarily identical to the one that was clicked: the contained text might be shorter than expected.

The reason for that remained unknown. I just did the access via range.textNode.parentElement.firstChild as in my case the div only has one child, which is the text.

For further reference the stackoverflow. Thanks to @TimDown.

Asterisk: SIP Presence is only partly supported

Dennis Guse

Asterisk 11 and following added support for publishing/distributing the presence of an extension. This enhances the hints, which are so faronly server-generate extension states, e.g. idle, unavailable, busy. Actually the presence can be set for an extension independant how this extension is connected to the system.

So far the functionality was limited to exten => _X,hint,SIP/${EXTEN}, which gives you server-side generated extension states. Now the presence state can be set for an extension using the dial plan function/variable PRESENCE_STATE().

In my case, clients are only connecting via SIP and can now subscribe for presence states of their buddies (in this case extensions). Works like charm.

However: The presence state cannot be updated the SIP way by a SIP client for the used extension (which is denoted by a hint). Asterisk does not SUBSCRIBE on the presence state of the client, when it registers.

Thus the client does not know that Asterisk would be interested in his presence state and therefore does not NOTIFY Asterisk, if his presence state changes. And now Asterisk cannot inform all other clients that are subscribed on this extension...

At the moment Asterisk only allows to set the presence state it presents for an extensions using the PRESENCE_STATE() and sadly not the SIP way.

Olle E. Johansson confirmed the behavior on the Asterisk mailing list.

Asterisk only implements 50% of RFC 3856.

Again: Thanks to Frank Haase for his support and wisdom!

Update reported to Asterisk.

PJSIP Automatic Gain Control

Dennis Guse

PJSIP contains an un-documentated feature that does volume adjustments during media-flow.

The conference bridge contains a very basic Automatic Gain Control that adjusts the volume level of each to-be-mixed signals, if the volume difference to the previous frame is to large.

It is however implement as define-directive in the C-code and thus enabled during compile time.

Here is the code:

 1 #define ATTACK_A    (conf->clock_rate / conf->samples_per_frame)
 2 #define ATTACK_B    1
 3 #define DECAY_A     0
 4 #define DECAY_B     1
 6 #define SIMPLE_AGC(last, target) \
 7     if (target >= last) \
 8     target = (ATTACK_A*(last+1)+ATTACK_B*target)/(ATTACK_A+ATTACK_B); \
 9     else \
10     target = (DECAY_A*last+DECAY_B*target)/(DECAY_A+DECAY_B)
12 #define MAX_LEVEL   (32767)
13 #define MIN_LEVEL   (-32768)
15 #define IS_OVERFLOW(s) ((s > MAX_LEVEL) || (s < MIN_LEVEL))

The investigation for this feature started as some severe "quality changes" (during a call the sound got quantizied heavily with a lower volume) unexpectetedly occured using PJSIP under perfect conditions:

Finding and disabling the AGC lead us to another issue that was masked by it. Somehow the EchoCanceler kicks in after around 5s seconds of continuous speech and the resulting signal is sounds heavily reduced in volume (spectogram is similar to original signal). And the AGC increases the volume again fast enough leading to "quantisation"-like sound.

So disabling the EchoCanceler (a runtime option) as well as (just to be sure) the AGC fixes the problem.

Thanks to Frank Haase for his support and wisdom!

Temporal Development of Quality of Experience

Benjamin Weiss, Dennis Guse, Sebastian Möller, Alexander Raake, Adam Borowiak, Ulrich Reiter

Disable Asterisk call loop detection: SIP 482 check

Dennis Guse

UPDATE: This patch is not required on Asterisk 11.7 upwards.

Asterisk 1.8 does not allow to loop sip calls. This is in fact the correct behavior as specified in the SIP RFC. However, in some cases this might be very well the behavior that someone wants. What loop detection prevents is essentially that an Asterisk instance does not accept an incoming call that was triggered by himself. This might be necessary, if the Asterisk:

How to disable loop detection There is no default option provided to deactivate this feature (as this should only be done, if you know what you are doing). Loop detection is done in

channel/chansip.c in function handlerequest_invite(...)

On line 22325 (Asterisk 1.8) a check is done, if loop detection should be done. You can also search for 482 Loop Detected. If this if-statement is disabled (add 0 == 1 &&) or removed, no loop detection will be done. Re-compile and install as I described here.

I am using Asterisk for Transcoding twice in the same instance.

Basically Asterisk fowards an incoming SIP-call to himself (setting SIPCODECOUTBOUND to whatever I needed) and then relays the call to the callee:

Caller Client --(slin) -> Asterisk --(whatever) -> Asterisk --(slin) -> Callee Client

Patch a asterisk module without breaking package management on Ubuntu

Dennis Guse

I needed to modify one module (chan_sip) of Asterisk, but was to lazy to download and install Asterisk manually.

PS: Was done on Ubuntu 13.10 and Ubuntu 14.04.

Bringing your contacts to a Nokia 7110

Dennis Guse

I just needed a new phone and decided to go for cool solution: Nokia 7110 (v4.84). I got one including serial data cable + dock and the only thing missing was: how do I get my contacts on the phone without typing?

The answer was quite simply: export your address book as vCard and send it to the phone via gnokii on an Ubuntu.

1 [global]
2 port = /dev/ttyS0
3 model = 7110
4 connection = serial
5 use_locking = yes
6 serial_baudrate = 9600

The Nokia 7110 has a bug: the vCard-parser is broken... So, I needed to fix my addressbook: basically remove all not needed data (emails, addresses, birthdays etc.). I implemented a small python-script using vObject.

It reads from stdin and writes to stdout:

cat addressbook.vcf | python script.py

 1 #!/usr/bin/python
 2 #encoding=UTF-8
 4 import vobject
 5 import sys
 6 import inspect
 8 #Remove entries except in list for one vcard.
 9 def vcard3_remove_all_entries_except(vcard):
10    allowedEntries = {'version', 'fn', 'tel', 'categories'}
11    entries_dict = vcard.contents
12    for key in entries_dict.keys():
13        if key not in allowedEntries:
14            del entries_dict[key]
16 importedVCards = vobject.readComponents("".join(sys.stdin.readlines()))
17 try:
18     while (True):
19         vcard = importedVCards.next()
20         vcard3_remove_all_entries_except(vcard)
21         vcard.add('n');
22         try:
23             print(vcard.serialize())
24         except Exception as e:
25             print(e)
26 except StopIteration:
27     None

Sync with style:

cat contacts.vcf | python import.py | gnokii --writephonebook -o --vcard

And a tutorial to clean the Nokia 7110 can be found here.

Transcode MKV (h264) with multiple audio streams to MP4 (AAC)

Dennis Guse

Transcoding MKV containers using avconv to MP4, so that the files can be processed with Adobe Premiere. The following command copies the video stream (should already be in h264) and convert all audio streams to AAC. All audio streams are sampled to 6 channels (even if the source is only stereo).

avconv -i INPUT.mkv -c:v copy -map 0:0 -c:a aac -map 0:1 -map 0:2 -ab 448k -ac 6 OUTPUT.mp4

The example is for 2 audio streams; just add more -map commands as needed.

PJSIP 2.1 for Ubuntu (PPA) with video support

Dennis Guse

I am happy to announce that PJSIP 2.1 is packed for Ubuntu 13.10 including Video support.

PPA here: https://launchpad.net/~dennis.guse/+archive/sip-tools

On Ubuntu do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install libpjsip-samples python-pjsip

Samples reside then in /usr/lib/libpjsip-samples/

Features: * Python 2.7 bindings * SSL * (new) Video support * (new) vidgui sample application [is patched]

Next steps: * Add x264 * Python bindings: Add video support * Python bindings: Bump bindings to Python 3.X

openHKP [initial release]

Dennis Guse

OpenHKP release mail send to openPGP.js:

Hey, first of all thanks for building openpgp.js! Some weeks ago I started using openpgp.js and found it pretty convenient. However, I missed one feature: the interaction with PGP-Keyserver. Long story short: As the keyserver protocol (HKP) is basically HTTP, I created a brief implementation in Javascript: https://gitorious.org/openhkp-js/openhkp-js Furthermore, I setup a CORS-enabled proxy for some keyservers: http://g00se.indus.uberspace.de/

The implementation is based upon: http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00

Asterisk: Accepted Patch

Dennis Guse

First contribution to Asterisk (implemented together with Frank Haase):

For video calls, we would like to set the codecs in the dialplan using *SIP_CODEC. However, if SIPCODEC is set, all codecs except the ONE set are disallowed and thus either audio or video is available.Attached is a patch for 11.4 that allows SIPCODEC to contain a list of codecs , e.g. "gsm,h264".*

https://issues.asterisk.org/jira/browse/ASTERISK-21976 is accepted: https://reviewboard.asterisk.org/r/2728

Thanks to Matt Jordan and Rusty Newton (both Digium) for their reviews.

PJSIP library package for Ubuntu

Dennis Guse

I find it pretty annoying to compile PJSIP on all hosts that I use by hand. It is quite error-prone and the procedure is quite time-consuming. So, I created the scripts to setup an Ubuntu packet (at the moment only 13.04). It is available as PPA here: https://launchpad.net/~dennis.guse/+archive/sip-tools

On Ubuntu do the following:

sudo add-apt-repository ppa:dennisguse/sip-tools sudo apt-get update sudo apt-get install libpjsip-dev python-pjsip

Features: * Python-bindings * SSL

Missing Features: * Video (some dependencies are missing in Ubuntu 13.04 and will come with 13.10).

Reverse proxy with CORS with Apache2

Dennis Guse

For the implementation of a Javascript-Client, I needed a CORS enabled reverse-proxy.

Uses apache2 and modrewrite and modheaders must be loaded.

Via VirtualHost:

 1 LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
 2 LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
 3 LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
 5 <virtualhost>
 6   ProxyRequests Off
 7   ProxyPass / http://URL
 8   ProxyPassReverse / http://URL
10   Header set Access-Control-Allow-Origin "*
11   Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"
13 </virtualhost>

Via .htaccess:

1 RewriteEngine  on
2 RewriteBase /
3 RewriteRule  ^(.*)  http://URL  [P,L,QSA]
5 Header set Access-Control-Allow-Origin "*"
6 Header set Access-Control-Allow-Headers "Origin, Content-Type, Accept"

PS: Be aware of the security implications!

Macro-temporal development of QoE: impact of varying performance on QoE over multiple interactions

Dennis Guse, Sebastian Möller

Pairing Bluetooth Keyboard on Windows and Linux using the same receiver

Dennis Guse

Found a solution on the web with authenticated connections here (the original description is far more detailed).

Short description (so that it is still available for me ;) ):

hivexml system | perl -ane 's/&lt;/\n&lt;/g; print' | grep -i 'key="YOUR BLUETOOTH ID WITHOUT : "'
sudo service bluetooth restart

I can confirm that this works using Ubuntu 12.10 and Windows 8 with a Apple Wireless Keyboard.

Alternative solution without authentication (I WOULD NOT RECOMMEND THIS FOR A KEYBOARD) can be found here.

UPDATE: Still works with 13.04

HTML JS publish click-events to all childs

Dennis Guse

I have tables with one radio button per cell and its quite annoying to aim at the radio button completely...

1 <td onclick="
2   for (var i in this.childNodes)
3     if(typeof this.childNodes[i].click === 'function') this.childNodes[i].click();"><input type="radio" >Just clickable text</td>

CSipSimple - Getting started to hack it (tailor to my needs)

Dennis Guse

Just one or two things I need to remember about CSipSimple:



Bluetooth Remote Control for Windows Media Center

Dennis Guse

After years of using my Bluetooth mouse to control Windows Media Center (WMC) from my couch - I figured out that I needed a proper remote control (actually I visited a friend who used the IR remote of WMC). After endless time of searching I found the PS3 remote (Sony employs Bluetooth yeah) and it works with WMC using a small program that translates the game controller HID events to actual keystrokes.

It is called PS3BluMote and written by Ben Barron. As Ben's website was not reachable, I compiled from using VS2012 - took me about 2min. And it works perfectly - I only need to figure out good keymapping (WMC key shortcuts are available here). In fact, I recommend to use for play/pause, skip and volume control the windows events (in PS3BlueMote: Media_) and not the WMC shortcuts - in this way also VLC and other players can be controlled.

Here are some additional startup options for WMC: I created a shortcut to go to the music section directly.

PS: I use it on Windows 8 Pro with WMC

(Rails3) ActiveRecords: how to implement a constructor and init own attributes

Dennis Guse

Today I encountered two nasty things during Rails development. My idea was to create a generic model class (< ActiveRecord:Base) that on creation create the current timestamp. It is not possible to override initialize (at least it is doing nothing) as it is an ActiveRecord:Base.

I found the callback after_initialize defined by ActiveRecord, which is however not the correct way anymore. You should use it in macro style (source).

The next problem is that ActiveRecord overwrites the accessors and because ruby is not using the accessors by default if you are in the object, it must be called explicitely. This works for me:

1 class A < ActiveRecord::Base
2   attr_accessible :a
3   after_initialize :init
4   def init
5     @a = "a"
6     self[:a] = "b"
7   end
8 end

Using GoogleDocs as Team editor for Latex-files

Dennis Guse

We wrote our last project paper using Latex which creates very nice looking documents, but is absolutely painful to work in teams. Even using a code management system like SVN/GIT won't make it really comfortable as you don't have comments and see changes of other editors live. So, we put our Latex document in GoogleDocs (simply copied the content into a New GDocs Text Document) and shared it with our team. We also formatted the document by applying GDocs styles to our Latex headings, so the text looks structured and easier to work with. At first we simply copied the GDocs content to a local file and compiled it. In fact, the copy-and-paste task is really annoying and so we developed a small bash script that automatically downloads the latest GDocs version and compiles it locally. So, in any case you need to setup your latex tools correctly, but don't waste your time in the compilation step. You only need to enable sharing by URL and from this URL copy the document id, which you need to download the file. Here is the script:

get -O soups-article.download "https://docs.google.com/document/export?format=txt&id=PLACEYOURID_HERE" && \ iconv -c --from-code=UTF-8 --to-code=ISO-8859-1 soups-article.download | sed 's/end{document}*/end{document}/' > myFile.tex && \ pdflatex myFile && \ evince soups-article.pdf

Asterisk and MessageSend

Dennis Guse

We are using Asterisk (running on FreeBSD 9.0 port stock version: 10.0.0-rc2) as SIP registrar/proxy. We are using the Android softphone cSipSimple, which also provides SIP SIMPLE messaging functionality. To enable this on Asterisk add to sip.conf: accept_outofcallmessage=yes and outofcall_message=message (the name of the context handler).

However, we had some trouble setting up Asterisk to really do it. In the message-ctx Asterisk provides the information of the current message as variables/function: MESSAGE(to), MESSAGE(from) and MESSAGE(body).

(First problem) The first problem is that MESSAGE(to) contains the complete address, e.g. sip:PHONENUMBER@SERVERIP. If you try to use this address asterisk sends the message to itself and complains on receive that their is no routing for the incoming message. So, we need to remove the @IP part using the CUT command from the TO and the FROM. Now we can send a message from one phone to another: MESSAGESEND(CUTEDTO, CUTEDFROM).

(Second problem) However, we cannot reply as the recipient got as sender address something like sip:UNKNOWN@SERVERIP. In short use MESSAGESEND(CUTEDTO, CUTEDFROM <CUTED_FROM>) or as example MESSAGESEND(sip:1, SOMEBODY <1>). The first part of the FROM is the name shown to the user and the second part the reply to phone number (without sip:).

Here is our working context for messaging of the extensions.conf:

1 [message]
2   exten => _X.,1,Set(TO=${CUT(MESSAGE(to),@,1)})
3   exten => _X.,n,Set(FROM=${CUT(MESSAGE(from),:,2)})
4   exten => _X.,n,Set(FROM_PHONE_NUMBER=${CUT(FROM,@,1)})
5   exten => _X.,n,MessageSend(${TO}, ${FROM_PHONE_NUMBER}&lt;${FROM_PHONE_NUMBER}&gt;)
6   ;;DEBUG Print the status of the MessageSend
7   exten => _X.,n,Verbose(0, ${TO} ${MESSAGE(from)} ${FROM} ${MESSAGE_SEND_STATUS})

Thanks to Nicolas.

PalmSpace: continuous around-device gestures vs. multitouch for 3D rotation tasks on mobile devices

Sven Kratz, Michael Rohs, Dennis Guse, Jörg Müller, Gilles Bailey, Michael Nischt

ShoeSense: A New Perspective on Hand Gestures and Wearable Applications

Gilles Bailly, Jörg Müller, Michael Rohs, Daniel Wigdor, Sven Kratz, Dennis Guse

Demo-video on Youtube

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Dennis Guse, Benjamin Müller

Master-Thesis Template

Dennis Guse

Recently some of friends started to work on their theses and why reinvent a new Word Template every time? So today, I finally found the time to strip down my master thesis word document and made it a word template.

I used and created it with Word 2010.

It has:

You need: * Something to write about * Know how to use style sheets in word * Somebody who reads your final text for mistakes * and at last a covering page

Feel free to use it and don't waste your time creating yet another word thesis template. And also feel free to modify and extend it.

Swissranger 4000 and OpenCV and Point Cloud Library

Dennis Guse

I am back on working with Depth Cameras and hand gesture recognition - now we are using a Swissranger SR4000 - a TOF camera - instead a Kinect. Here is demo code to get the camera data to OpenCV as well as Point Cloud Library.

 1 /**
 2 * Demo program for the SR4k that shows the output (DepthImage and PCL) and can export these as images.
 3 * Use SPACE to take a picture and ESC for end.
 4 * @author Dennis Guse
 5 */
 7 #include <stdio.h>
 8 #include <iostream>
 9 #include <string>
10 #include <time.h>
12 #include "opencv2/core/core.hpp"
13 #include "opencv2/highgui/highgui.hpp"
14 #include "opencv2/imgproc/imgproc.hpp"
15 #include "opencv2/imgproc/imgproc_c.h"
17 //SR4k
18 #include "libMesaSR.h"
19 #include "definesSR.h"
21 #include "pcl/point_cloud.h"
22 #include "pcl/point_types.h"
23 #include "pcl/visualization/cloud_viewer.h"
25 using namespace cv;
26 using namespace std;
27 using namespace pcl;
29 #define SR_ROWS 176
30 #define SR_COLS 144
31 /**
32  * Takes a picture with the SR4k and returns the depthimage as well as the point cloud!
33  */
34 cv::Mat takePicture(SRCAM srCam, pcl::PointCloud<pcl::PointXYZ>::Ptr cloud) {
35  SR_Acquire(srCam);
36  cv::Mat depthImage(SR_ROWS, SR_COLS, SR_CV_PIXELTYPE, (unsigned short*)SR_GetImage(srCam, 0)); //0:DepthImage; 1:Amplitude; 2:ConfidenceMap
38  float x [SR_ROWS * SR_COLS];
39  float y [SR_ROWS * SR_COLS];
40  float z [SR_ROWS * SR_COLS];
41  SR_CoordTrfFlt(srCam, x, y, z, sizeof(float), sizeof(float), sizeof(float));
43  for(int i=0; i&lt;SR_ROWS * SR_COLS; i++) {
44    point.x=x[i];
45    point.y=y[i];
46    point.z=z[i];
47    point-&gt;points.push_back(point);
48  }
49  return depthImage;
50 }
52 int main(int argc, char **argv) {
53  SRCAM srCam;
54  SR_OpenETH(&amp;srCam, SR_IP_ADDR); //Add error handling
57  pcl::visualization::CloudViewer viewer ("PCLViewer");
58  while(true) {
59   pcl::PointCloud<pcl::pointxyz>::Ptr cloud(new pcl::PointCloud<pcl::pointxyz>);
60   cv::Mat depthImage = takePicture(srCam, cloud);
61   cv::imshow("Depth", depthIamge);
63   viewer.showCloud(cloud, "Cloud");
65   int key = waitKey(1);
66   if (key == KEY_ESC) break;
67   if (key != -1) saveDepthImageAndCloud(depthImage, cloud);
68  }
69 }

Lenovo X60 and Ericcson F5521gw

Dennis Guse

My old Lenovo X60 (wwan ready: antenna an sim slot available) uses the current state of the art UMTS (mini pci express) card from Ericcson. The card orignally belongs to an Lenovo W520 - FRU is 60Y3279.

!I am using the original BIOS (no zender!)



PIN 20: Not my image; credits go to the unknown creator (Update: Link is down.; Link removed).

Any question: Leave a comment with your mail-addr.

PS: In comparison to WiFi tethering with my Palm Pre: the card is awesome fast! (using O2 max. 3.6 Mbit/s)

Update: Similar guide for Dell and a WWAN

Extract drivers from encrypted install shield archives

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Dennis Guse, Sven Kratz, Niklas Kirschnick, Sebastian Möller

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Dennis Guse

Matlab: Progressbar for arrayfun

Dennis Guse

If you use arrayfun on large arrays with really slow functions it is annoying to wait without feedback how long it can take - so a progressbar (in matlab waitbar) would be nice. One problem is that arrayfun provides no information about the status - there are no callback handlers. What could be done instead. Simply write function for arrayfun as inner function of the function which calls arrayfun. In the calling function you define two variables, one for the number of items and one for the current solved items (starts with 0 and gets updated). In the inner function the work is done and the counter increment, which is visible in the inner function, because it is an inner function. At last update the waitbar. Here is how it can look:

 1 function doArrayFunWithProgressBar()
 2   data = magic(35);
 3   WAITBAR = waitbar(0, 'Work in progress');
 5   PROGRESS_MAX = sum(size(data));
 7   data = arrayfun(@(item)innerFun(item), data);
 9   close(WAITBAR);
11   function result= innerFun(item) 
12     %TODO Do the work!
13     pause(1);
17   end
18 end

Matlab: if-statement in anonymous functions

Dennis Guse

UPDATE: The performance penalty is massive - MATLAB fails to optimize the code if anonymous functions or function handles are used. I got factor 20... But it works ;)

Today, I needed to write a function in Matlab as accessor to a matrix. I have a matrix which contain mulitple datastreams - one per row. The columns dimension is the time Because I don't want to change the functions, which evaluate only a subset of provided streams, and I don't want to copy and modify the matrix for every combination, I started to think about an accessor function. Furthermore the function should reveal the dimensions of the (not existing) data matrix. I ended up with anonymous functions, because these allow to access variables outside the anonymous function definition like:

1   a=2 
2   b=2 
3   fun=@(x)(a*x+b) 

The advantage is that fun can use a and b, but the caller doesn't necessarily know that they exist and are used by fun. With this knowledge the implementation of providing the correct data was straight forward. The next problem was, that in anonymous function you can't use the if-statement. That's pretty messy. I found a (solution)[http://www.mathworks.com/matlabcentral/newsreader/view_thread/147044] and adapted it.

1 %%Artificial if for use in anonymous functions
2 %TRUE and FALSE are function handles.
5     RESULT = TRUE();
6   else
7     RESULT = FALSE();
8   end
9 end

The function that creates the function handles of the accessor function:

1 function HANDLE = recordHandle(COLUMN, ROWS)
2   HANDLE = @(row, column) (...
3     iff(nargin == 2, @()COLUMN(ROWS(row), column), @()[size(COLUMN, 2), size(ROWS, 1)])...
4   );
5 end

Apple Wireless Keyboard on Windows [AppleKeyboardInstaller.exe]

Dennis Guse

At the weekend I found a solution to a long lasting problem of mine. I have a Apple Wireless Keyboard, because two years ago it was the best Bluetooth keyboard on the market (Currently I can't say, didn't checked again). So, I use the keyboard every day mostly for writing text ;), but the device doens't posess a DEL, POS1 and END-Key and thus it is hard to navigate during typing.

The solution is install the keyboard driver provided by Apple in the Bootcamp package. The driver I use is from a OS X Leopard installation disc. Or download it here: http://www.happytocode.com/post/Apple-Aluminium-keyboard-Boot-Camp-20-Windows-drivers.aspx

PS: After I found the solution myself, I had the correct google search term and solutions older than my keyboard. But it works.

UPDATE: The keyboard driver sometimes leads to Bluescreens, so I am back using the standard windows drivers without the additional keyboard shortcuts.

Credit card: Visualize your money

Dennis Guse

Some time ago I had a discussion about (dis-)advantages of physical against non-physical stuff. She argued that non-physical is mostly too abstract for the user and thus not that easy to use in daily life. We argued about "real" money as physical and credit cards as non-physical example. The advantages of real money are that you see what you have and you can only spend that. The advantages of the credit card are that the payment is easier and payment via internet is possible.

The main disadvantage is that you as user can't see how much money you spend or you have available. The card looks always the same.

Assume that materials are available that could either shrink or change it's color. Using this the credit card will get smaller if you pay with it and slowly reach your limit. Or the card could get orange if are in reaching line of credit and red if your are in. Thus you as user would "feel" how much money is available and it is much easier to cope with the abstraction from real money.

PS: Only an experiment in mind.

Windows shell (cmd) and loops

Dennis Guse
1 FOR %t in (1, 2, 3, 4, 5, 6, 7, 8, 9, 10) DO 
2   FOR %g IN (1,2,3,4,5,6,7,8,9,10) DO ECHO %t %g

Hopefully I have never to use the windows shell again!

JSF 2.0: Mojarra and multipart/form-data (File Upload) [Glassfish]

Dennis Guse

It is a quite a mess that Mojarra doesn't support h:forms that use enctyp multipart/form-data, because you can't access possible available parts in the JSF Controllers.

The following wrapper extends a HttpServletRequest so that getParameter also uses available data in HttpServletRequest.getParts().

You can than access the HttpServletRequest via FacesContext.getCurrentInstance().getExternalContext() and use getParts own your own.

 1 import java.io.BufferedReader;
 2 import java.io.IOException;
 3 import java.io.InputStream;
 4 import java.io.InputStreamReader;
 5 import java.util.HashMap;
 6 import java.util.Map;
 7 import java.util.logging.Level;
 8 import java.util.logging.Logger;
 9 import javax.servlet.ServletException;
10 import javax.servlet.http.HttpServletRequest;
11 import javax.servlet.http.HttpServletRequestWrapper;
12 import javax.servlet.http.Part;
14 /**
15  * The mojarra implementation does not parse POST request that are multipart encoded, 
16  * because the parameters are not accessable via <code>getParameter()</code>.
17  *
18  * This class extends the HttpServletRequest to provide access to the parameters
19  * which are encoded accessable via <code>getParts</code>.
20  *
21  * All parts are made visible that have <code>contentType == null && size < 300</code>.
22  *
23  * If the request is not multipart encoded, the wrapper doesn't modify the behavior of the original <code>HttpServletRequest</code>.
24  * @author dennis
25  */
26 public class MultipartHTTPServletRequest extends HttpServletRequestWrapper {
28     protected Map<String, String> parameterParts = new HashMap<String, String>();
30     public MultipartHTTPServletRequest(HttpServletRequest request) {
31         super(request);
33         if (getContentType() == null) {
34             return;
35         }
36         if (!getContentType().toLowerCase().startsWith("multipart/")) {
37             return;
38         }
39         try {
40             for (Part i : getParts()) {
41                 if (i.getContentType() == null && i.getSize() < 300) {
42                     parameterParts.put(i.getName(), getData(i.getInputStream()));
43                 }
44             }
45         } catch (IOException ex) {
46             Logger.getLogger(MultipartHTTPServletRequest.class.getName()).log(Level.SEVERE, null, ex);
47         } catch (ServletException ex) {
48             Logger.getLogger(MultipartHTTPServletRequest.class.getName()).log(Level.SEVERE, null, ex);
49         }
50     }
52     private static String getData(InputStream input) throws IOException {
53         String data = "";
54         String line = "";
55         BufferedReader reader = new BufferedReader(new InputStreamReader(input));
56         while ((line = reader.readLine()) != null) {
57             data += line;
58         }
59         return data;
60     }
62     @Override
63     public String getParameter(String name) {
64         String result = super.getParameter(name);
65         if (result == null) {
66             return parameterParts.get(name);
67         }
68         return result;
69     }
70 }

Java Servlet (3.0): How can I access multipart encoded content provided by a http post request?

Dennis Guse

At the last friday i stood right before a tricky problem: How can I save a image provided via HTTP post into a database? I had three problems:

The first one was easy, just create a html form add a input field (type='file') and a submit button.

The second one cost me one day. And it was really simple: Just place the @MultipartConfig annotation at the class definition of the servlet and use HTTPRequest.getPart[s]() methods to access the data as an inputstream.

The last part was straight forward: use a InputStreamReader to copy the data into a byte[] and add @Lob byte[] field to the entity class.

Because I use MySQL it was necessary to change the columnt type from TEXT to MEDIUMBLOB.

Java: CDI & ConversationScope

Dennis Guse

Yesterday I recreated my web app project with maven. Now CDI is available and @ConversationScoped is really nice and makes the development a lot easier. I used Glassfish v3.

... Post my pom.xml tomorrow again.

Goodbye (g00se.org)

Dennis Guse

It's the last day of my good old vServer for g00se.org. Tonight they will come and cut him off.

To keep him in memory old.g00se.org points to his former home adress.

Windows 7: Share your internet uplink via wireless ad-hoc network (ICS)

Dennis Guse

Scenario: You have one windows 7 device with a direct internet connection like UMTS and you won't to share the connection via an ad-hoc wireless network with another device. In my case it is a XDA neo. Everything happens in the Network and Sharing center.

Ubuntu-vm-builder default login

Dennis Guse

Today I created a ubuntu virtual machines with ubuntu-vm-builder. When I tried to login nothing worked. I searched the web and found only the parameter --username, --password and --name. But I can't recreate two VM using an UMTS uplink :(.

I booted one machine (ubuntu jaunty VM) and used the password reset procedure to get a running root shell. In the passwd I found a user ubuntu. I rebooted and used ubuntu:ubuntu as credentials.

Default username: ubuntu

Default password: ubuntu

Thanks to NO documentation and man pages for ubuntu-vm-builder...

Addon: The packet is named python-vm-builder. See also https://help.ubuntu.com/community/JeOSVMBuilder.

CSS cheat sheet

Dennis Guse

Found by SOW: CSS cheat sheet.

SQL cheat sheet

Dennis Guse

Found by SOW: SQL cheat sheet

HTML cheat sheet

Dennis Guse

Found by SOW: HTML cheat sheet.

PHP cheat sheet

Dennis Guse

Found by SOW: PHP cheat sheet.

Power consumption of the internet

Dennis Guse

Nice article....

SIP client for Windows (using ekiga SIP service)

Dennis Guse

After long time of crawling the web, I have found a solution to use the ekiga.net SIP service from Windows. Many of my friends use skype, but it is an annoying part of software. So I started using ekiga and ekiga.net as provider. Microsoft itselfs provides a SIP client (netmeeting). The developer of Ekiga provides a nice howto.

Getting DBUS Messages from Networkmanager (Python)

Dennis Guse

I had some spare time and so I started playing with DBUS. I was annoyed that after NetworkManager established a connection I always start the same programs like ekiga, pidgin, firefox and evolution. So I wrote a small python program that start software if the NetworkManager singals an open connection via DBUS. The NetworkManager DBUS-API is available. The hardest part was to find the docs.

 1 #!/usr/bin/python
 2 from dbus.mainloop.glib import DBusGMainLoop
 3 import gobject
 4 import dbus
 5 import subprocess
 7 def signal_deviceNowActive(data=None):
 8   if data is not None and data[dbus.String("State")] == 2 :
 9     subprocess.Popen("ps -C pidgin&nbsp;&nbsp;&nbsp; || pidgin &amp;", shell=True)
10     subprocess.Popen("ps -C ekiga&nbsp;&nbsp;&nbsp;&nbsp; || ekiga &amp;", shell=True)
11     subprocess.Popen("ps -C evolution || evolution &amp;", shell=True)
13 print "init loop"
15 DBusGMainLoop(set_as_default=True)
17 loop = gobject.MainLoop();
19 print "init dbus"
21 dbus.SystemBus().add_signal_receiver(signal_deviceNowActive, signal_name=None, dbus_interface="org.freedesktop.NetworkManager.Connection.Active")
23 print "start loop"
25 loop.run() //*UPDATE: thanks for your comment

Cort Dougan: Good Programmers are Not Lazy

Dennis Guse

Made me knowingly smile...

Book: Domain-Driven Design (Eric Evans)

Dennis Guse

In the last summer ('08) I had the time to read that book. A friend of mine (thanks to Thorben) suggested that the book is really worth a try. The cover says: "Tackling complexity in the Heart of Software". And that is a really summary.

Book cover

Evans describes with short examples situations in software development projects which can lead to critical problems later. He uses the short stories to analyze the situation, make the problem and cause clear. Based upon that he describes a pattern (a style to develop software; mostly organizational stuff) to get rid of it.

The first one he suggests is a "ubiquitous language". In short he says that all people connected to the project should use the same language, so that everyone can talk to everyone about the domain. That is not about technical stuff or infrastructure. It is mere that all know all what the software should / will be used to.

It's a quite good book with well choosen practical examples and it helped to understand that real development differs from educational stuff in a sense of organization, time and size. It would have been helpful, if I read it earlier.

Lecture: Open Wins – the Future of Software & Technology (Scott McNealy, SUN)

Dennis Guse

Scott McNealy the chairmen and a co-founder of SUN visited the TU Berlin on 06-11-08. He visited the university to give a short talk about open source software and why it became and will be  a pushing element for technical innovations. Because he is with SUN the content of the talk was mostly about how SUN was, is and will be involved in the development of open source. The essance of the talk was:

Interesting points:

Cool quotes:

Provided links during the talk:

All in all I can say that Scott is a really good entertainer. It was a really nice talk! Thanks to Prof. Brandenburg for the information.

JTree on an JScrollPane and resizing

Dennis Guse

Early on the morning I read my early morning bug reports ;). It was about an JTree on a JScrollPane. The model of the will be modified during runtime and fires events if something is changes. So far everything looks pretty straight forward and it works. The problem occured if the tree gots larger than the parent scrollpane, so I believed the scrollpane starts to activate the scrollbars and everything stays cool... But the tree never changed it's size. It simple stayed in the old size and the scrollpane didn't start scrolling. And so some items of the tree were invisible.

1 TreeModel model = new DefaultTreeModel();
2 JTree tree = new JTree(model);
3 tree.setPreferredSize(new Dimension(100, 100));
4 JScrollPane pane = new JScrollPane(tree);

The model fires an TreeModelEvent (DefaultTreeModel.nodeStructureChanged) and the tree get's an JTree.treeDidChange() so it can recompute it's size. This doesn't work out. It was necessary to set the preferred size of the tree to null before excecuting treeDidChange... Why? I honestly don't know...

VOIP for GNOME Desktop: Ekiga

Dennis Guse

Yesterday I got some time to start playing with SIP. I used Ekiga a SIP client for the gnome-desktop. After installation I got an account on ekiga.net and everything went fine. The provided configuration wizard is really cool stuff. The hole action consumed 10 minutes and afterwards I spent 1 hour to get the sound devices working. And it did, but it was really annoying. The only problem now is that my built-in (Thinkpad X60) microphone produces a feedback if I use the internal speakers. The only solution is to use headphones and don't type or click during a call.

At last: sip:500@ekiga.net is a echo service, so you can test your configuration. Next week I will try to get my bluetooth headset running.

JAX-WS: ORA-31011

Dennis Guse

Today, I tried to do something useful for my bachelor thesis. I tried to query a Oracle 11G DBMS via a SOAP-based Webservice. Using the instruction from Andrea and Oracle I got the service up and running. The Webservice was reachable under http://localhost:8080/orawsv and presented it's wsdl via http://localhost:8080/orawsv?wsdl.

Now the trouble started: The URL from the Oracle HTTP-Server is secured via HTTP-Authentification. Ok so I downloaded the WSDL and created the stubs from a local file with the JDK's wsimport. Now I needed to tell the Webservice Client Provider to authenticate if necessary:

1 ORAWSVPortType port = new ORAWSVService().getORAWSVPort();
2 Map<String, Object>; requestCtx = ((BindingProvider) port).getRequestContext();
3 requestCtx.put(BindingProvider.USERNAME_PROPERTY, "user");
4 requestCtx.put(BindingProvider.PASSWORD_PROPERTY, "password");

The first test ended with a desaster:

Exception in thread "main" java.lang.IllegalArgumentException: faultCode argument for createFault was passed NULL at com.sun.xml.messaging.saaj.soap.ver11.SOAPFactory11Impl.createFault(SOAPFactory1_1Impl.java:56) at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178) at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:108) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:254) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:224) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:117) at $Proxy32.xmlFromQuery(Unknown Source) at productcatalogws.Main.main(Main.java:49) Java Result: 1

I couldn't make anything useful out of these messages. The only thing I found was a dead end: bug_id=6587659. So I started debugging: First view the SOAPMessages: I used the cool charles proxy.

Configuration for JAVA:

1 System.getProperties().put("proxySet", "true");
2 System.getProperties().put("proxyHost", "localhost");
3 System.getProperties().put("proxyPort", "8888");

After viewing the messages without noticing anything of interesst except: ORA-31011: XML parsing error, but without any reference to the Webservice.

I found a cool tool to use webservices: soapUI (you can do everything I needed using it!!) and queried the Oracle Webservice by hand. And it worked!

The problem was that the default JAX-WS Provider does send:

Content-Type: text/xml;charset="utf-8"

And the Oracle HTTP Server expects:

Content-Type: text/xml;charset=UTF-8

An example SOAPMessage (including the header):

 1 Authorization: Basic XXXXX
 2 Host: localhost:8080
 3 Content-Length: 314
 4 SOAPAction: "<a href="http://localhost:8080/orawsv">http://localhost:8080/orawsv</a>"
 5 User-Agent: Jakarta Commons-HttpClient/3.0.1
 6 Content-Type: text/xml;charset=UTF-8
 7 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:oraw="http://xmlns.oracle.com/orawsv">
 8     <soapenv:Header>
 9         <soapenv:Body>
10             <oraw:query>
11                 <oraw:query_text type="SQL">SELECT * FROM PRODUCT</oraw:query_text>
12             </oraw:query>
13         <soapenv:Body>
14 </soapenv:Envelope>

The questions are: * Does JAX-WS something wrong during the request or is the DB Webservice the bad guy? * And why doesn't JAX-WS handle the SOAPfault correctly?

Used software: javac --version:

java version "1.6.004" Java(TM) SE Runtime Environment (build 1.6.004-b12) Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode)

Oracle 11G DBMS: Oracle Database 11 g Release 1 for 32-bit Windows.

OpenSSH using Kerberos via GSSAPI

Dennis Guse

I missed to activate a small and tiny feature during the update to Debian Etch: OpenSSH with GSSAPI support. What does sat mean?

I missed to upload my subversion working copies over ssh without typping my password everytime. So I installed ssh-krb5 to add the cool behavior.

Cyrus and Exim4 authentification using Kerberos via GSSAPI

Dennis Guse

Today I used my spare time to let the SMTP and the IMAP server of g00se.org using the GSSAPI for authentification. The necessary cyrus-sasl libaries were already installed. So I really don't know which are exactly required. I suppose the cyrus-sasl gssapi libary should meet all requirements. I needed to install the exi4-daemon-heavy instead of the light one. The the heavy one does support authentification using the cyrus-sasl libary. I created the principals imap/g00se.org and smtp/g00se.org and put them into the default keytab.

And modified the configuration files of both services to let them propose GSSAPI as alternate authentification mechanism:

(cyrus): imapd.conf:

1  sasl_mech_list: PLAIN GSSAPI


(exim4): /etc/exim4/conf.d/auth/01exim4-configgssapi

 1  gssapi_server:
 2  driver = cyrus_sasl
 3  public_name = GSSAPI
 4  server_mech = gssapi
 5  server_hostname = g00se.org
 6  #server_realm = G00SE.ORG
 7  server_set_id = $auth1
 9  server_advertise_condition = $\{if eq{$tls_cipher}\{}\{}\{\*}}
10  .endif

Thanks to Sean for a short and easy description.

PS: Exim4 does use the splitted configuration file option of Debian. So you can put the lines anywhere into the authentification section.

Apache with Kerberos authentification

Dennis Guse

Special thanks to the guys who invented modauthkerb. I removed the PAM authentification modules, which I only used as wrapper to get Kerberos auth through PAM and replaced it with modauthkerb. Here is the small configuration:

1  Krb5Keytab /etc/apache2/krb5.keytab
2  KrbAuthRealms G00SE.ORG
3  KrbServiceName HTTP
4  <Directory / >
5   AuthType Kerberos
6    Require valid-user
7  </Directory>

That's all! Cool.

The Firefox bundled into my OpenSUSE 10.3 does already contain all necessary configurations. I only needed to add g00se.org *to *network.negotiate-auth.trusted-uris in about:config. So he does accept the offer to do GSSAPI authentification with these URIS. And that's pretty cool.

At least I need to figure a way to get my M$ system use such cool stuff.

Exim4 and Saslauthd [service=]

Dennis Guse

Hello! Since I upgraded g00se.org from Debian Sarge to Etch the authentification mechanism of my exim mail server doesn't run properly. I used as I descriped early the saslauthd to authentificate against the pam. Everything went fine. I believed, but a few weeks later (I used all the time my webinterface to send mails.) the exim couldn't use the same credentials as the imap server. The saslauthd always claimed that my credentials are false and so exim awnsered with a SMTP Error 535: Authentification failure. Tonight I managed to look into the problem and it's source. I checked the saslauthd using testsaslauthd. If I used: testsaslauthd -s smtp -u XXX - p XXX everything went fine and the saslauthd replied with credentials ok. But if I issued testsaslauthd -s "" -u XXX - p XXX I got a pam authentification error. I tried the same using exim and same behavior appeared, exim doesn't set the name of the service and so all authentification will fail. The problem is that the saslauthd will try to authenticate against a pam configuration which is not available. Note: I have in /etc/pam.d/ a file called smtp which defines the pam behavior for my smtp service ;).

The messages (/var/log/auth.log):

Dec 3 00:55:50 h1206589 saslauthd[22244]: doauth : auth failure: [user=XXX] [service=] [realm=] [mech=pam] [reason=PAM auth error] Dec 3 01:18:45 h1206589 saslauthd[22247]: doauth : auth success: [user=XXX] [service=imap] [realm=] [mech=pam]

As you can see the name of the service is in the first log empty. I found a solution: you can tell the exim how to call the saslauthd. (Snip of the authentification part of my exim service):

 1  plain_saslauthd_server: 
 2    driver = plaintext
 3    public_name = PLAIN
 4    server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}}\{1}\{0}}
 5    server_set_id = $auth2
 6    server_prompts = : .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
 7    server_advertise_condition = $\{if eq\{$tls_cipher}\{}\{}\{\*}}
 8  .endif
10  login_saslauthd_server:
11    driver = plaintext
12    public_name = LOGIN
13    server_prompts = "Username:: : Password::" # don't send system passwords over unencrypted connections
14    server_condition = ${if saslauthd\{\{$auth1}\{$auth2}}\{1}\{0}}
15    server_set_id = $auth1 
17      server_advertise_condition = $\{if eq{$tls_cipher}\{}\{}\{\*}}
18    .endif

Now tell exim that he has to use a service attribute for saslauthd change:

1 server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}}\{1}\{0}} into server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}*\{smtp}*}\{1}{0}}.

smtp have to be the name of the pam configuration file.

That's all. Everythings work as expected.

JOptionPane and the Focus

Dennis Guse

I started to write a login screen (NEED: two input field [username, password]and two buttons [ok, cancel]). Since a login is a blocking panel I created a JPanel and put that on a JOptionPane.showDialog(...). Everything looked quite fine, but the default focus was set on the OK-Button. So I tried to requestDefaultFocus, but nothing worked. Mark provides a running solution.

And it works!

WebSVN vs. ViewCVS

Dennis Guse

Tonight I removed ViewCVS and started using WebSVN. It's nice simple and in PHP :D... Take a look!

Java Base64 encoding (sun.misc.Base64Encoder)

Dennis Guse

Today I would like to say some words about BASE64 encoding and JAVA. Let me introduce a cool class to encode a string: sun.misc.Base64Encoder This class seams to work quite all right for some weeks. So, today we transfered our JEE server from a linux to windows (not my idea). Till now I have assumed that the mythos of the JAVA plattform independence is not only a myth. During the check of the application (the deployed JEE project) it showed up error messages that the base64 coded strings doesn't match. On the first look everything seemed to be fine. The second showed up that the strings on the windows machine were one (!) character longer. Two hours later we found the problem: Does RFC 3548 say something about line feeds and carriage return?

So why does the base64 coded strings contain some?

The anwser is: Because the encode method of the *Base64Enconder split the string after some characters (I suppose at char 76 / 77, but I'm not quite sure). So if you switch the operation system and the new system uses another encoding for the line break, your old base64 encoded data is worthless.

To solve this problem I used the java mail api (cause JEE server needs to implement these):

 1 StringOutputStream output = new StringOutputStream();
 2 OutputStream encoding = MimeUtility.encode(output, "base64");
 3 encoding.write("Hello World");
 4 result = output.toString();
 7 import java.io.IOException; import java.io.OutputStream;
 8 /**
 9 *
10 * @author Dennis Guse
11 *
12 */
13 public class StringOutputStream extends OutputStream {
14   private StringBuffer data = new StringBuffer();
15   public StringOutputStream() {}
16   public String toString() {
17     return data.toString();
18   }
19   public void write(int b) throws IOException { data.append((char)b); } }

So a half day of work for nothing.... PS: Feel free to use this stuff.

Authentification Server via Kerberos (Heimdal) and LDAP backend

Dennis Guse

Today morning I configured heimdal KDC and as storage the openldap slapd. Slapd stores the user information and holds the kerberos authentification information. The public URI is ldaps://g00se.org. Kerberos realm: G00SE.ORG. KDC: g00se.org The openldap server uses TLS and authenfication and authorisation with the SASL GSSAPI (package (debian): libsasl2-modules-gssapi-heimdal). First I installed slapd (slapd and the above package). Added the krb5-kdc.schema. Configurated SASL support and added authorisation rules. With slapadd -f "backup.ldif" I installed my backup (without internal kerberos accounts). Modified /etc/default/slapd to let the slapd listen on ldaps:// and ldapi://. Reload the configuration.

Second I installed the heimdal-kdc. Configured the realm. Configured database backend to use the ldapi:// socket and reload it. Init the realm and create necessary kerberos host accounts (with random keys): kadmin -l

1  init G00SE.ORG 
2  add -r host/g00se.org 
3  ext_keytab host/g00se.org 
4  add -r ldap/g00se.org 
5  ext_keytab ldap/g00se.org

Reload everything and the authenfication server was up and running! Have a nice one!!

Authentication client via Kerberos (Heimdal) and LDAP backend

Dennis Guse

To use the provided authenfication mechanism from g00se.org on g00se.org :D. I installed libpam-heimdal and configured nss.

Kerberos configuration: /etc/krb5.conf

 1  [libdefaults]
 2  default_realm = G00SE.ORG
 3  default_keytab_name = /etc/krb5.keytab
 4  ticket_lifetime = 28800
 5  default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
 6  default_etypes_des = des3-hmac-sha1
 7  des-cbc-crc des-cbc-md5
 9  [realms]
10  G00SE.ORG = { kdc = g00se.org admin_server = g00se.org }
12  [domain_realm]
13  g00se.org = G00SE.ORG
14  .g00se.org = G00SE.ORG

The pam configuration to use the heimdal KDC: /etc/pam.d/kerberos

1  #@include common-auth
2  #@include common-account auth required pam_krb5.so account required pam_krb5.so

Configuration of the nss-ldap plugin: /etc/libnss-ldap.conf

 1  uri ldaps://g00se.org/
 2  ldap_version 3
 3  base dc=g00se,dc=org
 4  scope sub
 5  pam_filter objectclass=account
 6  pam_login_attribute uid 
 7  pam_min_uid 1000
 8  pam_max_uid 2000
 9  nss_base_passwd ou=People,dc=g00se,dc=org?one
10  nss_base_group ou=group,dc=g00se,dc=org?one

Let nss know that there is a second source which provide authorisation data. cat /etc/nsswitch.conf

1  passwd: compat *ldap*
2  group: compat *ldap*

That's all! As root you can now check if everything runs: getent passwd and you will see all your local accounts and the provided central ones! I hope everything is cool!!!