493: Undecipherable

Presentation: Authentication for Web-Applications with OpenID Connect

I gave a presentation about OpenID Connect: how it works and why it is useful.

Link to the (presentation).

Presentation: Reviving open-source projects

I gave a short presentation at Hacking in Parallel in Berlin about how to revive abandoned open-source projects.

Abstract:

Most open-source projects have limit lifetime: at some point in time development stops and the project becomes unmaintained. A lot of projects often do not even reach the stage, where they are used by a critical mass of users.
In this talk, I will go through the steps of continuing an open-source project using my lessons learned from forking Google's MyTracks and crafting it into OpenTracks.

Link to the announcement: https://pretalx.c3voc.de/hip-berlin-2022/talk/ZGJVPF/

Link to the recording: will be published on media.ccc.de.

Link to the (presentation):

GPS time rollover compensation for broken devices

Every 19.7 years aka every 1024 weeks the week counter in GPS transmission has an overflow. This is how to apply a fix if the hardware did not got a software update.

    /**
     * 1. Ancient fix for phones that do not set the time in {@link android.location.Location}.
     * 2. Fix for GPS time rollover happening every 19.7 years: https://en.wikipedia.org/wiki/GPS_Week_Number_Rollover
     */
    public static void fixTime(@NonNull Location trackPoint) {
        if (trackPoint.getTime() == 0L) {
            Log.w(TAG, "Time of provided location was 0. Using current time.");
            trackPoint.setTime(System.currentTimeMillis());
            return;
        }

        {
            long timeDiff = Math.abs(trackPoint.getTime() - System.currentTimeMillis());

            if (timeDiff > 1023 * UnitConversions.ONE_WEEK_MS) {
                Log.w(TAG, "GPS week rollover.");
                trackPoint.setTime(trackPoint.getTime() + 1024 * UnitConversions.ONE_WEEK_MS);
            }
        }
    }

Office of Strategic Services: Simple Sabotage Field Manual

Some years ago, a friend of mine showed me the Simple Sabotage Field Manual. This document was created by the Office of Strategic Services (predecessor of the CIA) in January 1944 to prepare a successful D-Day. It contains some really interesting recommendations how to slow down and obstruct within organisations (incl. companies), and these are really practical (and well used).

Recently, created a presentation about it (presentation):

Android's ContentProvider: how to share a virtual file

While working on OpenTracks, I wanted to send geographical data (e.g., points as well as KML, GPX) to another installed application that could show this kind of data (e.g., OsmAnd or Maps.ME). The main reason for this, was that I did not want this functionality in OpenTracks as it was not a core feature.

To achieve this usually, the FileProvider is used and it’s usage is really simple: just get the Uri of the file to be shared and send an intent (be aware of grantUriPermission). This is awesome as long as the file is already stored on the device - it is painless simple.

However, what happens if the data is not yet stored in the file system? For example, the data resides in a SQLite database? This is actually achivable using FileProvider:

1. One could store the data in a temporary file and store it somewhere (e.g., the app’s cache directory).
2. Send the intent.
3. Later delete the temporary file.

This solution works quite well and is probably in use quite often. However, it does not feel very beautiful (at least not for me).

What I actually wanted was the a ContentProvider that can share a virtual (i.e., file is created on the fly from database). Thus, I do not need to create the temporary file and delete it later. Luckily, this is possible and this is actually quite straight forward. The following shows an example that is inspired by FileProvider, but the interesting part is in openFile() and how a ParcelFileDescriptor can be created without an actual file.

public class ShareContentProvider extends ContentProvider

    private static final String[] COLUMNS = {OpenableColumns.DISPLAY_NAME, OpenableColumns.SIZE};

    //Provide file name and size.
    @Override
    public Cursor query(@NonNull Uri uri, @Nullable String[] projection, @Nullable String selection, @Nullable String[] selectionArgs, @Nullable String sortOrder) {
        // Inspired from FileProvider
        // ContentProvider has already checked granted permissions
        if (projection == null) {
            projection = COLUMNS;
        }

        String[] cols = new String[projection.length];
        Object[] values = new Object[projection.length];
        int i = 0;
        for (String col : projection) {
            if (OpenableColumns.DISPLAY_NAME.equals(col)) {
                cols[i] = OpenableColumns.DISPLAY_NAME;
                values[i++] = uri.getLastPathSegment();
            } else if (OpenableColumns.SIZE.equals(col)) {
                cols[i] = OpenableColumns.SIZE;
                values[i++] = -1; //Return a file size of -1
            }
        }

        cols = Arrays.copyOf(cols, i);
        values = Arrays.copyOf(values, i);

        final MatrixCursor cursor = new MatrixCursor(cols, 1);
        cursor.addRow(values);
        return cursor;
    }

    @Nullable
    @Override
    public String getType(@NonNull Uri uri) {
        return "PutYourMimeTypeHere";
    }

    @Nullable
    @Override
    public ParcelFileDescriptor openFile(@NonNull Uri uri, @NonNull String mode) throws FileNotFoundException {
        PipeDataWriter pipeDataWriter = new PipeDataWriter<String>() {
            @Override
            public void writeDataToPipe(@NonNull ParcelFileDescriptor output, @NonNull Uri uri, @NonNull String mimeType, @Nullable Bundle opts, @Nullable String args) {
                try (FileOutputStream fileOutputStream = new FileOutputStream(output.getFileDescriptor())) {
                     //TODO: Write your actual data
                     byte[] data = new byte[]{255, 255, 255};
                     fileOutputStream.write(data);
                } catch (IOException e) {
                    Log.w(TAG, "there occurred an error while sharing a file: " + e);
                }
            }
        };

        return openPipeHelper(uri, getType(uri), null, null, pipeDataWriter);
}

The full code is available on Github. In addition, please be aware to make the ShareContentProvider accessible to the calling app (i.e., grantUriPermission).

For OpenTracks, I ran, however, into another issue related to Android’s security. OpenTracks uses internally a ContentProvider that manages access to the internal SQLite database. My initial approach was to implemented the ShareContentProvider and let it forward requests to the internal ContentProvider (i.e., two separate instances), but both belonging to OpenTracks. In ShareContentProvider, I used getContext().getContentResolver() to access the internal ContentProvider. This works quite well. However, if ShareContentProvider receives a request from another app (access granted via temporary grantUriPermission), Android’s security infrastructure does not allow to forward requests to the internal ContentProvider. The reason is rather simple as the calling app only got permission for one URI managed ShareContentProvider and not for the internal ContentProvider URIs. One (im)possible solution would be to make the internal ContentProvder to be world readable (i.e., exported="true"), but this would expose all data of your app to all other installed apps. And this is an absolute no go!

I solved this issue by using only one ContentProvider for OpenTracks (i.e., merging ShareContentProvider and the internal ContentProvider). The resulting ContentProvider can then use himself to acquire the necessary data for file sharing URIs. The implementation is rather simple as ShareContentProvider inherits from the internal ContentProvider and forwards all internal requests to it’s parent. For convenience, ShareContentProvider has a static function to create a sharing URI as it later needs to parse the URI again.

OpenTracks can now share geo-data files with other map application without using temporary files.

Releasing OpenTracks

Some years ago, I was a happy user of Google’s MyTracks. It was a great application to track your sport and outdoor activities. The feature (I rarely used) I liked the most was that you could take pictures and these were included in the tracks. However, in 2016 Google decided to stop working on MyTracks and also removed it from the Play Store. Gladly, the source code of MyTracks was released as Open Source (Apache 2.0 license) and thus, theoretical, could be maintained further. However, nothing happened so far and while looking for a new spare-time project, I decided to revamp MyTracks. For me, it was and will be an interesting endeavour on restoring a fully matured Android application while adding/changin/removing features while keeping it maintainable.

The revamped version is now released as OpenTracks. OpenTracks will project vision is rather simple: privacy first, features second.

Following, this vision OpenTracks will not include functionality that will require Internet access. This also includes features like showing a recorded track on map.

Source code: Github

SQLServer STContains() performance

For some reason SQLServer 2017 is picky with regard to performance for geography comparisons.

The first statement seems is rather slow (seems to ignore spatial indeces) while the second one works impressively fast on my data.

SELECT *
FROM MyGeodata
WHERE MyGeoData.SHAPE.STContains(MyGeoData.POINT) <> 0

SELECT *
FROM MyGeodata
WHERE MyGeoData.SHAPE.STContains(MyGeoData.POINT) = 1

NOTE: I would prefer the first variant as technically NOT(False) is TRUE and TRUE is everything except 0.

SQLServer SQL to GeoJSON

Export GeoJSON via SQL from SQLServer. Based on this blog post on MSDN.

For export directly to a file this powershell script might be helpful: sqlserver-cmd-to-file.ps1

NOTE: I observed (not yet solved) issues, when I tried to export more than 1600 items. Seemed like a “this string is too long” problem.

SELECT 
--GeoJSON Header
  CONCAT('{ "type": "FeatureCollection", "features":', 
--Select POINTS
  (
    SELECT
     'Feature' AS type,
     'Point' AS [geometry.type],
     JSON_QUERY ( FORMATMESSAGE('[%s,%s]',
      FORMAT(yourX, N'0.##################################################'),
      FORMAT(yourY, N'0.##################################################'))
     ) AS [geometry.coordinates]
    FROM PutYourTableHere
    FOR JSON PATH
  ), 
--Close JSON HashMap
  '}'
  )

Downloading data from a webpage with login

Usually, downloading data from a webpage is straight forward. Just use your favorite tool and go (such as wget or curl). Sometimes, however, it is not that simple - especially if the webpage requires a login (this means not sending credentials as part of the URL).

The following code does a login and then downloads a webpage from such a webpage. It uses PhantomJS.

var page = require('webpage').create();
page.onResourceReceived = function(response) {
//  console.log('Response (#' + response.id + ', stage "' + response.stage + '"): ' + JSON.stringify(response));
};

//Start process: Login
page.open('https://LOGIN-URL', function(status) {
  if (status !== 'success') {
    console.log('Unable to access network');
    phantom.exit(-1);
  } else {
    console.log(page.url);

    //Set handler for the follow-up of the login request.
    page.onLoadFinished = downloadData;

    page.evaluate(function() {
       //Set credentials
       document.getElementById('USERNAME').value  = "USERNAME";
       document.getElementById('PASSWORD').value = "PASSWORD";
       //Trigger login request
       document.getElementById('Login').click();    
    });
  }
});

function downloadData(status) {
  console.log(status);
  console.log(page.content);

  page.onLoadFinished = undefined;

  //Download data
  page.open('https://DATA-URL', function(status) {
    console.log(page.content);
    phantom.exit(0);
  });
}

Mathematica 11.1: Issue parsing German characters using ImportString[]

German characters in ImportString[data, "RawJSON"] break during parsing. A string containing the German character “ß” (also tested “ä”) will be broken, ie., the letter as well as the following letters are not correct.

Affects Mathematica 11.1.

ImportString["{\"test1\":\"ABCäABC\",\"test2\":\"ABCßABC\"}", "RawJSON"]
<|"test1" -> "ABC。C", "test2" -> "ABCށBC"|>

This also remains using Export[].

Workaround: Association = ImportString[SOMTHING, "JSON"].

SeaBIOS on Libreboot via Grub2

Libreboot mainly offers Grub2 as payload (at least for Lenovo X60). That’s quite nice and often sufficient as one can start Linux.

The default startup procedure of Libreboot is first start a deblobbed coreboot, which then loads Grub2. Coreboot, Grub2, and all configuration are flashed to the bios chip. This ROM is actually a large binary blob, which includes the Coreboot File System (CBFS). During the boot process, coreboot loads the CBFS from the bios chip into the RAM. So, every subsequent bootloader can access this file system to load configuration files or even load subsequent bootloaders.

On my Lenovo X60, I now wanted to have the following start procedure: coreboot -> Grub2 -> SeaBIOS. The simplest solution would be to just add the SeaBIOS ROM to the CBFS and flash the new CBFS (e.g., here). However, I don’t like the risky procedure of flashing my hardware and potentially bricking it (Lenovo X60 with 64bit C2D are really rare).

This can be easily solved by using Grub2’s capability to access harddrives. Thus, SeaBIOS can be loaded from Grub2 (using a USB thumbdrive):

chainloader (usb0,msdos1)/bios.bin.elf
boot

This works, but as the VGA-rom is not available only debug output via serial port if configured will be shown (e.g., screen /dev/ttyUSB0 115200). For VGA support, the SeaVGABIOS needs to be findable by SeaBIOS. If SeaBIOS was compiled with CBFS support, it could be put into the CBFS and flash it - not an option for me.

I asked on the SeaBIOS mailing list, and Kevin O’Connor told me that SeaBIOS supports multiboot (recently implemented by Vladimir Serbinenko).

multiboot (usb0,msdos1)/bios.elf.bin
module (usb0,msdos1)/vgabios.bin name=vgaroms/seavgabios.bin
boot

This works like charm and configuration files for SeaBIOS can be provided using this approach.

How I build SeaBIOS with VGA support for the Lenovo X60:

1. git clone git://git.seabios.org/seabios.git (commit-id: d7adf6044a4c772b497e97272adf97426b34a249)
2. make menuconfig (all other options default)
3. General Features -> Build target: coreboot
4. General Features -> coreboot CBFS support: disabled
5. VGA ROM -> VGA Hardware Type: coreboot linear framebuffer
6. make

Please note that CBFS support should be disabled, because coreboot loaded a CBFS. Thus, SeaBIOS might also use CBFS provided ROMs and also other bootloaders (such as the provided Grub2).

This works like charm: even a Windows 10 installer start loading (but is not functional).

Tiny issue as of today: the keyboard of my X60 works in Grub2, but for SeaBIOS I needed to use a external USB keyboard.

8Bitdo: udev rules for game controller

8bitdo sells some really nice game controllers featuring USB as well as Bluetooth such as SNES30.

At least on Ubuntu, I needed to install custom udev-rules. Otherwise the controller is only recognized as keyboard with four keys.

The following udev-rules were taken from the here.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# If applications do NOT detect the 8Bitdo controller when connected via Bluetooth and won't even recognize manual binding, 
# fix this by adding these udev rules to force detection - https://github.com/paalfe/mixedcontent/blob/master/udev_rules.d/99-8bitdo-bluetooth-controllers.rules. 
# Add the udev rules file to "/etc/udev/rules.d/99-8bitdo-bluetooth-controllers.rules" and reboot. 
# Forum thread: http://libretro.com/forums/showthread.php?t=3649 
# Useful reading: https://hg.libsdl.org/SDL/file/704a0bfecf75/README-linux.txt

# 8Bitdo FC30 1P GamePad Bluetooth mode(START) mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo FC30 2P GamePad Bluetooth mode(START)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 II", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1" 

# 8Bitdo FC30 2P GamePad Bluetooth mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 II Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo SFC30 GamePad Bluetooth mode(START)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SFC30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo SFC30 GamePad Bluetooth mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SFC30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo NES30 GamePad Bluetooth mode(START)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo NES30 GamePad Bluetooth mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo SNES30 GamePad Bluetooth mode(START)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SNES30 GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo SNES30 GamePad Bluetooth mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo SNES30 GamePad Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo FC30 Pro GamePad Bluetooth mode(POWER) mode(POWER+R1)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo FC30 Pro", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo NES30 Pro GamePad Bluetooth mode(POWER)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 Pro", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo NES30 Pro GamePad Bluetooth mode(POWER+R1)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo NES30 Pro Joystick", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo FC30 Arcade Joystick Bluetooth mode(HOME)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo Joy", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

# 8Bitdo Zero GamePad Bluetooth mode(START) mode(START+R)
SUBSYSTEM=="input", ATTRS{name}=="8Bitdo Zero GamePad", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1"

Asterisk: Conferencing Server with LUA

Asterisk is a powerful telephone server. However, its configuration via extensions.conf is a little bit annoying, if you would really like to program your dialplan (e.g., if-then-else, read a file, execute some command line program, …). The diaplan can also be implemented using LUA: extensions.lua.

Here, is a short demo setup for a telephone conference server that is reachable via telephone number using sipgate.de and a lua-based dialplan.

The server registers at sipgate.de, who provide a telephone number for the server. All incoming calls at the server are forward to a telephone conference room.

I used this setup from Asterisk 11 until Asterisk 13 running on a FreeBSD 10.X.

sip.conf:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[general]
allowguest=no
alwaysauthreject=yes

canreinvite=no

disallow=allow
allow=g711

;SIPGATE This is the incoming uplink
register => USERNAME:PASSWORD@sipgate.de/USERNAME

[trunk_incoming]
type=peer
host=sipgate.de
context=trunk_incoming

extensions.lua:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
extensions = {}

extensions.trunk_incoming = {
    ["_X"] = function(c, e)
	app.playback("beep")
	
	app.read("room", "conf-getconfno")
	room = channel["room"]:get()
	if room == nil then
	    app.playback("beepErr")
	    app.hangup()
	end

	app.verbose("Conference room " .. room .. ": " .. channel.CALLERID("num"):get() .. " entered")
	app.playback("conf-enteringno")
	app.sayDigits(room, "f")
	
	app.confBridge(room)
    end;
}

NOTE: Asterisk does not reload the extensions.lua automatically even not using core reload. After configuration changes the module must be reloaded: module reload pbx_lua.so.

NOTE: The LUA-parser in Asterisk is very nitty-gritty. Be careful about using only spaces and align the code properly.

NOTE: The traffic is not encrypted. Take care of it yourself by setting up a IPSec-tunnel!

Panasonic KX-2123 with KX-PT10

Still working like a boss: just got a 20 year old dot-matrix printer.

It is a Panasonic KX-2123 with an additional cut sheet feeder KX-PT10.

Pitfalls in SVG Positioning

_Update_: SVGGraphicsElement.getTransformToElement() was removed from the current draft.

In difference to pixel-based images formats, like JPEG or PNG, do SVG images allow to add animations, can be programmed and can react to user input. If an SVG image is embedded in a webpage, such an image can be modified with JavaScript as needed. For example change the text, color or change position of elements in the image.

In SVG elements can be positioned with by setting their a) x/y-coordinates and b) using transform. Whereas the first just sets the coordinates relative to the current coordinate system of the object, transform modifies the coordinate system for all this object and all childs.

Positioning via coordinates only:

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="300" height="80">
  <rect x="160" y="10" width="60" height="60" fill="blue"/>
  <rect x="230" y="10" width="60" height="60" fill="green"/>
</svg>

Positioning via transform=”translate(x, y)”:

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="400" height="80">
  <rect x="0" y="0" width="60" height="60" fill="gray" transform="translate(0, 0)"/>
  <rect x="0" y="0" width="60" height="60" fill="green" transform="translate(120, 0)"/>
</svg>

Both images are rendered exactly the same and from a viewer’s perspective are therefore equal. However, those are not equal from a programmatic perspective they are not.

TL;DR: When you need to re-position SVG-elements, try to avoid transform.

Here is an example with three rectangles. id=”rect1” and id=”rect3” are positioned via coordinates whereas id=”rect2” and id=”rect2-inner” are positioned via transform(s).

Two functions are required without transform svg-object.getBBox() and with transform svg-object.getTransformToElement(svg-object). The first, returns the minimal rectangle that contains the current object including x/y-coordinates. The second, calculates the shift between the virtual coordinate systems due to transform.

var rect1 = document.getElementById("rect1")
var rect2 = document.getElementById("rect2");
var rect2inner = document.getElementById("rect2-inner");
var rect3 = document.getElementById("rect3");
var rect3inner = document.getElementById("rect3-inner");

rect3.getTransformToElement(rect1).e //x-shift = 0 (no transform)
rect2.getTransformToElement(rect1).e //x-shift = 120 (transform)
rect2inner.getTransformToElement(rect1).e //x-shift = 120 (transform)

//Get x-coordinates _relative_ each coordinate system.
rect1.getBBox().x //0
rect2.getBBox().x //0 (moved by transform)
rect2inner.getBBox().x //15 (moved by transform AND x)
rect3.getBBox().x //240

//Move rect3inner to center of rect1: x-only (no transform)
rect3inner.setAttributeNS(null, "transform", "translate(" + (rect1.getBBox().x - rect3inner.getBBox().x + rect3inner.getBBox().width/2) + ",0)");
//Move rect2inner to center of rect3: x-only (transform)
transform = rect2inner.getTransformToElement(rect3)
rect2inner.setAttributeNS(null, "transform", "translate(" + (-transform.e + Math.abs(rect3.getBBox().x + rect2inner.getBBox().x) - rect2inner.getBBox().width/2) + ",0)");

In the end both approaches work, but applying transform in addition makes moving more complicated. And as their are nicer things to do than debugging SVGs - try to avoid transform or at least RTFM.

NOTE: For some SVGs (created with (Inkscape)[https://inkscape.org]), I had some trouble due to transform (getTransformToElement() always returned the same values although different transform were applied). Inkscape removes transform attributes, when grouping and then ungroup elements; x/y-coordinates are re-calculated appropriately.

Tag 6 - oder das Ende

Laut Karte sollte der Tag eigentlich nicht so schlimm werden - ging erst nur bergab und dann nochmal fies bergauf. Zwischendurch musste ich allerdings feststellen, dass das Winterjöchli zwar bergab geht, aber keine fahrbahre Strecke ist. Also 1 Stunde das Rad an den Kühen vorbei getragen. Als das vorbei war ging es runter ins Tal und wieder rauf. Diesen kleinen Berg hatte ich leider übersehen…

Knapp 2 Stunden später begann ich den Aufstieg zur Heilbronner Hütte. Schön ist anders - mir ist nicht ganz klar, wie man diese Strecke runter fahren soll.

Und irgendwann hatte ich beschlossen bis nach Oberstdorf weiter zu fahren - es gibt nur eine Bahn nach Berlin und die geht um 9:40… Bei der Hütte angekommen habe ich dann kurz Bescheid gesagt, dass ich nicht da bleibe sondern gleich nach Oberstdorf weitermache. Es war ja erst 17:30 und Sonnenuntergang erst um 21:14. Was kann da schon schief gehen. Also wieder runter ins Tal und rauf auf den Schroffenpass (Tragen) und wieder runter (Schieben).

An der ersten Hütte nach dem Pass bekam ich einen Liter frischer Milch - frisch aus der Kuh - und dann ging es mit 30+kmh runter nach Oberstdorf.

Das Ende.

Nachtrag:

Eine Übernachtung habe ich spontan gefunden (schickes Hotel und sehr netter Besitzer). Das Bahnpersonal am kommenden Tag war auch sehr freundlich (Fahrradkarte können wir nicht mehr buchen, aber sprich mal mit dem Zugpersonal). Und dann ging es nach Hause!

Tag 5 - oder Radwandern

Die Tour startete mit einer  ziemlichen Hochpass. Cooles Gelände, guter Ausblick und  es ging nur bergab. Bis ins Tal war ich mit einem Heilbronner unterwegs gewesen.

Und dann begann das Schieben. Ich habe heute das Rad so knapp 4 Stunden geschoben - erst die Straße hoch, dann einen fiesen Gebirgspass hoch und dann zum Schluss zur Hütte. Zwischendurch war das Rad ein echt guter Wanderstock…

Am Nachmittag ging es dann durch malerische Landschaft abwärts.

Und es gab den ersten Defekt. Zwischendurch hatte sich mein Schnellspanner am Hinterrad gelöst. Autsch. Ist aber nichts passiert - hatte mich schon gewundert, warum die Bremse sich so komisch anfühlte.

Zum Schluß ging es dann wieder bergauf… Hat aber alles gut geklappt. Zwischendurch gab es noch Mittag in Form von Frischeiwaffeln und Schokomilch - vorzüglich.

Also der harte Teil der Tour ist geschafft. War aber ein echt guter Tag!

Aktueller Standort: Heilbronner Hütte

Over and out.

Tag 4 - oder Motivation?

Die Tour heute habe ich auch ein wenig vereinfacht - bevor mich gleich ins Gelände zu begeben, bin ich einfach die Straße bergab gerollt und nur den Anstieg zur Hütte gemacht. Bergauf war meine Motivation echt am Ende - ich kam nicht vom Fleck und war nur am schwitzen. Dann habe ich noch einen Mitstreiter gefunden und wir sind zusammen bis zur Hütte rauf. Zwischendurch noch Cola auf einer Alm und dann Mittag - war dann echt ein guter Tag! Mein Mitstreiter ist dann am Nachmittag noch weiter auf seiner Rundtour zurück ins Tal.

Ich bin dann noch zu Fuss ein wenig den Berg hoch und habe mir ein paar Murmeltiere angeschaut.

Und das war der Ausblick.

]

Aktueller Standort: Sesvenah Hütte

Over and out.

Tag 3 - oder nicht einen Meter hoch

Nach der Abkürzung gestern habe ich gleich so weitergemacht. Hoch auf das Stilfser Joch mit dem Rad war einfach nicht drin - also auf zum Busbahnhof und feststellen, dass es leider keinen Bus gibt. Ich habe allerdings echt viel Glück gehabt! Ein italienische Gruppen von Mountainbikefahrern hatte einen Bus gechartert, um einen Junggesellenabschied zu begehen - also rein in den Bus und es ging los.

Die Fahrt dauerte knapp eine Stunden und dann waren wir oben. Leider wurde eines der Fahrräder beschädigt - einige Bikes hingen hinten am Bus und bei einem hat der heiße Auspuff den hinteren Mantel angeschmolzen.

]

Oben angekommen, begann eine echt langweilige Abfahrt mit glühenden Bremsschreiben. Einfach nur runter den Asphalt und alle paar Meter Pause machen, damit die Bremsen abkühlen. Einen kurzen Trail habe ich dann zum Glück noch gefunden.

Dann war ich schon im Tal und im Hotel - es war kurz vor 12. Also noch eine Stunden wandern und dann den Nachmittag einfach nur rumliegen - nur mal den Ausblick genießen.

Aktueller Standort: Trafoi

Over and out.

Tag 2 - oder das gute Gefühl im Bus zu sitzen

Ich bin heute los und mir war schon klar, dass die geplante Route nicht machbar war. Ich hätte mich einfach zwischendurch in die Gegend gelegt und wäre dann bis morgen liegen geblieben. Hier die Stelle der Entscheidung - irgendwo 10km später fängt da richtig fieses Gelände an (bergauf).

]

Also in den sauren Apfel gebissen und Landstraße. War trotzdem ein sehr zäher Prozess, aber mit guter Aussicht.

Und dann eine kolossale Fehlentscheidung meinerseits - statt wie geplant den ursprünglichen Pass (wie laut Tour geplant) zunehmen, habe ich gepokert und wollte den folgenden nehmen. Naja. Auf dem Weg dahin ging es auf der Straße richtig bergab und damit hatte ich keine reale Chance mehr. Also rein in den Bus…

Aber sind hier alle sehr hilfsbereit und Kommunikation mit Händen, Füßen und Landkarten kein Problem.

PS: Fotos der Straße habe ich keine gemacht.

Aktueller Standort: Bormio

Over and out.

Tag 1 - oder Hügel werden zu Bergen

Heute ging es richtig los. Am Anfang war es nur Bundesstraßen (eher umspannenden). Trotzdem Klasse, weil es ging nur bergauf. Also Musik ins Ohr und los geht es.

Dann tauchte links plötzlich ein ziemlich blauer See auf und ich war bei dem strahlenden Sonnenschein fast baden - hätte nur zu lange gedauert.

Und so sieht eine ziemlich spektakuläre Straße aus (links ging es ziemlich runter).

Zwischendurch musste ich mich durch eine Rudel Bergziegen(?) schleichen und später gab es dann auch freilaufende Kühe - wie in der Werbung.

Ansonsten war der Tag echt lang. Irgendwann war selbst der kleinste Hügel enorm und an vielen Stellen hab ich dann einfach geschoben. Ich muss unbedingt meine Kräfte besser einteilen. Auf jeden Fall einen Hammer Ausblick und wenn es bergab geht, ist die Welt ziemlich in Ordnung.

Aktueller Standort: Dimaro.

Over and out.

Tag 0 - Anfang vom Ende

Geht los. Heute schon einmal einen Bahn-Marathon erledigt - 14 Stunden sitzen, warten und umsteigen sind richtig lang.

Hat aber alles einwandfrei funktioniert. Und zwischendurch traf ich noch zur Abwechslung den Orient-Express (im Bahnhof Innsbruck). Der Zug ist schon ein eindrucksvolles Gefährt!

Und am Ende bin ich gut angekommen. Allerdings ist der erste Eindruck Gardasee - Wolkenbruch. Oder falls das geht: Wolkenbrüche. Stand auch nicht im Wetterbericht. Bin also auf Präzision die kommenden Tage gespannt.

Ansonsten sind die Berge schon eindrucksvoll und die Ortschaft Arco echt cool. Ist so ein kleines italienisches Örtchen mit viel Flair. Und gutes Essen und nette Gastgeber gibt es hier auch.

Over and out

Subjective Quality of Webpage Loading: The Impact of Delayed and Missing Elements on Quality Ratings and Task Completion Time

Simulating adaptive video coding

For a subjective user study on temporal effects of varying system performance, I needed to create a video with varying video encoding bandwidth, e.g. up to min 3 take 2 Mbit/s and then for 1 min 0.5 Mbit/s.

This can be easily achieved using ffmpeg/avconv:

//1. (optional) Determine keyframe position using _ffprobe_ ([see](http://superuser.com/questions/554620/how-to-get-time-stamp-of-closest-keyframe-before-a-given-timestamp-with-ffmpeg)
ffprobe -select_streams v -show_frames -v quiet VIDEO | awk -F= ' 
  /pict_type=/ { if (index($2, "I")) { i=1; } else { i=0; } } 
  /pkt_pts_time/ { if (i && ($2 >= 150)) print $2; } ' | head -n 1

//2. Encode all parts of the video
ffmpeg -i VIDEO -ss  0  -to 180 -b:v 2M  PART1
ffmpeg -i VIDEO -ss 180 -to 240 -b:v 1M PART2
ffmpeg -i VIDEO ...

//3. Paste all parts together (replace xx accordingly)
ffmpeg -i PART1 -i PART2 ... -i PARTxx -filter_complex '[0:0] [1:0] ... [xx:0] concat=n=xx:v=1 [v]' -map '[v]' -b:v 20M VIDEO_RECODED

//At this point the video encoding bandwidth should be rather big (here 20Mbit/s), so the introduced articifacts are encoded properly.

//4. Verify that video is frame identical
//If the cut timestamps are not correct, single frames might be dropped and thus audio and video get asynchronuous.
//For this cut one frame (best almost at the end with same motion) and save it for the original and the transcoded video.
//When comparing those they should look identical (especially viewing angle) except for additional coding artificats.
ffmpeg -ss 00:34:00 -t 1 -i VIDEO -f mjpeg VIDEO.jpg
ffmpeg -ss 00:34:00 -t 1 -i VIDEO_RECODED -f mjpeg VIDEO_RECODED.jpg

//5. (optional) Re-add the audio from original VIDEO
ffmpeg -i VIDEO_RECODED -i VIDEO -map 0:0 -map 1:1 -c:a copy -c:v copy 

FreeBSD 10: Downgrading a packet with pkg

I needed to downgrade a package (Asterisk) on a FreeBSD 10.1. After an update I found that my configuration had some issues.

Actually, pkg makes downgrading a package (incl. it’s dependencies) a very convenient task. Just get the YOURFAV.VERSION.xz for your desired version (take a look into /var/pkg/cache).

And then run:

pkg install YOURFAV.VERSION.xz

After downgrading everything and searching for ours I found the mistake: spelling errors in a configuration file.

Methods for assessing the Quality of Transmitted Speech and of Speech Communication Services

Degrading calls: connecting Asterisk through JACK with Puredata

Sometimes it is necessary to get access to the audio of a VoIP telephony connection (more precisely SIP/RTP). My reason for this is quite simple: for laboratory studies on subjective quality of telephony, I need be able to introduce degradations like noise and speaker echo.

This is a short howto (for Ubuntu 14.04) to let Asterisk run in proxy mode (directmedia=no), route the audio via JACK to Puredata and back. In Puredata then audio can be modified as needed.

1. Install software:

sudo apt-get install asterisk qjackctl puredata

1. Setup realtime for group audio (optional)

   If you need realtime for JACK, then enable it.

2. Configure Asterisk

   Configure one extension (phone number) that:

3. answers the call
4. enables JACK for the caller to callee channel,
5. then dials the callee,
6. and on answering enables JACK for the callee to caller channel using a post dial macro.

The i(…) and o(…) tell asterisk to connect directly to the defined JACK ports - thus PD should already be running.

extensions = {
    default = {

	["_XX"] = function(c, e)
	    app.answer()
	    channel.JACK_HOOK("manipulate,i(pure_data_0:input0),o(pure_data_0:output0)"):set("on")
	    app.dial("SIP/" .. e, nil, "M(jack)")
	end;
    };
    ["macro-jack"] = {
	["s"] = function(c, e)
	    channel.JACK_HOOK("manipulate,i(pure_data_0:input1),o(pure_data_0:output1)"):set("on")
	end;
    };
}

Reload the configuration:

asterisk -rx "core reload"
asterisk -rx "module reload pbx_lua.so"

ATTENTION: If JACK is not running and the asterisk JACK application is thus failing to connect, it fail silently by just emitting a warning and audio is passed on directly.

1. Start JACK and Puredata

   All applications connecting to a JACK server running as user X need also to run as X. As Asterisk is running as user asterisk simply start JACK and Puredata as user asterisk.

###JACK Start JACK either directly or using qjackctl as user asterisk. If you need realtime, enable it properly.

sudo -u asterisk "jackd --no-realtime -d dummy"

Dummy is used as backend as I do not need local sound output from JACK - if you want it use Alsa instead.

###Puredata Start Puredata as user asterisk and connect to JACK.

sudo -u asterisk bash pd -jack YourPatchFileHereOrNot

Then just enable DSP or do automatically.

Puredata version before 0.46 Overwriting the HOME-variable is necessary for Puredata version less than version 0.46, which will be included in Ubuntu 15.04. Otherwise the UI is not loaded as reading the config-files fails and the UI process stops.

sudo -u asterisk bash
> HOME=/tmp
> pd -jack YourPatchFileHereOrNot

Have fun.

Known issues:

1. Asterisk Version prior 13 are limited to 8000Hz for interaction with JACK - see here.
2. If JACK is not running Asterisk just ignores it and the call continues without.
3. Due to the large numbers of buffers involved a relatively high delay is to be expected - a guess is ~80-100ms.

Asterisk: Enabling JACK connectivity to be (super-)wideband

During the summer I found that the JACK application of Asterisk (prior version 12; I used 11) only supported narrowband (8000Hhz). In general is the JACK application nothing else than two buffers incl. two resamplers (to and from JACK).

For the wideband case Asterisk was downsampling to 8000Hz handing the data to the JACK application, which resampled and handed over to JACK and vice versa.

I found that three things needed to be changed:

1. Prevent Asterisk from downsampling to 8000Hz
2. Dynamic buffer sizes depending on Asterisk and JACK sampling frequency
3. Resampling parameters

After that the necessary changes were straight forward and the patch made it into Asterisk 13. The functionality can be easily backported to Asterisk 11 by just replacing apps/app_jack.c using the one of Asterisk 13. Just follow this procedure (on Debian/Ubuntu).

Web-QoE under real-world distractions: Two test cases

Modelling Multi-episodic Quality Perception for Different telecommunication Services: First Insights

ITU-T P.851: Continuous assessment scale as Inkscape/SVG

The continuous quality assessment scale defined in ITU-T P.851, p.19).

Inkscape version for download

License: CC-BY-SA

My Cube Reaction SC Pro Race Line (20") was stolen on 23th July 2014

On 23th July 2014 my Cube bike was stolen in Berlin. The serial number of the frame is A6G99079.

Asterisk using LUA: How to pre-dial and macro (incl. parameters)

Asterisk allows to implement a dialplan in Lua.

It works quite well, if you are aware that the parser is very nitpicking againt indentation: always use either spaces or tabs. The Asterisk documentation gives a a nice overview how to use Lua.

Macros and Pre-Dial-Handler are missing there, but they are quite useful… Here is the syntax example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
extensions = {
	["macro-mhandler"] = {
		["s"] = function(c, e)
			app.verbose("Hello Macro!")
			app.verbose("Got parameter: " .. channel["ARG1"]:get())
		end;
	};

	predial = {
		["phandler"] = function(c, e)
			app.verbose("Hello Pre-dial!")
		end;
	};

	default = {
		["_X"] = function(c, e)
			app.dial("SIP/" .. e, nil, "B(predial,phandler,1)M(mhandler^Put your parameter here)")
		end;
	};
}

PPA for Ubuntu: SIP-Tools.

The SIP-Tools PPA https://launchpad.net/~dennis.guse/+archive/sip-tools now contains:

• PJSIP
• ITU-T STL 2009
• ITU-T PESQ

If you have some problems with PJSIP, please report them to the mailing list.

Maintenance of the PPA will be done only for the current Ubuntu release (as of this writing: Trusty).

To install a package from the PPA do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install "Whatever you need"

PJSIP 2.21 for Ubuntu Trusty via PPA

PJSIP 2.21 (svn4852) is now available via PPA:

https://launchpad.net/~dennis.guse/+archive/sip-tools

Features:

• Python 2.7 bindings (pjsua and pjsua2)
• OpenSSL
• Video support (also python-pjsua: thanks to Frank Haase)

On Ubuntu do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install libpjsip-samples python-pjsua python-pjsua2

HTML: which letter was clicked in text?

For my spare-time project TheSchreibmaschine I need to get the position of the letter in a div that was clicked.

Limitation: it is not possible to add additional childs to the div.

1
<div>This is some awesome text</div>

The solution is actually quite straight forward: just capture the mouse event and ask the document to calculate the caret-position using the mouse coordinates.

Here is the solution I adopted:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
function insertBreakAtPoint(e) {

    var range;
    var textNode;
    var offset;

    if (document.caretPositionFromPoint) {    // standard
	range = document.caretPositionFromPoint(e.pageX, e.pageY);
	textNode = range.offsetNode;
	offset = range.offset;
    } else if (document.caretRangeFromPoint) {    // WebKit
	range = document.caretRangeFromPoint(e.pageX, e.pageY);
	textNode = range.startContainer;
	offset = range.startOffset;
    }
    // do whatever you wanted here!
}

There is one limitation (at least I have a small problem in Chromium) that the range.textNode must not necessarily identical to the one that was clicked: the contained text might be shorter than expected.

The reason for that remained unknown. I just did the access via range.textNode.parentElement.firstChild as in my case the div only has one child, which is the text.

For further reference the stackoverflow. Thanks to @TimDown.

Asterisk: SIP Presence is only partly supported

Asterisk 11 and following added support for publishing/distributing the presence of an extension. This enhances the hints, which are so faronly server-generate extension states, e.g. idle, unavailable, busy. Actually the presence can be set for an extension independant how this extension is connected to the system.

So far the functionality was limited to exten => _X,hint,SIP/${EXTEN}, which gives you server-side generated extension states. Now the presence state can be set for an extension using the dial plan function/variable PRESENCE_STATE().

In my case, clients are only connecting via SIP and can now subscribe for presence states of their buddies (in this case extensions). Works like charm.

However: The presence state cannot be updated the SIP way by a SIP client for the used extension (which is denoted by a hint). Asterisk does not SUBSCRIBE on the presence state of the client, when it registers.

Thus the client does not know that Asterisk would be interested in his presence state and therefore does not NOTIFY Asterisk, if his presence state changes. And now Asterisk cannot inform all other clients that are subscribed on this extension…

At the moment Asterisk only allows to set the presence state it presents for an extensions using the PRESENCE_STATE() and sadly not the SIP way.

Olle E. Johansson confirmed the behavior on the Asterisk mailing list.

Asterisk only implements 50% of RFC 3856.

Again: Thanks to Frank Haase for his support and wisdom!

Update reported to Asterisk.

PJSIP Automatic Gain Control

PJSIP contains an un-documentated feature that does volume adjustments during media-flow.

The conference bridge contains a very basic Automatic Gain Control that adjusts the volume level of each to-be-mixed signals, if the volume difference to the previous frame is to large.

It is however implement as define-directive in the C-code and thus enabled during compile time.

Here is the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
#define ATTACK_A    (conf->clock_rate / conf->samples_per_frame)
#define ATTACK_B    1
#define DECAY_A	    0
#define DECAY_B	    1

#define SIMPLE_AGC(last, target) \
    if (target >= last) \
    target = (ATTACK_A*(last+1)+ATTACK_B*target)/(ATTACK_A+ATTACK_B); \
    else \
    target = (DECAY_A*last+DECAY_B*target)/(DECAY_A+DECAY_B)

#define MAX_LEVEL   (32767)
#define MIN_LEVEL   (-32768)

#define IS_OVERFLOW(s) ((s > MAX_LEVEL) || (s < MIN_LEVEL))

The investigation for this feature started as some severe “quality changes” (during a call the sound got quantizied heavily with a lower volume) unexpectetedly occured using PJSIP under perfect conditions:

• Edirol UA-25EX
• Beyer Dynamics DT-290
• noise-free room (laboratory)
• Dummy head
• Operation System: Ubuntu 13.10

Finding and disabling the AGC lead us to another issue that was masked by it. Somehow the EchoCanceler kicks in after around 5s seconds of continuous speech and the resulting signal is sounds heavily reduced in volume (spectogram is similar to original signal). And the AGC increases the volume again fast enough leading to “quantisation“-like sound.

So disabling the EchoCanceler (a runtime option) as well as (just to be sure) the AGC fixes the problem.

Thanks to Frank Haase for his support and wisdom!

Temporal Development of Quality of Experience

Disable Asterisk call loop detection: SIP 482 check

UPDATE: This patch is not required on Asterisk 11.7 upwards.

Asterisk 1.8 does not allow to loop sip calls. This is in fact the correct behavior as specified in the SIP RFC. However, in some cases this might be very well the behavior that someone wants. What loop detection prevents is essentially that an Asterisk instance does not accept an incoming call that was triggered by himself. This might be necessary, if the Asterisk:

• Tries to call himself (I had a good reason to do this)
• Asterisk tries to make a SIP call to another SIP peer, but the call is routed back to the Asterisk. This might happen if Asterisk registers with two or more accounts at an external SIP provider and one of account tries to call the other.

How to disable loop detection There is no default option provided to deactivate this feature (as this should only be done, if you know what you are doing). Loop detection is done in

channel/chan_sip.c in function handle_request_invite(…)

On line 22325 (Asterisk 1.8) a check is done, if loop detection should be done. You can also search for 482 Loop Detected. If this if-statement is disabled (add 0 == 1 &&) or removed, no loop detection will be done. Re-compile and install as I described here.

I am using Asterisk for Transcoding twice in the same instance.

Basically Asterisk fowards an incoming SIP-call to himself (setting SIP_CODEC_OUTBOUND to whatever I needed) and then relays the call to the callee:

Caller Client –(slin) -> Asterisk –(whatever) -> Asterisk –(slin) -> Callee Client

Patch a asterisk module without breaking package management on Ubuntu

I needed to modify one module (chan_sip) of Asterisk, but was to lazy to download and install Asterisk manually.

• Install build-tools

  apt-get install build-essential

• Get the source and build dependencies

  apt-get source asterisk apt-get build-dep asterisk

• Patch or do whatever you wanted.
• Re-compile Asterisk

  dpkg-buildpackage -rfakeroot -b

• Install the Asterisk module

  cp channels/chan_sip.so /usr/lib/asterisk/modules/

PS: Was done on Ubuntu 13.10 and Ubuntu 14.04.

Bringing your contacts to a Nokia 7110

I just needed a new phone and decided to go for cool solution: Nokia 7110 (v4.84). I got one including serial data cable + dock and the only thing missing was: how do I get my contacts on the phone without typing?

The answer was quite simply: export your address book as vCard and send it to the phone via gnokii on an Ubuntu.

• Get your address book Export it somehow: I tried Evolution as well as GMail web-interface (both work).
• Get a serial port Setting up the serial port on my Lenovo X60 was not straight forward, but now it works… (Really depends on your hardware)
• Connect to phone Use minicom and check if the phone replies to AT commands
• Configure gnokii

1
2
3
4
5
6
[global]
port = /dev/ttyS0
model = 7110
connection = serial
use_locking = yes
serial_baudrate = 9600

• Use gnokii to read/write your address book gnokii –deletephonebook ME 1 200 gnokii –writephonebook -o –vcard > addressbook.vcf

The Nokia 7110 has a bug: the vCard-parser is broken… So, I needed to fix my addressbook: basically remove all not needed data (emails, addresses, birthdays etc.). I implemented a small python-script using vObject.

It reads from stdin and writes to stdout:

cat addressbook.vcf

python script.py

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/usr/bin/python
#encoding=UTF-8

import vobject
import sys
import inspect

#Remove entries except in list for one vcard.
def vcard3_remove_all_entries_except(vcard):
   allowedEntries = {'version', 'fn', 'tel', 'categories'}
   entries_dict = vcard.contents
   for key in entries_dict.keys():
       if key not in allowedEntries:
           del entries_dict[key]

importedVCards = vobject.readComponents("".join(sys.stdin.readlines()))
try:
    while (True):
        vcard = importedVCards.next()
        vcard3_remove_all_entries_except(vcard)
        vcard.add('n');
        try:
            print(vcard.serialize())
        except Exception as e:
            print(e)
except StopIteration:
    None

Sync with style:

cat contacts.vcf

python import.py

gnokii –writephonebook -o –vcard

And a tutorial to clean the Nokia 7110 can be found here.

Transcode MKV (h264) with multiple audio streams to MP4 (AAC)

Transcoding MKV containers using avconv to MP4, so that the files can be processed with Adobe Premiere. The following command copies the video stream (should already be in h264) and convert all audio streams to AAC. All audio streams are sampled to 6 channels (even if the source is only stereo).

avconv -i INPUT.mkv -c:v copy -map 0:0 -c:a aac -map 0:1 -map 0:2 -ab 448k -ac 6 OUTPUT.mp4

The example is for 2 audio streams; just add more -map commands as needed.

PJSIP 2.1 for Ubuntu (PPA) with video support

I am happy to announce that PJSIP 2.1 is packed for Ubuntu 13.10 including Video support.

PPA here: https://launchpad.net/~dennis.guse/+archive/sip-tools

On Ubuntu do the following:

sudo add-apt-repository ppa:dennis.guse/sip-tools
sudo apt-get update
sudo apt-get install libpjsip-samples python-pjsip

Samples reside then in /usr/lib/libpjsip-samples/

Features:

• Python 2.7 bindings
• SSL
• (new) Video support
• (new) vidgui sample application [is patched]

Next steps:

• Add x264
• Python bindings: Add video support
• Python bindings: Bump bindings to Python 3.X

openHKP [initial release]

OpenHKP release mail send to openPGP.js:

Hey, first of all thanks for building openpgp.js! Some weeks ago I started using openpgp.js and found it pretty convenient. However, I missed one feature: the interaction with PGP-Keyserver. Long story short: As the keyserver protocol (HKP) is basically HTTP, I created a brief implementation in Javascript: https://gitorious.org/openhkp-js/openhkp-js Furthermore, I setup a CORS-enabled proxy for some keyservers: http://g00se.indus.uberspace.de/

The implementation is based upon: http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00

Asterisk: Accepted Patch

First contribution to Asterisk (implemented together with Frank Haase):

For video calls, we would like to set the codecs in the dialplan using *SIP_CODEC. However, if SIP_CODEC is set, all codecs except the ONE set are disallowed and thus either audio or video is available.Attached is a patch for 11.4 that allows SIP_CODEC to contain a list of codecs , e.g. “gsm,h264”.*

https://issues.asterisk.org/jira/browse/ASTERISK-21976 is accepted: https://reviewboard.asterisk.org/r/2728

Thanks to Matt Jordan and Rusty Newton (both Digium) for their reviews.

PJSIP library package for Ubuntu

I find it pretty annoying to compile PJSIP on all hosts that I use by hand. It is quite error-prone and the procedure is quite time-consuming. So, I created the scripts to setup an Ubuntu packet (at the moment only 13.04). It is available as PPA here: https://launchpad.net/~dennis.guse/+archive/sip-tools

On Ubuntu do the following:

sudo add-apt-repository ppa:dennisguse/sip-tools sudo apt-get update sudo apt-get install libpjsip-dev python-pjsip

Features:

• Python-bindings
• SSL

Missing Features:

• Video (some dependencies are missing in Ubuntu 13.04 and will come with 13.10).

Reverse proxy with CORS with Apache2

For the implementation of a Javascript-Client, I needed a CORS enabled reverse-proxy.

Uses apache2 and mod_rewrite and mod_headers must be loaded.

Via VirtualHost:

1
2
3
4
5
6
7
8
9
10
11
12
13
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so

<virtualhost 127.0.0.1:80>
  ProxyRequests Off
  ProxyPass / http://URL
  ProxyPassReverse / http://URL
  
  Header set Access-Control-Allow-Origin "*
  Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"

</virtualhost>

Via .htaccess:

1
2
3
4
5
6
RewriteEngine  on
RewriteBase /
RewriteRule  ^(.*)  http://URL  [P,L,QSA]

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Origin, Content-Type, Accept"

PS: Be aware of the security implications!

Macro-temporal development of QoE: impact of varying performance on QoE over multiple interactions

Pairing Bluetooth Keyboard on Windows and Linux using the same receiver

Found a solution on the web with authenticated connections here (the original description is far more detailed).

Short description (so that it is still available for me ;) ):

• Pair with (each) Linux
• Pair with Windows
• Extract authentication key from Windows from windows registry (stored in Windows/System32/config/system) using libhivex-bin

hivexml system | perl -ane 's/</\n</g; print' | grep -i 'key="YOUR BLUETOOTH ID WITHOUT : "'

• Decode the content of xml-entity with Base64
• Replace Linux authentication key with the extracteted version Linux /var/lib/bluetooth/RECEIVERID/linkkeys
• Restart Bluetooth service

sudo service bluetooth restart

I can confirm that this works using Ubuntu 12.10 and Windows 8 with a Apple Wireless Keyboard.

Alternative solution without authentication (I WOULD NOT RECOMMEND THIS FOR A KEYBOARD) can be found here.

UPDATE: Still works with 13.04

HTML JS publish click-events to all childs

I have tables with one radio button per cell and its quite annoying to aim at the radio button completely…

1
2
3
<td onclick="
  for (var i in this.childNodes)
    if(typeof this.childNodes[i].click === 'function') this.childNodes[i].click();"><input type="radio" >Just clickable text</td>

CSipSimple - Getting started to hack it (tailor to my needs)

Just one or two things I need to remember about CSipSimple:

Infrastructure:

• SipStack runs in background (communication via Parcable interface). It interacts with PJSIP. Important there is a watchdog timer (about 5s)!
• pjsua.java, pjsuaConstants is the SWIG generated interface to PJSIP
• Native functions never return boolean, check for pjSuaConstants.PJ_SUCCESS
• Be aware of string exchange with the native stack: PjSipService.pjStrToString(…)
• UAStateReceiver.java does the call creation and everything related to SipStack
• PjSipService.java is deeply integrated with UAStateReceiver.java (for example does recording…)

UI:

• CustomDistribution.java defines some things for fast modifying the behavior
• Main screen is created in SipHome.java (incl. the slidable tabs) To remove tabs, just disable tab.add (except for the warning tab and the message tab [message disable in CustomDistribution.java]: may be triggered from outside)
• Notifications are handled in SipNotifications.java (but from Sip-Thread)
• DialerFragment.java is the dialer incl. call button and account switcher… Here the re-dial functionality is missing… (press the call button twice without number should redial previous number)
• InCallActivity.java :) Important call setup is done BEFORE launching the InCallActivity via SipManager.ACTION_SIP_CALL_UI from UAStateReceiver.launchCallHandler(…). There is even a activity start delay of 2000ms (UAStateReceiver.LAUNCH_TRIGGER_DELAY). I think it’s not nice!!!! Because a user may hear sound of before the UI is ready, but there is might be a problem with race conditions…
• InCallControls.java is the ui element on the bottom of InCallActivity to control Bluetooth and loudspeaker etc. (Deeply integrated with InCallActivity: sadly NO MVC…)
• InCall.java is also related to Dialer

Bluetooth Remote Control for Windows Media Center

After years of using my Bluetooth mouse to control Windows Media Center (WMC) from my couch - I figured out that I needed a proper remote control (actually I visited a friend who used the IR remote of WMC). After endless time of searching I found the PS3 remote (Sony employs Bluetooth yeah) and it works with WMC using a small program that translates the game controller HID events to actual keystrokes.

It is called PS3BluMote and written by Ben Barron. As Ben’s website was not reachable, I compiled from using VS2012 - took me about 2min. And it works perfectly - I only need to figure out good keymapping (WMC key shortcuts are available here). In fact, I recommend to use for play/pause, skip and volume control the windows events (in PS3BlueMote: Media_) and not the WMC shortcuts - in this way also VLC and other players can be controlled.

Here are some additional startup options for WMC: I created a shortcut to go to the music section directly.

PS: I use it on Windows 8 Pro with WMC

(Rails3) ActiveRecords: how to implement a constructor and init own attributes

Today I encountered two nasty things during Rails development. My idea was to create a generic model class (< ActiveRecord:Base) that on creation create the current timestamp. It is not possible to override initialize (at least it is doing nothing) as it is an ActiveRecord:Base.

I found the callback after_initialize defined by ActiveRecord, which is however not the correct way anymore. You should use it in macro style (source).

The next problem is that ActiveRecord overwrites the accessors and because ruby is not using the accessors by default if you are in the object, it must be called explicitely. This works for me:

1
2
3
4
5
6
7
8
class A < ActiveRecord::Base
  attr_accessible :a
  after_initialize :init
  def init
    @a = "a"
    self[:a] = "b"
  end
end

Using GoogleDocs as Team editor for Latex-files

We wrote our last project paper using Latex which creates very nice looking documents, but is absolutely painful to work in teams. Even using a code management system like SVN/GIT won’t make it really comfortable as you don’t have comments and see changes of other editors live. So, we put our Latex document in GoogleDocs (simply copied the content into a New GDocs Text Document) and shared it with our team. We also formatted the document by applying GDocs styles to our Latex headings, so the text looks structured and easier to work with. At first we simply copied the GDocs content to a local file and compiled it. In fact, the copy-and-paste task is really annoying and so we developed a small bash script that automatically downloads the latest GDocs version and compiles it locally. So, in any case you need to setup your latex tools correctly, but don’t waste your time in the compilation step. You only need to enable sharing by URL and from this URL copy the document id, which you need to download the file. Here is the script:

get -O soups-article.download “https://docs.google.com/document/export?format=txt&id=PLACE_YOUR_ID_HERE” &&
iconv -c –from-code=UTF-8 –to-code=ISO-8859-1 soups-article.download | sed ‘s/end{document}*/end{document}/’ > myFile.tex &&
pdflatex myFile &&
evince soups-article.pdf

Asterisk and MessageSend

We are using Asterisk (running on FreeBSD 9.0 port stock version: 10.0.0-rc2) as SIP registrar/proxy. We are using the Android softphone cSipSimple, which also provides SIP SIMPLE messaging functionality. To enable this on Asterisk add to sip.conf: accept_outofcallmessage=yes and outofcall_message=message (the name of the context handler).

However, we had some trouble setting up Asterisk to really do it. In the message-ctx Asterisk provides the information of the current message as variables/function: MESSAGE(to), MESSAGE(from) and MESSAGE(body).

(First problem) The first problem is that MESSAGE(to) contains the complete address, e.g. sip:PHONENUMBER@SERVERIP. If you try to use this address asterisk sends the message to itself and complains on receive that their is no routing for the incoming message. So, we need to remove the @IP part using the CUT command from the TO and the FROM. Now we can send a message from one phone to another: MESSAGESEND(CUTED_TO, CUTED_FROM).

(Second problem) However, we cannot reply as the recipient got as sender address something like sip:UNKNOWN@SERVERIP. In short use MESSAGESEND(CUTED_TO, CUTED_FROM <CUTED_FROM>) or as example MESSAGESEND(sip:1, SOMEBODY <1>). The first part of the FROM is the name shown to the user and the second part the reply to phone number (without sip:).

Here is our working context for messaging of the extensions.conf:

1
2
3
4
5
6
7
[message]
  exten => _X.,1,Set(TO=${CUT(MESSAGE(to),@,1)})
  exten => _X.,n,Set(FROM=${CUT(MESSAGE(from),:,2)})
  exten => _X.,n,Set(FROM_PHONE_NUMBER=${CUT(FROM,@,1)})
  exten => _X.,n,MessageSend(${TO}, ${FROM_PHONE_NUMBER}<${FROM_PHONE_NUMBER}>)
  ;;DEBUG Print the status of the MessageSend
  exten => _X.,n,Verbose(0, ${TO} ${MESSAGE(from)} ${FROM} ${MESSAGE_SEND_STATUS})

Thanks to Nicolas.

PalmSpace: continuous around-device gestures vs. multitouch for 3D rotation tasks on mobile devices

ShoeSense: A New Perspective on Hand Gestures and Wearable Applications

Demo-video on Youtube

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Master-Thesis Template

Recently some of friends started to work on their theses and why reinvent a new Word Template every time? So today, I finally found the time to strip down my master thesis word document and made it a word template.

I used and created it with Word 2010.

It has:

• Automatic lists for figures, tables (use stylesheets)
• Automatic table of contents (use stylesheets)
• Automatic page numbering (small latin for lists and ToC; arabic for text; big latin for the appendix)
• Automatic title of the current chapter on each text page.

You need:

• Something to write about
• Know how to use style sheets in word
• Somebody who reads your final text for mistakes
• and at last a covering page

Feel free to use it and don’t waste your time creating yet another word thesis template. And also feel free to modify and extend it.

Swissranger 4000 and OpenCV and Point Cloud Library

I am back on working with Depth Cameras and hand gesture recognition - now we are using a Swissranger SR4000 - a TOF camera - instead a Kinect. Here is demo code to get the camera data to OpenCV as well as Point Cloud Library.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/**
* Demo program for the SR4k that shows the output (DepthImage and PCL) and can export these as images.
* Use SPACE to take a picture and ESC for end.
* @author Dennis Guse
*/

#include <stdio.h>
#include <iostream>
#include <string>
#include <time.h>

#include "opencv2/core/core.hpp"
#include "opencv2/highgui/highgui.hpp"
#include "opencv2/imgproc/imgproc.hpp"
#include "opencv2/imgproc/imgproc_c.h"

//SR4k
#include "libMesaSR.h"
#include "definesSR.h"

#include "pcl/point_cloud.h"
#include "pcl/point_types.h"
#include "pcl/visualization/cloud_viewer.h"

using namespace cv;
using namespace std;
using namespace pcl;

#define SR_ROWS 176
#define SR_COLS 144
/**
 * Takes a picture with the SR4k and returns the depthimage as well as the point cloud!
 */
cv::Mat takePicture(SRCAM srCam, pcl::PointCloud<pcl::PointXYZ>::Ptr cloud) {
 SR_Acquire(srCam);
 cv::Mat depthImage(SR_ROWS, SR_COLS, SR_CV_PIXELTYPE, (unsigned short*)SR_GetImage(srCam, 0)); //0:DepthImage; 1:Amplitude; 2:ConfidenceMap

 float x [SR_ROWS * SR_COLS];
 float y [SR_ROWS * SR_COLS];
 float z [SR_ROWS * SR_COLS];
 SR_CoordTrfFlt(srCam, x, y, z, sizeof(float), sizeof(float), sizeof(float));

 for(int i=0; i&lt;SR_ROWS * SR_COLS; i++) {
   point.x=x[i];
   point.y=y[i];
   point.z=z[i];
   point-&gt;points.push_back(point);
 }
 return depthImage;
}

int main(int argc, char **argv) {
 SRCAM srCam;
 SR_OpenETH(&amp;srCam, SR_IP_ADDR); //Add error handling
 SR_SetMode(srCam, AM_COR_FIX_PTRN|AM_CONV_GRAY|AM_DENOISE_ANF|AM_CONF_MAP);

 pcl::visualization::CloudViewer viewer ("PCLViewer");
 while(true) {
  pcl::PointCloud<pcl::pointxyz>::Ptr cloud(new pcl::PointCloud<pcl::pointxyz>);
  cv::Mat depthImage = takePicture(srCam, cloud);
  cv::imshow("Depth", depthIamge);

  viewer.showCloud(cloud, "Cloud");

  int key = waitKey(1);
  if (key == KEY_ESC) break;
  if (key != -1) saveDepthImageAndCloud(depthImage, cloud);
 }
}

Lenovo X60 and Ericcson F5521gw

My old Lenovo X60 (wwan ready: antenna an sim slot available) uses the current state of the art UMTS (mini pci express) card from Ericcson. The card orignally belongs to an Lenovo W520 - FRU is 60Y3279.

!I am using the original BIOS (no zender!)

Basically:

• Download drivers for the card from Lenovo
• Extract drivers (the .exe complains that my X60 is not supported) using InstallShield tools
• Cover pin 20 on the card with scotch tape. (Drawback: card cannot be turned off)
• Plugin the card (I am using only the main antenna)

Hint:

• Even with pin 20 enabled (no scotch) my notebook booted without error 180X and windows showed it in the device manager - but cannot be turned on!
• Fn+F5 (Access Connection) does not show the card, but the connection can be configured.
• Access Connection can turn the card off (probably via AT commands)

PIN 20: Not my image; credits go to the unknown creator (Update: Link is down.; Link removed).

Any question: Leave a comment with your mail-addr.

PS: In comparison to WiFi tethering with my Palm Pre: the card is awesome fast! (using O2 max. 3.6 Mbit/s)

Update: Similar guide for Dell and a WWAN

Extract drivers from encrypted install shield archives

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Gesture-based User Authentication on Mobile Devices using Accelerometer and Gyroscope

Matlab: Progressbar for arrayfun

If you use arrayfun on large arrays with really slow functions it is annoying to wait without feedback how long it can take - so a progressbar (in matlab waitbar) would be nice. One problem is that arrayfun provides no information about the status - there are no callback handlers. What could be done instead. Simply write function for arrayfun as inner function of the function which calls arrayfun. In the calling function you define two variables, one for the number of items and one for the current solved items (starts with 0 and gets updated). In the inner function the work is done and the counter increment, which is visible in the inner function, because it is an inner function. At last update the waitbar. Here is how it can look:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
function doArrayFunWithProgressBar()
  data = magic(35);
  WAITBAR = waitbar(0, 'Work in progress');
  PROGRESS_COUNTER = 0;
  PROGRESS_MAX = sum(size(data));

  data = arrayfun(@(item)innerFun(item), data);

  close(WAITBAR);

  function result= innerFun(item) 
    %TODO Do the work!
    pause(1);

    PROGRESS_COUNTER = PROGRESS_COUNTER + 1;
    waitbar(PROGRESS_COUNTER / PROGRESS_MAX);
  end
end

Matlab: if-statement in anonymous functions

UPDATE: The performance penalty is massive - MATLAB fails to optimize the code if anonymous functions or function handles are used. I got factor 20… But it works ;)

Today, I needed to write a function in Matlab as accessor to a matrix. I have a matrix which contain mulitple datastreams - one per row. The columns dimension is the time Because I don’t want to change the functions, which evaluate only a subset of provided streams, and I don’t want to copy and modify the matrix for every combination, I started to think about an accessor function. Furthermore the function should reveal the dimensions of the (not existing) data matrix. I ended up with anonymous functions, because these allow to access variables outside the anonymous function definition like:

1
2
3
  a=2 
  b=2 
  fun=@(x)(a*x+b) 

The advantage is that fun can use a and b, but the caller doesn’t necessarily know that they exist and are used by fun. With this knowledge the implementation of providing the correct data was straight forward. The next problem was, that in anonymous function you can’t use the if-statement. That’s pretty messy. I found a (solution)[http://www.mathworks.com/matlabcentral/newsreader/view_thread/147044] and adapted it.

1
2
3
4
5
6
7
8
9
%%Artificial if for use in anonymous functions
%TRUE and FALSE are function handles.
function RESULT = iff(CONDITION,TRUE,FALSE)
  if CONDITION
    RESULT = TRUE();
  else
    RESULT = FALSE();
  end
end

The function that creates the function handles of the accessor function:

1
2
3
4
5
function HANDLE = recordHandle(COLUMN, ROWS)
  HANDLE = @(row, column) (...
    iff(nargin == 2, @()COLUMN(ROWS(row), column), @()[size(COLUMN, 2), size(ROWS, 1)])...
  );
end

Apple Wireless Keyboard on Windows [AppleKeyboardInstaller.exe]

At the weekend I found a solution to a long lasting problem of mine. I have a Apple Wireless Keyboard, because two years ago it was the best Bluetooth keyboard on the market (Currently I can’t say, didn’t checked again). So, I use the keyboard every day mostly for writing text ;), but the device doens’t posess a DEL, POS1 and END-Key and thus it is hard to navigate during typing.

The solution is install the keyboard driver provided by Apple in the Bootcamp package. The driver I use is from a OS X Leopard installation disc. Or download it here: http://www.happytocode.com/post/Apple-Aluminium-keyboard-Boot-Camp-20-Windows-drivers.aspx

PS: After I found the solution myself, I had the correct google search term and solutions older than my keyboard. But it works.

UPDATE: The keyboard driver sometimes leads to Bluescreens, so I am back using the standard windows drivers without the additional keyboard shortcuts.

Credit card: Visualize your money

Some time ago I had a discussion about (dis-)advantages of physical against non-physical stuff. She argued that non-physical is mostly too abstract for the user and thus not that easy to use in daily life. We argued about “real” money as physical and credit cards as non-physical example. The advantages of real money are that you see what you have and you can only spend that. The advantages of the credit card are that the payment is easier and payment via internet is possible.

The main disadvantage is that you as user can’t see how much money you spend or you have available. The card looks always the same.

Assume that materials are available that could either shrink or change it’s color. Using this the credit card will get smaller if you pay with it and slowly reach your limit. Or the card could get orange if are in reaching line of credit and red if your are in. Thus you as user would “feel” how much money is available and it is much easier to cope with the abstraction from real money.

PS: Only an experiment in mind.

Windows shell (cmd) and loops

1
2
FOR %t in (1, 2, 3, 4, 5, 6, 7, 8, 9, 10) DO 
  FOR %g IN (1,2,3,4,5,6,7,8,9,10) DO ECHO %t %g

Hopefully I have never to use the windows shell again!

JSF 2.0: Mojarra and multipart/form-data (File Upload) [Glassfish]

It is a quite a mess that Mojarra doesn’t support h:forms that use enctyp multipart/form-data, because you can’t access possible available parts in the JSF Controllers.

The following wrapper extends a HttpServletRequest so that getParameter also uses available data in HttpServletRequest.getParts().

You can than access the HttpServletRequest via FacesContext.getCurrentInstance().getExternalContext() and use getParts own your own.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.Part;

/**
 * The mojarra implementation does not parse POST request that are multipart encoded, 
 * because the parameters are not accessable via <code>getParameter()</code>.
 *
 * This class extends the HttpServletRequest to provide access to the parameters
 * which are encoded accessable via <code>getParts</code>.
 *
 * All parts are made visible that have <code>contentType == null && size < 300</code>.
 *
 * If the request is not multipart encoded, the wrapper doesn't modify the behavior of the original <code>HttpServletRequest</code>.
 * @author dennis
 */
public class MultipartHTTPServletRequest extends HttpServletRequestWrapper {

    protected Map<String, String> parameterParts = new HashMap<String, String>();

    public MultipartHTTPServletRequest(HttpServletRequest request) {
        super(request);

        if (getContentType() == null) {
            return;
        }
        if (!getContentType().toLowerCase().startsWith("multipart/")) {
            return;
        }
        try {
            for (Part i : getParts()) {
                if (i.getContentType() == null && i.getSize() < 300) {
                    parameterParts.put(i.getName(), getData(i.getInputStream()));
                }
            }
        } catch (IOException ex) {
            Logger.getLogger(MultipartHTTPServletRequest.class.getName()).log(Level.SEVERE, null, ex);
        } catch (ServletException ex) {
            Logger.getLogger(MultipartHTTPServletRequest.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

    private static String getData(InputStream input) throws IOException {
        String data = "";
        String line = "";
        BufferedReader reader = new BufferedReader(new InputStreamReader(input));
        while ((line = reader.readLine()) != null) {
            data += line;
        }
        return data;
    }

    @Override
    public String getParameter(String name) {
        String result = super.getParameter(name);
        if (result == null) {
            return parameterParts.get(name);
        }
        return result;
    }
}

Java Servlet (3.0): How can I access multipart encoded content provided by a http post request?

At the last friday i stood right before a tricky problem: How can I save a image provided via HTTP post into a database? I had three problems:

• How to upload a file via HTML?
• How to access the data at the server side?
• How to put in the database using JPA?

The first one was easy, just create a html form add a input field (type=’file’) and a submit button.

The second one cost me one day. And it was really simple: Just place the @MultipartConfig annotation at the class definition of the servlet and use HTTPRequest.getPart[s]() methods to access the data as an inputstream.

The last part was straight forward: use a InputStreamReader to copy the data into a byte[] and add @Lob byte[] field to the entity class.

Because I use MySQL it was necessary to change the columnt type from TEXT to MEDIUMBLOB.

Java: CDI & ConversationScope

Yesterday I recreated my web app project with maven. Now CDI is available and @ConversationScoped is really nice and makes the development a lot easier. I used Glassfish v3.

… Post my pom.xml tomorrow again.

Goodbye 85.214.89.182 (g00se.org)

It’s the last day of my good old vServer for g00se.org. Tonight they will come and cut him off.

To keep him in memory old.g00se.org points to his former home adress.

Windows 7: Share your internet uplink via wireless ad-hoc network (ICS)

Scenario: You have one windows 7 device with a direct internet connection like UMTS and you won’t to share the connection via an ad-hoc wireless network with another device. In my case it is a XDA neo. Everything happens in the Network and Sharing center.

• Properties section of the network device with the uplink: under sharing active ICS and re-connect the device to internet
• Create a new ad-hoc network (use encryption!)
• Join with another device the network
• Set the wireless ad-hoc network location to Home
• Disconnect from the ad-hoc network and rejoin (device with uplink)The internet sharing should now work.

Ubuntu-vm-builder default login

Today I created a ubuntu virtual machines with ubuntu-vm-builder. When I tried to login nothing worked. I searched the web and found only the parameter –username, –password and –name. But I can’t recreate two VM using an UMTS uplink :(.

I booted one machine (ubuntu jaunty VM) and used the password reset procedure to get a running root shell. In the passwd I found a user ubuntu. I rebooted and used ubuntu:ubuntu as credentials.

Default username: ubuntu

Default password: ubuntu

Thanks to NO documentation and man pages for ubuntu-vm-builder…

Addon: The packet is named python-vm-builder. See also https://help.ubuntu.com/community/JeOSVMBuilder.

CSS cheat sheet

Found by SOW: CSS cheat sheet.

SQL cheat sheet

Found by SOW: SQL cheat sheet</a>

HTML cheat sheet

Found by SOW: HTML cheat sheet.

PHP cheat sheet

Found by SOW: PHP cheat sheet.

Power consumption of the internet

Nice article….

SIP client for Windows (using ekiga SIP service)

After long time of crawling the web, I have found a solution to use the ekiga.net SIP service from Windows. Many of my friends use skype, but it is an annoying part of software. So I started using ekiga and ekiga.net as provider. Microsoft itselfs provides a SIP client (netmeeting). The developer of Ekiga provides a nice howto.

Getting DBUS Messages from Networkmanager (Python)

I had some spare time and so I started playing with DBUS. I was annoyed that after NetworkManager established a connection I always start the same programs like ekiga, pidgin, firefox and evolution. So I wrote a small python program that start software if the NetworkManager singals an open connection via DBUS. The NetworkManager DBUS-API is available. The hardest part was to find the docs.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/usr/bin/python
from dbus.mainloop.glib import DBusGMainLoop
import gobject
import dbus
import subprocess

def signal_deviceNowActive(data=None):
  if data is not None and data[dbus.String("State")] == 2 :
    subprocess.Popen("ps -C pidgin    || pidgin &", shell=True)
    subprocess.Popen("ps -C ekiga     || ekiga &", shell=True)
    subprocess.Popen("ps -C evolution || evolution &", shell=True)

print "init loop"

DBusGMainLoop(set_as_default=True)

loop = gobject.MainLoop();

print "init dbus"

dbus.SystemBus().add_signal_receiver(signal_deviceNowActive, signal_name=None, dbus_interface="org.freedesktop.NetworkManager.Connection.Active")

print "start loop"

loop.run() //*UPDATE: thanks for your comment

Cort Dougan: Good Programmers are Not Lazy

Made me knowingly smile…

Book: Domain-Driven Design (Eric Evans)

In the last summer (‘08) I had the time to read that book. A friend of mine (thanks to Thorben) suggested that the book is really worth a try. The cover says: “Tackling complexity in the Heart of Software”. And that is a really summary.

Evans describes with short examples situations in software development projects which can lead to critical problems later. He uses the short stories to analyze the situation, make the problem and cause clear. Based upon that he describes a pattern (a style to develop software; mostly organizational stuff) to get rid of it.

The first one he suggests is a “ubiquitous language”. In short he says that all people connected to the project should use the same language, so that everyone can talk to everyone about the domain. That is not about technical stuff or infrastructure. It is mere that all know all what the software should / will be used to.

It’s a quite good book with well choosen practical examples and it helped to understand that real development differs from educational stuff in a sense of organization, time and size. It would have been helpful, if I read it earlier.

Lecture: Open Wins – the Future of Software & Technology (Scott McNealy, SUN)

Scott McNealy the chairmen and a co-founder of SUN visited the TU Berlin on 06-11-08. He visited the university to give a short talk about open source software and why it became and will be  a pushing element for technical innovations. Because he is with SUN the content of the talk was mostly about how SUN was, is and will be involved in the development of open source. The essance of the talk was:

• Open Source is good (not only code, also products and especially specifications)
• reducing the dependency between the developer and the user
• programmers improve their code style (someone else can read your stuff)
• Strategy of SUN
• He anwsered the question why SUN is doing open-source

Interesting points:

• Java
• happens transparently (ref: mobile phone and blue-ray players)
• is running on 6^9 devices (hope I got it right)
• Oracle Enterprise Edition costs 400.000 $ per core(!)

Cool quotes:

• “Free is the new black!”
• “Return on no-investment.”
• “Steal software legally”
• “We don’t want you to do .NET! Watch your hands!”

Provided links during the talk:

• Netbeans.tv: the community site of Netbeans.
• Solaris Express Developer Edition (SXDE): A developer edition of solaris with many tools

All in all I can say that Scott is a really good entertainer. It was a really nice talk! Thanks to Prof. Brandenburg for the information.

JTree on an JScrollPane and resizing

Early on the morning I read my early morning bug reports ;). It was about an JTree on a JScrollPane. The model of the will be modified during runtime and fires events if something is changes. So far everything looks pretty straight forward and it works. The problem occured if the tree gots larger than the parent scrollpane, so I believed the scrollpane starts to activate the scrollbars and everything stays cool… But the tree never changed it’s size. It simple stayed in the old size and the scrollpane didn’t start scrolling. And so some items of the tree were invisible.

1
2
3
4
TreeModel model = new DefaultTreeModel();
JTree tree = new JTree(model);
tree.setPreferredSize(new Dimension(100, 100));
JScrollPane pane = new JScrollPane(tree);

The model fires an TreeModelEvent (DefaultTreeModel.nodeStructureChanged) and the tree get’s an JTree.treeDidChange() so it can recompute it’s size. This doesn’t work out. It was necessary to set the preferred size of the tree to null before excecuting treeDidChange… Why? I honestly don’t know…

VOIP for GNOME Desktop: Ekiga

Yesterday I got some time to start playing with SIP. I used Ekiga a SIP client for the gnome-desktop. After installation I got an account on ekiga.net and everything went fine. The provided configuration wizard is really cool stuff. The hole action consumed 10 minutes and afterwards I spent 1 hour to get the sound devices working. And it did, but it was really annoying. The only problem now is that my built-in (Thinkpad X60) microphone produces a feedback if I use the internal speakers. The only solution is to use headphones and don’t type or click during a call.

At last: sip:500@ekiga.net is a echo service, so you can test your configuration. Next week I will try to get my bluetooth headset running.

JAX-WS: ORA-31011

Today, I tried to do something useful for my bachelor thesis. I tried to query a Oracle 11G DBMS via a SOAP-based Webservice. Using the instruction from Andrea and Oracle I got the service up and running. The Webservice was reachable under http://localhost:8080/orawsv and presented it’s wsdl via http://localhost:8080/orawsv?wsdl.

Now the trouble started: The URL from the Oracle HTTP-Server is secured via HTTP-Authentification. Ok so I downloaded the WSDL and created the stubs from a local file with the JDK’s wsimport. Now I needed to tell the Webservice Client Provider to authenticate if necessary:

1
2
3
4
ORAWSVPortType port = new ORAWSVService().getORAWSVPort();
Map<String, Object>; requestCtx = ((BindingProvider) port).getRequestContext();
requestCtx.put(BindingProvider.USERNAME_PROPERTY, "user");
requestCtx.put(BindingProvider.PASSWORD_PROPERTY, "password");

The first test ended with a desaster:

Exception in thread “main” java.lang.IllegalArgumentException: faultCode argument for createFault was passed NULL at com.sun.xml.messaging.saaj.soap.ver1_1.SOAPFactory1_1Impl.createFault(SOAPFactory1_1Impl.java:56) at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178) at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:108) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:254) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:224) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:117) at $Proxy32.xmlFromQuery(Unknown Source) at productcatalogws.Main.main(Main.java:49) Java Result: 1

I couldn’t make anything useful out of these messages. The only thing I found was a dead end: bug_id=6587659. So I started debugging: First view the SOAPMessages: I used the cool charles proxy.

Configuration for JAVA:

1
2
3
System.getProperties().put("proxySet", "true");
System.getProperties().put("proxyHost", "localhost");
System.getProperties().put("proxyPort", "8888");

After viewing the messages without noticing anything of interesst except: ORA-31011: XML parsing error, but without any reference to the Webservice.

I found a cool tool to use webservices: soapUI (you can do everything I needed using it!!) and queried the Oracle Webservice by hand. And it worked!

The problem was that the default JAX-WS Provider does send:

Content-Type: text/xml;charset=”utf-8”

And the Oracle HTTP Server expects:

Content-Type: text/xml;charset=UTF-8

An example SOAPMessage (including the header):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
Authorization: Basic XXXXX
Host: localhost:8080
Content-Length: 314
SOAPAction: "<a href="http://localhost:8080/orawsv">http://localhost:8080/orawsv</a>"
User-Agent: Jakarta Commons-HttpClient/3.0.1
Content-Type: text/xml;charset=UTF-8
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:oraw="http://xmlns.oracle.com/orawsv">
    <soapenv:Header>
        <soapenv:Body>
            <oraw:query>
                <oraw:query_text type="SQL">SELECT * FROM PRODUCT</oraw:query_text>
            </oraw:query>
        <soapenv:Body>
</soapenv:Envelope>

The questions are:

• Does JAX-WS something wrong during the request or is the DB Webservice the bad guy?
• And why doesn’t JAX-WS handle the SOAPfault correctly?

Used software: javac –version:

java version “1.6.0_04” Java(TM) SE Runtime Environment (build 1.6.0_04-b12) Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode)

Oracle 11G DBMS: Oracle Database 11 g Release 1 for 32-bit Windows.

OpenSSH using Kerberos via GSSAPI

I missed to activate a small and tiny feature during the update to Debian Etch: OpenSSH with GSSAPI support. What does sat mean?

• g00se.org uses Kerberos for authentification.
• Kerberos offers Single-Sign-On.

I missed to upload my subversion working copies over ssh without typping my password everytime. So I installed ssh-krb5 to add the cool behavior.

Cyrus and Exim4 authentification using Kerberos via GSSAPI

Today I used my spare time to let the SMTP and the IMAP server of g00se.org using the GSSAPI for authentification. The necessary cyrus-sasl libaries were already installed. So I really don’t know which are exactly required. I suppose the cyrus-sasl gssapi libary should meet all requirements. I needed to install the exi4-daemon-heavy instead of the light one. The the heavy one does support authentification using the cyrus-sasl libary. I created the principals imap/g00se.org and smtp/g00se.org and put them into the default keytab.

And modified the configuration files of both services to let them propose GSSAPI as alternate authentification mechanism:

(cyrus): imapd.conf:

1
 sasl_mech_list: PLAIN GSSAPI

and

(exim4): /etc/exim4/conf.d/auth/01_exim4-config_gssapi

1
2
3
4
5
6
7
8
9
10
 gssapi_server:
 driver = cyrus_sasl
 public_name = GSSAPI
 server_mech = gssapi
 server_hostname = g00se.org
 #server_realm = G00SE.ORG
 server_set_id = $auth1
 .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
 server_advertise_condition = $\{if eq{$tls_cipher}\{}\{}\{\*}}
 .endif

Thanks to Sean for a short and easy description.

PS: Exim4 does use the splitted configuration file option of Debian. So you can put the lines anywhere into the authentification section.

Apache with Kerberos authentification

Special thanks to the guys who invented mod_auth_kerb. I removed the PAM authentification modules, which I only used as wrapper to get Kerberos auth through PAM and replaced it with mod_auth_kerb. Here is the small configuration:

1
2
3
4
5
6
7
 Krb5Keytab /etc/apache2/krb5.keytab
 KrbAuthRealms G00SE.ORG
 KrbServiceName HTTP
 <Directory / >
  AuthType Kerberos
   Require valid-user
 </Directory>

That’s all! Cool.

The Firefox bundled into my OpenSUSE 10.3 does already contain all necessary configurations. I only needed to add g00se.org *to *network.negotiate-auth.trusted-uris in about:config. So he does accept the offer to do GSSAPI authentification with these URIS. And that’s pretty cool.

At least I need to figure a way to get my M$ system use such cool stuff.

Exim4 and Saslauthd [service=]

Hello! Since I upgraded g00se.org from Debian Sarge to Etch the authentification mechanism of my exim mail server doesn’t run properly. I used as I descriped early the saslauthd to authentificate against the pam. Everything went fine. I believed, but a few weeks later (I used all the time my webinterface to send mails.) the exim couldn’t use the same credentials as the imap server. The saslauthd always claimed that my credentials are false and so exim awnsered with a SMTP Error 535: Authentification failure. Tonight I managed to look into the problem and it’s source. I checked the saslauthd using testsaslauthd. If I used: testsaslauthd -s smtp -u XXX - p XXX everything went fine and the saslauthd replied with credentials ok. But if I issued testsaslauthd -s “” -u XXX - p XXX I got a pam authentification error. I tried the same using exim and same behavior appeared, exim doesn’t set the name of the service and so all authentification will fail. The problem is that the saslauthd will try to authenticate against a pam configuration which is not available. Note: I have in /etc/pam.d/ a file called smtp which defines the pam behavior for my smtp service ;).

The messages (/var/log/auth.log):

Dec 3 00:55:50 h1206589 saslauthd[22244]: do_auth : auth failure: [user=XXX] [service=] [realm=] [mech=pam] [reason=PAM auth error] Dec 3 01:18:45 h1206589 saslauthd[22247]: do_auth : auth success: [user=XXX] [service=imap] [realm=] [mech=pam]

As you can see the name of the service is in the first log empty. I found a solution: you can tell the exim how to call the saslauthd. (Snip of the authentification part of my exim service):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 plain_saslauthd_server: 
   driver = plaintext
   public_name = PLAIN
   server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}}\{1}\{0}}
   server_set_id = $auth2
   server_prompts = : .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = $\{if eq\{$tls_cipher}\{}\{}\{\*}}
 .endif

 login_saslauthd_server:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::" # don't send system passwords over unencrypted connections
   server_condition = ${if saslauthd\{\{$auth1}\{$auth2}}\{1}\{0}}
   server_set_id = $auth1 
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
     server_advertise_condition = $\{if eq{$tls_cipher}\{}\{}\{\*}}
   .endif

Now tell exim that he has to use a service attribute for saslauthd change:

1
server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}}\{1}\{0}} into server_condition = $\{if saslauthd\{\{$auth2}\{$auth3}*\{smtp}*}\{1}{0}}.

smtp have to be the name of the pam configuration file.

That’s all. Everythings work as expected.

JOptionPane and the Focus

I started to write a login screen (NEED: two input field [username, password]and two buttons [ok, cancel]). Since a login is a blocking panel I created a JPanel and put that on a JOptionPane.showDialog(…). Everything looked quite fine, but the default focus was set on the OK-Button. So I tried to requestDefaultFocus, but nothing worked. Mark provides a running solution.

And it works!

WebSVN vs. ViewCVS

Tonight I removed ViewCVS and started using WebSVN. It’s nice simple and in PHP :D… Take a look!

Java Base64 encoding (sun.misc.Base64Encoder)

Today I would like to say some words about BASE64 encoding and JAVA. Let me introduce a cool class to encode a string: sun.misc.Base64Encoder This class seams to work quite all right for some weeks. So, today we transfered our JEE server from a linux to windows (not my idea). Till now I have assumed that the mythos of the JAVA plattform independence is not only a myth. During the check of the application (the deployed JEE project) it showed up error messages that the base64 coded strings doesn’t match. On the first look everything seemed to be fine. The second showed up that the strings on the windows machine were one (!) character longer. Two hours later we found the problem: Does RFC 3548 say something about line feeds and carriage return?

So why does the base64 coded strings contain some?

The anwser is: Because the encode method of the *Base64Enconder split the string after some characters (I suppose at char 76 / 77, but I’m not quite sure). So if you switch the operation system and the new system uses another encoding for the line break, your old base64 encoded data is worthless.

To solve this problem I used the java mail api (cause JEE server needs to implement these):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
StringOutputStream output = new StringOutputStream();
OutputStream encoding = MimeUtility.encode(output, "base64");
encoding.write("Hello World");
result = output.toString();


import java.io.IOException; import java.io.OutputStream;
/**
*
* @author Dennis Guse
*
*/
public class StringOutputStream extends OutputStream {
  private StringBuffer data = new StringBuffer();
  public StringOutputStream() {}
  public String toString() {
    return data.toString();
  }
  public void write(int b) throws IOException { data.append((char)b); } }

So a half day of work for nothing…. PS: Feel free to use this stuff.

Authentification Server via Kerberos (Heimdal) and LDAP backend

Today morning I configured heimdal KDC and as storage the openldap slapd. Slapd stores the user information and holds the kerberos authentification information. The public URI is ldaps://g00se.org. Kerberos realm: G00SE.ORG. KDC: g00se.org The openldap server uses TLS and authenfication and authorisation with the SASL GSSAPI (package (debian): libsasl2-modules-gssapi-heimdal). First I installed slapd (slapd and the above package). Added the krb5-kdc.schema. Configurated SASL support and added authorisation rules. With slapadd -f “backup.ldif” I installed my backup (without internal kerberos accounts). Modified /etc/default/slapd to let the slapd listen on ldaps:// and ldapi://. Reload the configuration.

Second I installed the heimdal-kdc. Configured the realm. Configured database backend to use the ldapi:// socket and reload it. Init the realm and create necessary kerberos host accounts (with random keys): kadmin -l

1
2
3
4
5
 init G00SE.ORG 
 add -r host/g00se.org 
 ext_keytab host/g00se.org 
 add -r ldap/g00se.org 
 ext_keytab ldap/g00se.org

Reload everything and the authenfication server was up and running! Have a nice one!!

Authentication client via Kerberos (Heimdal) and LDAP backend

To use the provided authenfication mechanism from g00se.org on g00se.org :D. I installed libpam-heimdal and configured nss.

Kerberos configuration: /etc/krb5.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
 [libdefaults]
 default_realm = G00SE.ORG
 default_keytab_name = /etc/krb5.keytab
 ticket_lifetime = 28800
 default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
 default_etypes_des = des3-hmac-sha1
 des-cbc-crc des-cbc-md5
 
 [realms]
 G00SE.ORG = { kdc = g00se.org admin_server = g00se.org }
 
 [domain_realm]
 g00se.org = G00SE.ORG
 .g00se.org = G00SE.ORG

The pam configuration to use the heimdal KDC: /etc/pam.d/kerberos

1
2
 #@include common-auth
 #@include common-account auth required pam_krb5.so account required pam_krb5.so

Configuration of the nss-ldap plugin: /etc/libnss-ldap.conf

1
2
3
4
5
6
7
8
9
10
 uri ldaps://g00se.org/
 ldap_version 3
 base dc=g00se,dc=org
 scope sub
 pam_filter objectclass=account
 pam_login_attribute uid 
 pam_min_uid 1000
 pam_max_uid 2000
 nss_base_passwd ou=People,dc=g00se,dc=org?one
 nss_base_group ou=group,dc=g00se,dc=org?one

Let nss know that there is a second source which provide authorisation data. cat /etc/nsswitch.conf

1
2
 passwd: compat *ldap*
 group: compat *ldap*

That’s all! As root you can now check if everything runs: getent passwd and you will see all your local accounts and the provided central ones! I hope everything is cool!!!