Category Archives: Programming

PowerShell Scripting and my custom scripts

So I recently started playing with powershell. Mostly cause I wanted to try messing around with Windows Servers some more. The world of powershell is a bit strange coming from the world of zsh and bash which is what I have traditionally scripted with. So to help myself I have started making modules to help make things easier to do from the command line. You know the kind of things you could totally do with an app or a text editor but why not have it scripted? So now I have a new repo on GitHub. Currently I only have one cmdlet for Get-HostsEntries which I made to automate the last function missing from the automation Carbon provides around the windows Hosts file.

Atom Text Editor

So I am a bit slow on noticing this announcement but earlier this month the Atom Text Editor that the guys at GitHub have been working on was open sourced. Now this has been my favorite editor for the Mac since I got into the beta for it and so far is better than most text editors I have used. The one editor that would be compared to it is Sublime Text which I think Atom beats very easily for two reasons.

First, Atom has an actual screen for settings. This is one of my biggest issues with sublime the fact that is uses a text file as its settings. Sorry not user-friendly. Instead Atom has a well thought out settings GUI and includes an amazing package manager. It even has a way for the packages (plugins and themes) to tell you shortcuts they have. Now I have only use sublime lightly so maybe it has some of these things buried but I cannot stand Sublime Text long enough to use it whereas I have enjoyed Atom every time. (even the old version which caused my fan to run on my MacBook).

Second, they licensed it under the MIT license. Now this is even more an opinion then the first. Personally I love the openness of the MIT license so I am happy they went with that over GPL. It is even better then Sublime Text since they want you to pay. You would expect there to be many more features if your paying but really it’s just a plugin engine.

So if you’re using a Mac I recommend you checkout Atom at atom.io and if you’re using Windows or Linux well you can build it yourself or just wait I am sure the packages will be out soon.

Named Pipes in C

If you happen to be programming in C at some point and you want to pass messages between two processes named pipes is an option. What you are doing is defining a node on the filesystem as a FIFO node and then piping messages through it. In the examples below I create a reader which reads from a named pipe. The pipe is defined as DEFAULT_PIPE in test.h. The writer application will write out a single line to named pipe.

//
// test.h
//

#ifndef test_h
#define test_h

#define DEFAULT_PIPE "/Users/nick/pipetest"

#endif
//
//  NamedPipeReader
//

#include
#include
#include
#include
#include
#include "test.h"

int main(void)
{
    FILE *fp;
    char readbuf[128];

    // Try creating pipe if it doesn't exit.
    mknod(DEFAULT_PIPE, S_IFIFO|0666, 0);

    // Lets say what is going on.
    fprintf(stdout, "Pipe %s created!\n", DEFAULT_PIPE);
    while(1)
    {
        // Open the named pipe.
        fp = fopen(DEFAULT_PIPE, "r");
        if (fp == NULL)
        {
            // Print error if an issue shows up.
            perror("fopen error");
            exit(1);
        }

        // Get string from the pipe.
        fgets(readbuf, 128, fp);
        // Print the pipe data to stdout (console).
        fprintf(stdout, "Received string: %s\n", readbuf);
        // Close the named pipe.
        fclose(fp);
    }

    return(0);
}
//
//  NamedPipeWriter
//

#include
#include
#include "test.h"

int main(int argc, char *argv[])
{
    FILE
        *pipe;
    char
        buffer[128];

    // Open existing pipe.
    if((pipe = fopen(DEFAULT_PIPE, "w")) == NULL) {
        perror("error from fopen");
        exit(1);
    }

    // Read a line from stdin (console).
    fgets(buffer, sizeof(buffer), stdin);

    // Write the line to the pipe.
    fputs(buffer, pipe);

    // Close the pipe.
    fclose(pipe);
    return(0);
}

Install and Secure RabbitMQ

First follow the simple instructions on the RabbitMQ site. I recommend using their Apt repo if your using Ubuntu like me.

Next you will want to install the management console. To do that you just need to run the following command:

rabbitmq-plugins enable rabbitmq_management

Now the part where we divert from the simple install. We next will want to generate the some certificates. Personally I used the /opt/cert/rabbitmq/ directory that I created to store these in. To do that run the openssl command you see below:

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes

Now this is a self-signed cert which should be fine for most development. If you want to do something in production I recommend making your own internal CA so that you can load the CA into your browsers and not get the self-signed error all the time. As this should not be used by 3rd parties getting a 3rd party signed certificate seems a bit over board.

Next is to configure RabbitMQ to use these certificates.

[
    {rabbit, [
              {ssl_listeners, [5671]},
              {ssl_options, [{cacertfile, "/opt/certs/rabbitmq/key.pem"},
                             {certfile, "/opt/certs/rabbitmq/cert.pem"},
                             {keyfile, "/opt/certs/rabbitmq/key.pem"},
                             {verify, verify_peer},
                             {fail_if_no_peer_cert, fasle}]}
     ]},
     {rabbitmq_management, {
              {listener, [{port, 15672},
                          {ssl, true}]}
     ]}
].

Now you should just be able to run the following command to restart the server:

service rabbitmq-server restart

After the  server reboots you should be able to access it via AMQP over SSL via port 5671 and get to the management console via https on port 15672.

Next we should lock down the management interface. First login using the guest account (guest/guest). Once you are logged in click on the Admin tab.

selectAdmin

Then click on the “Add a user” section. At this point fill in the username you want, add a password, and select the admin tag.

addUser

You should now see the user in the list. This user though will still have no access off the bat. Click on the user name to get more information about the user and to edit it.

newUser 

Once you’re in the user’s information go to the “Set permission” section and you can just set the default. This will give the user full access to the default virtual host.

setPermission

At this point you can click on the guest user and delete it. At this point got a server setup to use SSL for connections and without the default user. You are set with a decently secure setup. Have fun developing with RabbitMQ.

Rails on openSUSE 12.1

So the other day I decided to try and run rails on a fresh openSUSE 12.1 VM. I did not expect the challenge that it was mostly due to what I can only assume are some changes to the software openSUSE has by default and also what rails requires. So here are the steps.

First, install rvm:

$ bash -s stable < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
$ source ~/.bash_profile

Second, install requirements listed by rvm as well as libyaml if it is not listed:

$ rvm requirements
$ sudo zypper install libyaml-devel

Third, install the requirements for the javascript engine and database that rails will use. I chose to use node.js for the javascript engine and sqlite is the default sql database for rails:

$ sudo zypper ar http://download.opensuse.org/repositories/devel:/languages:/nodejs/openSUSE_12.1/ NodeJSBuildService
$ sudo zypper install nodejs nodejs-devel sqlite-devel

Finally, we install the latest ruby and use gems to get the latest rails:

$ rvm install 1.9.3
$ rvm use 1.9.3
$ gem install rails
$ gem install sqlite3

Go Post #2: AES Encryption

So as I went over how to do a simple hashing program I figured next I would utilize some more of they crypto libraries provided. In this case I used AES to write a simple encryption and decryption program. How this works is rather simple. We pass in two arguments. The first is the plaintext message you want to encrypt and the second is the key used to encrypt the file. A warning here is do not have a default key that is horribly insecure and users will many times use the default. We will now take the encryption key and initialization vector (iv) to encrypt the message. Another warning is here though the iv is not as important as the key make sure you use one and that it’s not something really simple like in the example. The iv you use for encryption must match also between the encryption and the decryption. For this example I use the CFB block mode. This allows for us to have plaintext of any length which makes this example more simple. After we encrypt the message I then decrypt it and print it out just to show  you can. After that we encode the ciphertext (the encrypted text) in base64 so that you can copy and paste it into a decrypter. This way you don’t need to use a file to store the data in this example. Plus it shows you base64 which is fun tool for storing binary data in a human readable format.

package main

import (
 "fmt"
 "os"
 "crypto/aes"
 "crypto/cipher"
 "encoding/base64"
 )
 var commonIV = []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}

func main() {
 // Load the plaintext message you want to encrypt.
 plaintext := []byte("hello, world")
 if len(os.Args) > 1 {
 plaintext = []byte(os.Args[1])
 }

// Setup a key that will encrypt the other text.
 key_text := "32o4908go293hohg98fh40gh"
 if len(os.Args) > 2 {
 key_text = os.Args[2]
 }

// We chose our cipher type here in this case
 // we are using AES.
 c, err := aes.NewCipher([]byte(key_text))
 if err != nil {
 fmt.Printf("Error: NewCipher(%d bytes) = %s", len(key_text), err)
 os.Exit(-1)
 }

// We use the CFBEncrypter in order to encrypt
 // the whole stream of plaintext using the
 // cipher setup with c and a iv.
 cfb := cipher.NewCFBEncrypter(c, commonIV)
 ciphertext := make([]byte, len(plaintext))
 cfb.XORKeyStream(ciphertext, plaintext)
 fmt.Printf("%s=>%x\n", plaintext, ciphertext)

// We decrypt it here just for the purpose of
 // showing the fact that it is decryptable.
 cfbdec := cipher.NewCFBDecrypter(c, commonIV)
 plaintextCopy := make([]byte, len(plaintext))
 cfbdec.XORKeyStream(plaintextCopy, ciphertext)
 fmt.Printf("%x=>%s\n",ciphertext, plaintextCopy)

// We must now convert the ciphertext to base64
 // this will allow for the encrypted data to be
 // visible to copy and paste into the decrypter.
 base64Text := make ([]byte, base64.StdEncoding.EncodedLen(len(ciphertext)))
 base64.StdEncoding.Encode(base64Text, []byte(ciphertext))
 fmt.Printf("base64: %s\n", base64Text)
 }

Next we have the decryption program. This program is setup pretty much the same as the encryption one except it takes in the base64 ciphertext and the key. The first thing we then have to do is decode the ciphertext form base64 into the normal binary format that we can decrypt. You will notice here that the iv matches the same as in the encryption program.

package main

import (
    "fmt"
    "os"
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
)
var commonIV = []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}

var ciphertext []byte

func main() {
    // Load the base64 ciphertext from the arguement.
    if len(os.Args) > 1 {
        // Decode the ciphertext to put it in a usable binary format.
        dbuf := make([]byte, base64.StdEncoding.DecodedLen(len(os.Args[1])))
        base64.StdEncoding.Decode(dbuf, []byte(os.Args[1]))
        ciphertext = []byte(dbuf)
    } else {
        fmt.Printf("Error: At least one argument required!")
        os.Exit(-1)
    }

    // Load the key from the second argument.
    key_text := "32o4908go293hohg98fh40gh"
    if len(os.Args) > 2 {
        key_text = os.Args[2]
    }

    // We chose our cipher type here in this case
    // we are using AES.
    c, err := aes.NewCipher([]byte(key_text));
    if err != nil {
        fmt.Printf("Error: NewCipher(%d bytes) = %s", len(key_text), err)
        os.Exit(-1)
    }

    // We use the CFBDecrypter in order to decrypt
    // the whole stream of ciphertext using the
    // cipher setup with c and a iv.
    cfb := cipher.NewCFBDecrypter(c, commonIV)
    plaintext := make([]byte, len(ciphertext))
    cfb.XORKeyStream(plaintext, ciphertext)

    // We then print out the resulting text.
    fmt.Printf("%x=>%s\n",ciphertext, plaintext)
}

Well I hope this gives people a good example of how to do encryption with go. I felt the need to write this because I could not find a article anywhere on this topic. Most of the examples I used to come up with this were from the cfb_test.go testing code that comes in the source code. These test files have some good examples for using the code if your not afraid of poking around the code base. I also hope this might help people understand some more of the basics of encryption which can come in handy with any application you develop. One last word of warning though this code is in no way ready to be used with actual data and keep it safe. If you want to do that you should probably read up some more on encryption as using encryption without understanding the proper uses of it is not much better then not using it at all.

Go Post #1: Simple Hashing

Ok so most people start learning a new language with hello world but that is just too simple to show off a new language. So instead of hello world I am going to post the first program I tried to write in go (of course after hello world). It was just a very simple hashing program which you pass in a string when you run the program and then you get back the string and what the hashed version of that string looks like.

package main

import(
    "fmt"
    "flag" // command line option parser
    "crypto/sha256"
    "hash"
)

var plaintext string

func main() {
    flag.Parse() // Scans the arg list and sets up flags
    if flag.NArg() > 0 {
        plaintext = flag.Arg(0)
    }

    h := sha256.New()  // h is a hash.Hash
    h.Write([]byte(plaintext))

    fmt.Printf("%s: %x\n", plaintext, h.Sum())
}

So lets looks at what exactly is going on in the example code. First you will notice import this is used just like in pretty much every other language and tells the compiler what libraries you want to include. Now if you don’t want sha256 hash you can change the import line that calls for crypto/sha256 with a different hashing algorithm. I was very happy at the selection of hashing algroithms you can chose from (md4, md5, sha1, sha256, sha384, sha512, md5sha1, ripemd160) basically to change the hash you use just change the import and later change the has you create.

Next in the code you see a variable definition it shows just a simple declaration of a string. It’s a bit different then most lanuagues but nothing to strange. After that you get to the real meat. The main function. Unlike your traditional C program I used the flag library in go which allos you to parse a list of flags (not shown here) as well is iterate through parameters. The if statement merely checks how many arguments were passes and if there is more then one it grabs the first one and sets it to the plaintext.

The last section is where the main work happens. I used go’s handy feature where you can define a variable when you first create it to create h which is the hash. The declaration happens with the := assignment. This is also the line that you chose your hashing algorithm. It should match whatever one you chose to import. In the next line I write the content of the plaintext into the hashing algorithm and you see how simple it is to cast a string into the byte array.

To finish it all off the last statement sums the hash and prints it out to the console. It’s that simple. Now at this point there are a few notes I would like to make. First, notice the lack of semicolons.  Yes, this language does have them but the only spot they are needed is in for loops and if you want multiple statements per line. Second, notice the bracing format. While I truly dislike the one true brace style its forced by the language and I have accepted it since Go provides so many neat features.

Well there you go that’s how you do a simple hash in Go and some of the language basics. Now since someone will complain if I don’t here is a more simple version of the hashing program using hello world.

package main

import (
“fmt”
“os”
“crypto/sha256″
)

func main() {
plaintext := “hello, world”
if len(os.Args) > 1 {
plaintext = os.Args[1]
}
h := sha256.New() // h is a hash.Hash
h.Write([]byte(plaintext))
fmt.Printf(“%s\n%x\n”, plaintext, h.Sum())
}

UPDATE: Added code from comments to replace hello world. (May come back and rework this article)