Sunday, February 18, 2024

Jenkins, git and ssh in a corporate environment

I reinstalled a later version of jenkins in order to dodge a CVE and found that git clone would no longer work. The terminal that started jenkins was getting messages prompting for the git ssh passphrase. The jenkins job just sat there on the git clone command without making any progress. I puzzled over this for ages. The previous version of jenkins had been working fine. I restarted the ssh agent but it had no effect. I googled to find out how to change my ssh credentials such that I had no passphrase (ill-advised though that may sound) and found articles claiming it was impossible. Well, it turns out it is possible. I did it and the jenkins problems went away. I don't like having an empty passphrase, it seems like bad practise, but hey, ho, needs must. So here's how I reset the passphrase to be empty: the ssh-keygen -p command prompts for the current passphrase. Enter it, then when ity asks for the new one (and confirmation) just hit return. Job done.

Friday, June 23, 2023

How to display markdown files from the linux command line

It took quite while to track down how to do this. When you google for it you find GUI commands but not much for the command line. There are several tools but I have chosen one that works with what is available via the standard Red Hat repo for RHEL8. I use it even though my own machine is running mint 20.1. Going for something that is easy to install on RHEL8 means there is more of a chance that it will work in a corporate environment. The command is called mdo and it is written in python. It can be pip'd into your virtual python environment. It requires prior installation of another component called rich, which can also be pip'd in. This is the great attraction of utilities written in python. They can be pip'd into your virtual environment and thus do not require root access to make them available. These components are on github at https://github.com/eyalev/mdo and https://github.com/Textualize/rich .

Monday, August 29, 2022

Many forks on github projects

When a project is not updated very often or goes by for years with no official updates, forks can proliferate. Then people who arrive at the site may want to know which forks are active. Luckily, there is a github project for solving this problem! It is called ActiveForks. If you go to https://techgaun.github.io/active-forks/index.html you can enter the name of the github project and you will get a table of results, with the ability to sort on any of the presented columns.

Monday, August 01, 2022

Windows and directories that cannot be (easily) deleted

If a directory contains nodes whose full pathname is greater than around 255 characters then Windows has tremendous difficulty deleting such a directory. But luckily, there is an easy way out. The 7-Zip command comes with an additional executable, 7zFM.exe which is the 7-ZIP File Manager. I recommend you put an icon for this on your desktop. It works a bit like a file explorer with one significant difference. If you click on a directory and enter shift-delete then it will delete that directory even if other commands fail due to the 255 problem.

Sunday, March 27, 2022

Function parameters that are fundamental types passed by value and const

The rule is to not do this in the header file. Some people say don't do it in the cpp file either (I am in that camp) but this does seem to be a matter of opinion. See the abseil article https://abseil.io/tips/109 for a discussion.

Windows, X11, cygwin, fonts and Xming

For years I used the X11 server that is part of cygwin. It seemed to be a bit flakey but there didn't seem to be anything better. Every now and then I would run into a problem where it would seem to work but xterm would complain about missing fonts. So, I downloaded and installed xming-fonts (from https://sourceforge.net/projects/xming/files/Xming-fonts/7.7.0.10/Xming-fonts-7-7-0-10-setup.exe/download) on my local node (not the node that was running xterm) and that fixed the error. These days I no longer use the cygwin X11. I use XMing: see http://www.straightrunning.com/XmingNotes.

Monday, May 31, 2021

Software Development links and comments

Intro

I am in the process of decommissioning my website and moving my notes on software development and suchlike to my blog here.

ACCU

I am an active member of ACCU (the Association of C and C++ Users). It's been a long time since I had anything published by them. There are a couple of articles a few book reviews.

C++ Coding Guidelines

Many years ago I started to write a book on this. It was never published. I did discuss an early draft with Addison Wesley but they did not show any interest. I discussed this with some ACCU people and the theory put forward was that maybe they had been approached by other authors on the same subject. About a year later Sutter and Alexandrescu had their guidelines published. Their book is very good and I recommend it. Their book is much better than what I was working on.

In a corporate environment I would never bother with a coding guidelines document these days. They are never read, never enforced, and can become out of date very quickly. They are also a rich source of arguments and ill-feeling. There has to be a better way. There is. It is called clang. I would have a jenkins job to use clang-format to format the code. That would take care of all whitespace and brace arguments. And I would use clang-tidy static code analysis (SCA) to find the more serious coding issues. There would be a jenkins job to ensure that the code was always SCA-clean. clang-tidy is not the easiest program to run since it needs to know what compiler options are used and that includes macros and the places where to look for include files. I have found that it helps to write a python script to take care of these things. It is worth the effort.

Sourceforge

Here are my own projects, hosted on SourceForge. They are old and have fallen into disuse really. If I was going to maintain them I would probably start by relocating them to github.
  • LAUM - Development has stalled. I hoped it would eventually it will be a suite of applications to help in the administration of groups of machines. The whole thing has been made a bit obsolete by docker and kubernetes.
  • FRUCTOSE - wrote an LGPL'd C++ unit test framework. The main motivation was a simple, header-only framework that does not depend on boost. However, these days I recommend that people go with the Google unit test framework (gtest).
  • Cyclic Logs - wrote a GPL'd package to provide cyclic logfiles. I think this does still have a practical use in environments where the disk space is constrained.
  • DepDot - wrote a GPL'd command (perl script) to show cyclic dependencies among libraries.

TeX

I am a keen user of TeX, via the LaTeX variant created by Leslie Lamport. I have been a member of the UK branch of the Tex Users Group for several years. I tend to produce most of my documentation using LaTeX. This allows me to produce PDF and postscript files (via DVI conversion programs) and RTF files (via latex2rtf). The RTF format is an open format but due to its close integration with Microsoft Word for Windows it is useful for people that require documents to be in a Microsoft format. I used to use latex2html to create web pages from my LaTex documents, but have now found that HeVeA does a better job and is much faster. It is written in oCamL. For many years I experimented with alternatives to using LaTeX directly, flirting briefly with DocBook, and other approaches. I now conclude that there is just no substitute for writing in LaTeX directly.

CORBA

I feel great nostalgia when I think of CORBA. I liked it for a very long time. I was interested in CORBA right from the beginning (i.e. when the standard was so embryonic, CORBA would not even interoperate with itself!). Despite the complexity of the standard, I still think CORBA had a lot to offer. I have used several ORBs, some open source, some proprietary. My favourite used to be MICO but unfortunately the support for multithreading is still not finished and development petered out around 2017, so TAO (the ACE ORB) is now the winner. I have also looked at JacORB by Gerald Brose. The best proprietary ORB (IMO) was Orbix from IONA (now owned by Progress).

For those interested in CORBA I recommend heading over to the web site of Ciaran McHale (, a former IONA consultant whom I have worked with before. He has a free book there which I think provides a great practical introduction to programming with CORBA.

However, despite the nostalgia I have to admit that CORBA has had its day. The Rise and Fall are well documented by Michi Henning, see https://cacm.acm.org/magazines/2008/8/5336-the-rise-and-fall-of-corba/fulltext. Unfortunately there does not seem to be anything trying to replace it, except possibly ICE from ZeroC. It is Open Source, which is obviously a good thing, but be advised that the the license is GPL and so does not permit use in proprietary products (a separate license agreement is available with a purchase cost). If I was ever asked to work on a project where there was a need for some kind of service interface I would probably make it a web interface. That's the current fashion at the time of writing (2021) and there are umpteen frameworks. I would probably choose gRPC with Web Assembly. I would never use SOAP and I would be wary of REST.

Free Software and Open Source

Projects that I have contributed to include:
  • DoxyPress
  • PoCo
  • ACE
  • OpenSSL
  • I did some work on ESNACC, an extended version of SNACC, an old ASN.1 compiler. ESNACC started because SNACC was an old orphaned project with no support for either C++ or DER and PER (SNACC was old BER only). Sadly, work on ESNACC gradually fizzled out.

I have been an associate member of the Free Software Foundation for many years.

I admit that I am not consistent when it comes to the ideals of the Free Software Foundation. I agree with the FSF in the same way that I agree with vegans. I know that unless one is a vegan one is supporting the animal food industry, which is full of cruelty and suffering. But I just can't go vegetarian, let alone vegan. I won't go into the reasons here. I know that I am supporting animal cruelty and I am not happy about it, but it is not going to change any time soon. In a similar way, despite the good things I find in the FSF, I am, unfortunately, supporting the proprietary software industry. My job involves the development of proprietary software and this has been the case my entire working life. That is not going to change (i.e. I am not going to have a change of career). I find the best I can do is to promote open source in the workplace. I know this is a rather feeble thing. After all, we know that Free Software and Open Source are different movements with different goals. But in my opinion the software industry as a whole will never understand the importance of Free Software. They are beginning to understand Open Source and that's better than nothing.

ASN.1

I really like ASN.1. I was first introduced to it way back in 1984 when the encoding standard was called .X409. It was used on Prime Computers for some of its client/server software and proved to be a boon when the protocol had to change, due to the use of sets and version numbers. Sadly, I have not seen it used much since, except of course in a few standard internet protocols.

I found out there is effectively a replacement for ESNACC, asn1c, which seems to be significantly better than either SNACC or ESNACC. I haven't played with it yet. I wonder if I ever will.

There is a useful book on ASN.1 that you might find interesting.

Heroes of software

There are so many potential heroes for a computer geek to look up to, but my favourite is Alan Turing. He is regarded by many as the father of computer science. He is particularly admired by many of us in the UK for his work at Bletchley Park. Turing's work there was part of the outstanding effort in decrypting German messages during the Second World War.

Thursday, October 22, 2020

Java has finally got strong crypto

For a long time now America has treated strong crypto as akin to munitions; a deadly weapon that must not be allowed to fall into the wrong hands. For the background to this, see the wikipedia page at https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States

The wikipedia page indicates that this attitude was significantly lessened in 1992 but the sad fact is that is persisted well beyond that for java. The Oracle release notes for JDK8 at https://www.oracle.com/java/technologies/javase/8all-relnotes.html say that the restricton was removed in January 2018, in update 161. The change was also backported to JDK7 in update 171.

This means that java projects using JDK8 had better move to at least this update version if they have not already. Of course, users of OpenJDK probably never had a problem and certainly don't now.

The way I ran into this problem was during work on a trade feed that uses the FIX protocol. The FIX session was secured with TLS1.2. everything was fine until one day the remote side changed from a weak crypto algorithm to a strong one. Our side failed with a mysterious SSL handshake error. This came from the mina package, as used by quickfixj. Mina which doesn't seem to handle this situation well at all. We had to turn on packet level logging via the JVM option -Djavax.net.debug=all to see what was happening. The log showed that the remote side wanted to use a strong algorithm but that many algorithms on our side were disabled. At the time the latest JDK8 update from Oracle was update 251. I switched to that and then all those messages about unknown algorithms disappeared and the algorithm preferred by the remote side was accepted. Everything started working again.