Curitiba


I traveled to Curitiba, for the first time, to apply for a Schengen visa to visit Poland. I spent a couple of hours I had, before the appointment, taking these pictures.

City Park (Passeio Publico)

 

Zoo at City Park

 

Curitiba History Center

 

Curitiba Cathedral

Octave CLI with AquaTerm on Mac OS X


I’m in need of AquaTerm to plot graphics using gnuplot with octave-cli. In other words, I need the following Octave command to produce a nice little graphical plot

octave:1> sombrero

sombrero.png

To install aquaterm using homebrew

brew cask install aquaterm

Check lib and headers are properly linked

ls /usr/local/lib/libaquaterm*
ls /usr/local/include/aquaterm/*

If that lists nothing, run

ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/AquaTerm /usr/local/lib/libaquaterm.dylib
ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/AquaTerm /usr/local/lib/libaquaterm.1.1.1.dylib
mkdir /usr/local/include/aquaterm
ln -s /Library/Frameworks/AquaTerm.framework/Versions/A/Headers/* /usr/local/include/aquaterm/.

Install gnuplot with aquaterm

brew install gnuplot --with-aquaterm

Run gnuplot and check whether terminal is set to aqua

$ gnuplot 

	G N U P L O T
	Version 5.0 patchlevel 6    last modified 2017-03-18

	Copyright (C) 1986-1993, 1998, 2004, 2007-2017
	Thomas Williams, Colin Kelley and many others

	gnuplot home:     http://www.gnuplot.info
	faq, bugs, etc:   type "help FAQ"
	immediate help:   type "help"  (plot window: hit 'h')

Terminal type set to 'aqua'
gnuplot> test

The test command should produce a nice little plot such as

gnuplot-test.png

Prior versions of octave-cli e.g. 3.8.0 use gnuplot, so you don’t have to do anything else. Newer versions of Octave e.g. 4.2.1 use a different graphics toolkit  that leverages OpenGL. You can switch to gnuplot as follows

octave:1> graphics_toolkit ("gnuplot")

 

Use JavaFX in a Swing or console app


This short post explores how to integrate JavaFX into a legacy console or Swing application.

Assuming you’ve created an application such as the WebView Sample, create a separate thread to launch JavaFX’s Application class

Thread appThread = new Thread(() -> {
  launch();
});
appThread.start();

To allow us to control when JavaFX will exit, disable implicit exit. Implicit exit happens when the last window (Stage) is closed by calling hide() or close(). Add this snippet of code to the start() method to JavaFX’s Application class

Platform.setImplicitExit(false);

To run code on JavaFX Application thread

Platform.runLater(new Runnable() {
  @Override public void run() {
    // code runs on JavaFX thread
  }
});

To exit gracefully when legacy application exits

Platform.exit();

Run Node.js in a Docker container


In this post, I explore how to run a Node.js web application in a Docker container based on the StrongLoop Process Manager image. I also have a requirement to export and deploy the Docker container to a server that lacks internet access.

docker-strongloop-pm.png

Create a new Node.js web app using express-example-app as the starting point

git clone https://github.com/strongloop/express-example-app.git

Head into the app folder and install dependencies

npm install

Start application using PM

slc start

Access http://localhost:3001 in a browser to ensure it works.

Shutdown PM

slc ctl shutdown

Create a new Docker container using StrongLoop PM image as the starting point

docker run --detach --restart=no --publish 8701:8701 --publish 3001:3001 --name strong-pm-container strongloop/strong-pm

Deploy example app by running following command in directory of app

slc deploy http://localhost:8701/ master

Access http://localhost:3001 in a browser to ensure it works.

Discover container’s id

docker ps -a

Commit container to a new image

docker commit 653811fd29f3 myimage

Save image to tar file

docker save -o myimage.tar myimage

Load image file in a new Docker instance (on another machine)

docker load -i myimage.tar

Run image in a new container

docker run --detach --restart=no --publish 3001:3001 --name strong-pm-container myimage

Access http://localhost:3001 in a browser to ensure it works.

Wireshark dissector in Lua for custom protocol over WebSockets


It is fairly easy to write a Wireshark dissector in Lua for your custom protocol over WebSockets. To understand the basics of writing, and using, dissectors for Wireshark in Lua, see Create a Wireshark dissector in Lua.

Here’s a template to get you started with writing your custom dissector. Replace port number 8002, with the port number where your WebSocket server listens for incoming connections, and the dissector should be called.

wireshark-websocket.png

You can also register the dissector using declared WebSocket protocol name. Retrieve the ws.protocol dissector table instead of ws.port, and add your dissector to the dissector table using protocol name (a string) instead of port number.

If using WebSockets over SSL/TLS, you need to specify the server’s private key file in SSL protocol dissector‘s configuration, so that Wireshark can decrypt the traffic. The protocol field in configuration should be set to http.

Self-signed code signing certificates


Some setup and application executables need to be signed so that they are not flagged as a security risk by security software on Windows. Especially those that have virus-like behavior such as embedded executable resources that are extracted, and executed.

The following steps were performed on Windows, from the Developer Command Prompt installed by Visual Studio.

To generate self-signed certificate for code signing, run

makecert.exe -n CN=Test.org(Test) -r -h 0 -eku "1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.13" -e 12/31/2017 -pe -sv Test.pvk Test.cer

Here’s a brief overview of the command line
-n subject name
-r create self-signed certificate
-h max height of tree below this cert
-eku comma separated enhanced key usage ids
-e expiration date
-pe private key is exportable
-sv private key file name

You may specify a password or leave it empty.

To convert self-signed certificate to PFX format for usage with SignTool, run

Pvk2Pfx -pvk Test.pvk -spc Test.cer -pfx Test.pfx

To use SignTool to sign an executable, run

SignTool sign /fd SHA256 /a /f Test.pfx filepath.exe

Install certificate (Test.cer) to local machine before running executable.Screen Shot 2017-02-23 at 09.17.03.png

Signing a Wix Toolset setup bundle

You cannot just sign the setup bundle executable and get it to work, because the embedded executable (engine.exe) remains unsigned and will be flagged as a security risk. Use the following steps to prepare setup bundle for installation without being flagged as a security risk.

First, detach the engine from setup as follows

insignia -ib setup.exe -o engine.exe

Sign engine.exe with your certificate using SignTool

SignTool sign /fd SHA256 /a /f Test.pfx engine.exe

Re-attach the signed engine.exe to the bundle

insignia -ab engine.exe setup.exe -o setup.exe

Sign setup.exe with your certificate

SignTool sign /fd SHA256 /a /f Test.pfx setup.exe

Retrieve OAuth 2.0 authorization code using JavaFX WebView


This post documents a snippet of code that can be added to Browser class in JavaFX WebView sample, to extract OAuth 2.0 authorization code.

Assuming you’ve configured WebView’s WebEngine to load the authorization URL, the authorization service will redirect you to the redirect_uri specified in the authorization URL, after a user logs in successfully. It will pass along the code parameter, that can be extracted as follows