TLS and SMTP debugging

Often you might find yourself in a situation where you don’t know why a TLS connection to a SMTP server is failing.

Using openssl you can initiate a secure TLS connection and get some info back regarding the certificate of the SMTP server, it’s alternate names, if it’s selfsigned, the chain of trust etc.

$ openssl s_client -connect mail.example.com:25 -starttls smtp

Angular not refreshing *ngIf async after observable gets updated

Well i have been really confused after doing some ngIf that didn’t seem to work.

The problem had to do with expression evaluation order. Sometimes it seems that
the solution is right in front of you but you can’t see it.

So, i had something like this:

<div *ngIf="!isLoggedIn | async; else loggedinDiv">
  You are not loggedIn!
</div>
<ng-template #loggedinDiv>
  <div>
    You are loggedin! Yes!
  </div>
</ng-template>

It always showed the ‘You are loggedin! Yes!’ message.
Even when isLoggedIn changed from false to true and vice versa.

The explanation was simple and had to do with the evaluation order:

#In my component:
isLoggedIn: Observable<boolean>;

#In my template
#The !isLoggedIn is evaluated first and gives true or false
#while async is expecting an observable!
(!isLoggedIn) | async

The solution is:

<div *ngIf="!(isLoggedIn | async); else loggedinDiv">

The above was made clear thanks to Seth Davenport’s post here: https://github.com/angular-redux/store/issues/375

Cheers 🙂

Gitlab CI runner and php docker image speed up

I was using Gitlab CI for a php project and the first line of .gitlab-ci.yml was this:

image: php:5.6

and in some lines below was this:

before_script:
    ##
    ## Install ssh-agent if not already installed, it is required by Docker.
    ## (change apt-get to yum if you use an RPM-based image)
    ##
    - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )'
    - eval $(ssh-agent -s)
    - ssh-add <(echo "$SSH_PRIVATE_KEY")
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh

The problem is that php:5.6 image does not contain neither openssh-client nor git
so each time i was deploying something i had to wait for the container to update ubuntu packages and install git and openssh-client. A really slow process.

The solution was to create a php image that had these packages already installed.
I did this in Docker like this:

docker run -i -t php:5.6 /bin/bash
apt-get update
apt-get install openssh-client git

Before we exit the above php:5.6 container we open another shell and we get the docker ID of the running container.
Then we save an image kotsis/gitlabphp-5.6-fast of that container and we submit it in the docker hub.

docker ps #we get the docker ID of out   #auto to trexoume prin bgoume
docker commit DOCKER_ID kotsis/gitlabphp-5.6-fast
docker login
docker push kotsis/gitlabphp-5.6-fast:latest
docker logout

That’s it! Now inside .gitlab-ci.yml I put in the first line:

image: kotsis/gitlabphp-5.6-fast

No more installing packages during CI.

Cheers!

Codeigniter 2.x and suddenly losing session, getting logged out

If you have enabled global_xss_filtering = TRUE in config.php and your session is not encrypted,
then your session data get checked against a hash value to prevent user tampering.
Note that all data is stored in your cookie.

So if you set a ‘strange’ value in your session data like

$this->session->set_flashdata("<h4 style=''>aaaaaaa</a>");

it will invalidate your session
because when your browser posts your cookie, the input class of codeigniter does some xss cleanup in the values that seem dangerous (in XSS regards).
So in this case the

 style=''

will be stripped, the hash check will fail in CI_Session class and the session will be destroyed to prevent possible hack.

I will not suggest to remove XSS filtering in any case, but make your session data is as simple as possible.

Cheers 🙂

/usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `GLIBCXX_3.4.21′ not found

The solution is simple, your binary was linked to a different version of libstdc++

Don’t try in vain to find a compiler option to force some earlier version to be used during linking.

Just install a different version of g++ and complile all your code and any static librabries you depend on with it.

I was compiling OpenCV in Ubuntu 16 and was using g++ version 5 with libstd++.so.6 -> /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
But my production environment is Ubuntu 14 with libstd++.so.6 -> /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.19

The solution was to install g++-4.8 rebuild everything and run my binaries successfully in the production environment.

apt-get install g++-4.8
#Regarding OpenCV compilation set the appropriate compliler in options
cmake -DCMAKE_C_COMPILER=gcc-4.8 -DCMAKE_CXX_COMPILER=g++-4.8

Cheers 🙂

Drupal and debugging PHP code inside body of nodes or blocks

One of the most annoying features in Drupal, which i think is a design flaw, is allowing the developer to add PHP node inside the body on a node or block.

It can make your life so much more difficult in certain cases when you have to debug something.

You may think that the code you write will never fail, or that you are not one of those developers that can break the site and just see a white page because of their code.
Usually when you override a theme and something goes wrong you just see the logs and you can see a clear stack of where the problem is and locate the appropriate file.

That is not the case when your code inside a node fails or even better when it fails inside a block. The stack of the error in the logs can lead you nowhere, usually inside some core module file that means nothing to you and just evals some variable. To make things worse, if your Drupal site is broken and you see just a white screen, then you have no alternative than to dig up the problematic code directly from your database and fix it there!

Recently i have been in such a situation during a migration of a perfectly operating site. Unfortunately due to different php versions and certain php legacy options turned off the site broke.

To make your life easier i will document here where you can look up for your php code in the database.

Here we go:

  SELECT * FROM field_data_body WHERE body_format='php_code';
  SELECT * FROM field_revision_body WHERE body_format='php_code';
  SELECT * FROM block_custom WHERE FORMAT='php_code';
  SELECT * FROM locales_source s LEFT JOIN locales_target t ON s.lid=t.lid
    WHERE s.source LIKE '%<?php%' OR t.translation LIKE '%<?php%';

So as you can see the places where i found php code is inside the node body, the revisions’ node body, in blocks and also in some translations of blocks’ body.
That’s all for now.

Cheers!

composer problems and SSL errors: OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Failed to enable crypto

After having some hard time installing some packages with composer, i decided to give back some simple solutions for all of you.

First of all suppose you operate in a shared hosting environment where you are not able to mess with the openssl CA root certificates and change the paths.
So you can simply download locally (e.g. /home/kmak) this https://curl.haxx.se/ca/cacert.pem

After you install locally composer.phar you can create your composer.json by requiring your package:

e.g.

 php composer.phar require slim/slim

Then edit composer.json and add the following config section, so finally your composer.json will look like this:

{
    "config": {
        "cafile":"/home/kmak/cacert.pem"
    },
    "require": {
        "slim/slim": "^3.3"
    }
}

Now you can proceed like this:

 php composer.phar install

UPDATE:
If you encouter further SSL certificate errors due to git attempting to clone some project, then you can do this:

 git config --global http.sslCAInfo /home/kmak/cacert.pem

Until some time ago i was suggesting in this post to turn off git SSL certificate verifycation by setting the following environment variable:

 GIT_SSL_NO_VERIFY=TRUE php composer.phar install

This is really bad practise and your should remember that disabling SSL certificate verification is a major security issue and should be avoided.

Cheers.

MSSQL: connect to MSSQL server from linux using php

In ubuntu you can do the following:

1. First of all install php5-sybase, freetds-common and freetds-bin packages in debian systems

2. Edit file /etc/freetds/freetds.conf and add accordingly a section regarding your MSSQL server you are trying to cennect to.
Lets assume you created a section [proj1mssql]

3. You can connect from the php code like this:

  $dsn = 'dblib:host=proj1mssql;dbname=mydbname;charset=UTF-8';
  $dbh = new PDO($dsn, $dbuser, $dbpass);

MSSQL: The rowset was using optimistic concurrency and the value of a column has been changed after the containing row was last fetched or resynchronized.

Sometimes you may get the above error when dealing with openquery updates and linked servers.

More specifically:

The OLE DB provider "MSDASQL" FOR linked server
"XXXXXXXXX" could NOT UPDATE TABLE "[MSDASQL]".
The rowset was USING optimistic concurrency AND the VALUE OF
a COLUMN has been changed after the containing ROW was
LAST fetched OR resynchronized.
[SQLSTATE 42000] (Error 7343)  OLE DB provider "MSDASQL" FOR
linked server "XXXXXXXXX" returned message "Row cannot be
located for updating. Some values may have been changed since
it was last read."
.
[SQLSTATE 01000] (Error 7412).  The step failed.

A solution is to go to the SQL server that links to MySql, go to configure screen of the MySql ODBC connection in the linked server. Open Details, click on Cursor/Results tab and check the “Return matched rows instead of affected rows”.

That’s it!

Cheers.

Drupal 7: hiding/showing form api elements when a checkbox is checked or not

I was trying to make a file type element appear/disappear when a checkbox was checked or not.
When i added the ‘#states’ declaration in ‘myfile’ element it didn’t work as expected!
I had to add the ‘myfile’ element in a ‘container’ type element and add to that the ‘#states’ declaration.

  $form['want_to_upload'] = array(
        '#type' => 'checkbox',
        '#title' => t('Yes i want to upload a file'),
  );

  $form['upload_container'] = array(
        '#type' => 'container',
        '#states' => array(
            "visible" => array(
                "input[name='want_to_upload']" => array("checked" => TRUE)),
        ),
  );

  $form['upload_container']['myfile'] = array(
        '#type' => 'file',
        '#title' => t('Choose your file'),
        '#description' => t('You are allow to upload jpg, jpeg, png, gif and pdf, 5MB Max Size'),
  );