Odi's astoundingly incomplete notes

Features I never use:

• Publish this file to the web: what's that supposed to do anyway?
• E-mail this file: thanks, my emailer supports attachments out of the box
• Send To ...: thanks, I use drag and drop

Features I use:

• move/copy/paste
• delete
• rename
• zip
• open with...

posted on 2010-03-10 17:05 CET in Code | 0 comments | permalink

Life could be simple:

<description xml:lang="en">english text</description>
<description xml:lang="de">german text</description>

Instead the customer's SAP interface prefers:

<Descriptions>
  <Description>
    <Text languageID="en">english text</Text>
  </Description>
  <Description>
    <Text languageID="de">german text</Text>
  </Description>
</Descriptions>

SAP, can you spell B.L.O.A.T.?
posted on 2010-03-03 16:36 CET in Code | 0 comments | permalink

I am currently setting up a simple new Samba server on Gentoo. A Windows XP box took forever to connect to the share however. The reason for this is interesting. Apparently the Windows SMB client first tries to access the remote server via WebDAV (HTTP). But on the Samba box there is no HTTP server. Instead an iptables rule is in place to reject connections for non-open ports:

-A INPUT -p tcp -m tcp --syn -j REJECT --reject-with icmp-port-unreachable

The long timeout is easily reproducible on a Windows console with telnet. Of course you would expect timeouts when using a DROP target, as the client is not informed that the port is not open. So I was trying to be clever and send an ICMP message to inform the client. Turns out this is wrong. Closed TCP ports should send a RST packet instead:

-A INPUT -p tcp -m tcp --syn -j REJECT --reject-with tcp-reset

The complete chain of rules (at the end of the rule set) for correctly dropping packets is:

# drop broadcast packets
-A INPUT -m pkttype --pkt-type broadcast -j DROP
# TCP ports that are not open
-A INPUT -p tcp -m tcp --syn -j REJECT --reject-with tcp-reset
# reply with reject to closed UDP ports
-A INPUT -p udp -j REJECT
# drop rest
-A INPUT -j DROP

posted on 2010-03-01 11:34 CET in Code | 0 comments | permalink

When installing a new machine you often notice too late that the clock is wrong. Then you may have already created files with a future timestamp. This is bad as soon as you set your clock correctly. Now make will complain and may even fail to build correctly. Here is how to fix it:

1. create a file with current timestamp: touch now
2. fix all future files: find / -mount -newer now | xargs touch
3. we no longer need that file: rm now

posted on 2010-02-25 17:10 CET in Code | 0 comments | permalink

Every programmer should know this one: Any protocol over an unreliable medium (such as a network) either allows for losing a message or accepting duplicate messages. There is nothing in between. You can't have both at the same time (see below for an explanation).

This doesn't just apply to individual network packets unfortunately (TCP already handles that case fine). But it also applies to larger messages spanning multiple packets: HTTP, SMTP, messaging protocols such as JMS or those of any proprietary SOA product (MQSeries, ActiveMQ, etc.), remote database protocols, etc.

Even a simple HTTP GET request exhibits the problem: As long as the client hasn't read the "200 OK" status code, it can't even know if the request has reached the server. So in an absence of that status code it would have to retry the request, resulting in a possibly duplicate request on the server.

This simple fact has direct and heavy impact on transactional behaviour: you will have to embedd additional data in your protocol to handle loss, misordering and duplicates. If you don't do that your protocol is not transactionally safe. You will lose data or end up with duplicate execution of the same transaction.

How can you secure your protocol?

1. Transaction tokens: the client has to acquire a transaction token from the server and can use that token only once.
2. Message sequence numbers: the client sends a unique sequential number with every message. If it has to repeat a message it uses the same sequence number again. The server stores the last used sequence number. If it detects a repeated message, it just replays the last response without doing anything. If it detects an older sequence number it discards the message. If it detects a higher sequence number server and client are out of sync and must renegotiate sequence numbers. NB: timestamps are usually insuffient as sequence numbers because of their limited precision and you can't detect loss.

Explanation
"Unreliable medium" means that messages may be lost or invalidated (scrambled) on the way. So a protocol may choose to detect the message loss. The loss may be detected sender and/or recipient side:

• recipient sees an out of order message or a gap in the message sequence
• sender gets a negative acknowledgement (NAK) from the sender, or doesn't see an acknowledgement (ACK) from the sender for a certain time

Unfortunately that detection is always unreliable as well and it will detect slightly more incidents than actually happened. So the protocol will detect a message loss when in fact the message was received fine. What does it do if a message is lost? Of course it will have to repeat it. Thus duplicates may occur.
posted on 2010-02-23 15:31 CET in Code | 0 comments | permalink

You may have wondered whether the "correct" name of the character set is "UTF-8" or "UTF8". Both seems to work fine in Java. But what about these names in exchanged data like XML files, HTTP Content-Types etc.?

IANA has the answer. In short: always use "UTF-8". "UTF8" is just a private alias used by the JDK, but not a standardized name. The same goes for ISO encodings: "ISO-8859-1" is the name defined by IANA, "ISO8859_1" is the alias of the JDK.

posted on 2010-02-23 12:45 CET in Code | 0 comments | permalink

There is a little trick necessary to use grub to boot from a software RAID-1 (md). Certain fakeraid devices don't boot properly if the disks don't contain the exact same data in the MBR.

So here is how to install grub on the grub shell:

# first disk
root (hd0,0)
setup (hd0)

# second disk
device (hd0) /dev/sdb
root (hd0,0)
setup (hd0)

posted on 2010-02-09 11:51 CET in Code | 0 comments | permalink

Portage 2.1.7.16 is now stable. And with it comes a new feature: The ACCEPT_LICENSE variable (in /etc/make.conf). It allows you to disable packages based on their license. You may see that emerge would now unmerge some packages (Java for example) because the default filter is not blank. To allow all licenses simply set it to ACCEPT_LICENSE="*"
posted on 2010-01-27 18:10 CET in Code | 0 comments | permalink

Soeben ist ein Buch über Gentoo frei im PDF Format erschienen.

Gunnar Wrobel
Gentoo Linux - Installation - Konfiguration - Administration
2008 Open Source Press

PDF Download

posted on 2010-01-22 10:03 CET in Code | 0 comments | permalink

Usually I don't blog about Windows. But since I (have to) use it at work I am exposed to its flaws. Today I am particularly annoyed by the slowness of Eclipse, which is mainly caused by a lot of disk activity (due to a large number of large projects checked out) which is utterly slow on Windows (XP). Occasionally Eclipse would become unresponsive. What happens then is:

• Eclipse widgets clutter the screen: an opened menu stays on top of all other windows.
• The task bar becomes unusable: clicking the window buttons doesn't do anything. At the same time some of them start blinking like crazy.
• Although some window is highlighted the input focus is somewhere else.
• The whole system becomes slow and sluggish.

This all creates the impression that the OS has fallen victim to an application which has taken control over the UI outside of its window. And the IO scheduler has fallen victim to an application. Somehow I would expect the OS to be in control and not some application.


posted on 2010-01-15 10:10 CET in General | 2 comments | permalink