Configured Certificates

Want to list all certificates a server sends?

server=google.com:443

echo \
	| openssl s_client -showcerts -connect $server 2>&1 \
	| while openssl x509 -noout -subject -issuer; do
        echo;
	done

Also works with a .pem containing multiple certificates.

Based on this stackexchange answer.

Rust, https_proxy and failed to download

Getting

error: failed to download from ...

Caused by:
  [2] Failed initialization ([CONN-1-0] send: no filter connected)

Disabling mutliplexing helped, e.g

CARGO_HTTP_MULTIPLEXING=false cargo run

Also possible in .cargo/config

Python, unittests, requests and timeouts

Want to test timeout handling of your code?

#!/usr/bin/python
# vim: set fileencoding=utf-8 shiftwidth=4 tabstop=4 expandtab textwidth=78:

import requests

if __name__ == '__main__':
    exit( main() )

# test by running 'python3 -m unittest test.py'
import unittest
import unittest.mock as mock

class Test(unittest.TestCase):
    def test_one( self ):
	self.assertFalse( False )

    @mock.patch( 'requests.get', side_effect=requests.exceptions.Timeout() )
    def test_timeout( self, mock_get ):
	with self.assertRaises( requests.exceptions.Timeout ):
        mock_get()

	self.assertTrue( True )

Jenkins, Kerberos and curl

Want to use curl to talk to a kerberos enabled jenkins?

#!/bin/bash
set -o errexit -o errtrace -o nounset -o pipefail

cleanup() {
	[ -n "${COOKIES-}" ] && unlink "${COOKIES}"
}

trap cleanup EXIT

export COOKIES=$( mktemp )

HOST=$1

curl -c "$COOKIES" --negotiate -u : https://$HOST/login -I

export CURL="curl -b $COOKIES -c $COOKIES"
export URL="https://$HOST"
echo "I: spawing shell with session cookie for '$HOST'"
echo 'I: cookie jar available via $CURL: '$CURL
echo 'I: hostname via $URL: '$URL
bash

ldd and untrusted code

man ldd says:

[…] you should never employ ldd on an untrusted executable, since this may result in the execution of arbitrary code.

This also works

LD_TRACE_LOADED_OBJECTS=1 ld /bin/ls
	linux-vdso.so.1 (0x00007ffc3779a000)
	libbfd-2.35.2-system.so => /lib/x86_64-linux-gnu/libbfd-2.35.2-system.so (0x00007f79de56c000)
	libctf.so.0 => /lib/x86_64-linux-gnu/libctf.so.0 (0x00007f79de54b000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f79de545000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f79de371000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f79de354000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f79de6f5000)

SteamOS, HDMI and no sound

No sound from your TV connected via HDMI to a SteamOS machine? Can’t select the HDMI soundcard?

Switch to Desktop Mode, go to Settings, then Sound, select HDMI, play test sound, exit.

Now there is sound in SteamOS.

Xfce and volume step

Does your Xfce change the volume settings in %5 steps but you want 2%?

Find the pulsaudio plugin location in xconf:

xfconf-query -c xfce4-panel -l -v | grep pulseaudio
/plugins/plugin-8                            pulseaudio

Use that to set the step to 2%:

xfconf-query -c xfce4-panel -p /plugins/plugin-8/volume-step -n -t int -s 2

Nginx, WebDAV and tmp

Want to have a WebDAV mountable temporary file storage? Supporting Windows? With the following hack overriding PROPPATCH it works for me:

server {
	...

	location /tmp {
        alias /var/www/tmp;
        autoindex on;

        if ($request_method = PROPPATCH) { # Unsupported, allways return OK.
            add_header Content-Type 'text/xml';
            return     207 '<?xml version="1.0"?><a:multistatus xmlns:a="DAV:"><a:response><a:propstat><a:status>HTTP/1.1 200 OK</a:status></a:propstat></a:response></a:multistatus>';
        }

        dav_methods PUT DELETE MKCOL COPY MOVE;
        dav_ext_methods PROPFIND OPTIONS LOCK UNLOCK;
        dav_ext_lock zone=tmp;
        dav_access user:rw group:rw all:rw;

        client_max_body_size 0;
        create_full_put_path on;
        client_body_temp_path /tmp/;

        open_file_cache off;
	}
}

Jenkins Jelly override

Want to override a packaged jelly file? Maybe headerContent.jelly, from

core/src/main/resources/jenkins/views/JenkinsHeader/headerContent.jelly

Put it here

$EXPLODED/war/WEB-INF/classes/jenkins/views/JenkinsHeader/headerContent.jelly

in the epxloded war location.

A restart may be required.