stevedoria.net

This weekend I decided to experiment with using JavaScript to implement client-side processing of files using a web browser. To make it interesting, I wanted to see if it was possible to implement a cryptographically strong hash function: SHA-256.

This exercise gave me exposure to Web Workers and the Stream API. I encountered compatibility challenges. Google Chrome does not respond to UI updates when using setInterval() or setTimeout() while the browser is busy, but its user interface can be updated when processing messages from web workers. Mozilla Firefox does not support passing {type: ‘module’} to the Worker() constructor; ECMAScript modules are unsupported. Firefox reports a syntax error when trying to import modules from the Web Worker’s source file. This forced me to add Worker code to the source code file containing the JavaScript SHA-256 implementation.

The following checksum generator implements SHA-256 as defined by FIPS PUB 180-4. Files are not sent to the server for processing. The cost of transferring data would be too much. Files are processed locally on the web browser running on the user’s computer.

It has been difficult accessing my home computer, with potentially a dynamically allocated IP address, from anywhere on the Internet after dyndns.org became a paid service. The following bash script made available by TheBelcherman on the GoDaddy Community forum simulates the functionality of dyndns.org by programmatically updating a DNS record that has GoDaddy as its authoritative nameserver:

#!/bin/bash

# This script is used to check and update your GoDaddy DNS server to the IP
# IP address of your current internet connection.
# Special thanks to mfox for his ps script
# https://github.com/markafox/GoDaddy_Powershell_DDNS
#
# First go to GoDaddy developer site to create a developer account and get
# your key and secret
#
# https://developer.godaddy.com/getstarted
# Be aware that there are 2 types of key and secret - one for the test server
# and one for the production server
# Get a key and secret for the production server
#
# Enter vaules for all variables, Latest API call requries them.

domain="mydomainname.com"                   # your domain
type="A"                                    # Record type A, CNAME, MX, etc.
name="myhostname"                           # name of record to update
ttl="600"                                   # Time to Live min value 600
port="1"                                    # Required port, Min value 1
weight="1"                                  # Required weight, Min value 1
key="ABCxyz123+qwertzxcvASDFasdfBCDEFGwysi" # key for godaddy developer API
secret="122333444455555xyz123abcqwerty"     # secret for godaddy developer API

headers="Authorization: sso-key $key:$secret"

# echo $headers

result=$(curl -s -X GET -H "$headers" \
 "https://api.godaddy.com/v1/domains/$domain/records/$type/$name")
echo $result

dnsIp=$(echo $result | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
echo "dnsIp:" $dnsIp

# Get public ip address there are several websites that can do this.
ret=$(curl -s GET "http://ipinfo.io/json")

# echo $ret
currentIp=$(echo $ret | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
echo "currentIp:" $currentIp

if [ -z $dnsIp ] || [ $dnsIp != $currentIp ];
then
  echo "IP's are not equal, updating record"
  curl \
    -X PUT "https://api.godaddy.com/v1/domains/$domain/records/$type/$name" \
    -H "accept: application/json" \
    -H "Content-Type: application/json" \
    -H "$headers" \
    -d "[ { \"data\": \"$currentIp\", " \
        + "\"port\": $port, \"priority\": 0, " \
        + "\"protocol\": \"string\", \"service\": " \
        + "\"string\", \"ttl\": $ttl } ]"
fi

if [ ! -z $dnsIp ] && [ $dnsIp = $currentIp ];
then
        echo "IP's are equal, no update required"
fi

With the above bash script saved at /usr/local/bin/updatedns, the following crontab entry is added to schedule repeated execution of the above script:
*/30 * * * * /usr/local/bin/updatedns

Now, I am able to ssh into my home computer using the following command:
$ ssh myusername@myhostname.mydomainname.com

My ssh clients are configured with my home computer’s host key signature beforehand, so that man-in-the-middle attacks can be detected.

Quarantine and working from home because of COVID-19 has provided an opportunity for me to take up Japanese again. I studied Japanese for years in high school and college, but I was unable to consume media intended for a Japanese audience. I hope that I can practice reading Kanji with posts like these.

This is the first post in which I try to translate snippets of technology articles written in Japanese. I hope that I can provide translations for longer snippets as my Japanese language skills improve. The following snippet is from Let’s Manipulate the Raspberry Pi GPIO Ports Using C# by Ken Takae:

C#と言いえば、Windows環境かんきょうだけと思おもわれがちですが、.Net CoreをLinux環境にインストールすれば、C#で開発かいはつしたアプリケーションが動作どうさします。また、Raspberry Pi（ラズベリーパイ）でも、C#を使つかってIoT開発を行おこなうことができます。

My translation:

Although when speaking of C# one tends to think about only the Windows environment, if .Net Core is installed in the Linux environment, applications developed in C# operate [in the Linux environment]. Moreover, even with a Raspberry Pi, it is possible to use C# and carry out IoT development.

Notes:
～がち: a suffix to express an undesirable tendency in someone or something. Formed by Verb_-masuがちだ or Nounがちだ.

I was interested in forcing ssh to use IPv6 if the connection is available. I considered writing a bash script that would test connectivity and would invoke ssh with the appropriate command line arguments. After reviewing the ssh configuration file documentation, I determined it was possible to implement what I wanted without standalone scripts.

I updated my ~/.ssh/config file with the following:

IdentityFile ~/.ssh/id_ed25519

The above configuration file provides an example of using the ssh_config Match keyword with the host and exec criteria keywords. The configuration file specifies an identity file to use for public key authentication. If the specified host server is “stevedoria.net” and nc is able to connect using the IPv6 address, then IPv6 is used for the SSH connection. Otherwise, if the specified host server is just “stevedoria.net”, then the IPv4 address is used.

With the ssh client configuration file above, I can then log into my web server with the following command from the command line:
$ ssh stevedoria.net

Logging into my server this way is convenient and confirms that I am IPv6-ready.

The MIT License is presented below:

Copyright <YEAR> <COPYRIGHT HOLDER>

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.