Posts Tagged windows

Change SDK for Visual Studio 2008 (VC9) express from the command line

if you wanna use the last SDK, but own only the express version you can do it this way:

Run as Administrator

C:\Windows\System32\cmd.exe /E:ON /V:ON /T:0E /K "C:\Program Files\Microsoft SDKs\Windows\v7.0\Bin\SetEnv.cmd" /Release

copy paste:

WindowsSdkVer.exe -version:v7.0

done!

To switch back for any reasons use

WindowsSdkVer.exe -version:v6.0A

Tags: , , , , ,

Compare batch

my script for quick comparing. Sometimes easier than using winmerge.

@echo off
diff -u 1.txt 2.txt > 12.diff
start /B C:\Programme\TortoiseSVN\bin\TortoiseUDiff.exe /patchfile:12.diff

Tags: , , , ,

IE 8 tabs schließen sich direkt nach dem öffnen

Auf dem Firmen PC welchen ich bekommen hatte, konnte ich keine neuen Tabs öffnen. Beim Klicken auf das Symbol ging der neue Tab gleich wieder zu.  Da der IE 7 installiert war, habe ich den IE 8 heruntergeladen, installiert: Immer noch das gleiche Problem. IE 9 ging nicht, weil auf dem Komposter nur XP installiert war. Googeln brachte auch nix zu Tage weder in englisch noch deutsch. Admin angerufen und gefragt, was ich tun soll. Er :”mach mal die Systemsteuerung auf und dann klick auf Software. Aha, nur net 4 installieren” ??? Was meinte er? Achso, DOT NET 4 installiert, weil er der Meinung war, dass der IE davon abhinge. Geglaubt habe ich das nicht, aber da das nicht MEIN Rechner  ist, habe ich das gemacht. Dann hat sich etwas später auch gleich das Windows update gemeldet. SP1 und Language pack SP 1 für .NET 4.  Ätsch. danach lief es immer noch nicht.  In der Zwischenzeit hat ich die Startseite des IE schon verändert, so dass gleich 5 Tabs beim Start aufgehen, damit ich nicht komplett auf Tabs verzichten mußte.

Eine Idee kam mir dann heute nach 3 Tagen endlich. Den IE mal ohne Addons starten. Wer weiß, was die Leute die vor mir den PC benutzt haben so alles installiert haben… es waren immerhin 4 + Admin Profile zu finden + mein eigenes. Also Start –> Ausführen –> iexplore.exe -extoff siehe das geht. Wunder oh Wunder! Also alle Addons deaktiviert und nach einander wieder eingeschaltet. Die Developer Toolbar für Internet Explorer war der schuldige Kandidat. Warscheinlich, hat jemand wieder einmal die nicht gepatchte installation CD von XP genommen. Der nächst Beste hat dann für den IE 6 die Toolbar installiert. Crap! Der IE 7 und IE 8 bringen aber unter der F12 Taste eigene Entwicklertools mit sich.  Irgentwo haben sich jene gebissen.  Danke an den Admin für die veraltete Installation. Zweitens danke an den jenigen, der die Developer toolbar installiert hat.  –> So kann ich net arbeide!

Tags: , , ,

build mod_geoip

Obtain GeoIP-1.4.6 from maxmind.com and built per included instructions.
Build Module against an IPv6 Enabled Apache Build

Obtain GeoIP-1.4.6 from maxmind.com and built per included instructions.
Build Module against an IPv6 Enabled Apache Build

del *.obj *.exp *.lib *.so
set APACHE=C:\Apache22
set GEOIPROOT=C:\Build\GeoIP-1.4.6
cl  /nologo /MD /O2 /LD /W3 -DWIN32 -D_WIN32 -I%GEOIPROOT%\libGeoIP -I%APACHE%\include /c /Fomod_geoip.obj mod_geoip.c
link /NODEFAULTLIB:LIBCMT kernel32.lib "%APACHE%\lib\libhttpd.lib" "%APACHE%\lib\libapr-1.lib" "%APACHE%\lib\libaprutil-1.lib" "%GEOIPROOT%\libGeoIP\GeoIP.lib" /nologo /subsystem:windows /dll /machine:I386 /out:mod_geoip.so mod_geoip.obj

Tags: , , ,

patch requires admin privileges on Windows 7

The patch.exe requires admin privileges on Windows 7. This is pretty annoying! The first thing that worked was just renaming the file to pach.exe Stupid windows. But I didn’t like that cause than I mostly typed it wrong and patch command was missing. I found a better solution:

Create a text file in the same directory with the name patch.exe.manifest

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
 <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
 <security>
 <requestedPrivileges>
 <requestedExecutionLevel level="asInvoker"/>
 </requestedPrivileges>
 </security>
 </trustInfo>
</assembly>

Save as UTF8. Now it works. Well I have to test if it is possible to embedd the manifest than good bye $%&# asking for admin permission

Tags: , , , , ,

reverse proxy for utorrent part 2

In my last post about utorrent (µtorrent) I was frustrated that I wasn’t able to change the url from /gui/ to /tor/
Woot! In apache 2.3 which will be apache 2.4 and I think it will be released in early 2011 the proxy module is much better and there it works to have a different URL :-) Even as ALPHA or BETA version the new apache rocks a lot and runs stable. In condition with mod_fcgid it is real cool technology e.g. running PHP separated form apache that allows to run different PHP version of the server in vhosts or directories. Also running a non thread safe PHP version. Speed! IPv6 would be fine, but the offered patches are not applied to trunk :-/There is an annoying bug in mod_fcgid. I’m glad I found a fix for it (help from Tom Donovan and Sob).

Tags: , , , , ,

crashing fcgid 2.3.6 on windows

On Windows fcgid crashes apache when apache do a graceful restart (httpd -k restart). Here is a patch that should fix that. This patch in inspired from Tom Dovovan.

Index: modules/fcgid/fcgid_pm_main.c
===================================================================
--- modules/fcgid/fcgid_pm_main.c    (revision 1037552)
+++ modules/fcgid/fcgid_pm_main.c    (working copy)
@@ -375,7 +375,9 @@
 proc->diewhy = FCGID_DIE_SHUTDOWN;
 proc_print_exit_info(proc, exitcode, exitwhy,
 main_server);
-        apr_pool_destroy(proc->proc_pool);
+        #ifndef Win32
+            apr_pool_destroy(proc->proc_pool);
+        #endif
 proc->proc_pool = NULL;
 return 1;
 }
Index: modules/fcgid/fcgid_pm_win.c
===================================================================
--- modules/fcgid/fcgid_pm_win.c    (revision 1037552)
+++ modules/fcgid/fcgid_pm_win.c    (working copy)
@@ -123,7 +123,9 @@
 "mod_fcgid: can't create wake up thread");
 exit(1);
 }
-
+    apr_pool_cleanup_register(pconf, main_server,
+                              procmgr_stop_procmgr, apr_pool_cleanup_null);
+                              
 return APR_SUCCESS;
 }

@@ -249,8 +251,6 @@
 apr_status_t
 procmgr_child_init(server_rec * main_server, apr_pool_t * pchild)
 {
-    apr_pool_cleanup_register(pchild, main_server,
-                              procmgr_stop_procmgr, apr_pool_cleanup_null);
 return APR_SUCCESS;
 }

Download this patch

Tags: , , , , , ,

Preparing mod_svn for compiling on windows

Well I didn’t manage it to compile mod_svn without the apache compiled source tree, but than it works fine and fast. Also Python 3 did not work. So I took 2.7
Assuming that OpenSSL 1.0.0a and zlib are compiled in that source tree as well.

C:\python27\python gen-make.py -t vcproj --vsnet-version=2008 --with-httpd=C:\build\httpd-2.2.x-sni-dev-ipv6
--with-openssl=C:\build\httpd-2.2.x-sni-dev-ipv6\srclib\openssl
 --with-zlib=C:\build\httpd-2.2.x-sni-dev-ipv6\srclib\zlib --with-apr=C:\build\httpd-2.2.x-sni-dev-ipv6\srclib\apr

Than just open subversion_vcnet.sln with Visual C++ Express Edition. Ignore all warnings about solution folders. Choose the __ALL__ project. Than change from debug to release. Start!

My sample config

LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so

LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<Location /svn/>
  DAV svn

  SVNListParentPath on
  SVNParentPath /Repositories/
  SVNIndexXSLT "/svnindex.xsl"
  SVNPathAuthz on
  AuthzSVNAccessFile "C:/Repositories/authz"

  AuthName "Subversion Repositories"
  AuthType Basic
  AuthUserFile "C:/Repositories/htpasswd"

  require valid-user
</Location>

Tags: , , , , , , , , , , ,

compile zlib 1.2.5 on windows

Download from http://zlib.net/
extract it

For x86

nmake -f win32/Makefile.msc OBJA=inffast.obj
MT -manifest zlib1.dll.manifest -outputresource:zlib1.dll;2

For x64

nmake -f win32/Makefile.msc AS=ml64 LOC="-DASMV -DASMINF -I." OBJA="inffasx64.obj gvmat64.obj inffas8664.obj"

Done :-)

Tags: , , , , , , , ,

SSH Tunnel Bypassing Transparent proxy using apache

A feature of the apache webserver is that it allows to to create a SSH connection through a transparent proxy / firewall. This is a stealth technic so no one will see it even in a large company network. Only IPoAC is able to interference this.

If you have internet access to port 80 (http) or 443 (https) you can establish a SSH connection to one of that ports. Proxys want the users to surf the web. most of the proxyes will only let their users through the paths they know safe (or whatever filtering their administrators may have set). In the best scenario, the proxy will not allow one particular HTTP method called CONNECT. This method is the one used for SSL / TLS protocol. It establishes a tunneled connection between the client and a remote server, through the proxy server. Since it is used by SSL / TLS, some proxys will let the CONNECT method free to certain sites, and most probably only on port 443.

Apache plus mod_proxy module will let us set up an HTTP server listening on port 80, and at the very same time an HTTP proxy. The proxying part is done by mod_proxy. This module turns Apache into a fully functional HTTP forward-proxy and reverse-proxy. the exciting feature of mod_proxy is its ability to handle the CONNECT method. It will even handle it if the transparent proxy, at the boundaries of our enterprise network, does not allow the CONNECT method. This, because we will talk GET and POST with Apache, the CONNECT thing happens inside Apache, and outside of the control of the enterprise proxy. The end result: we can use the CONNECT method.

Client side

  • SSH Client
  • Proxyclient

server side

  • apache webserver 2.x

This is an example virtual host configuration which I used for testing this implementation.

<VirtualHost *:80>
ServerName proxy.mydomain.com
ProxyRequests On
AllowCONNECT 22

<Proxy *>
Order deny,allow
Deny from all
</Proxy>

<ProxyMatch (host1|host2)\.mydomain\.com>
Order deny,allow
Deny from all
#Now we allow only our IP to access. Note that this IP must be the  public IP address of the enterprise proxy:
Allow from 222.22.22.100
</ProxyMatch>

# This directive enables DNS lookups so that host names can be logged. The  value Double refers to doing double reverse DNS lookup.
#That is, after a  reverse lookup is performed, a forward lookup is then performed on that  result. At least one of the IP addresses in the forward lookup must  match the original address. It is paranoid but is a good security  measure

HostnameLookups Double

ErrorLog /var/log/apache2/proxy.error.log
CustomLog /var/log/apache2/proxy.access.log common
</VirtualHost>

And now, the final step: configure our browser to use 127.0.0.1 on port 8080 as proxy. Finally we can login to our SSH server and try pointing our browser to any website we know blocked by the enterprise transparent proxy!

I know I left the part setting up apache and proxy, but this isn’t a tutorial for noobs ;-)

This is the BEST part of using Apache. You can set it up as normal web server, serving some webpage. This way whoever point to mydomain.com will see a normal and harmless website, and won’t be able to distiguish it from a non-proxying server.

Tags: , , , , , ,

Archives by Subject:

Archives by Month: