Archive for category Apple

Mac OS X makes handling SSH keys easier

I discovered something this Sunday morning that will make my day, week and month :-)

If you don’t know much about ssh-agent or if you’re looking for a tutorial about using ssh public key authentication or ssh-agent, read one of the excellent articles linked from here before to continue here.

On OSX, Apple made it much easier to manage your SSH keys and to work with SSH, by adding two welcome improvements

The first improvement alleviate user’s need to manually start ssh-agent for every session.  launchd(8) will also makes sure ssh-agent is automatically restarted in case of crash.

Launchd configuration file is here:

hostname:~ user$ cat /System//Library/LaunchAgents/org.openbsd.ssh-agent.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>org.openbsd.ssh-agent</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/bin/ssh-agent</string>
		<string>-l</string>
	</array>
	<key>ServiceIPC</key>
	<true/>
	<key>Sockets</key>
	<dict>
		<key>Listeners</key>
		<dict>
			<key>SecureSocketWithKey</key>
			<string>SSH_AUTH_SOCK</string>
		</dict>
	</dict>
        <key>EnableTransactions</key>
        <true/>
</dict>
</plist>

But the best part is the second improvement : instead of storing your keys in .pem files in your  ~/.ssh directory, you can tell ssh-agent to store your keys in the more secured KeyChain trusted store, as show on the picture below.

keychain

Apple silently added a -K option to ssh-add command to instruct ssh-add to store your SSH key in KeyChain in addition to loading the key in memory.  ssh-agent will search for keys in their usual location on disk but also in Keychain.

What are the benefits of this?

There is no more need to explicitly call ssh-add when your session start, like you used to do in your .profile or .bashrc file. LaunchD will load ssh-agent and will instruct it to load keys referenced in your KeyChain. Note that the .pem file is not stored into KeyChain, you can not delete these from your file system.

Finally, because Keychain might synchronise across your machines through iCloud, your keys’ password are now available automatically on all your machines (provided you’re willing to keep a copy of your keys in iCloud – but that’s a different story)

Enjoy!

, , , , ,

No Comments

Using Apple’s XCode for open application development

When developing iOS application for jailbroken devices, you have to take care of many dirty details of application deployments on iOS.  In particular, you have to take care of creating and registering your own development certificate, as detailed below.

This is where IOSOpenDev comes into the game, this packages a set of XCode plugins that automates most of this process.  More than that : it also provides templates (aka empty project) to build your own Widgets, command line applications, SBSettings etc …

IOSOpenDev is a must use if you are serious about jailbroken app development on iOS.

But just for the sake of archiving – or if you want to do it manually, here is the process to code sign an application without using Apple’s provided certificate.

1/ generate self signed certificate using the Certificate Assistant in KeyChain Access application

2/ tell Xcode to use that identity

 

3/ change XCode signature method (and restart XCode)

marsu:Contents sst$ sudo cp Developer/Platforms/iPhoneOS.platform/Info.plist Developer/Platforms/iPhoneOS.platform/Info.plist.orig
Password:
marsu:Contents sst$ sudo /usr/bin/sed -i .bak 's/XCiPhoneOSCodeSignContext/XCCodeSignContext/' Developer/Platforms/iPhoneOS.platform/Info.plist
marsu:Contents sst$ ls Developer/Platforms/iPhoneOS.platform/Info.plist*
Developer/Platforms/iPhoneOS.platform/Info.plist      Developer/Platforms/iPhoneOS.platform/Info.plist.orig
Developer/Platforms/iPhoneOS.platform/Info.plist.bak

 

4/ create, compile and deploy your application
scp -r MyApp.app root@ip_address:/Applications

 

5/ restart SpringBoard (Respring) or reboot

 

Enjoy !

, , , ,

No Comments

Using MacPorts with Xcode 4.3.x

If you recently updated to the MacAppStore distribution of Xcode, you certainly noticed that the /Developer directory is not used anymore.  Xcode now lives in standard /Applications directory.

This confuses tools relying on Xcode, such as some MacPorts package relying on Xcode to compile code on your machine before installation.

For example :

---> Fetching archive for zlib
---> Attempting to fetch zlib-1.2.6_0.darwin_11.x86_64.tbz2 from http://packages.macports.org/zlib
---> Fetching zlib
---> Attempting to fetch zlib-1.2.6.tar.bz2 from http://lil.fr.distfiles.macports.org/zlib
---> Verifying checksum(s) for zlib
---> Extracting zlib
Error: Couldn't determine your Xcode version (from '/usr/bin/xcodebuild -version').

(more line stripped for clarity)

This can be solved with a single command line terminal, to tell Xcode command line tools the new location of Xcode.

sudo xcode-select -switch /Applications/Xcode.app/Contents/Developer/

I am still unsure this an Apple bug or a MacPort bug … I am keen to read your opinion about this.

Enjoy !

 

, ,

10 Comments

Apple patches 3 years old bug

There are so many blogs written to criticize Apple, how big, arrogant and control freak they become over the last pas years (some will say they always have been control-freak…) that I wanted to write this post to actually say “Kudo Apple ! & Thank you”

I am using MacBookPro’s since the last 6-7 years or so.  The last one I acquired is the Late 2008 model.  This machine suffered from day #1 of a serious display issue : the upper part of the screen flickers under some load / heat condition.

Problem has been reported numerous times to Apple and the discussion about this issue on Apple’s Support Community forum contains more than 1500 messages posted and close to 190.000 views !

Yesterday, Apple quietly release an EFI firmware patch to address this issue.  Yes, you read it right, Apple did release a firmware patch for a 4 years old machine.  This is so unusual in (consumer) IT industry to mention.

I applied the patch yesterday after having spent an hour or so reading comments from early adopters and I have the pleasure to work on my machine since then without any single screen flickering.

Thank you Apple to take care of old customers, old machines and continue to improve your products.

, , , ,

6 Comments

MacPort on Mac OS X Lion

If you have performed a fresh install of Mac OS X Lion or if you plan to install MacPort after having installed Lion, you will soon realize that the MacPort team does not distribute (yet) a Lion installer.  Snow Leopard installer will fail when detecting Lion.

Question is therefore : how to install MacPort on Lion ?  Answer : install it from the sources.

It might be scarry, but it is very easy, here are the details.

Preriquisite : install Aple’s development tool XCode.  It is freely available from the App Store (be patient it is a 3.5 Gb download)

  • Open a terminal
  • create a directory for the sources
mkdir macport.sources
  • Fetch the sources

cd macport.sources
sudo svn checkout http://svn.macports.org/repository/macports/trunk

  • Compile
cd trunk/base
sudo ./configure --enable-readline
sudo make install
  • Install
sudo make distclean
  • Change your profile to include MacPort in the PATH
vi $HOME/.profile
#!/usr/bin/bash
# MacPort
export PATH=$PATH:/opt/local/bin
  • Source your profile to include the changes
. $HOME/.profile

That’s it ! Easy as I promised.

You can now search for package with

sudo port list | grep <your search>

and install packages with

sudo port install <package name>

Enjoy !

, , , ,

5 Comments

Beta Testing iPhone Applications

I am about to release another iPhone application allowing users to visually manage voice mail messages left on their enterprise messaging solution, based on Oracle Beehive Collaboration and Communication Suite

This application is similar to Apple’s Visual Voice Messaging application that is deployed for some carriers.

Testing an iPhone application before it is deployed through the App Store might be tricky and is reserved for users having a minimal technical knowledge.  This article describes the steps required to join a testing program and to collect logs and debugging information to be reported to the developer.

Before installing an application on your iPhone, it has to be digitally signed by the developer and by Apple (when distributed on the App Store).

For ad-hoc distribution, i.e., without going through the App Store, the application will be signed specifically for your device.  The developer needs to know your Device ID (UDID).

Step #1 – collect your UDID and send it to the developer

First step for beta testing an iPhone application is to collect your UDID and send it to the developer.

To do this, connect your device to your Mac/Windows and launch iTunes. In iTunes, select your device in the ‘Devices’ section and navigate to the Summary tab. Click on the Serial Number label to reveal the Identifier field and the 40 character UDID. Press Command+C (CTRL-C on Windows) to copy the UDID to your clipboard.  Then paste it (Command+V or CTRL-V) in a mail message.

Step #2 – Install application

Once the developer knows your UDID, he will generate an application’s release authorized to run on your device.  Most of the time, you will receive the application as a ZIP file through email or web site download.

  • Unzip the file you received
  • Drag’n drop the application in iTunes
  • Sync your device with iTunes to install the application

You should then see the application icon on your device.

Step #3 – Provide feedback and collect log files for crashes

We are interested to collect all kind of feedbacks and testing conditions

  • General application usage, ergonomy, performance etc … many of these are subjectives but all suggestions will be considered.  Sometimes suggestions will be integrated immediately, sometimes they will be planned for a future release.
  • Different devices – you’re mostly welcome to test on older iPhone, iPod Touch or even iPad.
  • Slow / poor network connection.  Real life network conditions are difficult to test on a development machine, only real life usage, on the street, in a cab, in an airport etc …

If the application crashes or if you think you’ve find a bug, please report it as precisely as possible, in particular, I would like to know

  • what version you are using ? (version number is provided in the mail with the application)
  • what device you are using ?
  • what are the precise steps to reproduce ?
  • is it always reproducible or not ?

The application generate a log file that contains a precise description of what happens within the application.  Here are the steps to collect and send me log files.

  1. Download Apple’s iPhone Configuration Utility (Mac and Windows)
  2. With your device connected, run the iPhone Configuration Utility
  3. Click your connected device
  4. Go to the Console tab (see screenshot below)
  5. Clear the log (button at the bottom to the left)
  6. Try to install and/or launch the application and reproduce the error
  7. Select the relevant log lines (or just everything)
  8. Click the Save Console As… button and save the file
  9. E-mail the file to me

That’s all for now.  Thank you for your valuable feedback !

, ,

3 Comments

Modern version of a web site

Today, Apple published my third publicly released iPhone application.  I’ve been asked to develop it for a French school of cinema, sound, 3D animation and other arts and technology for video and sounds professionals.

The application allows to discover the different departments of the school, get access to the latest news, to the contact details and look at some video and animation created by students.

As of today content is general purpose and rather static, it is a modern version and mobile version of a web site.  It looks like everybody wants its own iPhone app these days:-)

Future version might include some student-specific content and features such as restricted access to course schedule & content and push notifications towards registered students.

Today’s content is 100% in French, English version might be proposed in the future.

You can discover the application on the App Store.

Enjoy !

, ,

No Comments

Playing with Lego’s Mindstorms, LeJOS, GlassFish and an iPad

I will co-present three different session, hands-on-lab and BOF during JavaONE 2010.

One of these has actually nothing to do with usual business, it just aims at being fun and at playing with geek toys : we are hosting a BOF about Java programming for the Lego’s Mindstorms, i.e. the LeJOS project.

Neither David or myself are directly involved with LeJOS community, we are just regular users willing to share our experiences with people discovering Lego’s Mindstorms kit and the LeJOS project.

So, if you happen to be around in San Francisco next Wednesday, be sure to stop 45 minutes at 02:15 pm in the Parc 55 Hotel (Room Divisidero)

David will demo how to interface Lego’s NXT brick with an Arduino device.

I will show how to create a iPad controller for a robot, using a REST interface hosted on GlassFish.

Does it sounds geeky enough ? A short videoshow all this in action.

, , , , ,

No Comments

Can we Trust IP Geo-Localization Services ?

The next version of Maxi80 iPhone application will include a very simple user tracking capability : each time a user listens the web radio for more than n seconds, the application will ping one of my servers, allowing me to collect stats such as date and time, ip address, device model (iPhone, iPod Touch,…) and iOS version number.

Most of this information is also available to the web radio admin through the Shoutcast log files – but I don’t have access to these.

On the server side, I am calling an IP geo localization service to track countries from where people do listen to the radio.

At the time I am writing this post, the new version of the application was submitted to Apple for validation.  This means that only Apple and myself have a version at our disposal for testing, the application is not distributed to the public yet.

In other words, every ping request I am seeing on my server is either coming from me, either from Apple.  Despite this, I am seeing requests from many different countries : Belgium (these are mine), United States West Coast (this should be Apple), United States East Coast (maybe Apple has iPhone Apps validators working from there too).  But I also got requests from two weird locations : Pakistan (Islamabad) and Greece (Athens).

I tested these two IP addresses on many geo localization services and they all gave me the same result.

My conclusion : either Apple tests our iPhone applications from the three continents (America, Asia and Europe), either something is flawed with IP Geolocalization services.

Should you have a good knowledge of IP geo localization inner working – or – from Apple’s iPhone Apps validation process, do not hesitate to leave a comment :-)

, , ,

No Comments

iPhone 3G Connection Tethering without Jailbreak

iPhone tethering consists of using your iPhone as a modem with your laptop or iPad to provide wireless connectivity through your 3G data connection.

Tethering is authorized by Apple as long as your carrier does authorize it as well.  And, most of the times, the providers do charge a special rate for tethered data traffic.

If you have a subscription to an unsupported carrier, you’re locked.  Other mobile phone systems have more open options.

To work around this limitation imposed by Apple and the carriers, the most common solution is to Jailbreak the iPhone, allowing to install non Apple approved applications through Cydia.

I don’t like to jailbreak my phone.  It is a cat and mouse game, each time Apple does release a new version, the jailbreak is broken and we have to wait for a new jailbreak solution.

Although it does exist some tethering without jailbreak solutions, I never found one as clever and obvious as iProxy.

First a disclaimer : iProxy does require Apple developer tools and a developer profile (or to know someone that has one).  It is not a solution for every user and certainly not for my grand’ma !

The ideas behind iProxy are so simple, I am jealous.  I wish I had these ideas myself.

First, the application is distributed as source code only.  It is an XCode project that you must compile and install on your phone.  Installing the binary on your (not jailbroked) phone requires to subscribe to Apple’s developer program.

This allows to circumvent Apple’s review process required to publish application on the App Store.

Secondly, iProxy is not a tethering solution, it is “just” a generic SOCKS v5 proxy, allowing to relay traffic between SOCKS clients (your laptop or iPad) and the Internet.

iProxy developers did not write the SOCK code themselves, they smartly reuse the code of SRelay, an open source, UNIX-based, generic SOCKS proxy (iOS is a UNIX OS, remember !)

They even include a small embedded and open-source HTTP server, to be able to provide proxy auto configuration files (PAC files) over HTTP.

Once compiled and installed on your iPhone :

  • On your laptop, create a private wifi network
  • assign a static IP address on your laptop
  • define a SOCKS proxy with the iPhone’s IP Address (see below) and the port 8888
  • On your iPhone, join the wifi network
  • Assign a static IP address in the same range as the laptop
  • start iProxy application

Should you try this with an iPad, you will realize there is no possibility to define a SOCKS proxy on the iPad.  This is where the Proxy Auto Configuration file (PAC file) and embedded HTTP server comes at hand.  In your iPad Network Settings, define the following line as “Auto Proxy Configuration”

http://<your iphone IP address>:8080

Mobile Safari will read this file.  It contains a simple JavaScript function that defines the SOCKS proxy with iPhone’s IP address and port number.

This is it.  This solution is not too complicate to setup and use (for technical users), it makes a very clever use of open source and it is pretty efficient !

, , , ,

2 Comments