Extracting Single Ini Section Via Bash

While playing with my home network I was presented with a curios problem – parsing .ini file within bash.

Let’s take the following file as an example:

[Alfa]
IP=1.1.1.1
DNS=alfa.example.com

[Bravo]
IP=2.2.2.2
DNS=bravo.example.com

[Charlie]
IP=3.3.3.3
DNS=charlie.example.com

From this file I want to get both IP and DNS fields of one section – e.g. Bravo. I did find a solution that was rather close to what I wanted but I didn’t like the fact all entries got into associative array.

So I decided to make a similar solution adjusting the output to show only a single section and give it a prefix to avoid accidental conflict with other script variables. Here is the one-liner I came up with:

awk -v TARGET=Bravo -F ' *= *' '{ if ($0 ~ /^\[.*\]$/) { gsub(/^\[|\]$/, "", $0); SECTION=$0 } else if (($2 != "") && (SECTION==TARGET)) { print "FIELD_" $1 "=\"" $2 "\"" }}' My.ini

Or to present it in more human-friendly form:

awk -v TARGET=Bravo -F ' *= *' '
  {
    if ($0 ~ /^\[.*\]$/) {
      gsub(/^\[|\]$/, "", $0)
      SECTION=$0
    } else if (($2 != "") && (SECTION==TARGET)) {
      print "FIELD_" $1 "=\"" $2 "\""
    }
  }
  ' My.ini

The first argument (-v TARGET=Bravo) just specifies which section we’re searching. I am keeping it outside as that way I can use other variable (e.g. $MACHINE) without dealing with escaping awk statements.

The second argument (-F ' *= *') is actually regex ensuring there are no spaces around equals sign.

The third argument is what makes it all happen. Code matches section line and puts it in SECTION variable. Each line with name/value pair is further checked and printed if target section name is matched. Upon printing, a prefix “FIELD_” is added before name making the whole line essentially a variable declaration.

The fourth and last argument is simply a file name.

This particular command example will output the following text:

FIELD_IP="2.2.2.2"
FIELD_DNS="bravo.example.com"

How do you use it in a script? Simple source result of awk and you get to use .ini fields as any bash variable.

source <( awk )

El-Cheapo Power Supply Noise Measurement

If you are not doing power supply measurements every day, you probably don’t have any specialized probe for it. At best you might be using two probes and math channels to get a cheap differential-like probe as the only thing needed for this is your standard probes and a pair of pass-through 50 Ω terminators. Dave went over it on EEVBlog channel better than I ever could.

While this approach might not be perfect, it has advantage of a decent result with minimum parts needed. Assuming you already have the probes, only other parts needed are pass-through 50 Ω terminators that come in handy for other stuff too. If you are lucky, your scope might even have them built-in.

Due to low cost and ease of measurement I actually prefer it to more common single-ended measurements with short ground spring. Not only I find probing with two hands easier than dealing with springy ground wire but it also alleviates the need to worry as much about noise sources. With advent of switched LED lightning single-ended measurements just got too annoying.

Disadvantage, beside the precision, is that all your measurements need scaling as your probes and termination resistor make a voltage divider. Since we already know one side of voltage divider (50 Ω terminator), we need to measure probe’s resistance. From tip to BNC connector that will be in a few hundreds ohms range. Using the voltage divider formula, we get the ratio (for example I measured about 360 Ω):

ratio = (Rprobe + 50) / 50 = (360 + 50) / 50 = 8.2

While simply multiplying by ratio resulting numbers is not too much of a hassle and you could be done here, quite a few oscilloscopes will allow you to create a custom probe. As I usually use PicoTech 2206B, I will explain how to configure custom probe in PicoScope 6 so our on-screen result is already scaled correctly.

In Tools menu the first entry leads to Custom Probes window. There clicking on New Probe will start a wizard dialog. We use the standard volts unit and a linear equation. Our precalculated scaling ratio (7.6 in my case) goes under gradient and offset stays 0. Automatic range management is fine but software frequency filter we set to 20 MHz as PicoScope 2000-series has no hardware bandwidth selection. After naming the probe we can now select it in channel’s configuration.

When dealing with the “standard” probes, be aware that most x1 probes have around 10 MHz bandwidth. As power supply noise is usually measured with 20 MHz bandwidth limit this is something to be aware of. However, the whole measurement setup is on a cheap side and this will rarely be a deal breaker. Yes, you might not see the best fidelity but you’re gonna be in the ballpark regardless.

Further more, we are not interested in the DC component. If oscilloscope supports it, use AC coupling as we’re not interested in DC values – only noise. This will allow you to use all ADC bits for signal you want to see. If oscilloscope supports only DC coupling, you won’t be able to see much as, at ±5V, your 8 bits give you only 40 mV resolution and it goes worse from there. Unless you can get your analog offset configured (unlikely if your scope is so low end that AC coupling is unavailable), you can forget about any meaningful measurement.

Those doing it on cheap can check $140 PicoScope 2204A as it does support AC coupling. For example, assuming 100 mV range, you get quite adequate 0.4 mV resolution. As you go up in model selection you will get better bandwidth and bigger sample buffer but I would think even this works well for what we can get with this testing setup.

And I am mentioning PicoScope here specifically as other cheap scopes (whether PC-based or in MP3 player case) often don’t have AC coupling and lie about bandwidth on a grand scale at a comparable price. While you can get around missing AC coupling by placing capacitor in series, it is much harder to work around bandwidth restrictions and a missing analog frontend. PicoScope is not perfect (and it cannot be at that price point) but they don’t lie about their capabilities and their PC software is the best I’ve seen.

That aside, we’re not done yet. To see our “differential” signal noise, we have one more step. Under Tools there is an option called Math Channels. Here we can select already predefined A-B function and finally we can see the noise in all its glory.

 
PS: To automate measurements a bit, you can use Measurements, Add Measurement. Selecting A-B as a measurement channel will allow you to add both peak-to-peak and AC RMS as the most useful values.

PPS: The lowest PicoScope model where you can do these measurement comfortably is $350 2206B with 32 MS buffer. Lower models have only either 8 kS ($140 2204A) or 16kS ($225 2205A) making any analysis a bit annoying.

PPPS: Great thing about using PicoScope for measuring power supply is that it can be easily isolated. Just disconnect laptop from power supply and your USB (and thus PicoScope) is floating. :)

WordPress 5.0 Downgrade

I got into habit of installing the latest WordPress as soon as it gets out. Usually I don’t have any problems but this time it was not to be.

With 5.0, the first issue I noted was that I couldn’t schedule my posts. Yes, WordPress would tell me post was scheduled only to find out it was still in drafts. That alone wouldn’t drive me away if I could write new posts. Yep, after upgrade my blogging software wouldn’t blog any more.

It was clear that downgrade was in order. But how?

While going back from the backup was possible, there is something even better – WP Downgrade plugin. Once installed, you can specify WordPress version you want (4.9.8 in my case) and just pretend you’re doing another upgrade. Once completed, you are back on the old, working, version.

If you want to go forward, just deactivate plugin until needed again. Nice!

What Should Every HTTPS Site Owner Do?

You finally got HTTPS running on your web server. Is there anything else you can do? Well, let me tell you about a few (free) things you can do.

Test HTTPS

Probably the most important work you can do when setting up HTTPS is testing all the changes. While you can use curl and “sweat of your brow”, I prefer using SSL Labs. It covers a bunch of stuff and it gets regularly updated with the latest recommendations. If test finds anything needing an improvement, you will get enough information to fix it.

To be sure your setup is not unnecessarily slow, a speed test does come in handy. If you run the same test toward both your HTTP and HTTPS setup, you should except numbers to be very close. While it will become impossible to test HTTP-only speed once you fully activate HTTPS, you can still benefit from “run A” vs “run B” testing.

There is a lot of small fiddly details with HTTPS and testing will prevent you from going at it blind.

Monitor Certificate Expiration

If you are using Let’s Encrypt it’s a pure necessity to monitor expiration of your certificates. Three month validity might seem long but, once everything starts working, you will forget to check and you have inaccessible web site on your hands. Half an hour needed to setup and testing monitoring is well worth it.

Of course, if you are using commercial certificate provider, you can ignore this as they’ll bug you enough.

Monitor Issued Certificates

As you are already monitoring your certificate expiry, you might also want to monitor who is generating them. If you use Cert Spotter, you’ll get an email every time one of your domains gets a new certificate. For 99% sites, including this, this is pure overkill. But that doesn’t mean you shouldn’t sign up. :)

Setup Expect-CT

If you use any decent certificate provider, you can expect them to report all issued certificates to Certificate Transparency project. Armed with this assumption, you can start sending Expect-CT HTTP header. In practice this protects you from man-in-the-middle attacks by certificate authorities already trusted by your computer. Great examples include your company or flight entertainment CA. If they try to fudge your TLS connection, this way you’ll know.

Setup CAA

If you have access to your DNS settings, you should think about setting up CAA. How far can you go depends on your DNS provider. Some of them, like CloudFlare, support only a subset of needed functionality. Realistically, even that is sufficient but for the full compliance to rules, raw DNS access is the best. In theory this will protect you against issuance of certificate by a non-trusted CA. Since this is based on gentlemen’s agreement, the actual enforcement is yet to be proven.

Setup HSTS

Lastly, once you sort everything else, do look into HSTS. It is a bit of work to apply and get certified for entrance into the preload list with multiple consequences. The most obvious one is that your domain will always be loaded in its HTTPS glory instead of the HTTP redirect. However, that pales in comparison to the most important benefit – the bragging rights since your website is explicitly compiled in the every major browser. That and sense of impending doom as any HTTPS mistake will render your website completely inaccessible. I guess this is not for those of weak heart.