newspaint

Documenting Problems That Were Difficult To Find The Answer To

Monthly Archives: April 2017

Aldi WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill and Batteries

Aldi, today, had for sale the cordless hammer drill titled “WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill”. I spent some time searching the Internet to try and find out the manufacturer but I was unable. As this is the first time I know of that these products have been released to market I am writing this post with pictures of the boxes and products for others.


Battery Pack

Let’s start with the battery pack because without the battery there is no appliance.

The battery is titled “XFinity Plus 20V Battery System XFinity Li-Ion 20V 2.0AH Battery” and the battery purchased had a capacity of 2.0 amp hour (AH). The following is the view of the box from different angles:

XFinity Plus 20V Li-Ion 2.0AH Battery Box Top View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Top View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Left View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Left View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Front View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Front View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Right View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Right View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Rear View

XFinity Plus 20V Li-Ion 2.0AH Battery Box Rear View

XFinity Plus 20V Li-Ion 2.0AH Battery In Plastic Bag

XFinity Plus 20V Li-Ion 2.0AH Battery In Plastic Bag

XFinity Plus 20V Li-Ion 2.0AH Battery Manual

XFinity Plus 20V Li-Ion 2.0AH Battery Manual

XFinity Plus 20V Li-Ion 2.0AH Battery Top View

XFinity Plus 20V Li-Ion 2.0AH Battery Top View

XFinity Plus 20V Li-Ion 2.0AH Battery Left View

XFinity Plus 20V Li-Ion 2.0AH Battery Left View

XFinity Plus 20V Li-Ion 2.0AH Battery Bottom View

XFinity Plus 20V Li-Ion 2.0AH Battery Bottom View


Battery Charger

A battery isn’t much good unless the battery can be charged. So a charger was purchased. The charger is titled “XFinity Plus 20V Battery System XFinity Li-Ion 20V Quick Charger”. The following is the view of the box from different angles:

XFinity Plus 20V Li-Ion Quick Charger Box Top View

XFinity Plus 20V Li-Ion Quick Charger Box Top View

XFinity Plus 20V Li-Ion Quick Charger Box Left View

XFinity Plus 20V Li-Ion Quick Charger Box Left View

XFinity Plus 20V Li-Ion Quick Charger Box Front View

XFinity Plus 20V Li-Ion Quick Charger Box Front View

XFinity Plus 20V Li-Ion Quick Charger Box Right View

XFinity Plus 20V Li-Ion Quick Charger Box Right View

XFinity Plus 20V Li-Ion Quick Charger Box Rear View

XFinity Plus 20V Li-Ion Quick Charger Box Rear View

XFinity Plus 20V Li-Ion Quick Charger In Plastic Bag

XFinity Plus 20V Li-Ion Quick Charger In Plastic Bag

XFinity Plus 20V Li-Ion Quick Charger Manual In Plastic Bag

XFinity Plus 20V Li-Ion Quick Charger Manual In Plastic Bag

XFinity Plus 20V Li-Ion Quick Charger Top View

XFinity Plus 20V Li-Ion Quick Charger Top View

XFinity Plus 20V Li-Ion Quick Charger Bottom View

XFinity Plus 20V Li-Ion Quick Charger Bottom View

When power is applied the green LED is lit.

XFinity Plus 20V Li-Ion Quick Charger With Green LED Lit

XFinity Plus 20V Li-Ion Quick Charger With Green LED Lit

When a battery is charging the red LED flashes. When charging is complete the red LED stays lit and does not flash (one must remove the battery when the red LED is steady according to the manual).

XFinity Plus 20V Li-Ion Quick Charger With Red LED Flashing During Battery Charge

XFinity Plus 20V Li-Ion Quick Charger With Red LED Flashing During Battery Charge


Cordless Hammer Drill

The cordless hammer drill is titled “WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill”.

According to the box the technical specs are:

  • voltage: 20Vd.c.
  • no load speed: 0-380/0-1400/min
  • torque setting: 21
  • maximum torque: 28Nm
  • chuck diameter: 13mm
  • LED worklight: yes

The model is PT160103, version number 0001, product code is 56226, and the date is listed as 04/2017. After sales support line is given to be 1300 777 137 with an e-mail of service@actionspares.com.au.

Contents are listed as:

  • 1 x Hammer drill
  • 1 x Belt hook
  • 1 x Double ended bit
  • 1 x Auxiliary handle
  • 1 x Instruction manual
  • 1 x Warranty certificate

The box states “made in China”.

The following is the view of the box from different angles:

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Top View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Top View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Left View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Left View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Front View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Front View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Right View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Right View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Rear View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Rear View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Opened

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Box Opened

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Front View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Front View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Right View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Right View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Rear View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Rear View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Bottom View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill Bottom View

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill With Battery Pack

WorkZone Titanium+ XFinity Li-Ion 20V Cordless Hammer Drill With Battery Pack

According to the manual there are 3 function types:

  • (icon of drill bit) regular drilling setting for drilling wood, plastic, metal
  • (icon of hammer) hammer drilling setting for hammer drilling masonry
  • (triangular-ish icon) driving setting for tightening or loosening screws

The torque setting is from 1 to 21, 1 being the lowest torque, 21 being the highest.

The speed setting on top of the drill is 1 (slow/low) or 2 (fast/high). High speed has less torque.

The product claims to adhere to technical standards AS/NZS 60745.1, 60745.2.1, and 60745.2.2.

The drill has considerable “whine” – a high pitch tone that changes in pitch depending on how far in the trigger is pulled.

ZFS Grub Issues on Boot

I had a problem when attempting to boot into my ZFS root and landed in initramfs rescue prompt.

Using advice from this article:

Command: zpool import -N
Message: cannot import '': no such pool available
Error: 1

Manually import the root pool at the command prompt and then exit.
Hint: Try:  zpool import -f -R / -N


BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
Enter 'help' for a list of built-in commands.

(initramfs) zpool import -f -R / -N rpool
(initramfs) exit

Begin: Setting mountpoint=/ on ZFS filesystem  ... done
Begin: Mounting ZFS filesystem  ... done
Command: mount -t zfs -o zfsutil  /root
Message: filesystem '' cannot be mounted, unable to open the dataset
mount: mounting  on /root failed: No such file or directory
Error: 1

Manually mount the root filesystem on /root and then exit.


BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) build-in shell (ash)
Enter 'help' for a list of built-in commands

(initramfs)

To fix this issue I ran:

(initramfs) zpool import -R /root rpool
(initramfs) exit

Unfortunately there is a known bug in Ubuntu 16.04.1 grub-probe command which states “error: unknown filesystem” when running update-grub.

The work-around is to update /etc/default/grub and add:

GRUB_CMDLINE_LINUX_DEFAULT="boot=zfs root=ZFS=rpool/ROOT"

This results in the grub menu specifying the root parameter twice on the kernel boot line in /etc/grub/grub.cfg but the second one takes precedence.

Monitor No Signal on Xubuntu 16.04.1

My Dell server seemed to stop outputting to the monitor on the VGA cable. No signal, the monitor said. It was blank, it was black, it was powered off. I tried unplugging the cable and plugging it back in, no joy.

I tried pressing ctrl-alt-1 to switch to the text console, and the screen came alive, but all I could see was a flashing underline of a cursor in the upper left-hand corner, no login prompt. Same thing for ctrl-alt-2. Tried ctrl-alt-7 to get back to graphics mode and the monitor turned off again.

The following repaired the issue for me without having to reboot, but it did kill my GUI session and all open windows:

sudo /etc/init.d/lightdm restart

My monitor came back alive and I found myself at the GUI XFCE login prompt.

Checking SSL Certificate Expiry on Remote Server using PowerShell

Overview

There are a number of approaches to take to get the expiry time of the SSL certificate on a remote server using PowerShell. This tutorial will be conducted using PowerShell 2.0 and .NET 3.5 for maximum compatibility (as there are some organisations out there still using Microsoft Windows 2003).

The Simple Way

If you’re reasonably assured your remote server exists and you have connectivity to it then you can write a simple script to:

  • make a TCP connection to the SSL port of the host you wish to check
  • obtain a SSL stream from the TCP connection
  • SSL authenticate as a client
  • obtain the X509 certificate of the remote server from the SSL stream
  • obtain the NotAfter field from the X509 certificate

That script is as follows:

Set-StrictMode -Version 2.0

#Requires -Version 2.0

$HostName = "www.google.com"
$Port = 443

# get TCP connection
[System.Net.Sockets.TcpClient]$TcpClient = $null
$TcpClient = New-Object "System.Net.Sockets.TcpClient"
try {
    $TcpClient.Connect( [System.String]$HostName, [System.Int32]$Port )
} catch {
    Throw "TCP connection error: $_"
}

# get SSL stream from TCP connection
[System.Net.Security.SslStream]$SslStream = $null
$SslStream = $TcpClient.GetStream()

# authenticate SSL stream
try {
    $SslStream.AuthenticateAsClient( $HostName )
} catch {
    Throw "Failed to authenticate SSL stream: $_"
}

# get X509 certificate
[System.Security.Cryptography.X509Certificates.X509Certificate]$cert = $null
$cert = $SslStream.RemoteCertificate

# get X509 certificate with extra properties
[System.Security.Cryptography.X509Certificates.X509Certificate2]$cer2 = $null
$cer2 = New-Object "System.Security.Cryptography.X509Certificates.X509Certificate2" -ArgumentList $cert

# output expiry
$cer2.NotAfter

# close stream and connection
$SslStream.Close()
$TcpClient.Close()

Implementing Timeouts

The fact is that some operations will take a long time when things go wrong. In the code above there are two moments things can block for a long time: making a TCP connection (if the remote end is not responding or the firewall is consuming network traffic), and authenticating the SSL stream (when, for example, the connected service is not SSL and doesn’t response to the authentication process).

In PowerShell we can use the Begin/End form of operations and wait up to a specified number of milliseconds (time) before we give up. The code to do that follows:


Set-StrictMode -Version 2.0

#Requires -Version 2.0

$HostName = "www.google.com"
$Port = 443

# get TCP connection
[System.Net.Sockets.TcpClient]$TcpClient = $null
$TcpClient = New-Object "System.Net.Sockets.TcpClient"
[System.IAsyncResult]$IAsyncResult = $TcpClient.BeginConnect(
    [String]$HostName,
    [System.Int32]$Port,
    $null, # AsyncCallback
    $null # user-defined Object
)

[System.Threading.ManualResetEvent]$AsyncWaitHandle = $null
$AsyncWaitHandle = $IAsyncResult.AsyncWaitHandle

[System.Boolean]$Wait = $AsyncWaitHandle.WaitOne( 5000 ) # 5s timeout

if ( $Wait ) {
    # object was signalled, i.e. connect finished or errored
    try {
        $TcpClient.EndConnect( $IAsyncResult )
        if ( -not $TcpClient.Connected ) {
            Throw "TCP connection not connected!"
        }
    } catch {
        Throw "TCP connection error: $_"
    }
} else {
    # timeout
    $TcpClient.Close() # can't wait for EndConnect, so destroy client
    Throw "TCP connection TIMEOUT"
}

# get SSL stream from TCP connection
[System.Net.Security.SslStream]$SslStream = $null
$SslStream = $TcpClient.GetStream()

# authenticate SSL stream
[System.IAsyncResult]$IAsyncResult = $SslStream.BeginAuthenticateAsClient(
    [String]$HostName,
    $null, # AsyncCallback
    $null # user-defined Object
)

[System.Threading.ManualResetEvent]$AsyncWaitHandle = $null
$AsyncWaitHandle = $IAsyncResult.AsyncWaitHandle

[System.Boolean]$Wait = $AsyncWaitHandle.WaitOne( 5000 ) # 5s timeout

if ( $Wait ) {
    # object was signalled, i.e. authenticate finished or errored
    try {
        $SslStream.EndAuthenticateAsClient( $IAsyncResult )
    } catch {
        Throw "SSL authentication error: $_"
    }
} else {
    # timeout
    $SslStream.Close() # can't wait for authenticate, so destroy stream
    $TcpClient.Close() # close TCP connection
    Throw "SSL authentication TIMEOUT"
}

# get X509 certificate
[System.Security.Cryptography.X509Certificates.X509Certificate]$cert = $null
$cert = $SslStream.RemoteCertificate

# get X509 certificate with extra properties
[System.Security.Cryptography.X509Certificates.X509Certificate2]$cer2 = $null
$cer2 = New-Object "System.Security.Cryptography.X509Certificates.X509Certificate2" -ArgumentList $cert

# output expiry
$cer2.NotAfter

# close stream and connection
$SslStream.Close()
$TcpClient.Close()

Not Requiring Validation of SSL Certification

So, you want to check a SSL certificate’s expiry date, and you don’t really care what the name is on the remote server certificate. You will be getting validation errors by now, like the following:

Exception calling "AuthenticateAsClient" with "1" argument(s): "The remote certificate is invalid according to the validation procedure."

You replace the following lines of code:

# get SSL stream from TCP connection
[System.Net.Security.SslStream]$SslStream = $null
$SslStream = $TcpClient.GetStream()

with:

# get SSL stream from TCP connection
[System.Net.Security.SslStream]$SslStream = $null
$SslStream = New-Object System.Net.Security.SslStream(
    $TcpClient.GetStream(),
    $True,
    [System.Net.Security.RemoteCertificateValidationCallback]{ $true }
)

This works fine on the first code example given above without timeouts.

But for the asynchronous code with timeouts this attempt to bypass certificate validation gives the error:

SSL authentication error: Exception calling "EndAuthenticateAsClient" with "1" argument(s): "There is no Runspace available to run scripts in this thread. You can provide one in the DefaultRunspace property of the System.Management.Automation.Runspaces.Runspace type. The script block you attempted to invoke was:  $true "

Okay things are quickly becoming rather tricky rather fast. The issue has been explained elsewhere as:

Asynchronous callback delegates are not a friend to PowerShell. They are serviced by the .NET threadpool which means that if they point to script blocks, there will be no Runspace available to execute them. Runspaces are thread-local resources in the PowerShell threadpool. The .NET threadpool, operating independently, is not too interested in coordinating callbacks with PowerShell. So what do we do?

We’re basically forced to drop into C#/.NET world whether we like it or not. So we might as well provide our own simple class that creates the appropriate callback function.

Add-Type @'
public class MyNoValidate {
  private static System.Boolean bypassvalidation(
    System.Object sender,
    System.Security.Cryptography.X509Certificates.X509Certificate certificate,
    System.Security.Cryptography.X509Certificates.X509Chain chain,
    System.Net.Security.SslPolicyErrors sslPolicyErrors
  ) {
    return true;
  }

  public static System.Net.Security.RemoteCertificateValidationCallback getcallback() {
    System.Net.Security.RemoteCertificateValidationCallback cb;

    cb = new System.Net.Security.RemoteCertificateValidationCallback(
      bypassvalidation
    );

    return cb;
  }
}
'@

and then:

# get SSL stream from TCP connection
[System.Net.Security.SslStream]$SslStream = $null
[System.Net.Security.RemoteCertificateValidationCallback]$Callback = $null
$Callback = [MyNoValidate]::getcallback()
$SslStream = New-Object System.Net.Security.SslStream(
    $TcpClient.GetStream(),
    $True,
    $Callback
)

Now you can get your SSL certificate without having to know the name on the certificate first – with timeouts, too!

Final Note

When getting the expiry time of a SSL certificate please avoid (don’t use) the System.Security.Cryptography.X509Certificates.X509Certificate2.GetExpirationDateString() method! You cannot be sure what you’re getting – whether the date is in USA format or the rest of the world format, or local or UTC time. Much, much better to use the System.Security.Cryptography.X509Certificates.X509Certificate2.NotAfter property of type System.DateTime.