Insidious ByRef Legacy Code Issue

The ByRef in the title should give you a hint that this is about legacy VB.NET code.

One of my duties at my new job is to maintain our legacy VB.NET codebase until we deploy our WPF software. When I use the term legacy it should not be taken in a negative manner. Our legacy code runs our company everyday and does it very well.

If you don’t know, VB.NET has a powerful but insidious property on Microsoft.VisualBasic.DateAndTime module called Today. Well, this little beast is a read-write property to the system date.

Yesterday I got a report of an exception that we have never seen before, System.Security.SecurityException; user does not have permission to change the system date.

Over the last few weeks we have been moving from Windows XP to Windows 7 with UAC set at the Default level (as it should be.) We are running in a different, more secure computing environment. The user that reported the issue was upgraded yesterday morning.

After researching the problem it turns out that we had several method calls within our legacy application that were passing Today ByRef. Yes, you guessed it; this caused a call to update the system date each time these methods were executed and returned. In reality no real damage was done; however under Windows 7 with UAC turned on, it caused the above security exception.

Solution

I found every instance of Today in the code and changed it to, Date.Today which is the read-only syntax.  You can also use Today.Date.

If you are maintaining legacy code that you didn’t write and have an unexplained issue, looking at method calls that are passed ByRef might help. 

If you have Today in your VB.NET code, take a look and make sure it’s not being passed ByRef and make sure you code is not mutating it.

Have a great day,

Just a grain of sand on the worlds beaches.

Coding Signing Internal Applications and a Gotcha

This blog post explains one way to code sign your internal applications along with their installers. Code signing your applications and installers provide a UAC friendly user experience during installation, uninstall, and when your legacy applications may need to run with administrative privileges (more about admin privileges below).

UAC Friendly Installation Experience

The below image pictures a user friendly UAC dialog, complete with Program name, Verified publisher. If you internal applications are not code signed, the user will get a warning dialog, with a bizarre program name, and Verified publisher set to unknown.

I don’t know about you, but I would rather condition my users to see UAC friendly dialogs, rather than the warning dialog. Next thing you know, they have “accidently” approved a UAC warning that could cause you a big problem.

If you are signing applications that are not internal to your organization, the content surrounding certificates and the guidance surrounding signtool.exe may violate your organizations code signing rules or procedures.

This blog post is about code signing internal applications that will be used within your organization.

Code Signing Certificate

The first order of business is to get a code signing certificate installed on machines that will build your internal applications. You can see from the below image, that my certificate server gmcx-Security-CA has issued a code signing certificate and that I have imported that certificate into the “Personal” Store under the “Certificates” folder.

To be honest, creating a code signing certificate that did not have my name on it, instead had our organization’s name is was bit of a PIA and required creating a certificate template on the certificate server that allowed me to do this. I found this TechNet article very helpful:

http://technet.microsoft.com/en-us/library/cc731705(v=ws.10).aspx

After you create the certificate, export it and import it on all machines under the users “Personal” store as above.

For example, I have this certificate installed on our two developer machines and on the build server.

Configuring the Solution (executable projects)

There are several ways to configure actions that take place during MSBuilds. I have chosen the “batch file” method because it is very easy to implement and debug. You could leverage one of two out-of-the-box build Tasks or create your own build task, but I chose “batch files” for the above reasons.

Notice that I have checked these batch files into source control. This ensures that all machines can build the solution correctly.

AfterBuildTasksDebug.bat

If your scenario requires code signing the debug build, the below batch file uses the signtool.exe program to code sign the .exe program. You “could” also pass in command line parameters to the batch file that would include the folder name of the target along with the target name.  I’ve kept this simple to make it easier to understand all the pieces.

Notice that I didn’t have to specify a certificate, password, etc.  This is because I only have one code signing certificate installed on my machine.  The “/a” switch instructs signtool to automatically pick the code signing certificate from my “Personal” store.

@echo on

call “C:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat”

call signtool sign /a “C:\Projects\GMC\Src\GMC\bin\Debug\GMC.exe”

AfterBuildTasksRelease.bat and the Gotcha

Now time for a nasty gotcha. This little beast cost me about 2 hours trying to figure out why, every time I did a Release build using the Setup project to build and create the install package that the .exe the installer installed was not longer signed.

Read this thread on the Windows Dev Center for full details:

Setup project strips digital signature from exe target

Now that you have read the above thread, you’ll fully understand why when creating a release build, you must code sign the .exe under the \obj and \bin folders.

The signtool… commands sign my .exe. Let me call out one additional signtool switch you need to mind when signing your .exe.

You should also specify the “/t” switch. This will time stamp your .exe so the user knows when the .exe was built.

@echo on

call “C:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat”

call signtool sign /a /t http://timestamp.comodoca.com/authenticode
   “C:\Projects\GMC\Src\GMC\obj\Release\GMC.exe”

call signtool sign /a /t http://timestamp.comodoca.com/authenticode
   “C:\Projects\GMC\Src\GMC\bin\Release\GMC.exe”

Configuring Visual Studio 2010 to Use the above Batch Files During a Build

• Open the Build Events dialog from the .exe project’s properties tab.
• Change the “Run the post-build event” option to “When the build updates the project output.”
• Enter the above text in the “Post-build event command line” text box.

This will run one of the two batch files based on the configuration, Debug or Release.

Building the Solution

Like many of you, I don’t build my Release builds within Visual Studio.  Some use a build server, others build them from the command line to allow other tasks to be accomplished.

Below is a fragment of a batch file that I use when building a release build.  The devenv… command rebuilds my solution. Notice the “/rebuild” switch instead of the “/build” switch.

The signtool… command signs my .msi installer that the Setup project built. Let me call out two additional signtool switches you need to mind.

It is important that you specify the “/d” switch for your .msi installers. If you scroll back up to the top of this blog post and view the UAC image, you’ll notice the Program name matches the text in the below “/d” switch. If you don’t specify this, your user will see some bizarre text.

You should also specify the “/t” switch. This will time stamp your installer so the user knows when the installer was built.

@echo on

call “C:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat”

devenv /rebuild Release /project GMC_Setup C:\Projects\GMC\Gmc.sln

echo .
echo .
pause

signtool sign /a /d “GMC for Office 2010 Setup” /t http://timestamp.comodoca.com/authenticode
   C:\Projects\GMC\Src\GMC_Setup\Release\GMCForOffice2010_Setup.msi

… additional tasks

Legacy Applications Running on Windows 7 and Above

My company has a legacy Windows Forms application that was written during the days of Windows XP.  My company like many other enterprises never installed Windows Vista.  Recently we installed Windows 7 on our enterprise desktops.

Well the legacy enterprise applications I’ve inherited do things are are not UAC friendly.  For example, writing to the \Program Files folder and other tasks that are now under Windows 7 considered taboo.

Being a good Enterprise Administrator and Developer, I want all my clients running Windows 7 with UAC set to the Default setting and for my users to learn about the UAC feature and its benefits; this will provide them a safer computing environment here at work and at home.

Microsoft has documented UAC here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa511445.aspx  

Microsoft and bloggers have documented a number of strategies for dealing with UAC and legacy applications.  Turning UAC off or limiting its capabilities should not be considered a good option.

I was not willing to take on the risk of modifying our legacy applications, so I run my few enterprise applications with an embedded application manifest that tells the operating system this application requires administrator privileges to execute. All of our users are administrators on their local computer.

Example Application Manifest

Notice the the below application manifest that the “requestExecutionLevel” is “requireAdministrator.”

<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>
<assembly xmlns=”urn:schemas-microsoft-com:asm.v1″ manifestVersion=”1.0″>
  <assemblyIdentity version=”1.0.0.0″ processorArchitecture=”X86″ name=”GMC” type=”win32″/>
  <trustInfo xmlns=”urn:schemas-microsoft-com:asm.v3″>
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level=”requireAdministrator”/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>

To embed the above application manifest you need to use the mt.exe program. I placed the below command at the top of my two batch files, AfterBuildTasksDebug.bat and AfterBuildTasksRelease.bat.

You’ll need to edit the paths and .exe name as well as the manifest name.

call “C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\mt.exe” -manifest
   “C:\Projects\GMC\Src\GMC\GMC.exe.manifest”
   -outputresource:”C:\Projects\GMC\Src\GMC\bin\Debug\GMC.exe;#1″

Close

For those of you that have the need or desire to code sign your internal enterprise applications, I hope this blog post will help you avoid the long learning curve.

Have a great day,

Just a grain of sand on the worlds beaches.

Boise Code Camp Prism, Ocean 3 Session

The links to the code presented at the Boise Code Camp is in the below Downloads section.

This links include Ocean 3 and a modified Prism 4 library that has two new features.

The Ocean 3 solution includes a Prism Ocean Demo application that shows off Ocean working with Prism. In a later release, I’ll add database demonstration code as well that uses the new and improved Service<T> and Repository<T>.

The demo application shows off:

• WPF Ribbon being populated by a Prism Region; when forms are navigated to, their respective ribbon tabs are automatically rendered.
• Automatic view/view model wiring up by the Unity container. No view or view model navigation registrations required.
• Automatic setting of the correct IRegionManager on all view models; this region adapter does not draw the IRegionManager out of the IoC container, instead it uses the one assigned to the view. This technique prevents the incorrect IRegionManager being assigned in cases of child windows or scoped regions.
• Demonstration of a child window hosting a form; that same form can be shown within the shell or child window requiring no form or view model modifications to function correctly; i.e. no “if in popup then do this code.”
• When views are navigated away from, the currently focused control is cached; when that same instance of that form is navigated back to, focus will automatically be set to the correct control.
• Queued dialog service for forms.
• The view modal dialogs are asynchronous, by not blocking the UI thread, a form that has a dialog displayed, can be navigated away from and navigated back to.
• When a view has a view modal dialog displayed, the views ribbon tabs are automatically disabled.
• Ocean FormControl that provides many services for LOB forms.
• Ocean FormNotificationControl that shows the form status from a validation perspective.
• Ocean provides a comprehensive validation stack.
• In addition, many small features are also shown.

I’ll release a new version of BBQShack soon, PrismBBQShack. This is a complete end-to-end store application that will show off all features of Ocean 3 (like the data stack) and will have a Win8, WinRT XAML touch-enabled point of sale application.

Downloads

After downloading, you MUST read the READ ME NOW.txt file in the Acme.Example solution.

After downloading, you must rename the to downloads from .zip.doc to .zip.  This is a requirement of Word Press.

Ocean 3

Modified Prism 4

To use the modified Prism 4 download, after unzipping, go to the \Prism\Prism4\ folder and run these two batch files:

• Run Update Prism Binaries.bat
• RegisterPrismBinaries.bat

They will rebuild the supplied modified Prism 4 and will register this version of Prism in the registry so that you can use the Add References dialog. This modified version of Prism will work with any current Prism application as no API’s were removed or changed, only added.

Have a great day,

Just a grain of sand on the worlds beaches.

Four months later…

So Karl, 4 ½ months have passed, do you still think you made the right decision moving from Redmond, WA to Boise, ID?

Background

In Oct 2011, I moved from Redmond to Boise. Unfortunately I also had to leave Microsoft. I left Redmond because of the housing prices. (See full explanation here: http://karlshifflett.wordpress.com/2011/10/21/to-every-thing-there-is-a-season/.)

To answer the above question, I need to provide context. These were my goals as I left Redmond:

• Work for a company that appreciates its employees
• Maximum 15 minute commute
• Light traffic during the week and on weekends
• Purchase a new home that I could afford (got three kids in college, 401K, etc.) and pay off in 12 years
• WPF architect-developer position

The Boise Area

I spent 3 ½ months looking at new home developments and empty lots. This task takes determination and patience. I suggest you educate yourself on determining value and features along with finding a builder or real estate person you can trust and work with.

Last week I signed a contract to build a new custom designed home (I designed it, they build it) with Boise Hunter Homes. My home is approx. 13 minutes commute from work in a nice new development. The modern/contemporary home is 2835 sqft, a massive master suite and bath, open living area with double sided fireplace, pool room, home theater room, two offices, and 600 sqft patio. The backyard will have an outdoor kitchen, Jacuzzi, and fire pit; these items were not part of the home price.

Unfortunately, I learned that the Boise area has very good health care. I had a neck and spinal cord problem that required surgery, it’s been 5 weeks and I’m doing much better now.

Most people in Boise are truly friendly and make this an enjoyable place to live and work. I have not been stuck in traffic once since moving here. The stress level in Boise is low, you just feel relaxed; it’s hard to explain, but I feel better here. I joined a gym a few minutes from work. They have a pool, racquetball courts, and other typical gym equipment and services; cost, $360 per year.

This winter season, we had snow stick twice but it was gone by the next day or two. However, in 45 minutes you can be in very nice winter recreation areas for skiing, snowmobiling, etc. The winters are dry here, not like the nasty north east that has wet winters, or the ice that comes to Charlotte.

I’m looking forward to jet skiing this summer on one of our lakes and hiking in the surrounding area.

My Company: Gayle Manufacturing Company

Where you work, the people you work with, and the working environment and culture can really affect your quality of life. I’ve been very fortunate in my life, always looking forward to work each day; yes even in the Marines when we were stuck on some freezing cold mountain, hiding out in a tropical jungle, doing search and rescue missions over the Atlantic, or flying low nap of the earth over some desert, I loved it.

Working at GMC is no different; every morning I look forward to my work day and the tasks I will accomplish. Our company motto is, “performance through innovation.” I’m with a company were people get along, value and respect one another, whose core culture is to think outside the box; to look for ways to improve our manufacturing processes, our business processes, and our safety procedures. I’m blessed to have the opportunity to be a part of the GMC family.

Before my neck surgery my surgeon told me the procedure would knock me out of the game for 2-3 weeks. Well, he was not kidding. The first two weeks were brutal and I needed assistance; for example I couldn’t raise my arms to put a shirt on; even with assistance putting a shirt on was painful to say the least.

The owner of my company visited me 2-3 times every day, cooking, cleaning, changing my dressing, shopping, and doing laundry. One of co-workers helped out on weekends too. I’m very appreciative of the support, understanding, and care my company has provided me.

I value the job responsibilities and opportunities I have at GMC; my WPF and business application development experience is a good fit for the company and me.

Close

For me, the move to Boise has been a very good one. Short commute, affordable housing, light traffic, outdoor activities, health care I trust, friendly folks, and a wonderful company to work for.

I hope that you have found a nice place to live and work also.

We do have one opening for a Senior WPF/C# Developer. You can read the details here: http://www.gmcx.com/Employment.aspx?Area=NampaJobs.

Have a great day,

Just a grain of sand on the worlds beaches.

Looking for Senior WPF/C# Developer

Gayle Manufacturing Company (GMC) is seeking a senior WPF/C# developer with 4+ years of WPF and 5+ years’ C# of development experience to join the GMC IT Team that is currently designing and developing an upgrade to our internal material requirements planning (MRP) system. The MRP system manages all aspects of GMC’s daily operations including but not limited to Project Management, Drawing Management, Material Procurement, Product Manufacturing, and Shipping & Receiving.

The GMC IT Team is located at the Nampa, Idaho plant. This position has office regular hours without telecommuting.

The Ideal Candidate

The ideal candidate will be technically proficient developer with a solid background in WPF, OO programming concepts, an understanding of common design patterns, and who delivers quality, maintainable code. The candidate will have strong leadership skills and a proven track record of developing and delivering complex software.

The candidate will have the ability to thrive in a small team environment and who embraces new programming challenges; whose experience, creativity, and passion for WPF are demonstrated by their work product. Additionally, the candidate will have the ability to effectively interact and communicate with non-programmer company employees.

This long term, high profile position plays a critical role regarding the future operations and ongoing prosperity of GMC. GMC is prepared to offer an excellent compensation and benefits package to an outstanding individual.

The candidate must have the following experience:

• 5+ years of C# development
• 4+ years of WPF development
• WPF in-depth knowledge and experience that includes: authoring custom controls, data binding, control templates, styles, triggers, behaviors, data entry forms, nested forms and grids, data validation, and MVVM.
• Proficient with C# object oriented programming
• Understanding of cross-cutting concerns and solutions
• 3+ years of SQL Server development using ADO.NET API’s.
• Experience with the following would be helpful:
  • Prism
  • Infragistics WPF controls
  • SSRS or Telerik reporting controls
  • TFS source control
  • TDD, unit and integration testing
  • Expression Blend
  • Commercial MRP systems

Qualified applicants will be vetted for technical proficiency in the above requirements.

About Us

Gayle Manufacturing Company has a 43 year history of growth and prosperity, whose motto is, “performance through innovation.” During those years, GMC has become an established leader and innovator in the Structural Steel Industry. GMC has a 25 year history of successful development and implementation of proprietary MRP software systems. These systems are comprehensive and sophisticated. They are very focused and tuned to the GMC business model and support the specific management and manufacturing methods developed at GMC.

How to Apply

Please download our job application at http://www.gaylemfg.com/Documents/Application.pdf, email the completed application along with your resume to wpfposition@gmcx.com or fax to (208) 468-0500.

If applicable, also include a link to your blog, links to speaking engagements, and links to other on-line WPF articles you have authored.

In the subject field of the email, please enter the following text: WPF Developer: <your first and last name>.

Have a great day,

Just a grain of sand on the worlds beaches.

To Every Thing There Is a Season

When someone leads with a quote from Ecclesiastes 3.1, you know some sort of change is about to be announced.

Friday, 28 Oct 2011 will be my last day in Redmond, and unfortunately Microsoft and the patterns & practices team.

My decision to leave Redmond was driven solely by the poor real estate market in this area. I really want to build a new home, but know too many people here who are upside down (big $$$$) in their mortgages or who short sold their home. This was not a risk I wanted to take. Some say the market is near the bottom and now is a good time to buy here; maybe, but the cost to build a new home is higher than I want to take on and a long or hard commute is not an option for me. I prefer a 10-15 minute traffic-free drive (doesn’t everyone?)

This was a very difficult decision choosing between a life goal of building a new home, a short commute, and trying to stay with Microsoft in Redmond.

On 29 Oct 2011, I’ll be moving to Boise, Idaho and after a short break will begin a new career with Gayle Manufacturing Company. I’m looking forward to becoming part of the GMC family and transitioning back to an architect-developer role. Over the winter I’ll work with a home builder in Boise and hope to break ground in March or April of 2012. The other night I was studying home automation; it felt good to look forward to building a home, something I have not felt in long time.

Leaving Microsoft

Leaving Redmond is easy (for the above reason), leaving Microsoft is difficult. I’m grateful for the opportunities I’ve been given over the last 3 years. Except for the Marine Corps, Microsoft is the best company I’ve ever worked for. I would not hesitate to recommend the opportunities at Microsoft to anyone, this super place to work.

I will very much miss the dedicated and very smart people at Microsoft.

Leaving Redmond also means moving away from friends in the area; I will miss you as well.

Staying Connected

My blog will continue with WPF, Prism, and enterprise development topics, and will venture into WinRT land as well. I’m looking forward to joining the user groups in Boise.

I will also continue to stay close with Microsoft teams and groups by participating on advisory boards and other customer channels.

Close

Microsoft and the people of Microsoft, thank you very much for the last three years.

Have a great day,

Just a grain of sand on the worlds beaches.

Windows Phone 7 Market Place Test Kit

I’m starting a new project at work today to deliver MVVM guidance for the Windows Phone 7. This is going to be similar to the In the Box MVVM Training I did in Dec 2010.

One tool I’ll be using is the new Windows Phone Marketplace Test Kit.

From the above MSDN page:

The Windows Phone Marketplace Test Kit provides a suite of automated, monitored, and manual tests to help prepare your applications to be accepted in the Marketplace the first time you submit them. The test kit enables you to identify and fix issues prior to Marketplace submission, which saves time in the submission process. You can use the test kit to evaluate applications that target Windows Phone OS 7.1 or later.

To open the Marketplace Test Kit, select your Windows Phone 7.1 project in the Solution Explorer. Then from the Project menu select, Open Marketplace Test Kit.

The below tool will open allowing you to run a set of prepackaged tests and provides a UI to import the required images for your application.

Thanks go out to the Windows Phone team for shipping this.

Have a great day,

Just a grain of sand on the worlds beaches.