2007年12月 存档

« 较老的文章
较新的文章 »

深圳电信的http://219.133.33.37/update/step1.aspx?p

2007年12月15日,星期六

深圳电信对 ADSL上网的 劫持很过分,用firefox打开网页,每天晚上上一会儿网,就几乎几十次的出现这玩意,

总要去打开 的东西,无语!!!

类似情况可参考:

http://www.williamlong.info/archives/1116.html

[code]

<html>
<head>
<meta http-equiv="pragma" content="no-cache"/>
<meta http-equiv="Cache-Control" content="no-store,no-cache,must-revalidate,post-check=0,pre-check=0,max-age=0"/>
<meta http-equiv="expires" content="-1"/>
<meta http-equiv="refresh" content="2"/>
</head>
<body>
<iframe src="about:blank" width="0" height="0" frameborder="0" style="display:none"></iframe>
<script language="javascript">
window.frames[0].location = "http://219.133.33.37/update/step1.aspx?p=" +
"sz10000@163.gd|" +
Math.floor((new Date()).getTime()/1000) + "|" +
navigator.appMinorVersion + "|" +
screen.availHeight + "|" +
screen.availWidth + "|" +
screen.colorDepth + "|" +
screen.height + "|" +
screen.width;
</script>
</body>
</html>

[/code]

拼出来的url 为: http://219.133.33.37/update/step1.aspx?p=sz10000@163.gd|1197733344|;SP2;|994|1280|32|1024|1280

不过被 Firefox的 noScript被挡掉了.

Tags: , , ,

标签:, , ,
发布在 DNS, IP | 一条评论 »

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (六)

2007年12月14日,星期五

接上一篇: http://618119.com/archives/2007/12/13/45.html

使用 commons ssl生成 SSLContext :

[code]

package com.lizongbo..;

import javax.net.ssl.SSLContext;
import java.security.GeneralSecurityException;
import java.io.IOException;
import javax.net.ssl.KeyManager;
import org.apache.commons.ssl.KeyMaterial;

public class SMPPSSLContextFactory {
private static final String PROTOCOL = "TLS";
private static final String CA_FILE = "ca.crt.properties";
private static final String CERT_FILE = "server.crt.properties";
private static final String KEY_FILE = "server.key.properties";
private static final String CILENT_FILE = "client.crt.properties";;//"client.p12.properties";
private static final String CILENT_KEY_FILE = "client.key.properties";

private static final char[] password =new char[0] ;//"lizongbo".toCharArray();

private static SSLContext serverInstance = null;

private static SSLContext clientInstance = null;

/**
* Get SSLContext singleton.
*
* @return SSLContext
* @throws java.security.GeneralSecurityException
*
*/
public static SSLContext getInstance(boolean server) throws
GeneralSecurityException, IOException {
SSLContext retInstance = null;
if (server) {
if (serverInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (serverInstance == null) {
try {
serverInstance = createSMPPServerSSLContext();
}
catch (Exception ioe) {
throw new GeneralSecurityException(
"Can't create Server SSLContext:" + ioe);
}
}
}
}
retInstance = serverInstance;
}
else {
if (clientInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (clientInstance == null) {
clientInstance = createSMPPClientSSLContext();
}
}
}
retInstance = clientInstance;
}
return retInstance;
}

private static SSLContext createSMPPServerSSLContext() throws
GeneralSecurityException, IOException {
// ssl.setCheckHostname(false); // default setting is "false" for SSLServer
// ssl.setCheckExpiry(true); // default setting is "true" for SSLServer
// ssl.setCheckCRL(true); // default setting is "true" for SSLServer
// ssl.useStrongCiphers();
// return ssl.getSSLContext();
SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CERT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(KEY_FILE),
password);
sslContext.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
// System.out.println("getCipherSuites ==" +
// java.util.Arrays.toString(sslContext.getServerSessionContext().
// getSupportedSSLParameters().
// getCipherSuites()));
return sslContext;

}

private static SSLContext createSMPPClientSSLContext() throws
GeneralSecurityException, IOException {
{
SSLContext context = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_KEY_FILE),
password);
context.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
return context;
}
}
}
[/code]

实现证书检查认证的代码:

[code]

package com.lizongbo.smpp.ssl;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;

public class SMPPTrustManagerFactory
extends TrustManagerFactorySpi {

static final X509TrustManager X509 = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
elem.checkValidity();
//System.out.println("checkClientTrusted elem ==" + elem);
}
}
// System.out.println("checkClientTrusted s ==" + s);
}

public void checkServerTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
// System.out.println("checkServerTrusted elem ==" + elem);
}
}
// System.out.println("checkServerTrusted s ==" + s);

}

public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};

static final TrustManager[] X509_MANAGERS = new TrustManager[] {
X509};

public SMPPTrustManagerFactory() {
}

protected TrustManager[] engineGetTrustManagers() {
return X509_MANAGERS;
}

protected void engineInit(KeyStore keystore) throws KeyStoreException {
// noop
}

protected void engineInit(
ManagerFactoryParameters managerFactoryParameters) throws
InvalidAlgorithmParameterException {
// noop
}
}
[/code]

Tags: , , , , , , ,

标签:, , , , , , ,
发布在 Java, SSL | 3 条评论 »

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (五)

2007年12月13日,星期四

接上一篇: http://618119.com/archives/2007/12/06/39.html

为 DefaultIoFilterChainBuilder 增加filter:

[code]
import org.apache.mina.filter.LoggingFilter;
import javax.net..SSLContext;
import org.apache.mina.filter.SSLFilter;
import org.apache.mina.common.DefaultIoFilterChainBuilder;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.apache.commons.ssl.*;
import java.io.*;
import java.security.*;
import com.lizongbo..ssl.SMPPSSLContextFactory;
import com.lizongbo.smpp.server.codec.SMPPProtocolCodecFactory;

public static final int PORT = 5432;
public static final int CONNECT_TIMEOUT = 3; // seconds
private static final boolean USE_SSL = true;
private static final boolean USE_LOG = false;
private static final boolean USE_COMPRESS = false;
private static final boolean USE_THREADPOOL = false;
/**
添加服务端的ssl支持
*/
public static void addServerSSLSupport(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_SSL) {
SSLContext sslc = SMPPSSLContextFactory.getInstance(true);
SSLFilter sslFilter = new SSLFilter(sslc);
sslFilter.setNeedClientAuth(true);//
//sslFilter.setWantClientAuth(true);
sslFilter.setEnabledCipherSuites(new String[] {
"TLS_RSA_WITH_AES_256_CBC_SHA"
"SSL_RSA_WITH_RC4_128_MD5"//,
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"SSL_RSA_WITH_RC4_128_SHA",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
});
chain.addLast("sslFilter", sslFilter);
System.out.println("Server SSL ON");
}
}
/**
添加客户端的ssl支持
*/
public static void addCilentSSLSupport(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_SSL) {
SSLContext sslc = SMPPSSLContextFactory.getInstance(false);
SSLFilter sslFilter = new SSLFilter(sslc);
sslFilter.setUseClientMode(true);
chain.addLast("sslFilter", sslFilter);
System.out.println("Client SSL ON");
}
}
/**
添加 logger 过滤器
*/
public static void addLogger(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_LOG) {
chain.addLast("logger", new LoggingFilter());
System.out.println("Logging ON");
}
}
/**
添加压缩 过滤器
*/
public static void addCompress(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_COMPRESS) {
chain.addLast("compress", new org.apache.mina.filter.CompressionFilter());
System.out.println("Compress ON");
}
}
/**
添加编码解码过滤器
*/
public static void addCodec(DefaultIoFilterChainBuilder chain) throws
Exception {
chain.addLast("codec",
new ProtocolCodecFilter(new SMPPProtocolCodecFactory()));

}
/**
添加线程池过滤器
*/
public static void addThreadPool(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_THREADPOOL) {
chain.addLast("threadpool",
new org.apache.mina.filter.executor.ExecutorFilter());
System.out.println("Threadpool ON");
}
}

public static void main(String[] args) throws IOException, Exception {
IoAcceptor acceptor = new SocketAcceptor();
IoAcceptorConfig config = new SocketAcceptorConfig();
DefaultIoFilterChainBuilder chain = config.getFilterChain();
//Utils.addServerSSLSupport(chain);
Utils.addThreadPool(chain);
Utils.addCompress(chain);
Utils.addCodec(chain);
Utils.addLogger(chain);
SMPPServerSessionHandler handlers = new SMPPServerSessionHandler();
handlers.getHandles().put(Integer.valueOf(0x00000001),
new com.lizongbo.smpp.server.handlers.
BindReceiverHandler());
handlers.getHandles().put(Integer.valueOf(0x00000002),
new com.lizongbo.smpp.server.handlers.
BindTransmitterHandler());
handlers.getHandles().put(Integer.valueOf(0x00000004),
new com.lizongbo.smpp.server.handlers.
SubmitSMHandler());
handlers.getHandles().put(Integer.valueOf(0x00000006),
new com.lizongbo.smpp.server.handlers.
UnbindHandler());
InetSocketAddress serverAddr = new InetSocketAddress(Utils.PORT);
acceptor.bind(
serverAddr, handlers,
config);

//JMX控制

IoServiceManager serviceManager = new IoServiceManager(acceptor);
serviceManager.startCollectingStats(1000);
MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
ObjectName name = new ObjectName(
"com.lizongbo.smpp.server:type=IoServiceManager");
mbs.registerMBean(serviceManager, name);

System.out.println("Listening on port " + Utils.PORT);
}

[/code]

Tags: , , , , , , , ,

标签:, , , , , , , ,
发布在 Java, SSL | 一条评论 »

« 较老的文章
较新的文章 »