lizongbo at 618119.com 工作,生活,Android,前端,Linode,Ubuntu,nginx,java,apache,tomcat,Resin,mina,Hessian,XMPP,RPC

2010年10月22日

Ubuntu Server 10.04 LTS的Linux上编译安装配置nginx0.8.52

Filed under: Linux,nginx,SSL — 标签:, , , , — lizongbo @ 13:37

Ubuntu Server 10.04 LTS的Linux上安装配置nginx0.8.52

操作系统是linode上的Linux:Ubuntu Server 10.04 LTS。
nginx的最新版本是:0.8.52
http://nginx.org/download/nginx-0.8.52.tar.gz
来源:http://nginx.org/en/download.html
nginx依赖的PCRE库,最新版本是:8.10:
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz
来源:ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
OpenSSL的最新版本是:1.0.0a:
http://www.openssl.org/source/openssl-1.0.0a.tar.gz
来源:http://www.openssl.org/source/
zlib的最新版本是:1.2.5:
http://zlib.net/zlib-1.2.5.tar.gz
在/usr/local目录下创建app目录,所有应用都安装配置到这个目录下面:
root@618119.com:/usr/local# sudo mkdir app
root@618119.com:/usr/local# cd ./app
然后下载安装程序:
root@618119.com:/usr/local/app# wget http://nginx.org/download/nginx-0.8.52.tar.gz
root@618119.com:/usr/local/app# wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz
root@618119.com:/usr/local/app# wget http://www.openssl.org/source/openssl-1.0.0a.tar.gz
root@618119.com:/usr/local/app# wget http://zlib.net/zlib-1.2.5.tar.gz
再解压压缩包:
root@618119.com:/usr/local/app# tar -zxvf nginx*
root@618119.com:/usr/local/app# tar -zxvf pcre*
root@618119.com:/usr/local/app# tar -zxvf openssl*
root@618119.com:/usr/local/app# tar -zxvf zlib*
由于缺少gcc等编译器,需要先运行:
root@618119.com:/usr/local/app# apt-get install gcc libc6-dev build-essential
进入到nginx解压得到的目录:
root@618119.com:/usr/local/app# cd nginx-*
运行configure命令,将nginx的安装目录设置为/usr/local/app/nginx。
with-http_stub_status_module参数是启用stub_status监控。
root@618119.com:/usr/local/app/nginx-0.8.52#  ./configure –prefix=/usr/local/app/nginx –user=nginx –group=nginx –with-http_ssl_module –with-http_stub_status_module –with-pcre=/usr/local/app/pcre-8.10 –with-openssl=/usr/local/app/openssl-1.0.0a –with-zlib=/usr/local/app/zlib-1.2.5
然后再运行make进行编译:
root@618119.com:/usr/local/app/nginx-0.8.52# make
再运行:make install,
root@618119.com:/usr/local/app/nginx-0.8.52# make install

还需要添加nginx用户组(未添加用户组就启动的话:会提示[emerg]: getpwnam(“nginx”) failed):
root@618119.com:/usr/local/app/nginx# sudo adduser –system –no-create-home –disabled-login –disabled-password –group nginx
进入到nginx的sbin目录用-t参数检查配置文件是否ok:
root@618119.com:/usr/local/app/nginx# cd sbin/
root@618119.com:/usr/local/app/nginx/sbin# sudo ./nginx -t
the configuration file /usr/local/app/nginx/conf/nginx.conf syntax is ok
configuration file /usr/local/app/nginx/conf/nginx.conf test is successful

这样就在linode的VPS上将nginx0.8.52安装好了。
root@618119.com:/usr/local/app/nginx/sbin# ./nginx
[emerg]: bind() to 0.0.0.0:80 failed (13: Permission denied)
root@618119.com:/usr/local/app/nginx/sbin#sudo ./nginx
(不用root启动的话,会提示:[emerg]: bind() to 0.0.0.0:80 failed (13: Permission denied))
启动成功后访问http 80端口可以看到Welcome to nginx!

接下来制作nginx系统服务启动的脚本,参考 http://articles.slicehost.com/2007/10/17/ubuntu-lts-adding-an-nginx-init-script

#! /bin/sh

### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts the nginx web server
# Description: starts nginx using start-stop-daemon
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/app/nginx/sbin/nginx
NAME=nginx
DESC=nginx

test -x $DAEMON || exit 0

# Include nginx defaults if available
if [ -f /etc/default/nginx ] ; then
. /etc/default/nginx
fi

set -e

case “$1” in
start)
echo -n “Starting $DESC: ”
start-stop-daemon –start –quiet –pidfile /usr/local/app/nginx/logs/$NAME.pid \
–exec $DAEMON — $DAEMON_OPTS
echo “$NAME.”
;;
stop)
echo -n “Stopping $DESC: ”
start-stop-daemon –stop –quiet –pidfile /usr/local/app/nginx/logs/$NAME.pid \
–exec $DAEMON
echo “$NAME.”
;;
restart|force-reload)
echo -n “Restarting $DESC: ”
start-stop-daemon –stop –quiet –pidfile \
/usr/local/app/nginx/logs/$NAME.pid –exec $DAEMON
sleep 1
start-stop-daemon –start –quiet –pidfile \
/usr/local/app/nginx/logs/$NAME.pid –exec $DAEMON — $DAEMON_OPTS
echo “$NAME.”
;;
reload)
echo -n “Reloading $DESC configuration: ”
start-stop-daemon –stop –signal HUP –quiet –pidfile /usr/local/app/nginx/logs/$NAME.pid \
–exec $DAEMON
echo “$NAME.”
;;
*)
N=/etc/init.d/$NAME
echo “Usage: $N {start|stop|restart|force-reload}” >&2
exit 1
;;
esac

exit 0

再运行命令: sudo /usr/sbin/update-rc.d -f nginx defaults,将nginx安装为默认服务。

这样在linode里对Ubuntu重启之后,nginx服务也自动启动了。

2008年03月7日

Apache MINA 2.0.0-M1 试用体会

Filed under: Java,SSL — 标签:, , , — lizongbo @ 14:15

Apache MINA 2.0.0-M1 的api比1.x更简单好用了,

新增加了许多filter功能,各个filter 功能在filter包下面以子目录方式存放,例如:

org.apache.mina.filter.executor.ExecutorFilter

org.apache.mina.filter.ssl.SslFilter

org.apache.mina.filter.keepalive.KeepAliveFilter

org.apache.mina.filter.compression.CompressionFilter
org.apache.mina.filter.firewall.BlacklistFilter
org.apache.mina.filter.logging.LoggingFilter

[code]

public static void main(String[] args) throws IOException, Exception {
IoAcceptor acceptor = new NioSocketAcceptor();
DefaultIoFilterChainBuilder chain = acceptor.getFilterChain();
//Utils.addServerSSLSupport(chain);
Utils.addThreadPool(chain);
// Utils.addCompress(chain);
Utils.addCodec(chain);
Utils.addLogger(chain);
SMPPServerSessionHandler handlers = new SMPPServerSessionHandler();
handlers.getHandles().put(Integer.valueOf(0x00000001),
new com.lizongbo.smpp.server.handlers.
BindReceiverHandler());
handlers.getHandles().put(Integer.valueOf(0x00000002),
new com.lizongbo.smpp.server.handlers.
BindTransmitterHandler());
handlers.getHandles().put(Integer.valueOf(0x00000004),
new com.lizongbo.smpp.server.handlers.
SubmitSMHandler());
handlers.getHandles().put(Integer.valueOf(0x00000006),
new com.lizongbo.smpp.server.handlers.
UnbindHandler());
InetSocketAddress serverAddr = new InetSocketAddress(Utils.PORT);
acceptor.setHandler(handlers);
acceptor.bind(serverAddr);
System.out.println(“Listening on port ” + Utils.PORT);
}

[/code]

spring配置的bean也有所变动

[code]

<?xml version=”1.0″ encoding=”UTF-8″?>
<beans xmlns=”http://www.springframework.org/schema/beans”
xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”
xmlns:aop=”http://www.springframework.org/schema/aop”
xmlns:util=”http://www.springframework.org/schema/util”
xsi:schemaLocation=”http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd”>
<util:constant id=”ie.omk.smpp.message.BIND_TRANSMITTER”
static-field=”ie.omk.smpp.message.SMPPPacket.BIND_TRANSMITTER” />
<bean id=”com.lizongbo.smpp.server.handlers.BindTransmitterHandler”
class=”com.lizongbo.smpp.server.handlers.BindTransmitterHandler” />
<bean id=”com.lizongbo.smpp.server.handlers.BindReceiverHandler”
class=”com.lizongbo.smpp.server.handlers.BindReceiverHandler” />
<bean id=”com.lizongbo.smpp.server.handlers.SubmitSMHandler”
class=”com.lizongbo.smpp.server.handlers.SubmitSMHandler” />
<bean id=”com.lizongbo.smpp.server.handlers.UnbindHandler”
class=”com.lizongbo.smpp.server.handlers.UnbindHandler” />
<util:map id=”handlers” key-type=”java.lang.Integer”>
<entry key=”0x00000002″>
<ref
local=”com.lizongbo.smpp.server.handlers.BindTransmitterHandler” />
</entry>
<entry key=”0x00000001″>
<ref
local=”com.lizongbo.smpp.server.handlers.BindReceiverHandler” />
</entry>
<entry key=”0x00000004″>
<ref
local=”com.lizongbo.smpp.server.handlers.SubmitSMHandler” />
</entry>
<entry key=”0x00000006″>
<ref
local=”com.lizongbo.smpp.server.handlers.UnbindHandler” />
</entry>
</util:map>
<bean
class=”org.springframework.beans.factory.config.CustomEditorConfigurer”>
<property name=”customEditors”>
<map>
<entry key=”java.net.SocketAddress”>
<bean
class=”org.apache.mina.integration.beans.InetSocketAddressEditor” />
</entry>
</map>
</property>
</bean>
<!– The IoHandler delegate implementation –>
<bean id=”smppHandler”
class=”com.lizongbo.smpp.server.SMPPServerSessionHandler”>
<property name=”handles”>
<ref local=”handlers” />
</property>
<property name=”readerIdleTimeout”>
<value>600</value>
</property>
</bean>
<!– The protocol codec factory for smpp –>
<bean id=”smppProtocolCodecFactory”
class=”com.lizongbo.smpp.server.codec.SMPPProtocolCodecFactory”>
</bean>
<util:map id=”mfilters” key-type=”java.lang.String”
value-type=”org.apache.mina.common.IoFilter”
map-class=”java.util.LinkedHashMap”>
<entry key=”threadpool”>
<bean
class=”org.apache.mina.filter.executor.ExecutorFilter” />
</entry>
<!– entry key=”compress”>
<bean
class=”org.apache.mina.filter.compression.CompressionFilter” />
</entry–>
<entry key=”codec”>
<bean
class=”org.apache.mina.filter.codec.ProtocolCodecFilter”>
<constructor-arg ref=”smppProtocolCodecFactory” />
</bean>
</entry>
<entry key=”logger”>
<bean class=”org.apache.mina.filter.logging.LoggingFilter” />
</entry>
</util:map>
<bean id=”smppFilterChainBuilder”
class=”org.apache.mina.common.DefaultIoFilterChainBuilder”>
<property name=”filters” ref=”mfilters” />
</bean>
<util:list id=”ipaddrs” value-type=”java.net.InetSocketAddress”>
<value>0.0.0.0:5432</value>
<value>0.0.0.0:5433</value>
</util:list>
<bean id=”smppAcceptor”
class=”org.apache.mina.transport.socket.nio.NioSocketAcceptor”>
<property name=”filterChainBuilder”
ref=”smppFilterChainBuilder” />
<property name=”handler” ref=”smppHandler” />
<property name=”defaultLocalAddresses” ref=”ipaddrs” />
</bean>

</beans>
[/code]

在修改代码的时候,发现以前写的smpp server例子里SMPPProtocolDecoder 存在bug,

[code]
public void decode(IoSession session, IoBuffer in, ProtocolDecoderOutput out)
throws Exception {

try {

//以前用的if判断,导致有数据包漏了。

while(in.remaining() >= 4
&& (in.remaining() >= in.getInt(in.position()))) {
byte[] b = new byte[in.getInt(in.position())];
in.get(b);
SMPPPacketpak = null;
int id = -1;
id = SMPPIO.bytesToInt(b, 4, 4);
pak = PacketFactory.newInstance(id);
if (pak != null) {
pak.readFrom(b, 0);
System.out.println(“decode:==” + pak);
out.write(pak);
}
}
} catch (BadCommandIDException ex) {
ex.printStackTrace();
}
}

[/code]

在使用AprSocketAcceptor的时候,客户端连接上来时,

服务端就出错,在网上也没搜索到这个错误码具体是什么含义。

[code]

java.io.IOException: (乱码显示) (code: -730054)
at org.apache.mina.transport.socket.apr.AprIoProcessor.throwException(AprIoProcessor.java:365)
at org.apache.mina.transport.socket.apr.AprIoProcessor.write(AprIoProcessor.java:352)
at org.apache.mina.transport.socket.apr.AprIoProcessor.write(AprIoProcessor.java:1)
at org.apache.mina.common.AbstractPollingIoProcessor.writeBuffer(AbstractPollingIoProcessor.java:567)
at org.apache.mina.common.AbstractPollingIoProcessor.flushNow(AbstractPollingIoProcessor.java:528)
at org.apache.mina.common.AbstractPollingIoProcessor.flush(AbstractPollingIoProcessor.java:469)
at org.apache.mina.common.AbstractPollingIoProcessor.access$500(AbstractPollingIoProcessor.java:43)
at org.apache.mina.common.AbstractPollingIoProcessor$Worker.run(AbstractPollingIoProcessor.java:681)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)

[/code]

2007年12月14日

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (六)

Filed under: Java,SSL — 标签:, , , , , , , — lizongbo @ 14:37

接上一篇: http://618119.com/archives/2007/12/13/45.html

使用 commons ssl生成 SSLContext :

[code]

package com.lizongbo.smpp.ssl;

import javax.net.ssl.SSLContext;
import java.security.GeneralSecurityException;
import java.io.IOException;
import javax.net.ssl.KeyManager;
import org.apache.commons.ssl.KeyMaterial;

public class SMPPSSLContextFactory {
private static final String PROTOCOL = “TLS”;
private static final String CA_FILE = “ca.crt.properties”;
private static final String CERT_FILE = “server.crt.properties”;
private static final String KEY_FILE = “server.key.properties”;
private static final String CILENT_FILE = “client.crt.properties”;;//”client.p12.properties”;
private static final String CILENT_KEY_FILE = “client.key.properties”;

private static final char[] password =new char[0] ;//”lizongbo”.toCharArray();

private static SSLContext serverInstance = null;

private static SSLContext clientInstance = null;

/**
* Get SSLContext singleton.
*
* @return SSLContext
* @throws java.security.GeneralSecurityException
*
*/
public static SSLContext getInstance(boolean server) throws
GeneralSecurityException, IOException {
SSLContext retInstance = null;
if (server) {
if (serverInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (serverInstance == null) {
try {
serverInstance = createSMPPServerSSLContext();
}
catch (Exception ioe) {
throw new GeneralSecurityException(
“Can’t create Server SSLContext:” + ioe);
}
}
}
}
retInstance = serverInstance;
}
else {
if (clientInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (clientInstance == null) {
clientInstance = createSMPPClientSSLContext();
}
}
}
retInstance = clientInstance;
}
return retInstance;
}

private static SSLContext createSMPPServerSSLContext() throws
GeneralSecurityException, IOException {
// ssl.setCheckHostname(false); // default setting is “false” for SSLServer
// ssl.setCheckExpiry(true); // default setting is “true” for SSLServer
// ssl.setCheckCRL(true); // default setting is “true” for SSLServer
// ssl.useStrongCiphers();
// return ssl.getSSLContext();
SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CERT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(KEY_FILE),
password);
sslContext.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
// System.out.println(“getCipherSuites ==” +
// java.util.Arrays.toString(sslContext.getServerSessionContext().
// getSupportedSSLParameters().
// getCipherSuites()));
return sslContext;

}

private static SSLContext createSMPPClientSSLContext() throws
GeneralSecurityException, IOException {
{
SSLContext context = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_KEY_FILE),
password);
context.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
return context;
}
}
}
[/code]

实现证书检查认证的代码:

[code]

package com.lizongbo.smpp.ssl;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;

public class SMPPTrustManagerFactory
extends TrustManagerFactorySpi {

static final X509TrustManager X509 = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
elem.checkValidity();
//System.out.println(“checkClientTrusted elem ==” + elem);
}
}
// System.out.println(“checkClientTrusted s ==” + s);
}

public void checkServerTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
// System.out.println(“checkServerTrusted elem ==” + elem);
}
}
// System.out.println(“checkServerTrusted s ==” + s);

}

public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};

static final TrustManager[] X509_MANAGERS = new TrustManager[] {
X509};

public SMPPTrustManagerFactory() {
}

protected TrustManager[] engineGetTrustManagers() {
return X509_MANAGERS;
}

protected void engineInit(KeyStore keystore) throws KeyStoreException {
// noop
}

protected void engineInit(
ManagerFactoryParameters managerFactoryParameters) throws
InvalidAlgorithmParameterException {
// noop
}
}
[/code]

Older Posts »

Powered by WordPress