发表于 | 分类于 | | 阅读次数:

常见名词

Neutral Wire

中性线,也叫零线,一般为蓝色或黄色。用字母 N 表示。

Live Wire

相线,也叫火线,是不是更应该翻译成“活”线,一般为红色或黄色或绿色,一种颜色代表三相电中的一相。用字母 L 表示。

Earch Wire

地线,一般为黄绿色或黑色。 用字母 E 表示。

System Earthing

工作接地。

Protective Earthing

保护接地。用字母 PE 表示。

空气开关

简称空开,是当电路中电流大于额定值就跳闸,从而保护电路不被烧毁的开关装置,功能类似过去老房子用的保险丝。

空开按极数(P)分1P 2P 3P 4P四种,家庭常用就是单极1P和二极2P,适用于额定电压220V,1P空开只有一个接线头,接一根火线,跳闸只断这根火线;2P空开有两个接线头,接一根火线和一根零线,跳闸后火线和零线一起断。

阅读全文 »

发表于 | 分类于 | | 阅读次数:

ResourceHttpRequestHandler

ResourceHttpRequestHandler 可以使用 ResourceResolversResourceTransformers 来优化处理静态资源。处理过程如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Request for Resource
     |
     | HTTP request
     v
 Resolvers chain: FirstResolver, SecondResolver, ThirdResolver
 (each resolver can return the resource or delegate to the next one)
     |
     | Resolved Resource
     v
 Transformers chain: FirstTransformer, SecondTransformer
 (each transformer can transform the resource or just pass it along without modification)
     |
     | Transformed Resource
     v
 HTTP Response with Resource content
阅读全文 »

发表于 | 分类于 | | 阅读次数:

Error: Couldn’t find preset “es2015” relative to directory “/Users/username”

1
npm install babel-cli babel-preset-es2015
阅读全文 »

发表于 | 分类于 | | 阅读次数:

打开 IntelliJ 的配置

进入 Startup/Connection 标签页

编辑 Startup Script

取消选择 Use Default,点击编辑按钮,进入参数编辑窗口

添加 Program Arguments

run 后添加配置文件的地址:

1
run -config /usr/local/apache-tomcat-8.0.26/conf/server.xml
阅读全文 »

发表于 | 分类于 | | 阅读次数:

本文讨论的是 NW.js 13.x 在 Windows 操作系统的编译过程。使用这一版,主要因为其支持 xpnpapi

NW.js 13.x 的文档在 v0.13.0-beta7,在这里下载

NW.js 本身是一个浏览器的应用(Packaged App),它的实现思路是在每一个 Chromium 稳定发布版的基础上,打上补丁,以支持 Node.js 等功能。下面是 NW.js 打补丁的几个仓库:

path repo
src/content/nw https://github.com/nwjs/nw.js
src/third_party/node-nw https://github.com/nwjs/node
src/v8 https://github.com/nwjs/v8

准备工作

  • 安装 depot_tools
  • 安装 DirectX SDK

下载代码

1. 创建配置文件

创建一个目录,然后执行下面语句,生成配置文件:

1
gclient config --name=src https://github.com/nwjs/chromium.src.git@origin/nw13
阅读全文 »

发表于 | 分类于 | | 阅读次数:

首先,这是 IETF 协会文档 Request for Comments (RFC) 5246

Alert Messages

在 TLS 协商握手阶段,遇到服务器返回的 Alert 消息时,能通过下表查找出对应的原因。

Alert Code Alert Message Description
0 close_notify Notifies the recipient that the sender will not send any more messages on this connection.
10 unexpected_message Received an inappropriate message This alert should never be observed in communication between proper implementations. This message is always fatal.
20 bad_record_mac Received a record with an incorrect MAC. This message is always fatal.
21 decryption_failed Decryption of a TLSCiphertext record is decrypted in an invalid way: either it was not an even multiple of the block length or its padding values, when checked, were not correct. This message is always fatal.
22 record_overflow Received a TLSCiphertext record which had a length more than 2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always fatal.
30 decompression_failure Received improper input, such as data that would expand to excessive length, from the decompression function. This message is always fatal.
40 handshake_failure Indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.
42 bad_certificate There is a problem with the certificate, for example, a certificate is corrupt, or a certificate contains signatures that cannot be verified.
43 unsupported_certificate Received an unsupported certificate type.
44 certificate_revoked Received a certificate that was revoked by its signer.
45 certificate_expired Received a certificate has expired or is not currently valid.
46 certificate_unknown An unspecified issue took place while processing the certificate that made it unacceptable.
47 illegal_parameter Violated security parameters, such as a field in the handshake was out of range or inconsistent with other fields. This is always fatal.
48 unknown_ca Received a valid certificate chain or partial chain, but the certificate was not accepted because the CA certificate could not be located or could not be matched with a known, trusted CA. This message is always fatal.
49 access_denied Received a valid certificate, but when access control was applied, the sender did not proceed with negotiation. This message is always fatal.
50 decode_error A message could not be decoded because some field was out of the specified range or the length of the message was incorrect. This message is always fatal.
51 decrypt_error Failed handshake cryptographic operation, including being unable to correctly verify a signature, decrypt a key exchange, or validate a finished message.
60 export_restriction Detected a negotiation that was not in compliance with export restrictions; for example, attempting to transfer a 1024 bit ephemeral RSA key for the RSA_EXPORT handshake method. This message is always fatal.
70 protocol_version The protocol version the client attempted to negotiate is recognized, but not supported. For example, old protocol versions might be avoided for security reasons. This message is always fatal.
71 insufficient_security Failed negotiation specifically because the server requires ciphers more secure than those supported by the client. Returned instead of handshake_failure. This message is always fatal.
80 internal_error An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue, such as a memory allocation failure. The error is not related to protocol. This message is always fatal.
90 user_cancelled Cancelled handshake for a reason that is unrelated to a protocol failure. If the user cancels an operation after the handshake is complete, just closing the connection by sending a close_notify is more appropriate. This alert should be followed by a close_notify. This message is generally a warning.
100 no_renegotiation Sent by the client in response to a hello request or sent by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert; at that point, the original requester can decide whether to proceed with the connection. One case where this would be appropriate would be where a server has spawned a process to satisfy a request; the process might receive security parameters (key length, authentication, and so on) at start-up and it might be difficult to communicate changes to these parameters after that point. This message is always a warning.
255 unsupported_extension
阅读全文 »

发表于 | 分类于 | | 阅读次数:

中间人劫持代理

注:图片来源于 mitmproxy

本代理基于 TCP,是一个不关心协议的代理?

是的

HTTP 代理 VS Socks 代理

问题与挑战

获取远端主机名(Host)

当应用设置了代理后,在 TLS 协商前,应用首先会发一条 CONNECT 请求,期待通过代理和远端服务器建立 TLS 隧道(tunnel)。

1
CONNECT 10.1.1.1:443 HTTP/1.1

作为中间人代理,并不帮助建立隧道,而是需要解析 CONNECT 请求,并从中获得远端服务器主机名。同时返回给被代理程序隧道建立成功的回复:

1
2
// 根据请求指定版本号
HTTP/1.0 200 Connection established\r\n\r\n
阅读全文 »

发表于 | 分类于 | | 阅读次数:

下载 OpenSSL

进入 OpenSSL 命令行模式:

1
OpenSSL

;) windows 系统中会提示:

1
2
WARNING: can\'t open config file: /usr/local/ssl/openssl.cnf
OpenSSL>

退出OpenSSL程序

1
OpenSSL> exit

生成私钥

1
OpenSSL> genrsa -out rsa_private_key.pem   1024
阅读全文 »

发表于 | 分类于 | | 阅读次数:

字符操作

wstring 和 string 互转

1
2
3
4
5
6
7
8
9
10
11
12
13
14
std::wstring s2ws(const std::string& str) {
    using convert_typeX = std::codecvt_utf8<wchar_t>;
    std::wstring_convert<convert_typeX, wchar_t> converterX;

    return converterX.from_bytes(str);
}


std::string ws2s(const std::wstring& wstr){
    using convert_typeX = std::codecvt_utf8<wchar_t>;
    std::wstring_convert<convert_typeX, wchar_t> converterX;

    return converterX.to_bytes(wstr);
}

进一步阅读

阅读全文 »