openssl库今年年初爆出好几个安全漏洞,会影响到https,朋友有台服务器的openssl库是1.0.1e,让我帮忙升级,于是把这个过程简单整理一下。

1397097761295.jpg

操作系统为:centos6.5
openssl版本为: 1.0.1e
受到影响的主要软件为:nginx

升级过程

升级的过程非常简单,使用源码编译安装并覆盖之前的版本即可,但是编译的时候需要手动增加配置参数,否则安装的路径会按照官方包默认的路径 /usr/local/ssl/下进行安装,无法替换操作系统之前的版本,从而达到升级的效果。

编译参数如下:

./config --prefix=/usr --openssldir=/usr/local/openssl shared

编译完成之后,执行

make
./config --prefix=/usr --openssldir=/usr/local/openssl shared
make depend
make test
make install

另外的一种方式

/config -fpic shared
make depend
make && make install
echo "/usr/local/ssl/lib" > /etc/ld.so.conf.d/openssl.conf
ldconfig

参考资料

附:OpenSSL Security Advisory [1st March 2016]

NOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as
well as removing SSLv2 EXPORT ciphers. We strongly advise against the use of
SSLv2 due not only to the issues described below, but to the other known
deficiencies in the protocol as described at

https://tools.ietf.org/html/rfc6176


Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
================================================================

Severity: High

A cross-protocol attack was discovered that could lead to decryption of TLS
sessions by using a server supporting SSLv2 and EXPORT cipher suites as a
Bleichenbacher RSA padding oracle. Note that traffic between clients and
non-vulnerable servers can be decrypted provided another server supporting
SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or
POP) shares the RSA keys of the non-vulnerable server. This vulnerability is
known as DROWN (CVE-2016-0800).

Recovering one session key requires the attacker to perform approximately 2^50
computation, as well as thousands of connections to the affected server. A more
efficient variant of the DROWN attack exists against unpatched OpenSSL servers
using versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on
19/Mar/2015 (see CVE-2016-0703 below).

Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS
servers, if they've not done so already. Disabling all SSLv2 ciphers is also
sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and
1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol,
and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2
ciphers are nominally disabled, because malicious clients can force the use of
SSLv2 with EXPORT ciphers.

OpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN:
SSLv2 is now by default disabled at build-time. Builds that are not configured
with "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used,
users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will
need to explicitly call either of:

   SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
   or
   SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

as appropriate. Even if either of those is used, or the application explicitly
uses the version-specific SSLv2_method() or its client or server variants,
SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed.
Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no
longer available.

In addition, weak ciphers in SSLv3 and up are now disabled in default builds of
OpenSSL. Builds that are not configured with "enable-weak-ssl-ciphers" will
not provide any "EXPORT" or "LOW" strength ciphers.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and
Sebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell
of OpenSSL.

Double-free in DSA code (CVE-2016-0705)
=======================================

Severity: Low

A double free bug was discovered when OpenSSL parses malformed DSA private keys
and could lead to a DoS attack or memory corruption for applications that
receive DSA private keys from untrusted sources. This scenario is considered
rare.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on February 7th 2016 by Adam Langley
(Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson
of OpenSSL.

Memory leak in SRP database lookups (CVE-2016-0798)
===================================================

Severity: Low

The SRP user database lookup method SRP_VBASE_get_by_user had
confusing memory management semantics; the returned pointer was sometimes newly
allocated, and sometimes owned by the callee. The calling code has no way of
distinguishing these two cases.

Specifically, SRP servers that configure a secret seed to hide valid
login information are vulnerable to a memory leak: an attacker
connecting with an invalid username can cause a memory leak of around
300 bytes per connection. Servers that do not configure SRP, or
configure SRP but do not configure a seed are not vulnerable.

In Apache, the seed directive is known as SSLSRPUnknownUserSeed.

To mitigate the memory leak, the seed handling in
SRP_VBASE_get_by_user is now disabled even if the user has configured
a seed. Applications are advised to migrate to
SRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong
guarantees about the indistinguishability of valid and invalid
logins. In particular, computations are currently not carried out in
constant time.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was discovered on February 23rd 2016 by Emilia Käsper of
the OpenSSL development team. Emilia Käsper also developed the fix.

BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
======================================================================

Severity: Low

In the BN_hex2bn function the number of hex digits is calculated using an int
value |i|. Later |bn_expand| is called with a value of |i * 4|. For large values
of |i| this can result in |bn_expand| not allocating any memory because |i * 4|
is negative. This can leave the internal BIGNUM data field as NULL leading to a
subsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4|
could be a positive value smaller than |i|. In this case memory is allocated to
the internal BIGNUM data field, but it is insufficiently sized leading to heap
corruption. A similar issue exists in BN_dec2bn. This could have security
consequences if BN_hex2bn/BN_dec2bn is ever called by user applications with
very large untrusted hex/dec data. This is anticipated to be a rare occurrence.

All OpenSSL internal usage of these functions use data that is not expected to
be untrusted, e.g. config file data or application command line arguments. If
user developed applications generate config file data based on untrusted data
then it is possible that this could also lead to security consequences. This is
also anticipated to be rare.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.

Fix memory issues in BIO_*printf functions (CVE-2016-0799)
==========================================================

Severity: Low

The internal |fmtstr| function used in processing a "%s" format string in the
BIO_*printf functions could overflow while calculating the length of a string
and cause an OOB read when printing very long strings.

Additionally the internal |doapr_outch| function can attempt to write to an OOB
memory location (at an offset from the NULL pointer) in the event of a memory
allocation failure. In 1.0.2 and below this could be caused where the size of a
buffer to be allocated is greater than INT_MAX. E.g. this could be in processing
a very long "%s" format string. Memory leaks can also occur.

The first issue may mask the second issue dependent on compiler behaviour.
These problems could enable attacks where large amounts of untrusted data is
passed to the BIO_*printf functions. If applications use these functions in this
way then they could be vulnerable. OpenSSL itself uses these functions when
printing out human-readable dumps of ASN.1 data. Therefore applications that
print this data could be vulnerable if the data is from untrusted sources.
OpenSSL command line applications could also be vulnerable where they print out
ASN.1 data, or if untrusted data is passed as command line arguments.

Libssl is not considered directly vulnerable. Additionally certificates etc
received via remote connections via libssl are also unlikely to be able to
trigger these issues because of message size limits enforced within libssl.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on February 23rd by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.

Side channel attack on modular exponentiation (CVE-2016-0702)
=============================================================

Severity: Low

A side-channel attack was found which makes use of cache-bank conflicts on the
Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA
keys. The ability to exploit this issue is limited as it relies on an attacker
who has control of code in a thread running on the same hyper-threaded core as
the victim thread which is performing decryptions.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The
University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv
University, and Nadia Heninger, University of Pennsylvania with more
information at http://cachebleed.info. The fix was developed by Andy Polyakov
of OpenSSL.

Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
================================================================

Severity: High

This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address vulnerability CVE-2015-0293.

s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If
clear-key bytes are present for these ciphers, they *displace* encrypted-key
bytes. This leads to an efficient divide-and-conquer key recovery attack: if an
eavesdropper has intercepted an SSLv2 handshake, they can use the server as an
oracle to determine the SSLv2 master-key, using only 16 connections to the
server and negligible computation.

More importantly, this leads to a more efficient version of DROWN that is
effective against non-export ciphersuites, and requires no significant
computation.

This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all
earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf
(released March 19th 2015).

This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J.
Alex Halderman of the University of Michigan. The underlying defect had by
then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix
for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d
(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).

Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
==============================================

Severity: Moderate

This issue only affected versions of OpenSSL prior to March 19th 2015 at which
time the code was refactored to address the vulnerability CVE-2015-0293.

s2_srvr.c overwrite the wrong bytes in the master-key when applying
Bleichenbacher protection for export cipher suites. This provides a
Bleichenbacher oracle, and could potentially allow more efficient variants of
the DROWN attack.

This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all
earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf
(released March 19th 2015).

This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J.
Alex Halderman of the University of Michigan. The underlying defect had by
then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix
for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d
(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). 
OpenSSL 
https://mta.openssl.org/pipermail/openssl-announce/2016-March/000066.html 
Yes, 3/1/2016 
Software Applications - 3rd Party 

imageMagick简介

imageMagick是一个免费的创建、编辑、合成图片的软件。它可以读取、转换、写入多种格式的图片。图片切割、颜色替换、各种效果的应用,图片的旋转、组合,文本,直线,多边形,椭圆,曲线,附加到图片伸展旋转。ImageMagick的大多数功能的使用都来源于命令行工具。

Imagemagick-logo.png

资源

安装

sudo apt-get install imagemagick

使用

主要控制点:

1、 分辨率:不同的展示需要不同的分辨率,一般是缩放,如果比例不对还需要适当裁切。
2、 清晰度:一般可以控制在 80% - 90%。
3、 水印: 根据访问的域名,设定不同的水印图案。

convert

-quality 质量控制

convert -quality 10 BS0002.jpg image.jpg

-resize 分辨率控制

convert -resize "600x800>" BS0002.jpg image.jpg 保持原有比例
convert -resize "600×800>!" BS0002.jpg image.jpg 不保持原有比例

-compose 水印控制

convert image.png -compose over overlay.png -composite newimage.png  

identify

获取图片信息

identify BS0002.jpg 
BS0002.jpg JPEG 750x1200 750x1200+0+0 8-bit DirectClass 190KB 0.000u 0:00.010

xhprof 工具安装

工欲善其事,必先利其器,xhprof是Facebook开源的轻量级PHP性能分析工具,它报告函数级别的请求次数和各种指标,包括阻塞时间,CPU时间和内存使用情况。一个函数的开销,可细分成调用者和被调用者的开销,XHProf数据收集阶段,它记录调用次数的追踪和包容性的指标弧在动态callgraph的一个程序。

这个工具可以大大提高性能优化, 工程师获取项目问题所在,从而开始优化。

安装过程如下:

下载安装

安装 xhprof

cd /usr/local/src
wget http://pecl.php.net/get/xhprof-0.9.4.tgz
tar -zxvf xhprof-0.9.4.tgz
cd xhprof-0.9.4/extension/
phpize (需要安装 php5-dev: apt-get install php5-dev)
./configure
make
make install
make test

安装 graphviz

apt-get install graphviz

配置 php.ini

echo "extension=xhprof.so" > /etc/php5/mods-available/xhprof.so
echo "xhprof.output_dir = /tmp/xhprof" >> /etc/php5/mods-available/xhprof.so
cd /etc/php5/fpm/conf.d/
ln -s ../../mods-available/xhprof.so 20-xhprof.so
service php5-fpm restart

配置 查看站点

git clone https://github.com/nosun/xhprof /data/www/xhprof.app

nginx 添加站点
    server {
        listen       80;
        server_name  xhprof.app;
        index index.php index.html;
        root  /data/www/xhprof.app/public;

        error_log /data/logs/nginx/xhprof_nginx_error.log info;

        # This is only needed when using URL paths
        try_files $uri $uri/ /index.php;

        location ~ \.php$ {
            fastcgi_pass   unix:/var/run/php5-fpm.sock;
            include        fastcgi_params;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        }
    }
填写配置文件

将目录下的 config.inc.example.php 修改为 config.inc.php。
里面的闭包函数,可以根据您的测试条件修改为您需要的。

埋点

修改auto_prepend_file配置

auto_prepend_file = /data/www/xhprof.app/inc/inject.php

这样所有的php-fpm请求的php文件前都会自动注入 /data/www/xhprof.app/inc/inject.php 文件

如果使用Nginx的话,还可以通过Nginx的配置文件设置,这样侵入性更小,并且可以实现基于站点的注入。

fastcgi_param PHP_VALUE "auto_prepend_file=/data/www/xhprof.app/inc/inject.php";

测试

在您的站点的nginx 配置中,或者php.ini中增加auto_prepend_file埋点,重启站点,nginx 和 fpm.
访问您需要测试的站点。
访问 http://xhprof.app,查看结果。

xhprof 主要参数

Inclusive Time (或子树时间):包括子函数所有执行时间。
Exclusive Time/Self Time:函数执行本身花费的时间,不包括子树执行时间。
Wall时间:花去了的时间或挂钟时间。
CPU时间:用户耗的时间+内核耗的时间

xhprof 参数解释

Inclusive Time (或子树时间):包括子函数所有执行时间。
Exclusive Time/Self Time:函数执行本身花费的时间,不包括子树执行时间。
Wall时间:花去了的时间或挂钟时间。
CPU时间:用户耗的时间+内核耗的时间
Function Name 函数名
Calls 调用次数
Calls% 调用百分比
Incl. Wall Time (microsec) 调用的包括子函数所有花费时间  单位:微秒(一百万分之一秒)
IWall% 调用的包括子函数所有花费时间的百分比
Excl. Wall Time (microsec) 函数执行本身花费的时间,不包括子树执行时间,  单位:微秒(一百万分之一秒)
EWall% 函数执行本身花费的时间的百分比,不包括子树执行时间
Incl. CPU(microsecs) 调用的包括子函数所有花费的cpu时间。减Incl. Wall Time即为等待cpu的时间减Excl. Wall Time即为等待cpu的时间
ICpu% Incl. CPU(microsecs)的百分比
Excl. CPU(microsec) 函数执行本身花费的cpu时间,不包括子树执行时间, 单位:微秒(一百万分之一秒)。
ECPU% Excl. CPU(microsec)的百分比
Incl.MemUse(bytes) 包括子函数执行使用的内存。
IMemUse% Incl.MemUse(bytes)的百分比
Excl.MemUse(bytes) 函数执行本身内存,以字节算
EMemUse% Excl.MemUse(bytes)的百分比
Incl.PeakMemUse(bytes) Incl.MemUse的峰值
IPeakMemUse% Incl.PeakMemUse(bytes) 的峰值百分比
Excl.PeakMemUse(bytes) Excl.MemUse的峰值
EPeakMemUse% EMemUse% 峰值百分比

netcat 正是非常强大的网络调试利器,你可以非常方便的使用他作为一个client来调试你的server

参考

简介

使用方法

By default, netcat operates by initiating a TCP connection to a remote host.

The most basic syntax is:

netcat [options] host port

This will attempt to initiate a TCP to the defined host on the port number specified. This is basically functions similarly to the old Linux telnet command. Keep in mind that your connection is entirely unencrypted.

If you would like to send a UDP packet instead of initiating a TCP connection, you can use the -u option:

netcat -u host port

You can specify a range of ports by placing a dash between the first and last:

netcat host startport-endport

This is generally used with some additional flags.

On most systems, we can use either netcat or nc interchangeably. They are aliases for the same command.

How To Use Netcat for Port Scanning

One of the most common uses for netcat is as a port scanner.

Although netcat is probably not the most sophisticated tool for the job (nmap is a better choice in most cases), it can perform simple port scans to identify open ports easily.

We do this by specifying a range of ports to scan, as we did above, along with the -z option to perform a scan instead of attempting to initiate a connection.

For instance, we can scan all ports up to 1000 by issuing this command:

netcat -z -v domain.com 1-1000

4月5日,清明,上午会议,下午回程途经幼儿园,兴起想进入看看子骞,忽闻有老师在讲音乐课,遂进去找个小板凳,坐下听起来。
老师讲的挺好,从认识五线谱讲起,讲到声调,节拍,强弱,并不时的用电子琴弹奏一下,听着听着不知不觉就听了一节课,快结束的时候大家对着黑板上的五线谱,唱欢乐颂的谱,心情舒畅,仿佛回到了小时候上音乐课的时候。
音乐是个好东西,很可惜人生太忙碌……

终日错错碎梦间,忽闻春尽强登山。
因过竹院逢僧话,偷得浮生半日闲。