Due to work needs, I used the time for nearly 2 months to understand the MSN's protocol, through long-term captains and trial implementation, I summarize some of the design thoughts of the server-side of the MSN of MSN, as follows.
As a server design, the more important issues are: (wrong, I hope everyone will correct)
Security
2. Concurrent service capabilities
3. Properties can be improved
First, safety
The security of the server includes two parts, one is security on the server itself, such as preventing system vulnerability; second, the security design of the server and client communication protocol, preventing password leakage through the agreement itself, the server is illegally attacking Wait.
On the protocol, the MSN's password is transmitted to the server via SSL; I don't know much about the internal details of SSL, but it is clear that the password is subjected to the SSL transmission process to the server side, so the security is dependent on SSL itself is provided. In this regard, I prefer Yahoo design, password does not pass its own plaintext or any of its own encrypted cipher, but the session and password returned by the server, the mixed non-reverse decryption MD5 ciphertice is performed transmission. Such encryption results are meaningless of any third party interception; because it is impossible to analyze the original password from such ciphertext.
I think that in the transport protocol, the password must be combined with a random SEESION that is negotiated by the server-side negotiation, encrypted by the unrecoverable encryption method, transferred to the server, the server side is also encrypted in the same way according to Session and Passowrd, compares the result, verification The legality of the user.
As far as the software and hardware system itself, I think I will try to remove the software and other modules in the system and other modules, keep the server system to run the minimum kernel; at the same time, one server should only provide the service that the server needs to be provided, no Opened network ports, prohibit Telnet mode, and use a safer SSH for remote management.
Second, concurrent service capabilities
The server's concurrent service capability is an important part of the server program design.
1. On a single server, the performance design of the server software should consider the following questions:
Data copy
Memory management
Lock control between threads
Data copy:
In general, avoiding data copies are a very headache problem. In the usual work, try to limit the scope of the buffer's pointer to a certain scope. If you need to use it outside the scope, I usually do it through the data copy, which avoids a headache memory leak problem, Once a memory is used in multiple scope or in use outside of the scope of the memory, it is easy to unclear when the memory is released.
A better way is to use the reference counting technology used in COM, handle the memory's release timing to memory yourself; that is, put the memory package into a structure or class, itself is managed by himself. Once you find that you have used it, you will release yourself.
Memory management:
The processing of memory is also part of it. Frequent New / Delete memory will make memory have a large amount of fragments, and the performance of the server software is also impact; the usual practice We can apply for a relatively large memory area at first Then, then yourself managed to divide this memory into a lot of small pieces (64B / 128B / 256B), and then assign appropriate memory regions according to the needs of the application. This allows you to apply for memory each time, and the possibility of memory leaks is also limited (memory leaks should be resolved).
Also, for some objects, after we use it, you can do not release it from memory, but to a list, you can reuse this fast memory for a general object. This is also a way to reduce the number of memory allocations. But this may result in a very consurative add-on lock. Lock control between threads:
The lock control is involved, mainly because of the sharing problem. Sharing is divided into two: First, the code sharing section; one is the data sharing section. Which is the main or data sharing section. But there is no good solution, the only way is to check that this share is really necessary, which can not be divided into two parts to form not sharing.
Of course, this part has done anything in the soft and big. I don't know.
Third, the performance of the linear improvement
This mainly refers to the service capabilities of the server groups can improve performance by increasing the server. This requires the server's service capacity sharing to be balanced, that is, a good load balance. The newly added server can be balanced by the load balancing server allocation service.
Of course, this also designs the server cluster, the database server cluster, I want to find a time to study these issues.
In this regard, Microsoft's design ideas reflect this principle and will handle load balancing to new servers.
MSN's authentication server, chat server is separated. That is, every time you chat, you need to apply to the authentication server, and then join this chat server through the authentication server, which guarantees that the chat is on the same server, no need to find it to the database server. The address of the other party also avoids headache server data synchronization problem.
If you add a server, this Taiwanese server can provide a reliable service with other servers to provide a reliable service with other servers, and of course the group's service capabilities are linear.
Write a written for communication with friends, for content in content, please advise :)
