CN113315748A

CN113315748A - Communication method and device

Info

Publication number: CN113315748A
Application number: CN202110291187.5A
Authority: CN
Inventors: 邓深元; 丁宇
Original assignee: Alibaba Singapore Holdings Pte Ltd
Current assignee: Alibaba Innovation Co
Priority date: 2021-03-18
Filing date: 2021-03-18
Publication date: 2021-08-27
Anticipated expiration: 2041-03-18
Also published as: CN113315748B

Abstract

The application discloses a communication method and device. Wherein, the method comprises the following steps: loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where an application object is located based on a first byte code; and establishing communication connection with the proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

Description

Communication method and device

Technical Field

The present application relates to the field of communications technologies, and in particular, to a communication method and apparatus.

Background

With the improvement of cloud infrastructure, more and more enterprises deploy services on the cloud, but at the same time, there are currently a variety of reasons for communication between services across a network, and typical scenarios are as follows: a common solution to the communication problem in these scenarios is that a self-built machine room service communicates with a cloud service, services deployed on different clouds communicate with each other, and an office network service communicates with a cloud service: an agent is built at the network boundary, and services between different networks need to communicate through the agent.

For the service constructed by Java language, there are two ways to perform communication in TCP layer: socket-based communication and Socket Channel-based communication. The connection mode based on Socket communication supports the use of proxy connection, and after setting proxy related parameters, a program establishes connection with a proxy firstly and the proxy forwards data to a target service; however, the connection mode based on the SocketChannel communication does not support the proxy, and how to enable the program based on the SocketChannel communication to access the target service through the proxy so as to support the service cross-network communication is a subject to be researched currently.

In view of the above problems, no effective solution has been proposed.

Disclosure of Invention

The embodiment of the application provides a communication method and a communication device, which are used for at least solving the technical problem that cross-network communication cannot be realized due to the fact that a service based on SocketChannel communication does not support an agent.

According to an aspect of an embodiment of the present application, there is provided a communication method including: loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where the application object is located based on the first bytecode; and establishing communication connection with a proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

According to another aspect of the embodiments of the present application, there is also provided another communication method, including: the method comprises the following steps that a proxy server establishes communication connection with target equipment, wherein an application object runs on the target equipment, and the process of establishing the communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment, and the target equipment establishes communication connection with a proxy server based on the local address information; and the proxy server establishes communication connection with the target server and forwards data between the target equipment and the target server.

According to another aspect of the embodiments of the present application, there is also provided another communication method, including: the method comprises the following steps that a target server and target equipment establish communication connection through a proxy server, wherein an application object runs on the target equipment, and the process of establishing the communication connection comprises the following steps: the target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment, and the target equipment establishes communication connection with a proxy server based on the local address information and establishes communication connection with the target server through the proxy server; and the target server performs data interaction with the target equipment.

According to another aspect of the embodiments of the present application, there is also provided another communication method, including: loading an application object, a first byte code and a second byte code; modifying a SocketChannel communication framework based on the second bytecode to obtain a target communication framework, wherein the target communication framework is used for calling the first bytecode to convert target address information corresponding to a target server into local address information corresponding to the device where the application object is located; converting the target address information into the local address information based on the first bytecode; and establishing communication connection with a proxy server based on the local address information, wherein the proxy server establishes communication connection with the target server and performs data interaction with the target server.

According to another aspect of the embodiments of the present application, there is also provided a communication apparatus, including: the loading module is used for loading an application object and the first byte code conversion module and is used for converting target address information corresponding to a target server into local address information of equipment where the application object is located based on the first byte code; and the communication module is used for establishing communication connection with a proxy server based on the local address information and carrying out data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

According to another aspect of the embodiments of the present application, there is also provided a non-volatile storage medium, where the non-volatile storage medium includes a stored program, and when the program runs, the apparatus where the non-volatile storage medium is located is controlled to execute the above communication method.

According to another aspect of the embodiments of the present application, there is also provided an electronic device, including: a processor and a memory coupled to the processor, the memory configured to provide instructions to the processor for processing the following processing steps: loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where the application object is located based on the first bytecode; and establishing communication connection with a proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

In the embodiment of the application, bytecode modification is performed on the SocketChannel communication framework by using a bytecode technology, the SocketChannel communication framework is modified into a target communication framework by using a second bytecode, the target communication framework calls the first bytecode to convert target address information into local address information, and communication connection is established with a proxy server based on the local address information, so that the application based on the SocketChannel communication framework can use the proxy without changing the application code and perform cross-network communication through the proxy server; meanwhile, in the embodiment of the application, the SSH-based encryption channel is connected with the proxy server and the target server and forwards data, so that the safety of data transmission between the application object and the proxy server is ensured, and the technical problem that cross-network communication cannot be realized due to the fact that a service based on SocketChannel communication does not support proxy is solved.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

FIG. 1 is a schematic diagram of a computer terminal according to an embodiment of the present application;

FIG. 2 is a flow chart diagram of a communication method according to an embodiment of the present application;

FIG. 3 is a flow diagram of an address translation process according to an embodiment of the present application;

fig. 4 is a schematic diagram of an architecture based on fully embedded communication according to an embodiment of the present application;

fig. 5 is a schematic diagram of an architecture based on semi-embedded communication according to an embodiment of the present application;

FIG. 6 is a flow chart diagram of another communication method according to an embodiment of the present application;

FIG. 7 is a flow chart diagram of another communication method according to an embodiment of the present application;

FIG. 8 is a flow chart diagram of another communication method according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of a communication device according to an embodiment of the present application.

Detailed Description

In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

First, some terms or terms appearing in the description of the embodiments of the present application are applicable to the following explanations:

socket: java is one way to communicate over a network. The Socket is a blocking connection, that is, when ServerSocket and Socket classes are used, a server Socket usually allocates a thread to each client Socket, and each thread may be in a long-time blocking state, so that the performance of the server is affected by too many threads; the connection mode based on Socket communication supports the use of proxy connection, and after setting proxy related parameters, a program establishes connection with a proxy first, and the proxy forwards data to a target service.

SocketChannel: is also a way of network communication in Java. The SocketChannel can set non-blocking connection, namely, the SocketChannel and the serversockchannel can carry out non-blocking communication, so that the server can process the requests of all client sockets by only one thread; but the connection mode based on the SocketChannel communication does not support the proxy.

SSH (Secure Shell, Secure Shell protocol): the method is a safe and reliable protocol established on the basis of an application layer and specially used for providing security for remote login sessions and other network services, and the information leakage problem in the remote management process can be effectively prevented by utilizing an SSH (secure Shell) protocol. It mainly comprises: the transport layer protocol provides server authentication, confidentiality and integrity, sometimes provides a compression function, is usually operated on a TCP/IP connection, and can also be used for other reliable data streams, and provides a powerful encryption technology, password host authentication and integrity protection; a user authentication protocol for providing a client user authentication function to the server, which runs on top of the transport layer protocol, which upon initiation receives a session identifier from the lower layer protocol, by which session identifier the session is uniquely identified and which is adapted to be signed to prove ownership of the private key, which requires knowing whether the lower layer protocol provides privacy protection; the connection protocol, which divides the multiple encrypted tunnels into logical channels and runs on the user authentication protocol, provides an interactive login session, remote command execution, forwarding TCP/IP connection and forwarding X11 connection.

Jsch (java Secure channel): one open source framework in Java that provides SSH capabilities is a pure Java implementation of SSH, JSch allows connection to SSHD servers and uses port forwarding, X11 forwarding, file transfer, etc., and its functionality can be integrated into the user's Java program, i.e., operating the server in Java over a JSch connection.

ASM: is a common Java bytecode manipulation and analysis framework that can be used to modify existing classes or to dynamically generate classes directly in binary form. ASM provides some common bytecode transformation and analysis algorithms from which custom complex transformation and code analysis tools can be built. ASM provides similar functionality to other Java bytecode frameworks, but focuses on performance, is as small and fast as possible in design and implementation, and is therefore well suited for use in dynamic systems (and of course can also be used in a static manner, e.g. in a compiler).

Java Agent: the technology is a technology capable of dynamically modifying Java byte codes, wherein after Java class compilation, byte codes are formed and executed by a JVM (Java Virtual Machine), the JVM acquires information of the byte codes before executing the byte codes and modifies the byte codes to complete additional functions, and the technology is a Java Agent technology which can intercept and modify the byte codes before loading the Java byte codes and modify the loaded byte codes during the running of the JVM.

In the related art, for a service constructed by Java language, there are two ways to perform TCP layer communication: socket-based communication and SocketChannel-based communication. For services that use sockets for communication, proxies can be used based on the proxy technology supported native to Java; there is no existing solution for using proxies for services that use SocketChannel for communication. In order to solve the above problems, the present disclosure provides a proxy solution applicable to SocketChannel, and by using this solution, a code originally based on SocketChannel communication can be used without any change, and in order to achieve the above object, the embodiments of the present application provide the following detailed description of the corresponding solution.

Example 1

In accordance with an embodiment of the present application, there is provided a method of communication, it being noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions, and that while a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.

The method provided by the embodiment of the present application can be executed in a mobile terminal, a computer terminal or a similar computing device, and fig. 1 shows a hardware structure block diagram of a computer terminal for implementing the communication method. As shown in fig. 1, the computer terminal 10 (or mobile device 10) may include one or more (shown as 102a, 102b, … …, 102 n) processors 102 (the processors 102 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.), a memory 104 for storing data, and a transmission module 106 for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a power source, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the electronic device. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.

It should be noted that the one or more processors 102 and/or other communication circuitry described above may be generally referred to herein as "communication circuitry". The communication circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the communication circuitry may be a single stand-alone processing module, or incorporated in whole or in part into any of the other elements in the computer terminal 10 (or mobile device). As referred to in the embodiments of the application, the communication circuit is controlled as a processor (e.g., selection of a variable resistance termination path connected to the interface).

The memory 104 may be used to store software programs and modules of application software, such as program instructions/data storage devices corresponding to the communication method in the embodiment of the present application, and the processor 102 executes various functional applications and communications by running the software programs and modules stored in the memory 104, so as to implement the vulnerability detection method of the application program. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The transmission module 106 is used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the computer terminal 10. In one example, the transmission device 106 includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the transmission device 106 can be a Radio Frequency (RF) module, which is used to communicate with the internet in a wireless manner.

The display may be, for example, a touch screen type Liquid Crystal Display (LCD) that may enable a user to interact with a user interface of the computer terminal 10 (or mobile device).

In the foregoing operating environment, an embodiment of the present application provides a communication method, as shown in fig. 2, the method includes steps S202 to S206, where:

step S202, an application object and a first bytecode are loaded.

In some optional embodiments of the present application, the application object and the first bytecode are loaded by the target device. Specifically, the target device receives a service request of a user, where the service request is generally an application that is requested to run on the target device, such as an office software application on a request running cloud, or a music video application on a request running cloud, and service data of the applications is provided by a target server; and the target equipment determines a corresponding application object based on the application identifier in the service request, and calls a Java program executor to load an application bytecode and a first bytecode corresponding to the application object, wherein the Java program executor is used for analyzing and executing an executable file of the Java bytecode.

Specifically, the application bytecode is a code of the application itself, and is generated after being compiled by a Java compiler, and the communication is performed using a SocketChannel communication framework, and when the Java program executor runs the application bytecode, the application bytecode is converted into an application code, that is, a machine instruction executed after being analyzed, and the application code runs in a machine memory.

The first bytecode is also called proxy bytecode, and when loading the proxy bytecode by using a Java program executor, the proxy bytecode needs to be loaded through a-Xboost class spath/a: < proxy bytecode path > parameter of the JVM. The proxy bytecode includes at least the following code: configuring a loading class PropertiesLoader; JSch and proxy converters and SocketChannel bytecode enhancements classes, the role of which is specified below when used.

Step S204, target address information corresponding to the target server is converted into local address information of the device where the application object is located based on the first byte code.

In some optional embodiments of the present application, the device where the application object is located, that is, the target device in step S202, may invoke a proxy converter in the first bytecode to convert the target address information into the local address information. For example, invoking a proxy converter in the first bytecode to receive the target address information, finding a port in an idle state under a local address, determining the local port from the port in the idle state, and establishing a mapping relationship between the target address information and the local address information including the local port

Specifically, whether a mapping relationship between the target address information and the local address information exists in the proxy converter may be detected first; if yes, directly calling the mapping relation; if not, judging whether the JSch session is initialized or not; under the condition that the JSch conversation is initialized, triggering the proxy converter to call a port setting forwarding interface in the JSch conversation, and establishing a mapping relation between target address information and local address information, wherein the local address information comprises: the local IP address and the local port, and the destination address information comprises: a destination IP address and a destination port; and mapping the local port into a target IP address and a target port based on the mapping relation.

For another example, the proxy converter in the first bytecode is called to receive the destination address information, find a port in an idle state under the local address, determine a local port from the port in the idle state, and establish a mapping relationship between the destination address information (including the destination IP address and the destination port) and the local address information (including the local IP address and the local port).

Optionally, after the mapping relationship between the target address information and the local address information is established, the mapping relationship may be cached in the proxy converter, and the mapping relationship may be called by the proxy converter when the same application object and the first bytecode are loaded again to convert the target address information into the local address information.

Fig. 3 shows a flow diagram of an alternative address translation completion process, which includes the following steps:

1. receiving the destination address < IP, Port >: the proxy translator receives a target < IP, Port > address;

2. judging whether the target address needs the address of the agent: the proxy converter acquires addresses without proxy conversion through the socksNonProxyHosts parameter, and when the target address is matched with the value, the proxy does not map the addresses and directly returns to the original target address;

3. judging whether the target address is mapped to a local port: the proxy converter uses a cache strategy to store the mapped local port and the target address in the operation process, and if the current target address is in the cache, the current target address is directly returned to the local port in the cache; otherwise, continuing the following steps to map the ports;

4. judging whether a JSch session is initiated: the proxy converter uses SSH to communicate with the proxy based on JSch frame, in the process of processing, the proxy converter can initialize a JSch conversation in the memory, if the JSch conversation is initialized, the JSch conversation is directly multiplexed; otherwise, acquiring SSH connection information and initializing JSch conversation by using a configuration loading class PropertiesLoader;

5. mapping local Port to target address < IP, Port > using JSch session: the proxy converter calls an int port forwarding L (int rport, String host, int rport) interface (port setting forwarding interface) of the JSch session, transmits a local port, a target IP address and target port parameters, and maps the local port into the target IP address and the target port;

6. caching the mapping relation between the local port and the target address: caching the local Port and target address < IP, Port > mapping for multiplexing in step 3;

7. output local port: the proxy translator returns the mapped local Port, <127.0.0.1, local Port >, and processing ends.

In some optional embodiments of the present application, the configuration loading class loading in the first bytecode may be invoked and the configuration information for establishing the communication connection with the proxy server may be parsed.

Specifically, the proxy bytecode includes a configuration loading class PropertiesLoader for loading SSH connection settings, and communicates with the proxy server based on SSH. When proxy communication is performed based on SSH, a proxy SSH access mode needs to be provided in a local configuration file form, and the configuration file format is as follows:

SSH _ HOST ═ SSH proxy connection address >

SSH _ USER ═ SSH USER name >

SSH _ PASSWORD ═ SSH PASSWORD >

In some optional embodiments of the present application, a SocketChannel enhanced class in the first bytecode calls a proxy converter, converts the target address information into the local address information, calls an original SocketChannel framework to connect a local address, where the SocketChannel enhanced class is used to implement the following functions: when the connect method of the proxysocketchannel (i.e., socketchannelenhanced class) is called, proxysockockickchannelimpl first calls a proxy converter to perform address conversion, and then calls the connect method of the parent SocketChannelImpl based on the converted address.

Wherein, the SocketChannel enhanced class ProxySocketChannel Impl inherits the SocketChannel Impl class in Java and covers its connect method, and the logic implementation is provided as follows:

public boolean connect(SocketAddress address)throws IOException{

SocketAddress proxyAddress proxy converter- > conversion (address)

return super.connect(proxyAddress)；

}

The meaning is that when a proxysocketchannel (SocketAddress) method is called, proxysockcutchannnelimpl first calls a proxy converter to perform address conversion, and then calls the converted address to the contact method of the parent socketchannellimpl. Wherein, the Java packet path of the proxysocketchingimpl class is sun.

In some optional embodiments of the present application, a second bytecode may need to be loaded; modifying the SocketChannel communication framework through the second bytecode to obtain a target communication framework, wherein the target SocketChannel communication framework uses the SocketChannel enhanced class in the first bytecode to connect a target address. Specifically, the hooking class in the second bytecode is called to modify the byte code of the selectorproviderimpalpl class in the SocketChannel frame to obtain the target communication frame, specifically, an openSocketChannel method of the selectorproviderimpalpl class in the SocketChannel frame is modified to return the SocketChannel enhancement class in the first proxy byte code to obtain the target communication frame, where the hooking class is used to instruct, when the first byte code is loaded, to call a configuration loading class to load and analyze configuration information for establishing communication connection with the proxy server.

The second bytecode is also called Agent bytecode, when the Agent bytecode is loaded by using a Java program executor, the bytecode is loaded by using a-Java Agent parameter of the JVM, and an SSH parameter configuration file is set, the format of which is as follows: javaAgent: < Agent bytecode path > < profile path >. Agent bytecode typically contains the following core implementation: providing a hook class for realizing a premiain method based on a Java instrumentation mechanism so as to be executed by a Java program executor when being started; the selectorproviderimpr bytecode is modified based on the ASM framework.

The Java Instrumentation mechanism is a modified bytecode mechanism provided in Java, and a hook-type Instrumentation agent is implemented based on the Instrumentation mechanism in the embodiment of the present application. Specifically, when the Java program executor loads the Agent bytecode through the-Java Agent parameter, an execution Instrumentation Agent. Calling a PropertiesLoader in the proxy bytecode, transmitting the Path parameter of an SSH configuration file, and analyzing proxy SSH connection information into a memory to be used by JSch and a proxy converter; and modifying byte codes of the original Java framework SelectorProviderImpl class.

The process of modifying the selectorproviderimpr bytecode based on the ASM framework is as follows: the ASM framework is used for modifying byte codes of the openSocketChannel method of the SelectorProviderImpl class, and the method of the original SelectorProviderImpl is realized as follows:

public SocketChannel openSocketChannel()throws IOException{

return new SocketChannelImpl(this)；

}

the original selectrproviderimpl. opensocketchannel () method after bytecode modification is implemented as follows:

public SocketChannel openSocketChannel()throws IOException{

return new ProxySocketChannelImpl(this)；

}

the meaning of the method is that when a SocketChannel communication framework is called, the modified target communication framework is called.

In the embodiment of the application, bytecode modification is performed on the SocketChannel communication framework by using a bytecode technology, the SocketChannel communication framework is modified into a target communication framework by using a second bytecode, and the target communication framework calls the first bytecode to convert target address information into local address information, so that the application based on the SocketChannel communication framework can use the proxy without changing the code of the application and perform cross-network communication by using the proxy server.

Based on the above, the embodiment of the present application provides an optional fully embedded communication scheme to implement the communication method in the embodiment of the present application, and an overall framework of the communication method is shown in fig. 4, where:

proxy bytecode: namely, the first agent byte code is generated after being compiled by a Java compiler;

agent bytecode: the second agent byte code is generated after being compiled by a Java compiler;

application bytecode: the code of the application is compiled by a Java compiler and then generated, and a SocketChannel framework is used for communication;

a Java program executor: the executable file is used for analyzing and executing the Java byte codes, and after the application byte codes are operated by using the executable file, the application byte codes are converted into machine instructions and executed;

the application code is as follows: the machine instruction which is analyzed and executed by the Java program executor runs in a machine memory;

SocketChannel network library: a SocketChannel communication framework machine instruction provided by Java language; when the Java program executor runs, the byte code of the original SocketChannel frame is modified by the Agent byte code, and then is loaded into the memory and runs;

the proxy converter: providing a target IP Port address conversion interface, calling by a modified SocketChannel frame, converting a network external connection address < target IP, target Port > into a loop local address <127.0.0.1, local Port > and returning;

jsch: an open source Java framework for realizing the SSH protocol is called by a proxy converter in the proposal, is used for mapping a local port to a remote target IP port based on the SSH protocol and forwarding the flow of the local port to the target IP port through the SSH;

SSHD: an SSHD process is run on the agent, and access is carried out through an SSH protocol when the application runs;

service A/B/C/D: based on a service provider provided by a TCP protocol, the service provider provides a service to the outside through an IP and a port, that is, a target server in the embodiment of the present application.

In some optional embodiments of the present application, a controller in a channel program module connected to the proxy converter may be further invoked to receive a mapping relationship between the target address information and the local address information, where the local address information includes: the local IP address and the local port, and the destination address information comprises: a destination IP address and a destination port; and controlling a data repeater in the channel program module through the controller, monitoring the local port, and mapping the local port into a target IP address and a target port based on the mapping relation. At this time, a communication connection is established with the proxy server based on the local address information, and data interaction is performed with the target server, including the following steps: controlling a data forwarder in the channel program module through the controller, monitoring a local port in the local address information, sending data to be sent of the application object to the proxy server through the local port, and forwarding the data to be sent to the target server through the proxy server

Based on the above channel program module, an embodiment of the present application further provides an optional semi-embedded communication scheme to implement the communication method in the embodiment of the present application, and an overall framework of the communication method is as shown in fig. 5, where:

the proxy converter: providing a target IP Port address conversion interface, calling and receiving parameters of a target address < target IP, target Port > by a modified SocketChannel frame, then searching an idle TCP Port of a local machine, and calling a controller interface of a channel program by using the parameters of < target IP, target Port, 127.0.0.1 and local Port > to finish data stream forwarding; when the control interface of the calling channel program is finished, returning a local address <127.0.0.1 and a local Port > to the SocketChannel frame;

a controller: providing an HTTP interface for receiving < target IP, target Port, 127.0.0.1, local Port > parameters, and calling a data forwarder to monitor a local Port address in the parameters after receiving a request of a proxy converter, so that data of the local Port is forwarded to the target address < target IP, target Port > through SSH;

a data repeater: providing an internal interface for the < target IP, target Port, 127.0.0.1, local Port > parameter to receive a controller call, monitor the local Port address upon receiving the request, and forward the data of the local Port to the target address < target IP, target Port > via SSH;

SSHD: and an SSHD process is run on the proxy, and the access of the application through an SSH protocol is supported when the application is run.

Step S206, establishing communication connection with the proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

In some optional embodiments of the present application, the communication connection is established with the proxy server through an SSH protocol based on the local address information. The SSH-based encryption channel is connected with the proxy server and the target server and forwards data, and the safety of data transmission between the application object and the proxy server can be effectively guaranteed.

Specifically, corresponding to the above-mentioned fully embedded communication scheme, the process may be embodied as: establishing communication connection between the application object and a local port in the local address information, and sending data to be sent of the application object to the local port; establishing communication connection between the local port and the proxy server through the JSCH frame in the first bytecode, sending data to be sent to the proxy server from the local port through an SSH protocol, and forwarding the data to be sent to the target server by the proxy server.

Corresponding to the semi-embedded communication scheme described above, the process may be embodied as: establishing communication connection between the application object and the local port, and sending data to be sent of the application object to the local port; establishing communication connection between the local port and the proxy server through the data forwarder, sending data to be sent to the proxy server from the local port, and forwarding the data to be sent to the target server by the proxy server.

Example 2

There is also provided another method of communication, according to an embodiment of the present application, wherein it is noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system such as a set of computer executable instructions, and that while a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.

The communication method provided in the embodiment of the present application may also be operated in the operating environment shown in fig. 1, and a flowchart thereof is shown in fig. 6, where the method includes steps S602 to S604, where:

step S602, the proxy server establishes a communication connection with a target device, where the target device runs an application object. Wherein, the process of establishing the communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment; the target device establishes a communication connection with the proxy server based on the local address information.

In some optional embodiments of the present application, the target device receives a service request from a user, determines a corresponding application object based on an application identifier in the service request, and invokes the Java program executor to load an application bytecode and a first bytecode corresponding to the application object.

Specifically, a proxy converter and a JSch frame in the first bytecode may be called to convert the target address information into local address information; the configuration loading class loading in the first byte code can be called and the configuration information for establishing communication connection with the proxy server is analyzed; the socketchannelenhanced class in the first bytecode may be called to obtain local address information, and the parent class of the SocketChannelImpl class in the first bytecode is determined based on the local address information, so as to initialize the SocketChannelImpl class.

Optionally, a controller in a channel program module connected to the proxy converter may be further invoked, and receive a mapping relationship between the destination address information and the local address information, where the local address information includes: the local IP address and the local port, and the destination address information comprises: a destination IP address and a destination port; and controlling a data repeater in the channel program module through the controller, monitoring the local port, and mapping the local port into a target IP address and a target port based on the mapping relation. Establishing communication connection with a proxy server based on the local address information, and performing data interaction with the target server, wherein the method comprises the following steps: controlling a data forwarder in the channel program module through the controller, monitoring a local port in the local address information, sending data to be sent of the application object to the proxy server through the local port, and forwarding the data to be sent to the target server through the proxy server

In some optional embodiments of the present application, a second bytecode may need to be loaded; and modifying the SocketChannel communication framework based on the second bytecode to obtain a target communication framework, wherein the target communication framework is used for calling the first bytecode to convert the target address information into local address information.

Step S604, the proxy server establishes a communication connection with the target server, and performs data forwarding between the target device and the target server.

At this time, the proxy server establishes communication connections with the target device and the target server, respectively, that is, data forwarding between the target device and the target server can be completed through the proxy server.

Example 3

The communication method provided in the embodiment of the present application may also be operated in the operating environment shown in fig. 1, and a flowchart thereof is shown in fig. 7, where the method includes steps S702 to S704, where:

step S702, the target server establishes a communication connection with the target device through the proxy server, wherein the target device runs an application object. Wherein, the process of establishing the communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment; and the target equipment establishes communication connection with the proxy server based on the local address information and establishes communication connection with the target server through the proxy server.

Optionally, a controller in a channel program module connected to the proxy converter may be further invoked, and receive a mapping relationship between the destination address information and the local address information, where the local address information includes: the local IP address and the local port, and the destination address information comprises: a destination IP address and a destination port; and controlling a data repeater in the channel program module through the controller, monitoring the local port, and mapping the local port into a target IP address and a target port based on the mapping relation.

Step S704, the target server performs data interaction with the target device.

Example 4

The communication method provided in the embodiment of the present application may also be operated in the operating environment shown in fig. 1, and a flowchart thereof is shown in fig. 8, where the method includes steps S802 to S808, where:

step S802 loads the application object, the first bytecode, and the second bytecode.

In some optional embodiments of the present application, the target device receives a service request from a user, determines a corresponding application object based on an application identifier in the service request, and invokes the Java program executor to load an application bytecode, a first bytecode, and a second bytecode corresponding to the application object.

Step S804, modifying the SocketChannel communication frame based on the second byte code to obtain a target communication frame. The target communication framework is used for calling the first byte code to convert the target address information corresponding to the target server into the local address information corresponding to the equipment where the application object is located.

In step S806, the destination address information is converted into the local address information based on the first bytecode.

Step S808, establishing communication connection with the proxy server based on the local address information, wherein the proxy server establishes communication connection with the target server and performs data interaction with the target server.

Specifically, corresponding to a fully embedded communication scheme, the process may be embodied as: establishing communication connection between the application object and the local port, and sending data to be sent of the application object to the local port; establishing communication connection between the local port and the proxy server through the JSCH frame in the first bytecode, sending data to be sent to the proxy server from the local port through an SSH protocol, and forwarding the data to be sent to the target server by the proxy server.

Corresponding to a semi-embedded communication scheme, the process may be embodied as: establishing communication connection between the application object and the local port, and sending data to be sent of the application object to the local port; establishing communication connection between the local port and the proxy server through the data forwarder, sending data to be sent to the proxy server from the local port, and forwarding the data to be sent to the target server by the proxy server.

Example 5

According to an embodiment of the present application, there is also provided a communication apparatus for implementing the above communication method, as shown in fig. 9, the apparatus includes a loading module 90, a converting module 92, and a communication module 94, where:

and a loading module 90 for loading the application object and the first bytecode.

And the converting module 92 is configured to convert, based on the first bytecode, the target address information corresponding to the target server into local address information of the device where the application object is located.

In some optional embodiments of the present application, a proxy translator and a JSch frame in the first bytecode may be called to translate the target address information into the local address information; the configuration loading class loading in the first byte code can be called and the configuration information for establishing communication connection with the proxy server is analyzed; the socketchannelenhanced class in the first bytecode may be called to obtain local address information, and the parent class of the SocketChannelImpl class in the first bytecode is determined based on the local address information, so as to initialize the SocketChannelImpl class.

And a communication module 94, configured to establish a communication connection with the proxy server based on the local address information, and perform data interaction with the target server, where the proxy server establishes a communication connection with the target server.

It should be noted that, each module in the communication apparatus in this embodiment corresponds to the implementation step of the communication method in embodiment 1 one to one, and as the detailed description is already performed in embodiment 1, some details that are not shown in this embodiment may refer to embodiment 1, and are not described herein again.

Example 6

According to an embodiment of the present application, there is also provided a nonvolatile storage medium including a stored program, wherein, when the program is executed, a device in which the nonvolatile storage medium is located is controlled to execute the above-mentioned communication method.

Optionally, the apparatus in which the non-volatile storage medium is controlled when the program is running executes the following steps: loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where an application object is located based on a first byte code; and establishing communication connection with the proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

Optionally, the apparatus in which the non-volatile storage medium is controlled when the program is running executes the following steps: establishing communication connection with target equipment, wherein an application object runs on the target equipment, and the process of establishing communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment, and the target equipment establishes communication connection with a proxy server based on the local address information; and establishing communication connection with the target server, and forwarding data between the target equipment and the target server.

Optionally, the apparatus in which the non-volatile storage medium is controlled when the program is running executes the following steps: establishing communication connection with target equipment through a proxy server, wherein an application object runs on the target equipment, and the process of establishing the communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment, and the target equipment establishes communication connection with a proxy server based on the local address information and establishes communication connection with the target server through the proxy server; and carrying out data interaction with the target equipment.

Example 7

There is also provided, in accordance with an embodiment of the present application, an electronic device including a processor and a memory, wherein: the memory is coupled to the processor for providing instructions to the processor for processing the following processing steps:

loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where an application object is located based on a first byte code; and establishing communication connection with the proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

In some alternative embodiments of the present application, the specific structure of the electronic device may refer to a computer terminal as shown in fig. 1. It should be noted that the structure shown in fig. 1 is only an illustration, and it does not limit the structure of the electronic device, and the structure of the electronic device may be the same as the computer terminal shown in fig. 1, may include more or less components than those shown in fig. 1, and may have a different configuration from that shown in fig. 1.

The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.

In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit is merely a division of a logic function, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.

Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.

The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims

1. A method of communication, comprising:

loading an application object and a first bytecode;

converting target address information corresponding to a target server into local address information of equipment where the application object is located based on the first bytecode;

and establishing communication connection with a proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

2. The method of claim 1, wherein converting the destination address information corresponding to the destination server into the local address information of the device where the application object is located based on the first bytecode comprises:

and calling a proxy converter in the first byte code to convert the target address information into the local address information.

3. The method of claim 2, wherein invoking a proxy translator in the first bytecode to translate the destination address information to the local address information comprises:

and calling a proxy converter in the first bytecode to receive the target address information, searching a port in an idle state under a local address, determining a local port from the port in the idle state, and establishing a mapping relation between the target address information and the local address information comprising the local port.

4. The method of claim 3, wherein the method further comprises:

detecting whether a mapping relation between the target address information and the local address information exists in the proxy converter or not;

if yes, directly calling the mapping relation;

if not, judging whether the JSch conversation is initialized or not, wherein under the condition that the JSch conversation is initialized, triggering the proxy converter to call a port in the JSch conversation to set a forwarding interface, and establishing a mapping relation between the target address information and the local address information.

5. The method of claim 4, wherein after establishing the mapping relationship between the destination address information and local address information including a local port, the method further comprises:

caching the mapping relation in the proxy converter, wherein the mapping relation is called by the proxy converter to convert the target address information into the local address information when the application object and the first bytecode are loaded again.

6. The method of claim 1, wherein the method further comprises:

calling a proxy converter through a SocketChannel enhanced class in the first bytecode, converting the target address information into the local address information, and calling an original SocketChannel framework to connect a local address, wherein the SocketChannel enhanced class is used for realizing the following functions: when the connect method of the SocketChannel enhanced class is called, the SocketChannel enhanced class firstly calls a proxy converter to perform address conversion, and then calls the connect method of the parent SocketChannel Impl based on the converted address.

7. The method of claim 1, wherein the method further comprises:

loading a second bytecode;

and modifying the SocketChannel communication framework through the second bytecode to obtain a target communication framework, wherein the target communication framework uses a SocketChannel enhanced class in the first bytecode to connect a target address.

8. The method of claim 7, wherein modifying the SocketChannel communication framework by the second bytecode to obtain a target communication framework comprises:

and calling a hook class in the second byte code to modify the byte code of the selector ProviderImpl class in the SocketChannel frame to obtain the target communication frame.

9. The method of claim 1, wherein establishing a communication connection with a proxy server based on the local address information and performing data interaction with the target server comprises:

establishing communication connection between the application object and a local port in the local address information, and sending data to be sent of the application object to the local port;

establishing communication connection between the local port and the proxy server through the JSch frame in the first bytecode, sending the data to be sent to the proxy server through the local port, and forwarding the data to be sent to the target server through the proxy server.

10. The method of claim 2, wherein prior to establishing a communication connection with a proxy server based on the local address information, the method further comprises:

calling a controller in a channel program module connected with the proxy converter in the first bytecode, and receiving a mapping relation between the target address information and the local address information, wherein the local address information includes: the local IP address and the local port, the destination address information includes: a destination IP address and a destination port.

11. The method of claim 10, wherein establishing a communication connection with a proxy server based on the local address information and interacting with the target server comprises:

and controlling a data forwarder in the channel program module through the controller, monitoring a local port in the local address information, sending the data to be sent of the application object to the proxy server through the local port, and forwarding the data to be sent to the target server through the proxy server.

12. The method of any of claims 1 to 11, wherein establishing a communication connection with a proxy server based on the local address information comprises:

and establishing communication connection with the proxy server through a secure shell protocol based on the local address information.

13. A method of communication, comprising:

the method comprises the following steps that a proxy server establishes communication connection with target equipment, wherein an application object runs on the target equipment, and the process of establishing the communication connection comprises the following steps: the method comprises the steps that target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment; the target device establishes communication connection with the proxy server based on the local address information;

and the proxy server establishes communication connection with the target server and forwards data between the target equipment and the target server.

14. A method of communication, comprising:

the method comprises the following steps that a target server and target equipment establish communication connection through a proxy server, wherein an application object runs on the target equipment, and the process of establishing the communication connection comprises the following steps: the target equipment loads an application object and first byte codes, wherein the first byte codes are at least used for converting target address information corresponding to a target server into local address information of the target equipment; the target equipment establishes communication connection with a proxy server based on the local address information and establishes communication connection with the target server through the proxy server;

and the target server performs data interaction with the target equipment.

15. A method of communication, comprising:

loading an application object, a first byte code and a second byte code;

modifying a SocketChannel communication framework based on the second bytecode to obtain a target communication framework, wherein the target communication framework is used for calling the first bytecode to convert target address information corresponding to a target server into local address information corresponding to the device where the application object is located;

converting the target address information into the local address information based on the first bytecode;

and establishing communication connection with a proxy server based on the local address information, wherein the proxy server establishes communication connection with the target server and performs data interaction with the target server.

16. A communication device, comprising:

the loading module is used for loading the application object and the first byte code;

the conversion module is used for converting the target address information corresponding to the target server into the local address information of the equipment where the application object is located based on the first bytecode;

and the communication module is used for establishing communication connection with a proxy server based on the local address information and carrying out data interaction with the target server, wherein the proxy server establishes communication connection with the target server.

17. A non-volatile storage medium comprising a stored program, wherein the program, when executed, controls a device in which the non-volatile storage medium is located to perform the communication method of any one of claims 1 to 15.

18. An electronic device, comprising:

a processor; and

a memory coupled to the processor for providing instructions to the processor for processing the following processing steps:

loading an application object and a first bytecode; converting target address information corresponding to a target server into local address information of equipment where the application object is located based on the first bytecode; and establishing communication connection with a proxy server based on the local address information, and performing data interaction with the target server, wherein the proxy server establishes communication connection with the target server.