CN106921731A - Leak restorative procedure and device - Google Patents
Leak restorative procedure and device Download PDFInfo
- Publication number
- CN106921731A CN106921731A CN201710062973.1A CN201710062973A CN106921731A CN 106921731 A CN106921731 A CN 106921731A CN 201710062973 A CN201710062973 A CN 201710062973A CN 106921731 A CN106921731 A CN 106921731A
- Authority
- CN
- China
- Prior art keywords
- mark
- new file
- patch
- file
- new
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a kind of leak restorative procedure and device.The method includes:The scan base comprising one or more renewal patches that loading is matched with local system platform;Local leak is scanned according to scanning rule using the scan base of loading, patch to be installed is obtained, and the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system mark;The multiple more new file is obtained from file server using the mark of the multiple more new file, and then local leak is repaired using the multiple more new file.Multiple more new files that the embodiment of the present invention obtains that patch to be installed is corresponding from file server and do not exist in local system, the accumulative of large and complete fresh information is contained compared to acquisition in the prior art to update the data, the embodiment of the present invention can save data traffic, further improve the efficiency that leak is repaired.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of leak restorative procedure and device.
Background technology
In win10, Microsoft introduces new windows and updates issue mechanism, that is, do not use past dispersion independent
The form of installation kit, but use a monthly big accumulative form for updating bag instead.This form solves system update fragmentation
Serious problem so that system update process is simpler.But some problems are there is also, for example, the accumulative inclusion product that updates compares
Greatly (such as win10x64 accumulative update more than 1G), contain large and complete fresh information, and these information for specifically certain
All it is not necessary for user terminal, for specific certain user terminal, adds up in renewal bag in the presence of many useless
Information, this can cause unnecessary flow to waste.
The content of the invention
In view of the above problems, it is proposed that the present invention so as to provide one kind overcome above mentioned problem or at least in part solve on
State the leak restorative procedure and corresponding device of problem.
According to an aspect of of the present present invention, there is provided a kind of leak restorative procedure, including:
The scan base comprising one or more renewal patches that loading is matched with local system platform;
Local leak is scanned according to scanning rule using the scan base of loading, patch to be installed is obtained,
And the mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system;
The multiple more new file is obtained from file server using the mark of the multiple more new file, and then is utilized
The multiple more new file is repaired to local leak.
Alternatively, the scan base comprising one or more renewal patches that loading is matched with local system platform, including:
Obtain local system scan base and outside data distribution server issued by dedicated tunnel with it is local
The scan base comprising one or more renewal patches of system platform matching;
Load the scan base for obtaining.
Alternatively, the file server includes multiple content distributing network CDN nodes and KV servers, each CDN nodes
Synchronously there is the corresponding more new file of each patch;The KV servers set up the index of the mark and address information that have more new file.
Alternatively, record has the mark of the corresponding more new file of each patch in the scan base, determines described to be installed
Patch is corresponding and local system in the mark of multiple more new files that does not exist, including:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch to be installed is determined
The mark of corresponding alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
Alternatively, each CDN nodes also synchronously have corresponding renewal of each patch to wrap, literary comprising multiple renewals in the renewal bag
The mark of part, the KV servers also set up the index of the mark and address information that update bag.
Alternatively, record has the corresponding mark for updating bag of each patch in the scan base, determines the benefit to be installed
Fourth is corresponding and local system in the mark of multiple more new files that does not exist, including:
According to the corresponding mark for updating bag of each patch recorded in the scan base, the patch pair to be installed is determined
The mark of the target update bag answered;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
Alternatively, the mark that the target update bag determines the multiple more new file is decompressed, including:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
Alternatively, the multiple more new file is obtained from file server using the mark of the multiple more new file,
Including:
The address of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file
Information;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple renewal text
Part.
Alternatively, local leak is repaired using the multiple more new file, including:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
Alternatively, at least one following index information is also included in the index:
The summary info of more new file, size, issuing time, check information.
Alternatively, the multiple more new file for obtaining will be downloaded and copies to the interim installation directory, including:
Using the mark of the multiple more new file, including for the multiple more new file is obtained from the KV servers
The index information of the check information of more new file;
The multiple more new file is obtained using the check information to download to verify, after verification passes through, by institute
State multiple more new files and copy to the interim installation directory.
Alternatively, local leak is scanned according to scanning rule using the scan base of loading, obtains to be installed
Patch, including:
Local leak is scanned according to scanning rule using the scan base of loading, obtains not pacifying on local system
The scanning result collection of the patch of dress;
Concentrated from the scanning result and choose patch to be installed.
Alternatively, local leak is scanned according to scanning rule using the scan base of loading, is locally
The scanning result collection of uninstalled patch on system, including:
All of patch in the scan base of loading is enumerated, obtains updating list;
The renewal list is traveled through, judges whether each patch is already installed on local system, if it is not, then adding the patch
The scanning result is added to concentrate.
According to another aspect of the present invention, a kind of leak prosthetic device is additionally provided, including:
Load-on module, is suitable to the scan base comprising one or more renewal patches that loading is matched with local system platform;
Determining module, is suitable to be scanned local leak according to scanning rule using the scan base of loading, obtains
Patch to be installed, and the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system
Mark;
Leak repair module, is suitable to obtain the multiple from file server using the mark of the multiple more new file
More new file, and then local leak is repaired using the multiple more new file.
Alternatively, the load-on module is further adapted for:
Obtain local system scan base and outside data distribution server issued by dedicated tunnel with it is local
The scan base comprising one or more renewal patches of system platform matching;
Load the scan base for obtaining.
Alternatively, the file server includes multiple content distributing network CDN nodes and KV servers, each CDN nodes
Synchronously there is the corresponding more new file of each patch;The KV servers set up the index of the mark and address information that have more new file.
Alternatively, the determining module is further adapted for:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch to be installed is determined
The mark of corresponding alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
Alternatively, each CDN nodes also synchronously have corresponding renewal of each patch to wrap, literary comprising multiple renewals in the renewal bag
The mark of part, the KV servers also set up the index of the mark and address information that update bag.
Alternatively, the determining module is further adapted for:
According to the corresponding mark for updating bag of each patch recorded in the scan base, the patch pair to be installed is determined
The mark of the target update bag answered;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
Alternatively, the determining module is further adapted for:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
Alternatively, the leak repair module is further adapted for:
The address of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file
Information;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple renewal text
Part.
Alternatively, the leak repair module is further adapted for:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
Alternatively, at least one following index information is also included in the index:
The summary info of more new file, size, issuing time, check information.
Alternatively, the leak repair module is further adapted for:
Using the mark of the multiple more new file, including for the multiple more new file is obtained from the KV servers
The index information of the check information of more new file;
The multiple more new file is obtained using the check information to download to verify, after verification passes through, by institute
State multiple more new files and copy to the interim installation directory.
Alternatively, the determining module is further adapted for:
Local leak is scanned according to scanning rule using the scan base of loading, obtains not pacifying on local system
The scanning result collection of the patch of dress;
Concentrated from the scanning result and choose patch to be installed.
Alternatively, the determining module is further adapted for:
All of patch in the scan base of loading is enumerated, obtains updating list;
The renewal list is traveled through, judges whether each patch is already installed on local system, if it is not, then adding the patch
The scanning result is added to concentrate.
In embodiments of the present invention, the scanning comprising one or more renewal patches that loading is matched with local system platform
Storehouse;And then the scan base using loading is scanned according to scanning rule to local leak, obtains patch to be installed, and determine
Patch to be installed is corresponding and local system in the mark of multiple more new files that does not exist;Afterwards text is updated using multiple
The mark of part obtains multiple more new files from file server, and then local leak is repaiied using multiple more new files
It is multiple.As can be seen here, the embodiment of the present invention, can in the scan base for carrying out being loaded directly into being matched with its own system platform when leak is repaired
To improve scan efficiency, and lift the validity of leak reparation.Also, the embodiment of the present invention from program suppliers without obtaining
And process and updated the data for the accumulative of repair procedure leak, but directly obtained from the file server being distributed to and update text
Part, it is possible to increase obtain the efficiency of more new file, so as to improve the efficiency of leak reparation.Further, since accumulative update inclusion product
Than larger, what the embodiment of the present invention obtained that patch to be installed is corresponding from file server and do not existed in local system
Multiple more new files, contain the accumulative of large and complete fresh information and update the data compared to acquisition in the prior art, the present invention
Embodiment can save data traffic, further improve the efficiency that leak is repaired.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technological means of the invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by specific embodiment of the invention.
According to the accompanying drawings to the detailed description of the specific embodiment of the invention, those skilled in the art will be brighter
Of the invention above-mentioned and other purposes, advantages and features.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area
Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 shows the flow chart of leak restorative procedure according to an embodiment of the invention;
Fig. 2 shows a kind of schematic diagram of scanning process of client;
Fig. 3 shows a kind of schematic diagram of installation procedure of client;
Fig. 4 shows the structural representation of leak repair system according to an embodiment of the invention;And
Fig. 5 shows the structural representation of leak prosthetic device according to an embodiment of the invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.Conversely, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
In order to solve the above technical problems, the embodiment of the invention provides a kind of leak restorative procedure, the method can be applied
In the client of user terminal.Fig. 1 shows the flow chart of leak restorative procedure according to an embodiment of the invention.Such as Fig. 1
Shown, the method at least may comprise steps of S102 to step S106.
Step S102, the scan base comprising one or more renewal patches that loading is matched with local system platform.
Step S104, is scanned according to scanning rule using the scan base of loading to local leak, obtains to be installed
Patch, and the multiple more new files for determining that patch to be installed is corresponding and not existing in local system mark.
Step S106, multiple more new files, Jin Erli are obtained from file server using the mark of multiple more new files
Local leak is repaired with multiple more new files.
In embodiments of the present invention, the scanning comprising one or more renewal patches that loading is matched with local system platform
Storehouse;And then the scan base using loading is scanned according to scanning rule to local leak, obtains patch to be installed, and determine
Patch to be installed is corresponding and local system in the mark of multiple more new files that does not exist;Afterwards text is updated using multiple
The mark of part obtains multiple more new files from file server, and then local leak is repaiied using multiple more new files
It is multiple.As can be seen here, the embodiment of the present invention, can in the scan base for carrying out being loaded directly into being matched with its own system platform when leak is repaired
To improve scan efficiency, and lift the validity of leak reparation.Also, the embodiment of the present invention from program suppliers without obtaining
And process and updated the data for the accumulative of repair procedure leak, but directly obtained from the file server being distributed to and update text
Part, it is possible to increase obtain the efficiency of more new file, so as to improve the efficiency of leak reparation.Further, since accumulative update inclusion product
Than larger, what the embodiment of the present invention obtained that patch to be installed is corresponding from file server and do not existed in local system
Multiple more new files, contain the accumulative of large and complete fresh information and update the data compared to acquisition in the prior art, the present invention
Embodiment can save data traffic, further improve the efficiency that leak is repaired.
The scan base comprising one or more renewal patches that loading is matched with local system platform in above step S102,
The embodiment of the invention provides a kind of optional scheme, i.e. obtain the scan base of local system and the data publication clothes of outside
The scan base that patches are updated comprising one or more matched with local system platform that business device is issued by dedicated tunnel, and then
Load the scan base for obtaining.
Further, data distribution server can synchronous acquisition be used for from program suppliers according to the specified time cycle
The accumulative of repair procedure leak updates the data;The middle full platform for extracting and patches being updated comprising one or more is updated the data from accumulative
Scan base, splits to full platform scanner storehouse according to system platform, obtains the scan base of each platform;By in accumulative updating the data
Renewal file distribution to file server, and the scan base that each platform is issued by dedicated tunnel.Additionally, data publication takes
Business device can be synchronously obtained for repairing journey according to the specified time cycle when synchronously adding up to update the data from program suppliers
The accumulative description information for updating the data of sequence leak, wherein, comprising the accumulative download address for updating the data of download in description information;
And then the download address in description information is downloaded and obtains accumulative updating the data.
Local leak is scanned according to scanning rule using the scan base of loading in above step S104, obtains waiting to pacify
The patch of dress, the embodiment of the invention provides a kind of optional scheme, in this scenario, it is possible to use the scan base of loading according to
Scanning rule is scanned to local leak, obtains the scanning result collection of uninstalled patch on local system, and then from scanning
Patch to be installed is chosen in result set.
In an alternate embodiment of the invention, all of patch in the scan base of loading can be enumerated, obtains updating list, subsequent time
Renewal list is gone through, judges whether each patch is already installed on local system, if it is not, the patch then is added into scanning result collection
In;If so, then continuing to choose next patch from list is updated, judge whether next patch is already installed on local system
On, by that analogy.
In an alternate embodiment of the invention, list is updated in traversal, judges whether each patch is already installed on local system it
Before, can also judge whether father's dependence of each patch detects and pass through, if so, then judging whether each patch is already installed on local system
On system;If it is not, then continuing to choose next patch from list is updated, judge whether the father of next patch relies on detect logical
Cross, by that analogy.
In alternative embodiment of the invention, file server can include multiple CDN (Content Delivery
Network, content distributing network) node and KV servers.Each CDN nodes in multiple CDN nodes are suitable to synchronous each patch pair
The more new file answered, KV servers are suitable to obtain the address information of each CDN nodes where the mark of more new file and more new file,
And set up the index comprising mark and address information of more new file.Here index can be the form of key-value, index
In mark can be as value as key, address information.In an alternate embodiment of the invention, can also include more in index
The index informations such as summary info, size, issuing time, the check information of new file, these index informations can be as
value。
In an alternate embodiment of the invention, in each CDN nodes synchronized update file, can be will more by data distribution server
New file uploads to CDN publisher servers and is synchronized to each CDN nodes.
In the alternative embodiment of invention, record has the mark of the corresponding more new file of each patch in the scan base of acquisition,
The mark of the multiple more new files for determining that patch to be installed is corresponding in above step S104 and not existing in local system,
The embodiment of the invention provides a kind of optional scheme, i.e. according to the corresponding more new file of each patch recorded in scan base
Mark, determines the mark of the corresponding alternative more new file of patch to be installed;According to the mark of alternatively more new file, judge local
Whether the alternative more new file there is in system, if it is not, then that the mark write-in residual quantity file of the alternative more new file is clear
Dan Zhong, and using in residual quantity lists of documents file mark as multiple more new files mark;If so, then by local system
The alternative more new file copies to interim installation directory.Here alternative more new file may be considered patch correspondence to be installed
All more new files, multiple more new files are residual quantity more new files.
In the alternative embodiment of invention, each CDN nodes also synchronously have corresponding renewal of each patch to wrap, and update and are included in wrapping
The mark of multiple more new files, KV servers also set up the index of the mark and address information that update bag.Also, in scan base
Record has the corresponding mark for updating bag of each patch, determines that patch to be installed is corresponding and is locally in above step S104
The mark of the multiple more new files not existed in system, the embodiment of the present invention additionally provides a kind of optional scheme, in this scenario,
The corresponding target update of patch to be installed can be determined according to the corresponding mark for updating bag of each patch recorded in scan base
The mark of bag;And then the mark of utilization target update bag obtains the address information of target update bag from KV servers;It is then sharp
Downloaded from corresponding CDN nodes with the address information of target update bag and obtain target update bag;Target update bag is decompressed afterwards
It is determined that the mark of multiple more new file.
Further, decompression target update bag determines the mark of multiple more new files, the embodiment of the invention provides one kind
Optional scheme, i.e. decompression target update bag obtains the mark of alternative more new file, and then according to the mark of alternatively more new file
Know, judge whether there is the alternative more new file on local system, if it is not, then by the mark write-in of the alternative more new file
In residual quantity lists of documents, and using in residual quantity lists of documents file mark as multiple more new files mark;If so, then incite somebody to action this
The alternative more new file in ground system copies to interim installation directory.
After the mark that step S104 determines multiple more new files, step S106 is using the mark of multiple more new files from text
Multiple more new files are obtained at part server, specifically, multiple is obtained from KV servers using the mark of multiple more new files
The address information of more new file, and then address information using multiple more new files downloads from corresponding CDN nodes and obtains many
Individual more new file.Next, will download the multiple more new files for obtaining copies to interim installation directory, and interim installation mesh is installed
File in record, repairs with to local leak.That is, will exist on multiple more new files and local system
File is merged, and then local leak is repaired.
In an alternate embodiment of the invention, in order to ensure the validity of multiple more new files, multiple more new files can also be entered
Row information is verified, specifically, it is possible to use the mark of multiple more new files, and the bag of multiple more new files is obtained from KV servers
The index information of the check information containing more new file, and then multiple more new files are obtained to download using check information carry out school
Test, after verification passes through, multiple more new files are copied into interim installation directory.
Various implementations of links in the embodiment shown in Fig. 1 are described above, below with a concrete application reality
Example introduces leak restorative procedure provided in an embodiment of the present invention, and the method can apply the client in each user terminal
On.
So that program suppliers are as Microsoft as an example, such as introduce above, in win10, Microsoft introduces new windows and updates
Issue mechanism, that is, do not use the form of the independently installed bag of past dispersion, but uses a monthly big accumulative bag that updates instead
Form.The embodiment of the present invention provides corresponding more new file for each user terminal, so as to save data traffic, improves leakage
The efficiency that hole is repaired.
First, (Windows Server Update Services, Windows server are more to build a standard WSUS
New demand servicing) server, it includes a standard WSUS service and a series of data publication instruments from realization.
On the one hand, WSUS services are responsible for regularly updating the data storehouse from Microsoft's Cloud Server is synchronously newest, update the data
Storehouse the inside can include important description information, mainly there is the quick experience bag URL (Uniform of full platform scanner storehouse, all patches
Resource Locator, URL), the PSF files URL of the complete packet URL of all patches and renewal, etc..
On the other hand, data publication instrument is responsible for according to the above-mentioned description information updated the data in storehouse, by accumulative renewal number
According to (such as full platform scanner storehouse, the quick experience bag of patch, the complete packet of patch, each patch PSF files) download to WSUS
On server.Then, the middle full platform scanner storehouse extracted and patches are updated comprising one or more is updated the data from accumulative, to complete flat
Platform scan base is split according to system platform, obtains the scan base of each platform.Then, by the renewal text in accumulative updating the data
Part is published to file server, and the scan base of each platform is issued by dedicated tunnel.Finally, significant data is carried out standby
Part.Originated as unique operation data, a WSUS server just can be with while the security of this server be also to pass
It is important.
Next, by the synchronous more new file issued from data distribution server of file server, file clothes here
Business device is an abstract concept, as the destination of data publication, the not single one or several service of file server
Device, but a series of server cluster of mutual cooperations.File server mainly includes two portions of CDN nodes and KV servers
Point.On the one hand, each CDN nodes for being distributed in all parts of the country are responsible for the more new file of synchronous newest issue in time, while being responsible for sound
Answer hundreds of millions of client file download requests.On the other hand, KV server clusters are responsible for setting up in time the rope for updating the data
Draw, while be responsible for the hundreds of millions of client indexes requests of response, specifically, KV servers obtain the mark and more of more new file
The address information of each CDN nodes where new file, and set up the index comprising mark and address information of more new file.
After the completion of data publication, when exactly playing these data and act on, that is, client from KV servers and
CDN nodes request data and application these data renewal operating system or application program, this stage can be divided into sweep phase
With two parts of erection stage.
1) sweep phase
Manually or during background timer driver sweep, client updates incremental sweep storehouse libleak2_ to user first
Diff.dat, after asking successfully, loading by dedicated tunnel issue the targeted scans storehouse matched with local system platform most
Redaction, is then scanned according to rule in targeted scans storehouse to local leak again, obtains uninstalled benefit on local system
The scanning result collection of fourth, concentrates from scanning result and chooses patch to be installed.
Fig. 2 shows a kind of schematic diagram of scanning process of client, as shown in Fig. 2 the scanning process of client can be with
Comprise the following steps S202 to S230.
Step S202, the targeted scans storehouse matched with local system platform that loading is issued by dedicated tunnel.
Step S204, enumerates all of patch in targeted scans storehouse, obtains updating list.
Step S206, judges whether renewal list travels through and finishes, if it is not, then continuing executing with step S208;If so, then continuing
Perform step S230.
Step S208, takes out a patch from list is updated.
Step S210, judges whether father's dependence of the patch detects and passes through, if it is not, then return performing step S206;If so,
Then continue executing with step S212.
Step S212, enumerates all sub- patch of the patch, obtains sub- renewal list, continues executing with step S214.
Step S214, judges whether son renewal list travels through and finishes, if it is not, then continuing executing with step S216;If so, then after
It is continuous to perform step S226.
Step S216, takes out a sub- patch from sub- renewal list.
Step S218, judges whether father's dependence of the sub- patch detects and passes through, if it is not, then return performing step S214;If
It is then to continue executing with step S220.
Step S220, judges whether the patch is already installed on local system, if so, then return performing step S214;
If it is not, then continuing executing with step S222.
Step S222, judges whether the patch is applicable, if it is not, then return performing step S214;If so, then continuing executing with step
Rapid S224.
Step S224, adds the sub- patch to sub- patch scanning result collection.
Step S226, judges whether sub- patch scanning result collection is empty, if so, then return performing step S206;If it is not, then
Continue executing with step S228.
Step S228, adds current patch to renewal scanning result collection, and continue executing with step S206.
Step S230, obtains scanning result collection.
2) erection stage
After the completion of scanning, user can concentrate from scanning result and select to need patch (patch i.e. to be installed) to be mounted,
Then installation process is started.First, quick experience bag (the corresponding renewal of patch i.e. to be installed is calculated according to targeted scans storehouse
Bag) key, index information (e.g., download URL, the school of quick experience bag of bag is quickly experienced using the key to KV server requests
Test information etc.), after KV servers return to the index information of quick experience bag, the download URL of quick experience bag is therefrom extracted,
Then using the URL to the quick experience bag of CDN nodes request, after CDN returns to quick experience bag, using plucking in index information
Check information is waited to verify quick experience bag.After quick experience bag verification passes through, institute is calculated using quick experience bag
The key of residual quantity more new file is needed, using these key to KV server request residual quantity index informations, when KV servers return to residual quantity
After index information, the download URL of residual quantity more new file is therefrom extracted, then updated to CDN nodes request residual quantity using the URL
File, after CDN nodes return to residual quantity more new file, using check informations such as the summaries in index information to residual quantity more new file
Verified.All residual quantity more new file is all verified after passing through, complete by merging local file and residual quantity renewal file generated
Bag, finally calls specified interface to install the complete packet for synthesizing.
Fig. 3 shows a kind of schematic diagram of installation procedure of client, as shown in figure 3, the installation procedure of client can be with
Comprise the following steps S302 to S330.
Step S302, downloads quick experience bag.
Step S304, interim installation directory is unziped to by quick experience bag.
In this step, interim installation directory can be given tacit consent to, or customized.
Step S306, enumerates all with psf.cix.xml ending files, obtains xml document set.
Step S308, judges whether xml document set takes, if it is not, then continuing executing with step S310;If so, then continuing
Perform step S324.
Step S310, takes out an xml document in set.
Step S312, enumerates all Files/file nodes in the xml document, obtains file set.
Step S314, judges whether file set takes, if so, then return performing step S308;If it is not, then continuing executing with
Step S316.
Step S316, takes out a file in set.
Whether step S318, judges there is this document in winsxs old versions, if so, then performing step S320;
If it is not, then continuing executing with step S322.
Step S320, replicates this document to interim installation directory, returns and performs step S314.
Step S322, by this document relative path write-in residual quantity lists of documents, returns and performs step S314.
Step S324, judges whether residual quantity lists of documents are empty, if so, then continuing executing with step S326;If it is not, then continuing
Perform step S328.
Step S326, the file installed in interim installation directory is started by specified interface.
Step S328, residual quantity file bag is asked by residual quantity lists of documents to own CDN nodes, continues executing with step
S330。
Step S330, after residual quantity file bag is downloaded successfully, is unziped to interim installation directory, continues executing with step
S326。
It should be noted that program suppliers Microsoft listed herewith is only schematical, the present invention is not carried out
Limitation, the embodiment of the present invention can be applied carries out leak reparation in any need to program (such as operating system, application program)
Scene.
Leak recovery scenario provided in an embodiment of the present invention, its core concept is " the accumulative residual quantity issue for updating the data ",
That is, by using the scan base of this platform, the current system environment to user terminal is scanned, so as to calculate it is all need to be more
The binary system residual quantity (binary diff patch, i.e. fragment file) of new file, then by required fragment file from service end
Locally downloading, the complete packet needed for finally being synthesized using these fragment files and local file is installed, to repair user
Leak present on terminal.This residual quantity updates issue mechanism can save more than 80% downloading flow, can fundamentally solve
The problem that certainly existing implementation is present.
Fig. 4 shows the structural representation of leak repair system according to an embodiment of the invention.As shown in figure 4, the leakage
Hole repair system 400 (not shown in Fig. 4) can include:WSUS servers 410, CDN nodes 421, KV servers 422 and visitor
Family end 430.
The workflow of leak repair system 400 can be divided into data publication stage and the client more new stage, below will
Describe in detail respectively.
The data publication stage is introduced first.In the data publication stage, be exactly briefly that leak is repaiied when Microsoft has data to update
These new datas are synchronously come and are acted upon by complex system in time, and the mistake of the whole network user is then distributed in the way of oneself
Journey.This is a process of " pushing away ".The data publication stage can be divided into synchronized update data, treatment and update the data, issues more again
New data, data backup stage.
(1) synchronized update data
To realize that obtaining Microsoft in time adds up the demand that updates the data, it is necessary to build a standard WSUS servers 410,
WSUS servers 410 periodically (such as every 30 minutes one inferior) are synchronously obtained for the leakage of repair system program from Microsoft's Cloud Server
The accumulative description information for updating the data in hole, wherein, it is accumulative to update the data the quick experience including full platform scanner storehouse, patch
Bag, PSF files of the complete packet of patch, each patch etc., comprising the accumulative download address for updating the data of download in description information.
(2) treatment is updated the data
Download address of the WSUS servers 410 in description information is downloaded and obtains accumulative updating the data.Then, from accumulative
The middle full platform scanner storehouse extracted and patches are updated comprising one or more is updated the data, to full platform scanner storehouse according to system platform
Split, obtained the scan base of each platform.
When being split to full platform scanner storehouse, WsusUtil orders can be called to update the data middle extraction bag from accumulative
Full platform scanner storehouse containing one or more renewal patches, then calls UpdateMake orders according to the mark of each system platform
The renewal list of the patch of each platform is derived from full platform scanner storehouse, WsusScan orders are called afterwards according to full platform scanner
Storehouse and renewal list generate the scan base of each platform.The mark of each system platform here can as win7, win8.1, win10,
Office etc., the invention is not restricted to this.
(3) issue is updated the data
After DSR, it is possible to start to issue data.The renewal that WSUS servers 410 will add up in updating the data
File distribution is to CDN nodes 421.Afterwards, the key and index information of these more new files are calculated (such as the summary letter of more new file
Breath, size and be published on CDN be used for client 430 download URL) be pushed to the cluster of KV servers 422 set up index.So
Afterwards, the PE files in new more new file are carried out plus white.Each platform scanner storehouse is issued finally by dedicated tunnel.
(4) the data backup stage
It is main here to need backup to be computed the rope for completing, it is necessary to be backed up to important data after the completion of issue
The scan base of fuse breath and each platform and it is necessary to use remote backup strategy, back up in other servers.
Secondly it is the client more new stage.After the completion of data publication, when exactly playing the effect of these data, also
It is client from KV servers and CDN nodes request data and application these data renewal operating system or application program, this
Stage can be divided into two parts of sweep phase and erection stage, may refer to introduce above, and here is omitted.
It should be noted that in practical application, above-mentioned all optional embodiments can be any group by the way of combining
Close, form alternative embodiment of the invention, this is no longer going to repeat them.
Based on the leak restorative procedure that each embodiment above is provided, based on same inventive concept, the embodiment of the present invention is also
There is provided a kind of leak prosthetic device.
Fig. 5 shows the structural representation of leak prosthetic device according to an embodiment of the invention.As shown in figure 5, the dress
Putting can at least include load-on module 510, determining module 520 and leak repair module 530.
Now introduce the company between each composition of the leak prosthetic device of the embodiment of the present invention or the function and each several part of device
Connect relation:
Load-on module 510, is suitable to the scanning comprising one or more renewal patches that loading is matched with local system platform
Storehouse;
Determining module 520, is coupled with load-on module 510, is suitable to the scan base using loading according to scanning rule
Local leak is scanned, patch to be installed is obtained, and determines that the patch to be installed is corresponding and in local system
The mark of the multiple more new files not existed;
Leak repair module 530, is coupled with determining module 520, be suitable to mark using the multiple more new file from
The multiple more new file is obtained at file server, and then local leak is repaired using the multiple more new file.
In an embodiment of the present invention, the load-on module 510 is further adapted for:
Obtain local system scan base and outside data distribution server issued by dedicated tunnel with it is local
The scan base comprising one or more renewal patches of system platform matching;
Load the scan base for obtaining.
In an embodiment of the present invention, the file server includes multiple content distributing network CDN nodes and KV services
Device, each CDN nodes synchronously have the corresponding more new file of each patch;The KV servers set up mark and the address for having more new file
The index of information.
In an embodiment of the present invention, the determining module 520 is further adapted for:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch to be installed is determined
The mark of corresponding alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
In an embodiment of the present invention, each CDN nodes also synchronously have corresponding renewal of each patch to wrap, described to update bag in bag
Mark containing multiple more new files, the KV servers also set up the index of the mark and address information that update bag.
In an embodiment of the present invention, the determining module 520 is further adapted for:
According to the corresponding mark for updating bag of each patch recorded in the scan base, the patch pair to be installed is determined
The mark of the target update bag answered;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
In an embodiment of the present invention, the determining module 520 is further adapted for:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
In an embodiment of the present invention, the leak repair module 530 is further adapted for:
The address of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file
Information;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple renewal text
Part.
In an embodiment of the present invention, the leak repair module 530 is further adapted for:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
In an embodiment of the present invention, at least one following index information is also included in the index:
The summary info of more new file, size, issuing time, check information.
In an embodiment of the present invention, the leak repair module 530 is further adapted for:
Using the mark of the multiple more new file, including for the multiple more new file is obtained from the KV servers
The index information of the check information of more new file;
The multiple more new file is obtained using the check information to download to verify, after verification passes through, by institute
State multiple more new files and copy to the interim installation directory.
In an embodiment of the present invention, the determining module 520 is further adapted for:
Local leak is scanned according to scanning rule using the scan base of loading, obtains not pacifying on local system
The scanning result collection of the patch of dress;
Concentrated from the scanning result and choose patch to be installed.
In an embodiment of the present invention, the determining module 520 is further adapted for:
All of patch in the scan base of loading is enumerated, obtains updating list;
The renewal list is traveled through, judges whether each patch is already installed on local system, if it is not, then adding the patch
The scanning result is added to concentrate.
According to the combination of above-mentioned any one alternative embodiment or multiple alternative embodiments, the embodiment of the present invention can reach
Following beneficial effect:
In embodiments of the present invention, the scanning comprising one or more renewal patches that loading is matched with local system platform
Storehouse;And then the scan base using loading is scanned according to scanning rule to local leak, obtains patch to be installed, and determine
Patch to be installed is corresponding and local system in the mark of multiple more new files that does not exist;Afterwards text is updated using multiple
The mark of part obtains multiple more new files from file server, and then local leak is repaiied using multiple more new files
It is multiple.As can be seen here, the embodiment of the present invention, can in the scan base for carrying out being loaded directly into being matched with its own system platform when leak is repaired
To improve scan efficiency, and lift the validity of leak reparation.Also, the embodiment of the present invention from program suppliers without obtaining
And process and updated the data for the accumulative of repair procedure leak, but directly obtained from the file server being distributed to and update text
Part, it is possible to increase obtain the efficiency of more new file, so as to improve the efficiency of leak reparation.Further, since accumulative update inclusion product
Than larger, what the embodiment of the present invention obtained that patch to be installed is corresponding from file server and do not existed in local system
Multiple more new files, contain the accumulative of large and complete fresh information and update the data compared to acquisition in the prior art, the present invention
Embodiment can save data traffic, further improve the efficiency that leak is repaired.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify one or more that the disclosure and helping understands in each inventive aspect, exist
Above to the description of exemplary embodiment of the invention in, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield features more more than the feature being expressly recited in each claim.More precisely, such as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, and wherein each claim is in itself
All as separate embodiments of the invention.
Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Unit or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit exclude each other, can use any
Combine to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit is required, summary and accompanying drawing) disclosed in each feature can the alternative features of or similar purpose identical, equivalent by offer carry out generation
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in detail in the claims, embodiment required for protection it is one of any
Mode can use in any combination.
All parts embodiment of the invention can be realized with hardware, or be run with one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) come realize in leak prosthetic device according to embodiments of the present invention some or
The some or all functions of person's whole part.The present invention is also implemented as perform method as described herein one
Point or whole equipment or program of device (for example, computer program and computer program product).It is such to realize this hair
Bright program can be stored on a computer-readable medium, or can have the form of one or more signal.It is such
Signal can be downloaded from internet website and obtained, or be provided on carrier signal, or be provided in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol being located between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element listed in the claims or step.Word "a" or "an" before element is not excluded the presence of as multiple
Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
So far, although those skilled in the art will appreciate that detailed herein have shown and described multiple of the invention and show
Example property embodiment, but, without departing from the spirit and scope of the present invention, still can be direct according to present disclosure
It is determined that or deriving many other variations or modifications for meeting the principle of the invention.Therefore, the scope of the present invention is understood that and recognizes
It is set to and covers all these other variations or modifications.
According to an aspect of the present invention, there is provided A1, a kind of leak restorative procedure, including:
The scan base comprising one or more renewal patches that loading is matched with local system platform;
Local leak is scanned according to scanning rule using the scan base of loading, patch to be installed is obtained,
And the mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system;
The multiple more new file is obtained from file server using the mark of the multiple more new file, and then is utilized
The multiple more new file is repaired to local leak.
A2, the method according to A1, wherein, what loading was matched with local system platform mends comprising one or more renewals
The scan base of fourth, including:
Obtain local system scan base and outside data distribution server issued by dedicated tunnel with it is local
The scan base comprising one or more renewal patches of system platform matching;
Load the scan base for obtaining.
A3, the method according to A1 or A2, wherein, the file server includes multiple content distributing network CDN knots
Point and KV servers, each CDN nodes synchronously have the corresponding more new file of each patch;The KV servers are set up more new file
The index of mark and address information.
A4, the method according to A3, wherein, record has the mark of the corresponding more new file of each patch in the scan base
Know, the mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system, including:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch to be installed is determined
The mark of corresponding alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
A5, the method according to A3, wherein, each CDN nodes also synchronously have corresponding renewal of each patch to wrap, the renewal
Comprising the mark of multiple more new files in bag, the KV servers also set up the index of the mark and address information that update bag.
A6, the method according to A5, wherein, record has the corresponding mark for updating bag of each patch in the scan base,
The mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system, including:
According to the corresponding mark for updating bag of each patch recorded in the scan base, the patch pair to be installed is determined
The mark of the target update bag answered;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
A7, the method according to A6, wherein, decompress the mark that the target update bag determines the multiple more new file
Know, including:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
A8, the method according to any one of A3-A7, wherein, using the mark of the multiple more new file from file
The multiple more new file is obtained at server, including:
The address of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file
Information;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple renewal text
Part.
A9, the method according to A8, wherein, local leak is repaired using the multiple more new file, including:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
A10, the method according to A9, wherein, at least one following index information is also included in the index:
The summary info of more new file, size, issuing time, check information.
A11, the method according to A10, wherein, will download the multiple more new file that obtains copy to it is described interim
Installation directory, including:
Using the mark of the multiple more new file, including for the multiple more new file is obtained from the KV servers
The index information of the check information of more new file;
The multiple more new file is obtained using the check information to download to verify, after verification passes through, by institute
State multiple more new files and copy to the interim installation directory.
A12, the method according to any one of A1-A11, wherein, using the scan base of loading according to scanning rule
Then local leak is scanned, patch to be installed is obtained, including:
Local leak is scanned according to scanning rule using the scan base of loading, obtains not pacifying on local system
The scanning result collection of the patch of dress;
Concentrated from the scanning result and choose patch to be installed.
A13, the method according to A12, wherein, using the scan base of loading according to scanning rule to local leak
It is scanned, obtains the scanning result collection of uninstalled patch on local system, including:
All of patch in the scan base of loading is enumerated, obtains updating list;
The renewal list is traveled through, judges whether each patch is already installed on local system, if it is not, then adding the patch
The scanning result is added to concentrate.
According to another aspect of the present invention, B14, a kind of leak prosthetic device are additionally provided, including:
Load-on module, is suitable to the scan base comprising one or more renewal patches that loading is matched with local system platform;
Determining module, is suitable to be scanned local leak according to scanning rule using the scan base of loading, obtains
Patch to be installed, and the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system
Mark;
Leak repair module, is suitable to obtain the multiple from file server using the mark of the multiple more new file
More new file, and then local leak is repaired using the multiple more new file.
B15, the device according to B14, wherein, the load-on module is further adapted for:
Obtain local system scan base and outside data distribution server issued by dedicated tunnel with it is local
The scan base comprising one or more renewal patches of system platform matching;
Load the scan base for obtaining.
B16, the device according to B14 or B15, wherein, the file server includes multiple content distributing network CDN
Node and KV servers, each CDN nodes synchronously have the corresponding more new file of each patch;The KV servers are set up more new file
Mark and address information index.
B17, the device according to B16, wherein, the determining module is further adapted for:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch to be installed is determined
The mark of corresponding alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
B18, the device according to B16, wherein, each CDN nodes also synchronously have each patch it is corresponding update bag, it is described more
Comprising the mark of multiple more new files in new bag, the KV servers also set up the rope of the mark and address information that update bag
Draw.
B19, the device according to B18, wherein, the determining module is further adapted for:
According to the corresponding mark for updating bag of each patch recorded in the scan base, the patch pair to be installed is determined
The mark of the target update bag answered;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
B20, the device according to B19, wherein, the determining module is further adapted for:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then by the mark write-in residual quantity lists of documents of the alternative more new file, and by the residual quantity lists of documents
The mark of middle file as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
B21, the device according to any one of B16-B20, wherein, the leak repair module is further adapted for:
The address of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file
Information;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple renewal text
Part.
B22, the device according to B21, wherein, the leak repair module is further adapted for:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
B23, the device according to B22, wherein, at least one following index information is also included in the index:
The summary info of more new file, size, issuing time, check information.
B24, the device according to B23, wherein, the leak repair module is further adapted for:
Using the mark of the multiple more new file, including for the multiple more new file is obtained from the KV servers
The index information of the check information of more new file;
The multiple more new file is obtained using the check information to download to verify, after verification passes through, by institute
State multiple more new files and copy to the interim installation directory.
B25, the device according to any one of B14-B24, wherein, the determining module is further adapted for:
Local leak is scanned according to scanning rule using the scan base of loading, obtains not pacifying on local system
The scanning result collection of the patch of dress;
Concentrated from the scanning result and choose patch to be installed.
B26, the device according to B24, wherein, the determining module is further adapted for:
All of patch in the scan base of loading is enumerated, obtains updating list;
The renewal list is traveled through, judges whether each patch is already installed on local system, if it is not, then adding the patch
The scanning result is added to concentrate.
Claims (10)
1. a kind of leak restorative procedure, including:
The scan base comprising one or more renewal patches that loading is matched with local system platform;
Local leak is scanned according to scanning rule using the scan base of loading, patch to be installed is obtained, and really
The fixed patch to be installed is corresponding and local system in the mark of multiple more new files that does not exist;
The multiple more new file is obtained from file server using the mark of the multiple more new file, and then using described
Multiple more new files are repaired to local leak.
2. method according to claim 1, wherein, what loading was matched with local system platform updates comprising one or more
The scan base of patch, including:
The data distribution server of the scan base and outside that obtain local system is issued by dedicated tunnel and local system
The scan base comprising one or more renewal patches of platform matching;
Load the scan base for obtaining.
3. method according to claim 1 and 2, wherein, the file server includes multiple content distributing network CDN knots
Point and KV servers, each CDN nodes synchronously have the corresponding more new file of each patch;The KV servers are set up more new file
The index of mark and address information.
4. method according to claim 3, wherein, record has the mark of the corresponding more new file of each patch in the scan base
Know, the mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system, including:
According to the mark of the corresponding more new file of each patch recorded in the scan base, the patch correspondence to be installed is determined
Alternative more new file mark;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then will be in the mark write-in residual quantity lists of documents of the alternative more new file and the residual quantity lists of documents are Chinese
The mark of part as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
5. method according to claim 3, wherein, each CDN nodes also synchronously have that each patch is corresponding to update bag, it is described more
Comprising the mark of multiple more new files in new bag, the KV servers also set up the rope of the mark and address information that update bag
Draw.
6. method according to claim 5, wherein, record has the corresponding mark for updating bag of each patch in the scan base
Know, the mark of the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system, including:
According to the corresponding mark for updating bag of each patch recorded in the scan base, determine that the patch to be installed is corresponding
The mark of target update bag;
The address information of the target update bag is obtained from the KV servers using the mark of the target update bag;
Downloaded from corresponding CDN nodes using the address information of the target update bag and obtain the target update bag;
Decompress the mark that the target update bag determines the multiple more new file.
7. method according to claim 6, wherein, decompress the mark that the target update bag determines the multiple more new file
Know, including:
Decompress the mark that the target update bag obtains alternative more new file;
According to the mark of the alternative more new file, judge whether there is the alternative more new file on local system;
If it is not, then will be in the mark write-in residual quantity lists of documents of the alternative more new file and the residual quantity lists of documents are Chinese
The mark of part as the multiple more new file mark;
If so, the alternative more new file on local system then is copied into interim installation directory.
8. the method according to any one of claim 3-7, wherein, using the mark of the multiple more new file from file
The multiple more new file is obtained at server, including:
The address information of the multiple more new file is obtained from the KV servers using the mark of the multiple more new file;
Downloaded from corresponding CDN nodes using the address information of the multiple more new file and obtain the multiple more new file.
9. method according to claim 8, wherein, local leak is repaired using the multiple more new file, wrap
Include:
The multiple more new file for obtaining will be downloaded and copy to the interim installation directory;
File in the interim installation directory is installed, is repaired with to local leak.
10. a kind of leak prosthetic device, including:
Load-on module, is suitable to the scan base comprising one or more renewal patches that loading is matched with local system platform;
Determining module, is suitable to be scanned local leak according to scanning rule using the scan base of loading, obtains waiting to pacify
The patch of dress, and the multiple more new files for determining that the patch to be installed is corresponding and not existing in local system mark;
Leak repair module, is suitable to obtain the multiple renewal from file server using the mark of the multiple more new file
File, and then local leak is repaired using the multiple more new file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710062973.1A CN106921731B (en) | 2017-01-24 | 2017-01-24 | Vulnerability repair method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710062973.1A CN106921731B (en) | 2017-01-24 | 2017-01-24 | Vulnerability repair method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106921731A true CN106921731A (en) | 2017-07-04 |
| CN106921731B CN106921731B (en) | 2021-06-22 |
Family
ID=59454483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710062973.1A Active CN106921731B (en) | 2017-01-24 | 2017-01-24 | Vulnerability repair method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106921731B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107392033A (en) * | 2017-08-30 | 2017-11-24 | 杭州安恒信息技术有限公司 | A kind of Android device Permeation Test System and its automation penetration testing method |
| CN108200029A (en) * | 2017-12-27 | 2018-06-22 | 北京知道创宇信息技术有限公司 | Loophole situation detection method, device, server and readable storage medium storing program for executing |
| CN109218336A (en) * | 2018-11-16 | 2019-01-15 | 北京知道创宇信息技术有限公司 | Loophole defence method and system |
| CN109976788A (en) * | 2019-03-26 | 2019-07-05 | 深圳Tcl数字技术有限公司 | The miniature loophole restorative procedure of intelligent terminal, intelligent terminal, equipment and server |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN112541182A (en) * | 2020-12-23 | 2021-03-23 | 苏州三六零智能安全科技有限公司 | Kernel VFS layer system repairing method, device, equipment and storage medium |
| CN112579330A (en) * | 2019-09-30 | 2021-03-30 | 奇安信安全技术(珠海)有限公司 | Method, device and equipment for processing abnormal data of operating system |
| CN113704359A (en) * | 2021-09-03 | 2021-11-26 | 优刻得科技股份有限公司 | Synchronization method, system and server for multiple data copies of time sequence database |
| CN113760339A (en) * | 2020-07-01 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Vulnerability repair method and device |
| CN113760339B (en) * | 2020-07-01 | 2024-10-18 | 北京沃东天骏信息技术有限公司 | Vulnerability restoration method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101931944A (en) * | 2010-07-23 | 2010-12-29 | 华为终端有限公司 | Method, device and system for updating terminal patches on line |
| CN103227992A (en) * | 2013-04-01 | 2013-07-31 | 南京理工大学常熟研究院有限公司 | Android terminal-based vulnerability scanning system |
| CN103745158A (en) * | 2014-01-26 | 2014-04-23 | 北京奇虎科技有限公司 | Method and device for repairing system bugs |
| CN103973475A (en) * | 2013-02-05 | 2014-08-06 | 腾讯科技(深圳)有限公司 | Difference service pack generating method, difference service pack downloading method, server and client-side |
| CN104378397A (en) * | 2013-08-15 | 2015-02-25 | 世纪禾光科技发展(北京)有限公司 | Method and system for issuing incremental updating of program package |
| CN104462975A (en) * | 2014-12-19 | 2015-03-25 | 北京奇虎科技有限公司 | Program scanning method, device and system |
-
2017
- 2017-01-24 CN CN201710062973.1A patent/CN106921731B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101931944A (en) * | 2010-07-23 | 2010-12-29 | 华为终端有限公司 | Method, device and system for updating terminal patches on line |
| CN103973475A (en) * | 2013-02-05 | 2014-08-06 | 腾讯科技(深圳)有限公司 | Difference service pack generating method, difference service pack downloading method, server and client-side |
| CN103227992A (en) * | 2013-04-01 | 2013-07-31 | 南京理工大学常熟研究院有限公司 | Android terminal-based vulnerability scanning system |
| CN104378397A (en) * | 2013-08-15 | 2015-02-25 | 世纪禾光科技发展(北京)有限公司 | Method and system for issuing incremental updating of program package |
| CN103745158A (en) * | 2014-01-26 | 2014-04-23 | 北京奇虎科技有限公司 | Method and device for repairing system bugs |
| CN104462975A (en) * | 2014-12-19 | 2015-03-25 | 北京奇虎科技有限公司 | Program scanning method, device and system |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107392033A (en) * | 2017-08-30 | 2017-11-24 | 杭州安恒信息技术有限公司 | A kind of Android device Permeation Test System and its automation penetration testing method |
| CN107392033B (en) * | 2017-08-30 | 2019-12-31 | 杭州安恒信息技术股份有限公司 | Android device penetration test system and automatic penetration test method thereof |
| CN108200029A (en) * | 2017-12-27 | 2018-06-22 | 北京知道创宇信息技术有限公司 | Loophole situation detection method, device, server and readable storage medium storing program for executing |
| CN109218336A (en) * | 2018-11-16 | 2019-01-15 | 北京知道创宇信息技术有限公司 | Loophole defence method and system |
| CN109976788A (en) * | 2019-03-26 | 2019-07-05 | 深圳Tcl数字技术有限公司 | The miniature loophole restorative procedure of intelligent terminal, intelligent terminal, equipment and server |
| CN109976788B (en) * | 2019-03-26 | 2024-03-15 | 深圳Tcl数字技术有限公司 | Intelligent terminal miniature vulnerability restoration method, intelligent terminal, equipment and server |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN112579330A (en) * | 2019-09-30 | 2021-03-30 | 奇安信安全技术(珠海)有限公司 | Method, device and equipment for processing abnormal data of operating system |
| CN112579330B (en) * | 2019-09-30 | 2024-02-06 | 奇安信安全技术(珠海)有限公司 | Processing method, device and equipment for abnormal data of operating system |
| CN113760339A (en) * | 2020-07-01 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Vulnerability repair method and device |
| CN113760339B (en) * | 2020-07-01 | 2024-10-18 | 北京沃东天骏信息技术有限公司 | Vulnerability restoration method and device |
| CN112541182B (en) * | 2020-12-23 | 2022-11-04 | 苏州三六零智能安全科技有限公司 | Kernel VFS layer system repairing method, device, equipment and storage medium |
| CN112541182A (en) * | 2020-12-23 | 2021-03-23 | 苏州三六零智能安全科技有限公司 | Kernel VFS layer system repairing method, device, equipment and storage medium |
| CN113704359A (en) * | 2021-09-03 | 2021-11-26 | 优刻得科技股份有限公司 | Synchronization method, system and server for multiple data copies of time sequence database |
| CN113704359B (en) * | 2021-09-03 | 2024-04-26 | 优刻得科技股份有限公司 | Method, system and server for synchronizing multiple data copies of time sequence database |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106921731B (en) | 2021-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106921731A (en) | Leak restorative procedure and device | |
| CN106919843A (en) | Leak repair system, method and apparatus | |
| CN102622241B (en) | A kind of method for upgrading software and device | |
| CN103064666B (en) | One software distribution method by all kinds of means and system | |
| CN106610854B (en) | Model updating method and device | |
| CN107896244B (en) | Version file distribution method, client and server | |
| CN103019708B (en) | For the system of releasing software | |
| US7996501B2 (en) | System and method for updating devices that execute an operating system or application program directly from nonvolatile storage | |
| CN105893008A (en) | Method and device for customizing multi-channel installation package | |
| CN107391107A (en) | The restorative procedure and device of a kind of application program | |
| CN106708537A (en) | Application updating method and application updating device | |
| CN106815370A (en) | Update the methods, devices and systems of resource file | |
| JP2013073417A (en) | Method and system for arranging object data, server device thereof, client device, and program | |
| CN105160253B (en) | Repair method, apparatus, system and the server of client-side program | |
| CN110989993A (en) | WeChat applet-based development method | |
| CN104699511B (en) | Plug-in unit upgrade method and device | |
| CN106371881A (en) | Method and system for updating program versions in servers | |
| CN106406943A (en) | Customized upgrading method and system for clients of different versions | |
| CN105279436A (en) | Software updating method and system | |
| CN109908585A (en) | A kind of document handling method and system calculate equipment and storage medium | |
| CN105553671B (en) | A kind of management method of digital certificate, apparatus and system | |
| CN103687059A (en) | Method and device for establishing connection between computing device and mobile device | |
| CN112015651A (en) | Data processing method and device | |
| CN107729045A (en) | Application program automates version dissemination method and system | |
| CN106776266A (en) | The collocation method and terminal device of testing tool |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |