【原创】区块链技术在宠物活体交易和管理上的应用

区块链技术在宠物活体交易和管理上的应用

通过前几周刘峰老师给大家介绍的一系列主题文章,相信大家对区块链技术在商品流通、教育领域的实际案例有了一定的了解,下面我来给大家讲讲区块链技术在宠物行业方面的应用。

都说陪伴是最长情的告白,而宠物对老年人、儿童而言都可称得上是最贴心的伴侣。国际上通用观点是:当一个国家或地区60岁以上老年人口占人口总数的10%,或65岁以上老年人口占人口总数的7%时,即意味着这个国家或地区的人口处于老龄化社会。从老龄化比较显著的国家城市拥有犬只的家庭占比来看,美国这一比例约为55.96%,日本约为29.4%,而我国北京目前此数据为7.59%,上海为4.60%,全国平均占比仅为1.7%。再结合中国这些年高速发展的经济水平和不断提升的消费观念,中国宠物数量乃至宠物行业在可期的未来均会迎来爆发性增长已经是中国消费品领域市场的共识。

 

据统计,目前我国拥有超过1.5亿只宠物狗,随着饲养宠物的人群数量正逐年增加,城市宠物交易市场越发红火,但是相关的纠纷也随之增多。不久前还有新闻称,有买家因受到不良商家的欺骗,从宠物市场买到了一只看起来是泰迪的羊。无论是去狗市,还是通过宠物中介,还是在网上直接进行活体交易,买主都有可能会买到传说中的“星期狗”或者遇到其它形式各异的欺骗行为。以往宠物爱好者在网店或某些信息网站上选宠物时,买家只能通过为数不多的照片以及贩卖者的文字描述来了解狗狗情况和生活环境,因为无从验证信息真假,往往会遭遇许多欺诈行为。即使买家是在实地考察狗舍后进行的购买行为,也可能因为对宠物知识了解不够而被卖家隐瞒宠物真实的健康状况、身份血统等情况而得到一个虚高报价……并且,无论买家选择哪一种购买方式,想得到供应商曾承诺的合理售后服务都极其困难。上述种种让宠物行业活体交易一直饱受诟病,潜在用户因不信任市场而无法获得购买一只与市值相符伴侣动物的合理渠道,许多诚信经营的商家又因这些市场乱象失去了真正的目标客户。为了助力宠物交易市场革除以上弊端,区块链技术特点在此正好可以大显身手。

 

区块链上所有的数据都是真实可靠,无法篡改,无法伪造,刚好能够解决各个宠物市场各个环节互不信任的问题。从养殖商户开始、宠物商店、交易平台、宠物诊所都可以加入进来,从而构造一个完整的闭环。

 

 

养殖商家在宠物出生的时候,都植入带有全球动物唯一识别身份码的芯片,并将宠物的出生信息、父母照片、血统信息、宠物照片等信息永久记录到区块链上,伴随着幼宠的生长,生长环境、食谱、疫苗信息也会不断补充到区块链上,这样从源头就把控了幼宠的品质。

当活体养殖户将宠物转售给宠物商店时,区块链上会发生一笔权益转让交易,之后宠物的饲养、驱虫时间、每一针疫苗接种时间等信息会由宠物商店继续添加到区块链上。

宠物主购买时,可以根据宠物唯一芯片在区块链上查看到宠物自出生开始的所有信息,该信息真实可靠并可追溯。当宠物主发生购买行为时,宠物的权益信息将由宠物商店转移至宠物主。若宠物在购买后某段时期内出现售后服务保障范围内的健康问题,买家可以根据协议要求养殖户或宠物店退款或者更换同品质宠物。

 

宠物每次就诊信息,也可由宠物医院如实记录到区块链上。即使是宠物主之间要发生活体交易,他们也可以通过阅读该宠物在区块链上的信息后再做出让人内心安定的购买行为。

 

宠物管理部门可以通过芯片对城市中家庭饲养动物进行管理,了解到它们的数量和分布。宠物遗失之后,宠物管理部门可以根据宠物的识别芯片信息,在区块链上查到并通知宠物主人前去领取。

 

也许有人会因此担心自己的隐私信息会暴露,IBM引导的超级账本区块链项目目前已经推出了Fabric 1.0版,大家关心的隐私问题都得到了很好的解决。在区块链上所有的数据都是加密保存的,在每次权益转让之后,只有上下家之间能够看到相互的信息。拾得宠物的人根据芯片仅能查到有限的信息,无需担心与该宠物发生过关联的人的隐私会被暴露。

 

之所以在宠物身上植入识别芯片,是因为传统的耳标、挂牌等宠物识别方式陈旧、落后,且容易丢失;而通过植入宠物芯片不仅能够方便主人找寻到丢失的宠物,还能让买家享受到卖家提供的各种更有针对性的售后服务以及管理部门对流浪宠物的管理。

 

引入区块链对宠物进行管理之后,这种由信息不透明、不对称导致的行业痛点得到完善解决,让购买宠物、饲养宠物这根链条上的各个节点实现得更加便捷和安全。同时,也可以最大程度上解决宠物遗失和弃养问题。特别是宠物主弃养宠物问题,一直饱受社会非议,而区块链技术可以让相关部门查找到宠物当前主人的信息,并且如果与之协调无果,相关部门可考虑将他的虐待宠物或恶意遗弃宠物行为记录到区块链上,禁止此人以后再饲养其它小动物。所以,区块链技术在宠物交易和管理上的应用也可以对宠物安全起到一个很好的保障作用。

Auto start a java Swing GUI program when raspberry boots

I planed make an self-desgin photo or movie player base on Raspberry. Also I can use it as photo frame. If I need improve the performance of the PI, I need write it with Python, I think.

 

Part 1 – Build the Foundation

In this part, we will focus on preparing Raspbian Lite.

1. Download the latest Raspbian Lite image.
2. Format the SD / microSD card with Raspbian Lite (Plenty of guides out there on how to do this. For macOS, Linux, and Windows users, Etcher is an easy to use application that can help you do this.)
3. Insert the SD / microSD card into the Pi.
4. Connect the Pi to the Internet using an Ethernet cable. If you want to use Wi-Fi instead, you will have to read on how to configure your wireless receiver using the command line after your Pi has finished booting.
5. Connect your TV / Monitor and keyboard. (Mouse is optional at this time.) Turn on the Pi. The Pi should boot up successfully and a prompt to log in will appear.
6. Log into Raspbian. The username is pi and the password is raspberry.

 

7. We will install Xorg. To do this type in:

sudo apt-get install –no-install-recommends xserver-xorg

sudo apt-get install –no-install-recommends xinit

now, you can write you java program now. For example, I wrote a test program with a button in the center of screen. once I click the button, the window will change to the full size of the screen.

import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;

import javax.swing.JButton;
import javax.swing.JFrame;

public class FullScreenTest {
public static void main(String[] args) {
final JFrame f = new JFrame(“FullScreenTest”);
final JButton btn = new JButton(“FullScreen”);
btn.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
if (btn.getText().equals(“FullScreen”)) {
f.dispose();
f.setUndecorated(true);
f.getGraphicsConfiguration().getDevice().setFullScreenWindow(f);
f.setVisible(true);
btn.setText(“NormalMode”);
} else {
f.dispose();
f.setUndecorated(false);
f.getGraphicsConfiguration().getDevice().setFullScreenWindow(null);
f.setVisible(true);
btn.setText(“FullScreen”);
}
}
});

f.getContentPane().setLayout(new FlowLayout());
f.getContentPane().add(btn);
f.pack();
f.setLocationRelativeTo(null);
f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
f.setVisible(true);
}
}

 

Pack the file into a jar file like GUI.jar.

In order to have a command or program run when the Pi boots, you can add commands to the rc.local file. This is especially useful if you want to be able to plug your Pi in to power headless, and have it run a program without configuration or a manual start.

EDITING RC.LOCAL

On your Pi, edit the file /etc/rc.local using the editor of your choice. You must edit with root, for example:

sudo nano /etc/rc.local

Add commands below the comment, but leave the line exit 0 at the end, then save the file and exit.

sudo xinit /usr/local/jdk1.8.0_77/bin/java -jar /usr/local/mypi/GUI.jar — :1 &

 

 

Reboot your PI, then done!

解决PKIX问题:unable to find valid certification path to requested target

话说前几天在测试服务器上遇到了这么个异常

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

就是说找不着安全证书啥的等等烂码七糟的一大堆

接着就拜Google大神,发现一篇文章能被N个人转来转去的,关键文章还不怎么靠谱

后来找到了一个办法,幸运的是在测试环境一弄, 这个问题看上去就被解决了

我们要做的就是将所要访问的URL的安全认证证书导入到客户端

下面是获取安全证书的一种方法

/*
 * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 *   - Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 *
 *   - Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in the
 *     documentation and/or other materials provided with the distribution.
 *
 *   - Neither the name of Sun Microsystems nor the names of its
 *     contributors may be used to endorse or promote products derived
 *     from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

public class InstallCert {
	public static void main(String[] args) throws Exception {
		String host;
		int port;
		char[] passphrase;
		if ((args.length == 1) || (args.length == 2)) {
			String[] c = args[0].split(":");
			host = c[0];
			port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
			String p = (args.length == 1) ? "changeit" : args[1];
			passphrase = p.toCharArray();
		} else {
			System.out.println("Usage: java InstallCert <host>[:port] [passphrase]");
			return;
		}

		File file = new File("jssecacerts");
		if (file.isFile() == false) {
			char SEP = File.separatorChar;
			File dir = new File(System.getProperty("java.home") + SEP + "lib" + SEP + "security");
			file = new File(dir, "jssecacerts");
			if (file.isFile() == false) {
				file = new File(dir, "cacerts");
			}
		}
		
		System.out.println("Loading KeyStore " + file + "...");
		InputStream in = new FileInputStream(file);
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
		ks.load(in, passphrase);
		in.close();

		SSLContext context = SSLContext.getInstance("TLS");
		TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		tmf.init(ks);
		X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0];
		SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
		context.init(null, new TrustManager[]{tm}, null);
		SSLSocketFactory factory = context.getSocketFactory();

		System.out.println("Opening connection to " + host + ":" + port + "...");
		SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
		socket.setSoTimeout(10000);
		try {
			System.out.println("Starting SSL handshake...");
			socket.startHandshake();
			socket.close();
			System.out.println();
			System.out.println("No errors, certificate is already trusted");
		} catch (SSLException e) {
			System.out.println();
			e.printStackTrace(System.out);
		}

		X509Certificate[] chain = tm.chain;
		if (chain == null) {
			System.out.println("Could not obtain server certificate chain");
			return;
		}

		BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));

		System.out.println();
		System.out.println("Server sent " + chain.length + " certificate(s):");
		System.out.println();
		MessageDigest sha1 = MessageDigest.getInstance("SHA1");
		MessageDigest md5 = MessageDigest.getInstance("MD5");
		for (int i = 0; i < chain.length; i++) {
			X509Certificate cert = chain[i];
			System.out.println(" " + (i + 1) + " Subject " + cert.getSubjectDN());
			System.out.println("   Issuer  " + cert.getIssuerDN());
			sha1.update(cert.getEncoded());
			System.out.println("   sha1    " + toHexString(sha1.digest()));
			md5.update(cert.getEncoded());
			System.out.println("   md5     " + toHexString(md5.digest()));
			System.out.println();
		}

		System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
		String line = reader.readLine().trim();
		int k;
		try {
			k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
		} catch (NumberFormatException e) {
			System.out.println("KeyStore not changed");
			return;
		}

		X509Certificate cert = chain[k];
		String alias = host + "-" + (k + 1);
		ks.setCertificateEntry(alias, cert);

		OutputStream out = new FileOutputStream("jssecacerts");
		ks.store(out, passphrase);
		out.close();

		System.out.println();
		System.out.println(cert);
		System.out.println();
		System.out.println("Added certificate to keystore 'jssecacerts' using alias '" + alias + "'");
	}

	
	private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

	
	private static String toHexString(byte[] bytes) {
		StringBuilder sb = new StringBuilder(bytes.length * 3);
		for (int b : bytes) {
			b &= 0xff;
			sb.append(HEXDIGITS[b >> 4]);
			sb.append(HEXDIGITS[b & 15]);
			sb.append(' ');
		}
		return sb.toString();
	}

	
	private static class SavingTrustManager implements X509TrustManager {
		private final X509TrustManager tm;
		private X509Certificate[] chain;

		SavingTrustManager(X509TrustManager tm) {
			this.tm = tm;
		}

		public X509Certificate[] getAcceptedIssuers() {
			throw new UnsupportedOperationException();
		}

		public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
			throw new UnsupportedOperationException();
		}

		public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
			this.chain = chain;
			tm.checkServerTrusted(chain, authType);
		}
	}
}

编译InstallCert.java得到两个class文件,并执行InstallCert类

执行方式:java InstallCert hostname     eg:java InstallCert www.cebbank.com

接下来会看到下面的打印信息

java InstallCert www.cebbank.com
Loading KeyStore /usr/java/jdk1.6.0_31/jre/lib/security/cacerts...
Opening connection to www.cebbank.com:443...
Starting SSL handshake...

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181)
	at InstallCert.main(InstallCert.java:102)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
	at sun.security.validator.Validator.validate(Validator.java:218)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:198)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
	... 8 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
	... 14 more

Server sent 1 certificate(s):

 1 Subject CN=www.cebbank.com, OU=Terms of use at www.verisign.com/rpa (c)05, OU=CEB, O="China Everbright Bank Co., Ltd", L=Beijing
   Issuer  CN=VeriSign Class 3 Extended Validation SSL CA, OU=Terms of use at https://www.verisign.com/rpa (c)06, OU=VeriSign Trust Network
   sha1    5b d2 85 6e b3 a4 2b 07 a2 13 47 b3 be 3e 1f c9 d3 ce 46 57 
   md5     05 d8 ae ee f1 d9 51 63 6d 2f 11 e0 ac d0 e7 d7 

Enter certificate to add to trusted keystore or 'q' to quit: [1]

然后输入 1 并回车,会看到类似下面的打印信息

[
[
  Version: V3
  Subject: CN=www.cebbank.com, OU=Terms of use at www.verisign.com/rpa (c)05, OU=CEB, O="China Everbright Bank Co., Ltd", L=Beijing
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: 30831246384548809540705228292841393062583732250993909916355780413722161557074568469738254573472093341710481517139910877
  public exponent: 65537
  Validity: [From: Mon Jul 02 08:00:00 CST 2012,
               To: Thu Jul 03 07:59:59 CST 2014]
  Issuer: CN=VeriSign Class 3 Extended Validation SSL CA, OU=Terms of use at https://www.verisign.com/rpa (c)06, OU=VeriSign Trust Network
  SerialNumber: [    5715ab25 6be8fa42 2fa28dd4 601bc732]

Certificate Extensions: 9
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
  [
   accessMethod: 1.3.6.1.5.5.7.48.1
   accessLocation: URIName: http://ocsp.verisign.com, 
   accessMethod: 1.3.6.1.5.5.7.48.2
   accessLocation: URIName: http://EVSecure-aia.verisign.com/EVSecure2006.cer]
]

[2]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
  DNSName: www.cebbank.com
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FC 8A 50 BA 9E B9 25 5A   7B 55 85 4F 95 00 63 8F  ..P...%Z.U.O..c.
0010: E9 58 6B 43                                        .XkC
]

]

[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113733.1.7.23.6]
[PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.1
  qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 76 65  ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63   6F 6D 2F 63 70 73        risign.com/cps

]]  ]
]

[5]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[6]: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 62 30 60 A1 5E A0 5C   30 5A 30 58 30 56 16 09  .b0`.^.\0Z0X0V..
0010: 69 6D 61 67 65 2F 67 69   66 30 21 30 1F 30 07 06  image/gif0!0.0..
0020: 05 2B 0E 03 02 1A 04 14   4B 6B B9 28 96 06 0C BB  .+......Kk.(....
0030: D0 52 38 9B 29 AC 4B 07   8B 21 05 18 30 26 16 24  .R8.).K..!..0&.$
0040: 68 74 74 70 3A 2F 2F 6C   6F 67 6F 2E 76 65 72 69  http://logo.veri
0050: 73 69 67 6E 2E 63 6F 6D   2F 76 73 6C 6F 67 6F 31  sign.com/vslogo1
0060: 2E 67 69 66                                        .gif


[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
  serverAuth
  clientAuth
]

[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
  [DistributionPoint:
     [URIName: http://EVSecure-crl.verisign.com/EVSecure2006.crl]
]]

[9]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Key_Encipherment
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 42 0A 89 BF 48 08 1E F4   98 F2 E5 DB 0D 83 EF 37  B...H..........7
0010: EC 27 6F 4D 81 69 C6 4A   4C 17 EC 57 F5 48 2A 14  .'oM.i.JL..W.H*.
0020: 3C 54 B2 C5 49 39 42 BA   EC 83 78 02 F9 96 6C 63  <T..I9B...x...lc
0030: 80 BC 60 61 BB 20 D1 AD   C3 D3 76 47 6F 0C 7B AC  ..`a. ....vGo...
0040: 76 B2 C7 2D B1 0A 7A 00   CA 40 38 86 FF 9F 12 F5  v..-..z..@8.....
0050: BE 5A E7 42 97 2F DF DE   0C 19 C5 F6 92 58 17 7A  .Z.B./.......X.z
0060: 9A 1D 2C 2C DA 8B 83 83   2D BE 07 58 56 36 92 E7  ..,,....-..XV6..
0070: B1 F8 A0 B5 00 F4 C3 30   D1 34 37 3D 94 75 28 04  .......0.47=.u(.
0080: A2 D8 C3 FE B1 E1 C2 2E   51 A8 6F D5 09 6D 49 DB  ........Q.o..mI.
0090: 2E 1D 4B F7 A8 06 30 B4   97 E7 C2 33 26 FD 6A DF  ..K...0....3&.j.
00A0: D6 B0 10 A1 F2 73 DD 5A   60 DE 51 5E EA 80 46 86  .....s.Z`.Q^..F.
00B0: 25 0B 53 FC C2 57 80 35   09 2D 31 55 28 35 EE 0F  %.S..W.5.-1U(5..
00C0: 62 50 4B 12 75 0B 02 9F   2F 0B D2 8A 0D 23 E3 C1  bPK.u.../....#..
00D0: 48 28 56 33 E1 DE 31 DD   72 78 15 96 EE 2B A5 1D  H(V3..1.rx...+..
00E0: 37 85 1B E5 88 53 80 88   02 6D 90 F3 E6 4A 74 AC  7....S...m...Jt.
00F0: D2 CA 0E 04 BC 46 A0 57   34 FA CF 9D E5 D7 0E 4B  .....F.W4......K

]

Added certificate to keystore 'jssecacerts' using alias 'www.cebbank.com-1'

同时我们会在当面目录下发现已经生成了一个名为jssecacerts的证书

再将名为jssecacerts的证书拷贝\\%JAVA_HONME%\\jre\\lib\\security\\目录中

最后重启下应用的服务,证书就会生效了。。

补充: 有人说生成证书后不用拷贝,直接代码里加句话就行,结果试了一下发现不管用

System.setProperty("javax.net.ssl.trustStore", "jssecacerts证书路径");

[转]openssl的证书格式转换

证书转换

PKCS 全称是 Public-Key Cryptography Standards ,是由 RSA 实验室与其它安全系统开发商为促进公钥密码的发展而制订的一系列标准,PKCS 目前共发布过 15 个标准。 常用的有:
PKCS#7 Cryptographic Message Syntax Standard
PKCS#10 Certification Request Standard
PKCS#12 Personal Information Exchange Syntax Standard
X.509是常见通用的证书格式。所有的证书都符合为Public Key Infrastructure (PKI) 制定的 ITU-T X509 国际标准。
PKCS#7 常用的后缀是: .P7B .P7C .SPC
PKCS#12 常用的后缀有: .P12 .PFX
X.509 DER 编码(ASCII)的后缀是: .DER .CER .CRT
X.509 PAM 编码(Base64)的后缀是: .PEM .CER .CRT
.cer/.crt是用于存放证书,它是2进制形式存放的,不含私钥。
.pem跟crt/cer的区别是它以Ascii来表示。
pfx/p12用于存放个人证书/私钥,他通常包含保护密码,2进制方式
p10是证书请求
p7r是CA对证书请求的回复,只用于导入
p7b以树状展示证书链(certificate chain),同时也支持单个证书,不含私钥。

1. CA证书

用openssl创建CA证书的RSA密钥(PEM格式):

openssl genrsa -des3 -out ca.key 1024

2. 创建CA证书有效期为一年

用openssl创建CA证书(PEM格式,假如有效期为一年):

openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config openssl.cnf

openssl是可以生成DER格式的CA证书的,最好用IE将PEM格式的CA证书转换成DER格式的CA证书。

3. x509转换为pfx

openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt

4. PEM格式的ca.key转换为Microsoft可以识别的pvk格式

pvk -in ca.key -out ca.pvk -nocrypt -topvk

5. PKCS#12 到 PEM 的转换

openssl pkcs12 -nocerts -nodes -in cert.p12 -out private.pem  验证   openssl pkcs12 -clcerts -nokeys -in cert.p12 -out cert.pem

6. 从 PFX 格式文件中提取私钥格式文件 (.key)

openssl pkcs12 -in mycert.pfx -nocerts -nodes -out mycert.key

7. 转换 pem 到到 spc

   openssl crl2pkcs7 -nocrl -certfile venus.pem  -outform DER -out venus.spc

用 -outform -inform 指定 DER 还是 PAM 格式。例如:

openssl x509 -in Cert.pem -inform PEM -out cert.der -outform DER

8. PEM 到 PKCS#12 的转换

openssl pkcs12 -export -in Cert.pem -out Cert.p12 -inkey key.pem

IIS 证书

cd c:\openssl            set OPENSSL_CONF=openssl.cnf            openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt

server.key和server.crt文件是Apache的证书文件,生成的server.pfx用于导入IIS

9. How to Convert PFX Certificate to PEM Format for SOAP

$ openssl pkcs12 -in test.pfx -out client.pem  Enter Import Password:  MAC verified OK  Enter PEM pass phrase:  Verifying - Enter PEM pass phrase:

FTP时显示500 Illegal PORT command的解决

使用EditPlus打开FTP服务器上的文件时,发现连接不了

在windows的dos窗口用FTP命令去连时,可以登录,但使用ls等命令时,出现:
500 Illegal PORT command.
425 Use PORT or PASV first.
根据提示是被动模式的问题

在EditPlus的FTP设定高级选项中,选上passive FTP mode即可而dos窗口的FTP命令则无法设置为被动模式

FTP主/被动模式的原理
————————————————————————————————————————————————–
FTP是File Transfer Protocol(文件传输协议)的缩写,用来在两台计算机之间互相传送文件相比于HTTP,FTP协议要复杂得多复杂的原因,是因为FTP协议要用到两个TCP连接,一个是命令链路,用来在FTP客户端与服务器之间传递命令;另一个是数据链路,用来上传或下载数据

FTP协议有两种工作方式:PORT方式和PASV方式,中文意思为主动式和被动式

PORT(主动)方式的连接过程是:客户端向服务器的FTP端口(默认是21)发送连接请求,服务器接受连接,建立一条命令链路当需要传送数据时,客户端在命令链路上用PORT命令告诉服务器:我打开了XXXX端口,你过来连接我于是服务器从20端口向客户端的XXXX端口发送连接请求,建立一条数据链路来传送数据

PASV(被动)方式的连接过程是:客户端向服务器的FTP端口(默认是21)发送连接请求,服务器接受连接,建立一条命令链路当需要传送数据时,服务器在命令链路上用PASV命令告诉客户端:我打开了XXXX端口,你过来连接我于是客户端向服务器的XXXX端口发送连接请求,建立一条数据链路来传送数据
概括:
——————————————————————————–
主动模式:服务器向客户端敲门,然后客户端开门
被动模式:客户端向服务器敲门,然后服务器开门

所以,如果你是如果通过代理上网的话,就不能用主动模式,因为服务器敲的是上网代理服务器的门,而不是敲客户端的门
而且有时候,客户端也不是轻易就开门的,因为有防火墙阻挡,除非客户端开放大于1024的高端端口

——————————————————————————–
要用主动模式来下载,请您把下载工具的被动模式(PASV)都不要打勾,用主动模式来下载就OK了,如果在出错,那就被动主动相互转换一下

常见的FTP客户端软件的PASV方式的关闭方法

大部分FTP客户端默认使用PASV方式,PASV模式的意式是被动模式 在大部分FTP客户端的设置里,常见到的字眼都是PASV或被动模式

IE: 工具 -> Internet选项 -> 高级 -> 使用被动FTP(需要IE6.0以上才支持)

CuteFTP: Edit -> Setting -> Connection -> Firewall -> PASV Mode
或 File -> Site Manager,在左边选中站点 -> Edit -> Use PASV mode

FlashGet: 工具 -> 选项 -> 代理服务器 -> 直接连接 -> 编辑 -> PASV模式

FlashFXP: 选项 -> 参数选择 -> 代理/防火墙/标识 -> 使用被动模式
或 站点管理 -> 对应站点 -> 选项 -> 使用被动模式
或 快速连接 -> 切换 -> 使用被动模式

LeapFTP: Option ->Preferences -> General->Proxy->Use Pasv Mode

MOUNT AN SMB NETWORK DRIVE ON RASPBERRY PI

original post: http://geeks.noeit.com/mount-an-smb-network-drive-on-raspberry-pi/

In this tutorial we will describe how to connect your Raspberry Pi to a network drive and permanently mount it to your system. Even though this article uses a Raspberry Pi as an example to connect to an SMB drive, the steps used can be applied to any Debian based system, such as Ubuntu.

If you have a Raspberry Pi you might have noticed that the storage possibilities are kind of limited unless you have some external storage. Even though you can get SD cards with 64+gb of storage, you probably want more if you have a lot of music and movies that you are streaming through your Pi.

There are several choices when it comes to storage for your Pi, such as network drives, flash drives, or external USB HDDs. Using a network drive you can not only access your files from the Pi, but from any computer connected to your network, which is very convenient.

Prerequisites

Before we start, I will assume you already

  1. have a network drive connected to your LAN, and
  2. know its LAN IP address

Note: remember to change all text in red to your own values.

 

Installation

In order to mount the drive, you need to have cifs-utils installed on your system. If you are running a newer version of Raspbian or RaspBMC you should already have this installed. You can check whether it is installed or not by running the following command:

dpkg -s cifs-utils

If it is installed, it should output something like this:

Package: cifs-utils
 Status: install ok installed
 Priority: optional
 Section: otherosfs
 Installed-Size: 189
 Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org> Architecture: armhf
 Version: 2:5.5-1
 ...

If it says that it’s not installed, you need to install it:

sudo apt-get install cifs-utils

 

Mounting unprotected (guest) network folders

You might have public folders on your network drive that can be accessed by anyone without having to provide any credentials. These are mounted in the same way as password-protected folders (we will mount these in the next section), but with a few different options.

First, let’s create a directory on the Pi where we want to mount the directory. You will need a separate directory for each network folder that you want to mount. I will create the folders in the /media folder:

sudo mkdir -p /media/networkshare/public

Then edit your /etc/fstab file (with root privileges) and add this line:

//192.168.0.18/publicshare /media/networkshare/public cifs guest,uid=1000,gid=1000,iocharset=utf8 0 0

The first part is the IP of your network drive, and the public folder you want to mount.
The second part is the folder on your local machine where you want to mount the network share.
The third part indicates what type of drive you want to mount (cifs).

The last part is the set of options you can pass, and here’s an explanation of the ones we are using:

  • guest is basically telling the network drive that it’s a public share, and you don’t need a password to access it (not to confuse with username),
  • uid=1000 makes the Pi user with this id the owner of the mounted share, allowing them to rename files,
  • gid=1000 is the same as uid but for the user’s group,
  • iocharset=utf8 allows access to files with names in non-English languages.

Note: If there is any space in the server path, you need to replace it by \040, for example //192.168.0.18/My\040Documents

To find the uid and gid for your username, use the following command:

id username

Now that we have added this to our /etc/fstab, we need to (re)mount all entries listed in /etc/fstab:

sudo mount -a

Now you can access your network drive from /media/networkshare/public (or wherever you chose to mount it).

 

Mount password-protected network folders

Mounting a password-protected share is very similar to mounting a public ones, with some minor changes to the options we pass. Let’s start by making a new folder where we want to mount the password-protected share:

sudo mkdir -p /media/networkshare/protected

Again, open /etc/fstab (with root privileges), and add this line:

//192.168.0.18/protectedshare /media/networkshare/protected cifs username=msusername,password=mspassword,uid=1000,gid=1000,iocharset=utf8 0 0

While this is a perfectly valid way of mounting your protected folder, it’s not very secure. Since /etc/fstab is readable by everyone, so are your credentials in it. So, let’s make it more secure by using a credentials file. This file will contain nothing else but your username and password, but we will make readable only to you. This way, other users on the system won’t be able to see your credentials.

Using a text editor, create a file that will contain the credentials for your protected network share:

vim ~/.smbcredentials

Enter your username and password for the protected share in the file:

username=msusername
password=mspassword

Save the file.

Change the permissions of the file to make sure only you can read it:

chmod 600 ~/.smbcredentials

Then edit your /etc/fstab file and change the line where we are mounting the protected share to look like this:

//192.168.0.18/protectedhare /media/networkshare/protected cifs credentials=/home/username/.smbcredentials,uid=1000,gid=1000,iocharset=utf8 0 0

Save the file.

Again, we need to (re)mount all entries listed in /etc/fstab:

sudo mount -a

 

Now you’re all set to access your public and protected folders from your Pi.

 

How to wake up a pc by PHP

source: 
http://php.net/manual/en/ref.sockets.php
http://www.rkrishardy.com/2009/12/permission-denied-13-when-opening-socket-in-php-apache/

<?php
/**
 * Wake-on-LAN
 *
 * @return boolean
 *   TRUE:    Socked was created successfully and the message has been sent.
 *   FALSE:   Something went wrong
 *
 * @param string|array  $mac   You will WAKE-UP this WOL-enabled computer, you
 *                             need to add the MAC-address here. Mac can be
 *                             array too.
 *
 * @param string|array  $addr  You will send and broadcast to this address.
 *                             Normally you need to use the 255.255.255.255
 *                             address, so I made it as the default. You don't need to do anything with this.
 *                       
 *                             If you get permission denied errors when using
 *                             255.255.255.255 have permission denied problems
 *                             you can set $addr = false to get the broadcast
 *                             address from the network interface using the
 *                             ifconfig command.
 *
 *                             $addr can be array with broadcast IP values
 *
 * Example 1:
 *   When the message has been sent you will see the message "Done...."
 *   if ( wake_on_lan('00:00:00:00:00:00'))
 *      echo 'Done...';
 *   else
 *      echo 'Error while sending';
 */

function wake_on_lan($mac, $addr=false, $port=7) {
    if ($addr === false){
        exec("ifconfig | grep Bcast | cut -d \":\" -f 3 | cut -d \" \" -f 1",$addr);
        $addr=array_flip(array_flip($addr));
    }
    if(is_array($addr)){
        $last_ret = false;
        for ($i = 0; $i < count($addr); $i++)
            if ($addr[$i] !== false) {
                $last_ret = wake_on_lan($mac, $addr[$i], $port);
            }
        return $last_ret;
    }
    if (is_array($mac)){
        $ret = array();
        foreach($mac as $k =< $v)
            $ret[$k] = wake_on_lan($v, $addr, $port);
        return $ret;
    }
    //Check if it's an real MAC-address and split it into an array
    $mac = strtoupper($mac);
    if (!preg_match("/([A-F0-9]{1,2}[-:]){5}[A-F0-9]{1,2}/", $mac, $maccheck))
        return false;
    $addr_byte = preg_split("/[-:]/", $maccheck[0]);
 
    //Creating hardware adress
    $hw_addr = '';
    for ($a = 0; $a < 6; $a++)//Changing mac adres from HEXEDECIMAL to DECIMAL
        $hw_addr .= chr(hexdec($addr_byte[$a]));
  
    //Create package data
    $msg = str_repeat(chr(255),6);
    for ($a = 1; $a <= 16; $a++)
        $msg .= $hw_addr;
    //Sending data
    if (function_exists('socket_create')){
        //socket_create exists
        $sock = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);    //Can create the socket
        if ($sock){
            $sock_data = socket_set_option($sock, SOL_SOCKET, SO_BROADCAST, 1); //Set
            if ($sock_data){
                $sock_data = socket_sendto($sock, $msg, strlen($msg), 0, $addr,$port); //Send data
                if ($sock_data){
                    socket_close($sock); //Close socket
                    unset($sock);
                    return true;
                }
            }
        }
        @socket_close($sock);
        unset($sock);
    }
    $sock=fsockopen("udp://" . $addr, $port);
    if($sock){
        $ret=fwrite($sock,$msg);
        fclose($sock);
    }
    if($ret)
        return true;
    return false;  
}

if (@wake_on_lan('00:00:00:00:00:00')) {
    echo 'Done...';
} else {
    echo 'Error while sending';
}
?>

How do I start to to play videos automatically while boot?

Seems like the answer to your question is contained within an other question on this site.

I am trying to play videos automatically when the Raspberry Pi boots. I decided to use crontab for that:

@reboot /storage/.config/autostart.sh

The autostart.sh file contains the following code:

xbmc-send -a “PlayMedia(/storage/videos/)”

The Raspberry Pi successfully automatically starts to play videos from /storage/videos/ directory when it reboots.

Hope that helps.

 

 

This is like asking “How do I fix my car when it won’t start?” Your question is way to broad to answer. The process will remain basically the same form case to case. Here are some steps that you can go through to figure this out.

  1. GOOGLE
  2. Using Terminal, shell, SSH, etc., figure out the command that will start the video as desired.
  3. READ this document to figure out how to turn that shell command into a bash script.http://www.calpoly.edu/~rasplund/script.html
  4. READ this document to figure out how to run that bash script on boothttp://www.cyberciti.biz/faq/linux-execute-cron-job-after-system-reboot/
  5. Reboot, test and troubleshoot.

javascript如何阻止click事件连续触发

中包含一个checkbox,点击时不仅激活checkbox的click事件,还会激活td或者tr的click事件,称作bubble event。

解决方法是:

$(“table tbody td”).click(function(e){
if(e.target.nodeName.toUpperCase() == “INPUT”){
alert(“It’s an input!”);
return;
}else{
alert(“It’s not an input!”);
}
});

How can I kill a process by name instead of PID?

前段时间为了投票,在服务器上面开了N个php进程,每次要退出的时候都要ps -eaf|grep php,然后根据pid一个一个kill,傻傻的操作了很多次。其实早就知道有killall的指令,但一次都没用过。这次实在受不了了,还是查了一下,用下面这个方法挺好

 

kill `pidof php`

备用方法,未验证
export pid=`ps | grep process_name | awk 'NR==1{print $1}' | cut -d' ' -f1`;kill $pid
pkill -f "Process name" 这个试过了,因为是php xxx.php方式,貌似没法用。

树莓派spi液晶屏支持(fbtft)[转]

 

转自 老徐拉灯 的博客

原文地址:http://blog.csdn.net/xdw1985829/article/details/39583239

树莓派官方支持av及HDMI输出,板子上预留了一个csi接口的液晶显示屏,但是一直没有相应的模组出现。在很多应用场合我们需要一些小型的液晶屏显示一些基本的信息,所以小屏驱动很是必要。

在github上有一个开源工程:notro/fbtft,完整的实现了framebuffer驱动,让树莓派完美支持tft液晶,下面对移植过程进行一个简单说明

一、官网地址

工程首页:https://github.com/notro

fbtft源码:https://github.com/notro/fbtft

编译好的固件(基于3.12.25+):https://github.com/notro/rpi-firmware

使用说明(wiki):https://github.com/notro/fbtft/wiki

二、使用编译好的固件(3.12.25+)

环境:树莓派

https://github.com/notro/rpi-firmware

1、打开SPI

树莓派默认spi是关掉的,我们需要打开

sudo vi /etc/modprobe.d/raspi-blacklist.conf

把下面这句话前面的#号删掉

blacklist spi-bcm2708

2、下载:

1)以模块的形式编译进内核(需要手动或脚本加载模块)3.12.25+(试验成功
sudo REPO_URI=https://github.com/notro/rpi-firmware rpi-update
2)直接编译进内核(笔者没有试验
sudo REPO_URI=https://github.com/notro/rpi-firmware BRANCH=builtin rpi-update

3)以模块的形式编译进内核(需要手动或脚本加载模块,最新版本,笔者试过启动不起来,不知道哪出问题

sudo REPO_URI=https://github.com/notro/rpi-firmware BRANCH=latest rpi-update

4)直接下载压缩包,手动安装(适合树莓派不能联网的时候

http://tronnes.org/downloads/2014-06-20-wheezy-raspbian-2014-07-25-fbtft-master-firmware.zip

3、配置

1)手动加载模块:

sudo modprobe fbtft_device name=adafruit22

name后面的名字,要跟相应的液晶驱动芯片移植

笔者使用的液晶芯片为:fb_ra8875,所以这里写的是:er_tftm050_2

其它芯片请查阅:https://github.com/notro/fbtft/blob/master/fbtft_device.c 文件

正常会提示以下信息

fbtft_device:  SPI devices registered:
fbtft_device:      spidev spi0.0 500kHz 8 bits mode=0x00
fbtft_device:      spidev spi0.1 500kHz 8 bits mode=0x00
fbtft_device:  ‘fb’ Platform devices registered:
fbtft_device:      bcm2708_fb id=-1 pdata? no
fbtft_device: Deleting spi0.0
fbtft_device:  GPIOS used by ‘adafruit22’:
fbtft_device:    ‘reset’ = GPIO25
fbtft_device:    ‘led’ = GPIO23
fbtft_device:  SPI devices registered:
fbtft_device:      spidev spi0.1 500kHz 8 bits mode=0x00
fbtft_device:      fb_hx8340bn spi0.0 32000kHz 8 bits mode=0x00

graphics fb1: fb_hx8340bn frame buffer, 176×220, 75 KiB video memory, 16 KiB buffer memory, fps=20, spi0.0 at 32 MHz

在/dev/目录下出现: /dev/fb1设备

2)自动加载模块

sudo vi  /etc/modules

加入以下语句,既可以在启动时自动加载模块

spi-bcm2708

fbtft_device name=er_tftm050_2  speed=28000000 fps=25 verbose=0

红色部分根据实际情况调整,可能出现花屏现象
4、使用(官方给出的方法,笔者测试不成功)

1)手动启动x11和控制台到新的液晶屏
X Windows显示在fb1上:
$FRAMEBUFFER=/dev/fb1 startx

Console显示在fb1上:
$con2fbmap 1 1

2)自动登陆x11

sudo vi /etc/inittab
#1:2345:respawn:/sbin/getty –noclear 38400 tty1
1:2345:respawn:/bin/login -f pi tty1 </dev/tty1 >/dev/tty1 2>&1

sudo vi /etc/rc.local

su -l pi -c “env FRAMEBUFFER=/dev/fb1 startx &”

5、使用(笔者使用这个测试通过)

1)将fb0上的内容直接拷贝到fb1上,fb0和fb1同步

https://github.com/notro/fbtft/wiki/Framebuffer-use#framebuffer-mirroring

$git clone https://github.com/tasanakorn/rpi-fbcp

$cd rpi-fbcp/
$mkdir build
$cd build/
$cmake ..
$make
$sudo install fbcp /usr/local/bin/fbcp

启动:fbcp &

关闭fbcp:killall fbcp

2)启动时使用fb1

$sudo apt-get install xserver-xorg-video-fbdev

$sudo vi /usr/share/X11/xorg.conf.d/99-fbdev.conf

加入以下语句:

Section “Device”
Identifier “myfb”
Driver “fbdev”
Option “fbdev” “/dev/fb1”
EndSection

启动:startx

 

测试:

apt-get -y install fbi

fbi -d /dev/fb1 -T 1 -noverbose -a test.jpg

三、由内核及源码编译

1、下载、编译内核源码:

请见《树莓派开发系列教程8——树莓派内核编译与固件升级

2、下载、编译fbtft源码

$cd linux(进入下载好的内核源码目录)

$cd drivers/video

$git clone https://github.com/notro/fbtft.git(下载fbtft源码,也可以在别的地方下载好,拷贝过来)

   修改内核源码的Kconfig及Makefine

  Add to drivers/video/Kconfig:   source “drivers/video/fbtft/Kconfig”

  Add to drivers/video/Makefile:  obj-y += fbtft/

$make menuconfig(在配置界面加入所选用液晶的驱动支持)

  1.  Device Drivers  —>
  2.  Graphics support  —>
  3. <M> Support for small TFT LCD display modules  —>
  4. <M>   FB driver for the HX8353D LCD Controller
  5. <M>   FB driver for the ILI9320 LCD Controller
  6. <M>   FB driver for the ILI9325 LCD Controller
  7. <M>   FB driver for the ILI9340 LCD Controller
  8. <M>   FB driver for the ILI9341 LCD Controller
  9. < >     FB driver for the ILI9481 LCD Controller
  10. <M>   FB driver for the ILI9486 LCD Controller
  11. <M>   FB driver for the PCD8544 LCD Controller
  12. <M>   FB driver for the RA8875 LCD Controller

$make

基于树莓派Raspberry: 字符设备内核驱动程序框架编写[转]

之前写了一篇移植2.4寸TFT驱动到树莓派的文章,那篇博文中的驱动代码是国外大牛写的,看了一下,还是有很多地方没理解,是得好好再学习一下内核驱动的编写,这里就从字符设备驱动开始,采用最简单的LED驱动来建立内核驱动移植的驱动框架.

个人原创,转载请注明原文出处:

http://blog.csdn.net/embbnux/article/details/17712547

参考文章:

http://blog.csdn.net/hcx25909/article/details/16860725

内核驱动与普通单片机模块驱动的差别就是在于,写内核驱动的时候,要提供内核调用的接口,使内核能找到相应的驱动入口,用户通过告诉内核要干嘛,内核再去调用那个驱动,驱动的最底层和单片机模块是一样的,同样是对GPIO的操作,配置输入输出,以及某些特殊的寄存器. LED的点亮就是对GPIO的操作 .

对于ARM的GPIO调用需要通过IO映射的方法,要操作内存上对应的地址.

对于bcm2708上的io对应关系,可以查看bcm2835的手册,和stm32基本上是一样的,因为同为ARM体系:SouthEast

我参考的那博客讲这个比较清楚,可以参考下,由于树莓派的内核以及很好的提供了GPIO调用的接口,即把内存操作封装了很好,这里就不像那篇博客那样再自己写函数通过内存操作来进行GPIO操作,觉得有点麻烦,但是对于学好底层很有用.

  一  首先上个驱动程序

 

这里直接把该程序添加到内核的源码目录里面,也可在自己的目录下,但是要写Makefile.

在/drivers/char/新建rasp_led.c,内核中的kconfig文件和makefile文件,参照前一篇文章

led.c:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
/********************************************************************/
/***************Rasp led 驱动程序************************************/
/***************作者: Embbnux Ji*************************************/
/***************博客: http://blog.csdn.net/embbnux/ *****************/
/********************************************************************/
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/device.h>
#include <mach/platform.h>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
#include <linux/platform_device.h>
#include <linux/types.h>
#include <linux/fs.h>
#include <linux/ioctl.h>
#include <linux/cdev.h>
#include <linux/delay.h>
#include <linux/uaccess.h>
#include <linux/init.h>
#include <linux/gpio.h>
#define DEVICE_NAME "Pi_Led"
#define DRIVER_NAME "pi_led"
//class声明内核模块驱动信息,是UDEV能够自动生成/dev下相应文件
static dev_t pi_led_devno; //设备号
static struct class *pi_led_class;
static struct cdev pi_led_class_dev;
struct gpio_chip *gpiochip;
#define led_pin 4 //gpio 4
//这部分函数为内核调用后open的设备IO操作,和裸板程序一样
int open_flag=0;
static int pi_led_open(struct inode *inode, struct file *filp)
{
 printk("Open led ing!\n");
 if(open_flag ==0){
 open_flag =1;
 printk("Open led success!\n");
 return 0;
 }
 else{
 printk("Led has opened!\n");
 }
 return 0;
}
//这部分函数为内核调用后ioctl的设备IO操作,和裸板程序一样
static long pi_led_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
{
 switch(cmd){
 case 0:
 gpiochip->set(gpiochip, led_pin, 0);
 printk("Led up!\n");
 break;
 case 1:
 gpiochip->set(gpiochip, led_pin, 1);
 printk("Led down!\n");
 break;
 }
 return 0;
}
static int pi_led_release(struct inode *inode,struct file *file){
 printk("Led has release!\n");
 return 0;
}
//file_operations使系统的open,ioctl等函数指针指向我们所写的led_open等函数,
//这样系统才能够调用
static struct file_operations pi_led_dev_fops = {
 .owner =THIS_MODULE,
 .open =pi_led_open,
 .unlocked_ioctl = pi_led_ioctl,
 .release = pi_led_release,
};
static int is_right_chip(struct gpio_chip *chip, void *data)
{
if (strcmp(data, chip->label) == 0)
 return 1;
 return 0;
}
//内核加载后的初始化函数.
static int __init pi_led_init(void)
{
 struct device *dev;
 int major; //自动分配主设备号
 major = alloc_chrdev_region(&pi_led_devno,0,1,DRIVER_NAME);
 //register_chrdev 注册字符设备使系统知道有LED这个模块在.
 cdev_init(&pi_led_class_dev, &pi_led_dev_fops);
 major = cdev_add(&pi_led_class_dev,pi_led_devno,1);
 //注册class
 pi_led_class = class_create(THIS_MODULE,DRIVER_NAME);
 dev = device_create(pi_led_class ,NULL,pi_led_devno,NULL,DRIVER_NAME);
 gpiochip = gpiochip_find("bcm2708_gpio", is_right_chip);
 gpiochip->direction_output(gpiochip, led_pin, 1);
 gpiochip->set(gpiochip, led_pin, 0);
 printk("pi led init ok!\n");
 return 0;
}
//内核卸载后的销毁函数.
void pi_led_exit(void)
{
 gpio_free(led_pin);
 device_destroy(pi_led_class,pi_led_devno);
 class_destroy(pi_led_class);
 cdev_del(&pi_led_class_dev);
 unregister_chrdev_region(pi_led_devno, 1);
 printk("pi led exit ok!\n");
}
module_init(pi_led_init);
module_exit(pi_led_exit);
MODULE_DESCRIPTION("Rasp Led Driver");
MODULE_AUTHOR("Embbnux Ji < http://blog.csdn.net/embbnux >");
MODULE_LICENSE("GPL");

二  源码框架分析

我们首先从内核模块的入口,module_init(pi_led_init)这个函数看起,可以看出初始化后调用pi_led_init这个函数.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
//内核加载后的初始化函数.
static int __init pi_led_init(void)
{
 struct device *dev;
 int major; //自动分配主设备号
 major = alloc_chrdev_region(&pi_led_devno,0,1,DRIVER_NAME);
 //register_chrdev 注册字符设备使系统知道有LED这个模块在.
 cdev_init(&pi_led_class_dev, &pi_led_dev_fops);
 major = cdev_add(&pi_led_class_dev,pi_led_devno,1);
 //注册class
 pi_led_class = class_create(THIS_MODULE,DRIVER_NAME);
 dev = device_create(pi_led_class ,NULL,pi_led_devno,NULL,DRIVER_NAME);
 gpiochip = gpiochip_find("bcm2708_gpio", is_right_chip);
 gpiochip->direction_output(gpiochip, led_pin, 1);
 gpiochip->set(gpiochip, led_pin, 0);
 printk("pi led init ok!\n");
 return 0;
}

初始化时首先分配给这个函数设备号,注册该设备,通过class注册使能够在/dev/目录下自动生成相应的设备文件,用户通过操作这个文件,来告诉内核怎么做.

由于是字符设备,所以对该文件的操作通过open,write,ioctl等函数,所以要把这个函数和底层的操作函数对应起来,这就要用到file_operation这个结构体,来声明:

1
2
3
4
5
6
7
8
//file_operations使系统的open,ioctl等函数指针指向我们所写的led_open等函数,
//这样系统才能够调用
static struct file_operations pi_led_dev_fops = {
 .owner =THIS_MODULE,
 .open =pi_led_open,
 .unlocked_ioctl = pi_led_ioctl,
 .release = pi_led_release,
};

这里就让open函数对应到pi_led_open函数,ioctl函数对应到pi_led_ioctl函数;

然后我们就只需要编写相应的pi_led_open以及pi_led_ioctl;这些函数里面的操作就是最底层的GPIO操作,和单片机是一样的.

三  GPIO操作

内核里面的GPIO操作函数,被定义在#include <linux/gpio.h>,这个头文件里面,树莓派官方做好了树莓派的GPIO在内核里面的注册,所以调用gpio.h里面的函数即可进行树莓派的GPIO操作.

1
gpiochip = gpiochip_find("bcm2708_gpio", is_right_chip);

通过上面这个函数把内核的GPIO操作和BCM2708的GPIO操作关联起来;

bcm2708的操作可以查看/arch/arm/mach-bcm2708/bcm2708_gpio.c文件,具体也是对内存地址的操作:

1
2
3
4
5
6
7
8
9
10
11
12
13
#define GPIOFSEL(x) (0x00+(x)*4)
#define GPIOSET(x) (0x1c+(x)*4)
#define GPIOCLR(x) (0x28+(x)*4)
#define GPIOLEV(x) (0x34+(x)*4)
#define GPIOEDS(x) (0x40+(x)*4)
#define GPIOREN(x) (0x4c+(x)*4)
#define GPIOFEN(x) (0x58+(x)*4)
#define GPIOHEN(x) (0x64+(x)*4)
#define GPIOLEN(x) (0x70+(x)*4)
#define GPIOAREN(x) (0x7c+(x)*4)
#define GPIOAFEN(x) (0x88+(x)*4)
#define GPIOUD(x) (0x94+(x)*4)
#define GPIOUDCLK(x) (0x98+(x)*4)

这里定义的就是相应的GPIO寄存器的地址.

四  测试程序

ssh进入树莓派,在主目录下新建led.c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#include<stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <sys/ioctl.h>
 #include <sys/time.h>
 int main(int argc, char **argv)
 {
 int on;
 int led_no;
 int fd;
 int i;
fd = open("/dev/pi_led", 0);
 if (fd < 0) {
 fd = open("/dev/pi_led", 0);
 }
 if (fd < 0) {
 perror("open device led");
 exit(1);
 }
for(i=0;i<=20;i++){
on = i%2;
ioctl(fd, on, led_no);
sleep(1);
}
close(fd);
return 0;
}

Center

加载postgres模块后apache无法启动

想在本地搭建一个PostgreSQL的运行环境,完成之后,始终在apache/php环境无法加载postgresql模块。启动的时候无法加载libpq.dll,将postgresql的libpq拷贝到php目录无效,拷贝到windows目录无效,拷贝到windows\system32目录也无效,只好在网上找解决方法。搜到以下方法:

refering to the libpq.dll that comes bundled with PHP, like this:

LoadFile “C:/php/libpq.dll”

(原文地址:http://stackoverflow.com/questions/551734/php-not-loading-php-pgsql-dll-on-windows)

在http.conf文件中增加这一行,完美解决。其实这个答案之前有混淆的问题,比如加载pg目录的libpq.dll,似乎无效,只能用php目录里面自带的libpq.dll。

Firefox 调试 插件/扩展

在一个项目中要开发一个firefox的扩展,结果一直没找到好的调试方法,痛苦的要命。之前在网上找到用chromebug,试了很多次都没有成功,只好在代码里面用代码打印到控制台。

项目已经过去了很久,最近需要修改点代码,重新遇到调试的问题,在网上又搜了一遍,找到了一个方法,测试了一下,居然可以设置断点调试了,可喜可贺。

方法就是修改firefox的设置,在地址栏输入about:config,然后允许chrome调试和远程调试:

devtools.chrome.enable => true

devtools.debugger.remote-enable => true

然后在firefox里Tools > Web Developer > Browser Console.,打开调试窗口,里面有个debugger,这里就可以开始了。

 

以下是原文和地址

http://stackoverflow.com/questions/17547364/how-to-debug-a-firefox-extension-with-chromebug/17579253#17579253

Update April 2014: The browser debugger is now integrated in the “Browser Toolbox” and you no longer need to set about:config prefs. Just use the developer tools configuration/settings panel: “enable chrome debugging” and “enable remote debugging”. The “Browser Toolbox” will then be available in the developer tools panel.

Chromebug has not worked for me for many months. I think it’s just been silently abandoned but thankfully on Firefox 19 or later, it’s possible to use the built-in JS debugger on the browser itself. Go to about:config and set the following two prefs:

devtools.chrome.enabled: true
devtools.debugger.remote-enabled: true

After you restart the browser, the Web Developer menu will contain a “Browser Debugger” entry.

More info here: https://developer.mozilla.org/en/docs/Debugging_JavaScript

If possible, I’d suggest using Aurora for your debugging because the built-in debugger was a little limited when first launched and keeps getting better with every release.

Arduino学习笔记A11 – Arduino模拟电脑键盘(基于AVR-USB的USB-HID设备) [转]

Arduino模拟电脑键盘(基于AVR-USB的USB-HID设备)

关于此帖子的其他讨论,还可以看看
http://geek-workshop.com/thread-2303-1-1.html
http://geek-workshop.com/thread-2310-1-1.html

键盘作为经典的输入设备,使用在很多互动中都有特别的优势,比如我们可以通过键盘直接给flash传递按键事件。而无需通过串口之类的特殊接口,虽然我们可以拆一个传统的键盘,然后将里面的按键引出来,但是这样有一个缺点,就是键值不能动态改变并且不能一次多键。使用模拟键盘的话,我们就可以随意在程序设置按键的时间和键值。比如本文的例子就是按下一个按键,模拟键盘就在电脑输入“HELLO WORLD”。

硬件部分:
材料清单:
Arduino x1
68Ω电阻 x2 (没有68Ω的话,用50~100Ω电阻也行)
2.2kΩ电阻 x1 (没有2.2kΩ的话,用1.5k~2.2k电阻也行)
USB连接线(一端是USB口,另一端是电线) x1
3.6v 稳压管(建议选用功耗0.25~0.5w的)x2
194146uld4tdhd1b111w9d1942021gy6n1v41yne26ia

电路原理图:
120616mer6qi8i8smt5qs6
电路图解说:
1、两个68Ω的电阻起到限流和保护作用,防止在意外情况下损坏计算机的USB端口或单片机的端口。
2、2.2kΩ电阻是上拉电阻,用于分辨总线状态。如果上拉电阻接于D+和+5v端则是高速USB设备,接于D-与+5v端,则是低速设备。此处键盘传输速率不高,接到D-作为低速设备即可。
3、D+和D-上的3.6V稳压二极管D1和D2起到限制数据线上的电平的作用。因为在USB规范中规定数据线D+和D-上的电平范围是3.0V至3.6V,而AVR单片机的输出电平是Vcc。如果单片机的Vcc是5V,在没有D1和D2的情况下将造成电平不匹配,会造成在很多计算机中无法正确识别出USB设备。如果用户系统的Vcc在3.0V至3.6V之间,就可以省略这两个稳压二极管。从这里也可以看出用户系统的Vcc必须高于3V。
4、由于低速AVRUSB所需要的是1.5MHz时钟,而单片机每8条指令就能精确完成一个数据位的采集。所以AVRUSB最小单片机时钟频率是12MHz。并且可以使用的时钟频率有12MHz、12.8MHz、15MHz、16MHz、16.5MHz、20MHz,其他的不支持。所以如果使用最小系统制作此模拟键盘的话8MHz的话,ATMega8L不能用。
————————
软件部分:

Arduino支持库文件:
http://soft1.wmzhe.com/download/ … ino/UsbKeyboard.zip
UsbKeyboard.zip (112.45 KB, 下载次数: 1421)
文件下载后解压到arduino编译器的libraries文件夹下面。

注意:

1、UsbKeyboard库中,usbconfig.h里面可以更改USB接线的引脚定义,下面给出一个大概解释(下面的PORTD是指AVR单片机的PORTD,要查询Arduino原理图才能得到是Arduino的哪个引脚):

#define USB_CFG_IOPORTNAME D
USB输入输出引脚使用AVR单片机的PORTD,如果改成B就是使用PORTB
#define USB_CFG_DMINUS_BIT 4
USB的D-接PORTD的第四位PD4,对应Arduino D4
#define USB_CFG_DPLUS_BIT  2
USB的D+接PORTD的第二位PD2,对应Arduino D2
#define USB_CFG_PULLUP_IOPORTNAME D
USB上拉引脚使用AVR单片机的PORTD,如果改成B就是使用PORTB
#define USB_CFG_PULLUP_BIT  5
USB的上拉电阻接PORTD的第五位PD5,对应Arduino  D5

2、在UsbKeyboard库的UsbKeyboard.h里面,有关于模拟键值的表
#define KEY_A       4
#define KEY_B       5
#define KEY_C       6
#define KEY_D       7
#define KEY_E       8
等。但不齐全。经过测试,其实这个键盘基本可以模拟几乎所有键值(Power,Sleep,Pause似乎不能)。
比如方向键右左下上分别对应79,80,81,82数字。即写成
UsbKeyboard.sendKeyStroke(79);
UsbKeyboard.sendKeyStroke(81);
等。由于整理比较麻烦,大家可以自己下载个KeyboardTest软件测试不同数字下面的键值。

程序示例:
下面的例子演示了用Arduino虚拟键盘的应用例子。打开记事本,然后将Arduino的D12引脚和GND连起来,就会打印HELLO WORLD字样。

ARDUINO 代码复制打印

  1. /*
  2. Arduino模拟键盘 by Ansifa
  3. 2012.6.8
  4. 功能描述:插上此模拟键盘,打开记事本,然后按下按钮,即可在记事本打印出HELLO WORLD字样
  5. 接线方法:
  6. <img src=”http://www.geek-workshop.com/forum.php?mod=image&aid=5359&size=300×300&key=e9fa5559e6d5724d51f770bc6c55b941&nocache=yes&type=fixnone” border=”0″ aid=”attachimg_5359″ alt=””>
  7. Arduino D2接68Ω电阻后,接USB线D+
  8. Arduino D4接68Ω电阻后,接USB线D-
  9. Arduino D5接2.2kΩ电阻后,接USB线D-
  10. Arduino D2接3.6v稳压管到GND
  11. Arduino D4接3.6v稳压管到GND
  12. +5v接USB线VCC
  13. GND接USB线GND
  14. Arduino D1接一个开关到GND
  15. 附:USB线序颜色(由于各生产厂不同,不一定准确,仅供参考)
  16. *USB键鼠:      |        *USB接口
  17. 白<->VCC        |        红<->VCC
  18. 橙<->D-         |        白<->D-
  19. 绿<->D+         |        绿<->D+
  20. 蓝<->GND        |        黑<->GND
  21. */
  22. #include “UsbKeyboard.h”
  23. int KEYPIN = 1;                //按键接在D1引脚,也可以改成任何引脚
  24. void setup()
  25. {
  26.   TIMSK0 &= !(1 << TOIE0);        //
  27.   pinMode(KEYPIN, INPUT);
  28.   digitalWrite(KEYPIN, HIGH);
  29. }
  30. void loop()
  31. {
  32.   UsbKeyboard.update();
  33.   if(digitalRead(KEYPIN) == HIGH)
  34.   {
  35.     delay(100);
  36.     if(digitalRead(KEYPIN) == LOW)
  37.     {
  38.       UsbKeyboard.sendKeyStroke(KEY_H);
  39.       UsbKeyboard.sendKeyStroke(KEY_E);
  40.       UsbKeyboard.sendKeyStroke(KEY_L);
  41.       UsbKeyboard.sendKeyStroke(KEY_L);
  42.       UsbKeyboard.sendKeyStroke(KEY_O);
  43.       UsbKeyboard.sendKeyStroke(KEY_SPACE);
  44.       UsbKeyboard.sendKeyStroke(KEY_W);
  45.       UsbKeyboard.sendKeyStroke(KEY_O);
  46.       UsbKeyboard.sendKeyStroke(KEY_R);
  47.       UsbKeyboard.sendKeyStroke(KEY_L);
  48.       UsbKeyboard.sendKeyStroke(KEY_D);
  49.       UsbKeyboard.sendKeyStroke(KEY_ENTER);
  50.     }
  51.   }
  52. }

注意,先插上Arduino数据线,将程序写入Arduino。然后拔掉数据线,将模拟键盘USB线接到电脑,即可使用。

下面随便点实物图

刚焊好的正反面
194204xv880393zvisyxn32154270440zvdpvvocmaqc

插数据线写程序进Arduino:
1941595x18zxgzaan1fgk5

转自http://www.geek-workshop.com/thread-1137-1-1.html, 版权归原作者所有