I read how Networks Are Connected and two HTTP related columns while I was out of work.
On the one hand to supplement professional knowledge, on the other hand to prepare for the job interview.
To avoid forgetting, draw a picture of XMind:
There are too many questions worth going into, so I'll start with them today:
1. More than one handshake
In the early days of network transmission, it was there
TCPThe protocol required a "handshake" process, but earlier protocols had a drawback: communication could only be initiated by the client, rather than the server actively pushing information to the client.
The WebSocket protocol was born in 2008 and became an international standard in 2011. All browsers already support it.
With the improvement of SSL/TLS, HTTPS, a secure version of the network protocol that has existed for a long time, has also exploded.
Finally, the protocol handshake of the front end is divided into three parts:
TCPThree handshakes, go
WebSocketShake hands, based on
TCPProtocols, it all works.
TCPThe ultimate meaning of the three-way handshake
In my previous post: "Maka Warning" relearning TCP/IP and the three-way handshake
I also talked at length about the TCP three-way handshake, but at the time I didn't fully realize its implications.
Just like everyone else, they remember it before the interview and forget it afterwards.
Until I saw this quote from How The Web Is Connected:
** In actual communication, serial numbers do not start with 1, but need to calculate an initial value with random number, because
If the serial numbers all start at 1, the communication process is very predictable, and someone can use that to launch an attack. 台湾国
** But if the initial value is random, then the other party will not know whether the serial number is from
So you need to inform the communication object of the initial value before you start sending and receiving data. 台湾国
You taste, you fine taste. Isn't shaking hands three times just a way of testing each other's signals to make sure it's the right person?
2.1 Knowledge Supplement: The maximum length of a network packet
The stack calculates how much data each network packet can hold based on a parameter called MTU.
MTU Indicates the maximum length of a network packet. On Ethernet, it is 1500 bytes
MTUIs the total length of the containing header, so it needs to be from
MTUSubtract the length of the header, and the resulting length is the maximum length of data that can fit in a network packet, which is called
It can be seen from the above two figures that the MSS value is 1460 (1500-40) bytes, where:
TCPFixed to the head
IPFixed to the head
TCPThe longest head can be reached
HTTPSThe core of the
HTTPS is a "very simple" protocol. The RFC document is only seven pages long, specifying the new protocol name "HTTPS", the default port number 443, and the rest of the request-reply mode, packet structure, request method, URI, header field, connection management, and so on, all follow HTTP. There's nothing new. ---- Perspective HTTP Protocol
Interested can look at here: link: tools.ietf.org/html/rfc281...
TLS/SSLWhat is it?
A lot of people get confused when they see TLS/SSL. In fact, these two things are the same thing:
1999 renamed SSL 3 === TLS 1.0
The most widely used is TLS 1.2:
TLS is composed of several sub-protocols, such as recording protocol, handshake protocol, warning protocol, password change protocol and extension protocol. It uses many cutting-edge cryptography technologies, such as symmetric encryption, asymmetric encryption and identity authentication.
TLS/SSL is located between the application layer and transport layer TCP. TLS can be roughly divided into two layers:
TLS Handshaking Protocols near the application layer
TLS Record Protocol, a Record layer Protocol close to TCP
This is too much to write, but let's focus on the TLS handshake.
When does a TLS handshake occur? :
- Every time a user passes
HTTPSThis happens when you navigate to the site and the browser first starts querying the site's original server
- Whenever any other communication is used
HTTPSQuery on DNS), also occurs
- Occurs when a TCP connection is opened through a TCP handshake
What happens during a TLS handshake?
During the TLS handshake, the client and server perform the following operations together:
- Specify the TLS version to be used (TLS 1.0, 1.2, 1.3, etc.)
- Determine which encryption suites will be used.
- The server is authenticated by its public key and the digital signature of the SSL certificate authority
- After the handshake is complete, the session key is generated to use symmetric encryption
Encryption suite determines the handshake:
There are two main handshake types in TLS: one based on RSA and one based on Diffie-Hellman. The main difference between the two handshake types is in master key exchange and authentication.
|The secret key exchange||The authentication|
The main handshake types are based on RSA, so this tutorial is based on RSA.
The whole process is shown in the figure below:Specific process description:
- The client
hello: The client initiates a handshake by sending a greeting message to the server. The message will include the client-supported version of TLS, the supported encryption suite, and a random byte string called "client-side randomness."
- The server
hello: indicates the reply client
helloMessage, the server sends a message containing the server's
SSLThe certificate, the encryption suite chosen by the server, and the "server random number," another random byte string generated by the server.
- The client sends a pre-master key encrypted with a public key.
- The server decrypts the encrypted pre-master key with its own private key.
- The client
finished: The client sends a done message, which is encrypted with the session key.
- The server
finished: The server sends a done message encrypted with the session key.
- The client
- The handshake is completed, followed by master key encryption and decryption.
Only encryption suite, explain the need to have a packet capture basis. Some other time, some other time I will...
The WebSocket protocol is relatively simple to implement. It uses the HTTP protocol for the initial handshake. After a successful handshake, the connection is established and the WebSocket basically reads/writes data using raw TCP.
The diagram in The book Diagrams of HTTP makes it clear:
The specific steps are as follows:
- Client request:
GET /chat HTTP/1.1 Host: server.example.com Upgrade: websocket Connection: Upgrade Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw== Sec-WebSocket-Protocol: chat, superchat Sec-WebSocket-Version: 13 Origin: http://example.com Copy the code
- Server response:
HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: HSmrc0sMlYUkAGmm5OPpG2HaGWk= Sec-WebSocket-Protocol: chat Copy the code
WebsocketFull duplex communication
Websocket protocol solves the problem of full duplex communication between server and client.
So what is simplex, half duplex, full duplex communication?
|simplex||Unidirectional transmission of information|
|Half duplex||Information can be sent both ways, but not simultaneously|
|Full duplex||Information can be sent both ways simultaneously|
SocketThe difference between
Can put the
SocketWhat kind of relationship,
SocketIt's a relationship.
HTTPThe relationship between
- It's all based on the same
TCPAll are reliability transport protocols.
- Both are application layer protocols.
The difference between
WebSocketIt's a two-way communication protocol, analog
SocketProtocol that can send or receive messages in both directions.
HTTPIt's one way.
WebSocketA handshake is required to establish a connection.
Socket is the intermediate software abstraction layer of communication between application layer and TCP/IP protocol family. It is a group of interfaces.
In the design mode, Socket is actually a facade mode, it hides the complex TCP/IP protocol family behind the Socket interface, for the user, a simple set of interfaces is all, let the Socket to organize data to conform to the specified protocol.
4.3 Expanding knowledge:
Socket.IOSeven tiers downgraded
Java SpringAnd so on,
websocketHave a set of implementations
Socket.IO consists of two parts:
- A server for integrating (or mounting) to
- A client loaded into a browser:
Many people think socket. IO is just WebSocket and XHR long polling.
In fact, socket. IO has a number of transport mechanisms:
FlashSocket 3. XHR long Polling 4. XHR part split: Multipart /form-data 5. XHR polling 6Copy the code
Thanks to so many transport mechanisms, socket. IO compatibility is nothing to worry about.
HTTPThe core difference between
What is a Socket? One thing I forgot to mention:
There are two key differences between HTTPS and HTTP:
HTTPThe underlying transport protocol is defined by
TCP/IPReplaced with a
- Incoming and outgoing messages are no longer in use
Socket APIInstead, call a specialized security interface.
HTTPSThe protocol needs to be
CAApplication certificate, generally free certificate is very few, need to pay a fee.
HTTPIt's hypertext transfer protocol, information is in clear text,
HTTPSIs a secure SSL encrypted transport protocol.
httpsThey're using a completely different connection, and they're using a different port. The former is
80, which is
HTTPThe connection is simple and stateless.
HTTPSAgreement is made
SSL+HTTPProtocol a network protocol built for encrypted transmission and identity authentication
Postscript and citations
This article draws on numerous sources and columns:
1. Details of THE SSL Handshake process in HTTPS
In my brain map, I have summarized 8 kinds
As a front end to a career change, understanding these HTTP processes is both painful and fun. Want to brain map can scan code plus me, or public number reply: HTTP
❤️ Read three things
If you find this article inspiring, I'd like to invite you to do me three small favors:
- Like, so that more people can see this content (collection does not like, is a rogue -_-)
- Pay attention to "front-end persuaders" and share original knowledge from time to time.
- Look at other articles as well
Personal wechat: Huab119
You can also get all the posts from my GitHub blog:
Front-end persuasion guide: github.com/roger-hiro/... Let's play. ~