3月 19

打算写一个持续构建的工具,做一点技术储备

首先需要获取最新代码

引用dll

C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\ReferenceAssemblies\v2.0
        
Microsoft.TeamFoundation.Client.dll
Microsoft.TeamFoundation.dll
Microsoft.TeamFoundation.VersionControl.Client.dll
Microsoft.TeamFoundation.WorkItemTracking.Client.dll

配置信息

InitInfo initInfo = new InitInfo()
{
    TFSUrl = System.Configuration.ConfigurationManager.AppSettings["TFSUrl"],
    UserName = System.Configuration.ConfigurationManager.AppSettings["TFSUserName"],
    Password = System.Configuration.ConfigurationManager.AppSettings["TFSPassword"],
    Workspace = "OceanTFSWorkspace",
    ProjectName = DataBase.NameSpace,
    WebSite = System.Configuration.ConfigurationManager.AppSettings["WebSitePath"],
    LocalFolder = System.Configuration.ConfigurationManager.AppSettings["TFSLocalPath"],
    WorkspaceOwner = System.Configuration.ConfigurationManager.AppSettings["TFSUserName"],
};
initInfo.LocalFolder += initInfo.ProjectName;
initInfo.WebSite += initInfo.ProjectName;

获取最新代码

//链接服务器
var tfs = new TfsTeamProjectCollection(
         new Uri(initInfo.TFSUrl),
         new NetworkCredential(initInfo.UserName, initInfo.Password));
        
        
//创建映射
var versionControlServer = (VersionControlServer)tfs.GetService(typeof(VersionControlServer));
var workspace = versionControlServer.TryGetWorkspace(initInfo.LocalFolder);
if (workspace == null)
{
    workspace = versionControlServer.CreateWorkspace(initInfo.Workspace,
        (tfs.Credentials as NetworkCredential).UserName);
}
else
{
    workspace = versionControlServer.GetWorkspace(initInfo.Workspace, initInfo.WorkspaceOwner);
}
workspace.Map("$/" + initInfo.ProjectName, initInfo.LocalFolder); 
        
        
//获取最新代码
versionControlServer.DeleteWorkspace(initInfo.Workspace, (tfs.Credentials as NetworkCredential).UserName); 
Workspace ws = versionControlServer.CreateWorkspace(initInfo.Workspace,
    (tfs.Credentials as NetworkCredential).UserName);
ws.Map("$/" + initInfo.ProjectName, initInfo.LocalFolder);
        
string item = "$/" + initInfo.ProjectName;
GetStatus s1 = ws.Get(new GetRequest(new ItemSpec(item,
    RecursionType.Full), VersionSpec.Latest
    ), GetOptions.GetAll | GetOptions.Overwrite);

获取代码这块改一下

//链接服务器
               var tfs = new TfsTeamProjectCollection(
                        new Uri(initInfo.TFSUrl),
                        new NetworkCredential(initInfo.UserName, initInfo.Password));
  
               VersionControlServer version = tfs.GetService(typeof(VersionControlServer)) as VersionControlServer;
  
              
               Workspace workspace;
               Workspace[] wss = version.QueryWorkspaces(initInfo.Workspace, initInfo.WorkspaceOwner, Environment.MachineName);//查询工作区
               if (wss.Length == 0)
               {
                   workspace = version.CreateWorkspace(initInfo.Workspace);//创建工作区
               }
               else
               {
                   workspace = wss[0];
               }
              
  
             workspace.Map("$/" + initInfo.ProjectName, initInfo.LocalFolder);
  
  
             Response.Write("正在获取最新代码!!! <br />");
             Response.Flush();
  
  
             //获取最新代码
           version.DeleteWorkspace(initInfo.Workspace, (tfs.Credentials as NetworkCredential).UserName);
             Workspace ws = version.CreateWorkspace(initInfo.Workspace,
                 (tfs.Credentials as NetworkCredential).UserName);
             ws.Map("$/" + initInfo.ProjectName, initInfo.LocalFolder);
  
             string item = "$/" + initInfo.ProjectName;
             GetStatus s1 = ws.Get(new GetRequest(new ItemSpec(item,
                 RecursionType.Full), VersionSpec.Latest
                 ), GetOptions.GetAll | GetOptions.Overwrite);
  
  
             Response.Write("正在编译发布代码!!! <br />");
             Response.Flush();

编译bat文件,主要是使用MSbuild实现编译

C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSbuild.exe F:\TFS\iTrazV2.sln /p:Configuration=Release /p:WebProjectOutputDir=F:\TFS\Out /p:OutputPath=F:\TFS\Out\bin

最后,是.net调用bat文件

ProcessStartInfo start = new ProcessStartInfo("cmd.exe");
start.CreateNoWindow = true;//不显示dos命令行窗口
start.RedirectStandardOutput = true;//
start.RedirectStandardInput = true;//
start.UseShellExecute = false;//是否指定操作系统外壳进程启动程序
start.FileName = @"F:\TFS\b.bat";
Process p = new Process();
p.StartInfo = start;
p.Start();
       
StreamReader reader = p.StandardOutput;//截取输出流
string line = reader.ReadLine();//每次读取一行
while (!reader.EndOfStream)
{
    line = reader.ReadLine();
    Console.WriteLine(line);
}
p.WaitForExit();//等待程序执行完退出进程
p.Close();//关闭进程
reader.Close();//关闭流
       
Console.Read();

然后写bat文件拷贝到iis指定目录,基本就这样了.

written by ocean

3月 17

好久没写blog了,最近实在太多事情了.

大多网站基本都会有用户系统, 在经历了之前csdn的密码泄露风波之后,应该不会有人再明文存储密码了吧

一般做法是 用户表中 存储加密 之后的密码. 当用户登录 的时候 相同算法加密用户的 输入,然后比较 和数据库中加密 后的密码是否 一致来实现鉴权.

一般加密 是用md5加密

/// <summary>
/// MD5
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
private static string MD5(string password)
{
    System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
    byte[] bs = System.Text.Encoding.UTF8.GetBytes(password);
    bs = md5.ComputeHash(bs);
    System.Text.StringBuilder s = new System.Text.StringBuilder();
    foreach (byte b in bs)
    {
        s.Append(b.ToString("x2"));
    }
    return s.ToString();
}

然而,现在cmd5,彩虹表等可以实现反向 查询,简单的md5依然不够 安全

因此,大多再会加一点 调料,盐. 也就是盐值,

/// <summary>
/// MD5+Salt
/// </summary>
/// <param name="rawPass"></param>
/// <param name="salt"></param>
/// <returns></returns>
public static string MD5(string password, string salt)
{
    if (salt == null)
    {
        throw new Exception("salt is null");
    }
    return MD5(password + "{" + salt + "}");
}

当然, 盐值不是 无敌的, 但是盐值可 加大密文的 破解难度.

盐值一般 是选择一段 随机数,  最终库中存入的是 密文和盐值 本身

如果为了 省事,也可以用 userid等不会 变更的值做盐值

再记录一下对称加密

        private static string Encrypt(string input, string sKey = "ascend12", string sIV = "ascend12")
        {
            StringBuilder ret = new StringBuilder();
            using (DESCryptoServiceProvider des = new DESCryptoServiceProvider())
            {
                byte[] inputByteArray = Encoding.UTF8.GetBytes(input);
                des.Key = ASCIIEncoding.UTF8.GetBytes(sKey);
                des.IV = ASCIIEncoding.UTF8.GetBytes(sIV);

                using (MemoryStream ms = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(inputByteArray, 0, inputByteArray.Length);
                        cs.FlushFinalBlock();
                    } 
                    foreach (byte b in ms.ToArray())
                        ret.AppendFormat("{0:X2}", b);
                }
            } 
            return ret.ToString();
        }


        private static string Decrypt(string input, string sKey = "ascend12", string sIV = "ascend12")
        {
            using (DESCryptoServiceProvider des = new DESCryptoServiceProvider())
            {

                byte[] inputByteArray = new byte[input.Length / 2]; 
                for (int x = 0; x < input.Length / 2; x++)
                {
                    int i = (Convert.ToInt32(input.Substring(x * 2, 2), 16));
                    inputByteArray[x] = (byte)i;
                } 
                des.Key = ASCIIEncoding.UTF8.GetBytes(sKey);
                des.IV = ASCIIEncoding.UTF8.GetBytes(sIV);
                using (MemoryStream ms = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write))
                    { 
                        try
                        {
                            cs.Write(inputByteArray, 0, inputByteArray.Length);
                            cs.FlushFinalBlock(); 
                            return System.Text.Encoding.Default.GetString(ms.ToArray());
                        }
                        catch (CryptographicException)
                        { 
                            return "N/A";
                        }
                    }
                }
            }
        }

written by ocean