WO2023273719A1 - Upgrade method and apparatus under mesh networking - Google Patents

Upgrade method and apparatus under mesh networking Download PDF

Info

Publication number
WO2023273719A1
WO2023273719A1 PCT/CN2022/095181 CN2022095181W WO2023273719A1 WO 2023273719 A1 WO2023273719 A1 WO 2023273719A1 CN 2022095181 W CN2022095181 W CN 2022095181W WO 2023273719 A1 WO2023273719 A1 WO 2023273719A1
Authority
WO
WIPO (PCT)
Prior art keywords
sub
upgrade
browser
router
temporary
Prior art date
Application number
PCT/CN2022/095181
Other languages
French (fr)
Chinese (zh)
Inventor
陈洋
王洪磊
张彬
李雨婷
曲磊磊
苗治培
Original Assignee
烽火通信科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 烽火通信科技股份有限公司 filed Critical 烽火通信科技股份有限公司
Priority to BR112023011152A priority Critical patent/BR112023011152A2/en
Priority to MX2023007951A priority patent/MX2023007951A/en
Publication of WO2023273719A1 publication Critical patent/WO2023273719A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Definitions

  • the invention belongs to the technical field of route upgrade, and more specifically relates to an upgrade method and device in a mesh network.
  • Mesh networking is a new type of wireless local area network, which consists of a main routing device and multiple sub-routing devices (represented by main routing and sub-routing later).
  • the upgrade method of the web for each sub-router is roughly as follows: first, the browser transmits the upgrade file to the main router, Then, the main router distributes the upgrade file to each sub-router, thereby realizing the upgrade of each sub-router.
  • this will lead to low upgrade efficiency. If multiple sub-routes are connected to the main route, the upgrade time will be longer and the upgrade performance will be poor.
  • the present invention provides an upgrade method and device under mesh networking, the purpose of which is to realize parallel upgrade of one-to-many sub-routes by separating the transmission of upgrade files and control commands
  • This model can effectively improve the upgrade efficiency, thereby solving the technical problems of insufficient upgrade performance, complex implementation and poor security of existing upgrade solutions.
  • an upgrade method under mesh networking including:
  • the main route After the main route receives the sub-routing upgrade request submitted by the browser, it generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and transmits the browser IP, the temporary authentication token and the temporary port For each sub-routing;
  • each sub-router After receiving the instruction of the main route, each sub-router starts the corresponding temporary port and waits for the browser to transmit the upgrade file, and returns the start success information to the main route;
  • the main router After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser sends the The upgrade file is transferred to the corresponding sub-router;
  • the sub-router performs authentication based on the temporary authentication token and the browser IP, and performs an upgrade based on the upgrade file after successful authentication.
  • the main route After receiving the sub-routing upgrade request submitted by the browser, the main route generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and sends the browser IP, the temporary authentication token and The temporary port is transmitted to each sub-router, specifically including:
  • the browser is connected to the main route, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries a browser IP;
  • the main route After receiving the upgrade request of the sub-routes, the main route generates a temporary authentication token for this upgrade, and specifies temporary ports for receiving upgrade files for each sub-router respectively;
  • the main router transmits the browser IP, the temporary authentication token and the temporary port to each sub-router respectively through the bottom interface.
  • the browser connecting to the main route specifically includes: the browser connecting to the web server on the main route through https protocol.
  • the sub-routes upgrade request is to upgrade some or all sub-routes in the mesh network; wherein, when upgrading some sub-routes in the mesh network, the sub-routes upgrade request carries There are sub-routing IPs of each sub-routing that needs to be upgraded.
  • the method for generating the temporary authentication token specifically includes: using an encryption algorithm to encrypt the user information logging into the browser and the expiration time to form the temporary authentication token.
  • the main router After receiving the startup success message returned by the sub-router, the main router sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser according to The received information will transmit the upgrade file to the corresponding sub-router, including:
  • the main router After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser according to the browser IP, and notifies all The browser transmits the upgrade file for the corresponding sub-routes;
  • the browser transmits the upgrade file to the corresponding sub-router through the websocket protocol according to the received sub-router IP and the temporary port; wherein, the upgrade file carries the temporary authentication token and The browser IP.
  • the sub-routing is authenticated based on the temporary authentication token and the browser IP, and after successful authentication, it is upgraded based on the upgrade file, specifically:
  • the sub-router After the sub-router receives the upgrade file sent by the browser, it extracts the temporary authentication token and the browser IP from the upgrade file;
  • the sub-router compares whether the temporary authentication token sent by the browser is consistent with the temporary authentication token sent by the main route, and whether the browser IP sent by the browser is consistent with the browser IP sent by the main route. Whether the browser IP is consistent;
  • the authentication is successful, and the sub-routes are upgraded based on the upgrade file.
  • the method further includes:
  • the main router After the sub-routes are successfully upgraded according to the received upgrade file, the main router sends an upgrade end command to the browser and the corresponding sub-routes to end the upgrading process of the corresponding sub-routes.
  • a websocket server is configured on the sub-routes, and when the sub-routes are successfully upgraded according to the received upgrade file, the main route sends an upgrade end command to the browser and the corresponding sub-routes , to end the upgrade process of the corresponding sub-routes, specifically:
  • the sub-router judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result;
  • the main route sends an upgrade end command to the browser and the sub-router, notifies the sub-router to destroy the corresponding temporary authentication token and closes the corresponding websocket server, and notifies the browser to close the websocket client , end the upgrade process of the sub-routing;
  • the main router notifies the browser to retransmit the upgrade file to the sub-router until the sub-router is upgraded successfully or the number of times of transmission reaches the maximum number of retransmissions.
  • an upgrade device under mesh networking including a browser, a main router and at least two sub-routes;
  • the browser is used to connect to the main route, and submit a sub-route upgrade request to the main route; at the same time, after receiving the message sent by the main route, the upgrade file is transmitted to the sub-router;
  • the main route is used to generate a temporary authentication token and each sub-routing is used to receive the temporary port of the upgrade file after receiving the sub-routing upgrade request, and the browser IP, the temporary authentication token and the temporary The port is transmitted to each sub-router; at the same time, after receiving the startup success message returned by the sub-router, send the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and notify the browser
  • the device transmits the upgrade file;
  • the sub-router is used to start the corresponding temporary port after receiving the instruction of the main route, wait for the browser to transmit the upgrade file, and return the startup success information to the main route; After receiving the upgrade file sent by the browser, perform authentication based on the temporary authentication token and the browser IP, and perform upgrade based on the upgrade file after successful authentication.
  • the above technical solution conceived by the present invention has the following beneficial effects:
  • the upgrade file transmission from the browser to the sub-router is changed from the transfer of the main route to the browsing
  • the upgrade delay is greatly reduced, and the implementation is simpler and the security performance is improved; at the same time, the transmission of the upgrade file and the transmission of the control command are separated, that is, the control command is transmitted from the main router to the sub-router, and only the browser and the sub-router are connected.
  • the upgrade file is transmitted, and the one-to-many sub-routes parallel upgrade mode is realized, which effectively improves the upgrade efficiency; and because the sub-routes do not need a web server, the risk of sub-routes being attacked is reduced, and the lack of upgrade performance of the existing upgrade scheme is solved. Complex and poorly secured technical issues.
  • FIG. 1 is a diagram of an upgrade device under a mesh networking provided by an embodiment of the present invention
  • Fig. 2 is a flow chart of an upgrade method under a mesh networking provided by an embodiment of the present invention
  • Fig. 3 is a specific implementation flowchart of an upgrade under a mesh networking provided by an embodiment of the present invention
  • Fig. 4 is an upgrade data flow diagram in a mesh networking provided by an embodiment of the present invention.
  • the symbol “/” means that it has two functions at the same time
  • the symbol “A and/or B” indicates that the combination between the front and back objects connected by the symbol includes “A”, “ B", “A and B” three situations.
  • the embodiment of the present invention provides an upgrade under mesh networking method.
  • the control command is mainly transmitted between the browser and the main router, and between the main router and each sub-router, while the upgrade file is transmitted by the browser to each sub-router.
  • the route upgrade method provided by the embodiment of the present invention mainly includes:
  • Step 101 after the main route receives the sub-routing upgrade request submitted by the browser, it generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and sends the browser IP, the temporary authentication token and the Ephemeral ports are transmitted to each sub-router.
  • the specific process is as follows:
  • the browser connects to the main route, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries the browser IP, so that all The above main route is used for browser identification.
  • the process of the browser connecting to the main route may specifically be: the browser connects to the web server on the main route through the http encryption protocol.
  • the http encryption protocol can specifically use the https protocol, that is, the ssl (security socket layer, i.e. secure socket layer) encryption protocol of http; of course, other suitable encryption protocols can also be used. This is not specifically limited.
  • the main router After receiving the upgrade request of the sub-routes, the main router generates a temporary authentication token for this upgrade, and specifies temporary ports for receiving upgrade files for each sub-router. Specifically, after the main router receives the sub-router upgrade request, it starts the sub-router upgrade control process, and the first step of the sub-router upgrade control process is to generate a temporary authentication token for this upgrade, that is, a temporary
  • the specific generation method of the authentication token can be: using an encryption algorithm to encrypt the user information and the expiration time for logging into the browser to form the temporary authentication token, which is used in data communication, that is, a certain object receives the temporary authentication token. After the token is authenticated, decryption verification can be performed to ensure communication security.
  • the main route also designates a temporary port for each sub-router to receive the upgrade file.
  • the temporary port can be randomly designated to prevent attacks by port scanning software and increase communication security. For example, it can be used
  • the random function randomly generates ports between 40000 and 50000.
  • the basic principle is as long as they do not overlap with existing ports in the system.
  • the main router transmits the browser IP, the temporary authentication token, and the temporary port to each sub-router through the underlying interface.
  • the bottom layer interface is equivalent to a logical management channel, which can be implemented by using a commonly used communication protocol between the main and sub-routes, and is not specifically limited here.
  • the main route usually transmits the information of the browser IP, the temporary authentication token and the temporary port to the corresponding sub-routes in the form of instructions.
  • the sub-route upgrade request may be to upgrade all sub-routes in the mesh network, or to upgrade some sub-routes in the mesh network.
  • the browser has interacted with the main route before, and the topology information of each sub-router is drawn, so the browser is to save There are IPs of each sub-routes; after the user logs in the browser, the IPs of the sub-routes that need to be upgraded can be set in the sub-routes upgrade request, so the sub-routes upgrade requests will carry the IPs of the sub-routes that need to be upgraded.
  • the IP of the sub-routes of the route so that the main route can identify which sub-routes need to be upgraded.
  • the sub-routes upgrade request does not need to carry the sub-routes IP, that is, the user After logging into the browser, it is not necessary to set the IPs of all the sub-routes into the sub-routing upgrade request one by one, because at this time the main route does not need to identify which sub-routes need to be upgraded, but directly upgrades all of them.
  • Step 102 After receiving the instruction from the main route, each sub-router activates the corresponding temporary port, waits for the browser to transmit the upgrade file, and returns a start-up success message to the main route.
  • Each sub-router is configured with a corresponding websocket server, that is, a server that supports the websocket protocol. After receiving the instruction from the main route, each sub-router starts its own websocket server to listen on the corresponding temporary port to wait for the browser to transmit the upgrade file, and at the same time returns startup success information to the main route.
  • the browser IP and the temporary authentication token received by the sub-router here may be used for legal authentication when the sub-router subsequently receives the upgrade file transmitted by the browser.
  • web server is used for processing the request of http protocol
  • websocket server is used for processing the request of websocket protocol
  • websocket protocol is a kind of application layer protocol based on TCP (Transmission Control Protocol, i.e. Transmission Control Protocol), which can realize two-way communication.
  • TCP Transmission Control Protocol
  • the same point between the http protocol and the websocket protocol is that both are application layer protocols, and the difference is that the transmission performance of the websocket protocol is higher than that of the http protocol, and two-way communication is possible.
  • Step 103 after the main router receives the start-up success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser according to the received The information will transfer the upgrade file to the corresponding sub-router.
  • the specific process is as follows:
  • the main router After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser according to the browser IP, The browser is notified to transmit the upgrade file for the corresponding sub-routes. For example, if sub-routing 1 returns a startup success message at this time, the main route sends the temporary authentication token, the IP address of sub-routing 1 and the temporary port specified by sub-routing 1 to the corresponding IP address according to the browser IP to notify the browser to transmit the upgrade file for subroute 1.
  • the browser transmits the upgrade file to the corresponding sub-router through the websocket protocol according to the received sub-router IP and the temporary port.
  • the browser supports the websocket protocol, based on the received sub-routing IP and the temporary port, the browser connects to the designated temporary port on the websocket server of the corresponding sub-routing through the websocket protocol, and then passes the temporary port to the specified temporary port.
  • the upgrade file is transmitted to the corresponding sub-router; wherein, the upgrade file carries the temporary authentication token and the browser IP for subsequent legal authentication of the sub-router.
  • Step 104 the sub-router performs authentication based on the temporary authentication token and the browser IP, and performs an upgrade based on the upgrade file after the authentication succeeds.
  • the sub-router After the sub-router receives the upgrade file sent by the browser, it is equivalent to receiving the upgrade request of the browser, and will extract the temporary authentication token and browser authentication token from the upgrade file. Then, the sub-router will compare whether the temporary authentication token sent by the browser is consistent with the temporary authentication token sent by the main route, and whether the browser IP sent by the browser is consistent with the browser IP sent by the browser. Whether the IP of the browser sent by the main router is consistent; if the two temporary authentication tokens are consistent and the IPs of the two browsers are consistent, it is considered that the upgrade request sent by the browser is legal and the authentication is successful. Routing will be further upgraded based on the upgrade file. If there is any inconsistency, it is considered that the upgrade request sent by the browser is illegal and the authentication fails, and the upgrade process will be ended directly at this time.
  • the method further includes: after the sub-routes are successfully upgraded according to the received upgrade file, the main route sends an upgrade end command to the browser and the corresponding sub-routes to end the upgrade of the corresponding sub-routes process.
  • the specific process is as follows:
  • the sub-router After the upgrade file transmission is completed, the sub-router first judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result.
  • the process of the sub-router judging whether the upgrade is successful is specifically: the sub-router verifies the received upgrade file and writes it into the corresponding storage interval flash; if the verification is successful and the write is successful , it is determined that the upgrade of the sub-routes is successful; if the verification fails and/or the writing fails, that is, any link is faulty, it is determined that the upgrade of the sub-routes fails.
  • the main route sends an upgrade end command to the browser and the sub-router, so as to notify the sub-router to destroy the corresponding temporary authentication token and close the corresponding websocket server, and notify the browser to close the corresponding websocket server. websocket client, and then end the upgrade process of the sub-router.
  • the main router notifies the browser to retransmit the upgrade file to the sub-router, and judges whether the upgrade is successful, until the sub-router is upgraded successfully or until the number of transmissions of the upgrade file reaches the maximum pass times, the main route sends an upgrade end command to the browser and the sub-router, so as to notify the sub-router to destroy the corresponding temporary authentication token and close the corresponding websocket server, and notify the browser to close the corresponding websocket client, and then end the upgrade process of the sub-router.
  • each sub-router completes step 102 to step 104 respectively, and the page of the browser shows that each sub-router has its own upgrade progress bar.
  • the upgrade progress bar corresponding to sub-route 2 reaches 100%, indicating that the upgrade is successful, and the rest of the sub-routes continue to be upgraded; assuming that sub-router 1 fails to upgrade, sub-router 1 will continue to retry the upgrade. If the retries are successful, the upgrade progress bar will go to 100%. If the maximum number of retries is not successful, the upgrade progress bar will stop, and the upgrade failure message will be prompted.
  • all three sub-routes indicate that the upgrade is successful or failed, it means that the upgrade is complete.
  • the upgrade file transmission from the browser to the sub-router is changed from the transfer of the main route to the direct transmission of the browser, the upgrade delay is greatly reduced, the implementation is simpler and the security performance is improved; at the same time, the upgrade file
  • the transmission of control commands is separated from the transmission of control commands, that is, the control commands are transmitted from the main router to the sub-routes, and only the upgrade files are transferred between the browser and the sub-routes, realizing a one-to-many parallel upgrade mode of sub-routes, effectively improving the upgrade efficiency;
  • the control command can be encrypted by SSL, which increases the security, while the upgrade file does not need to be encrypted, which improves the transmission performance.
  • the embodiment of the present invention further provides a specific embodiment of the upgrade method under the mesh networking, in combination with Fig. 3 and Fig. 4 (taking setting two sub-routes as an example), the specific process is as follows:
  • Step 201 the user browser connects to the web server on the main route through the https protocol, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries the browser IP.
  • Step 202 after the main router receives the upgrade request of the sub-routes, it generates a temporary authentication token and a temporary port for each sub-router to receive the upgrade file, and transmits the browser IP, the temporary authentication token, and the temporary port to each sub-router through the underlying interface. child route.
  • the 32-bit random character string is generated here as an example of a temporary authentication token, that is, dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD in Figure 4;
  • the browser is usually set on the user's pc (personal computer, that is, a personal computer), so the browser IP is as shown in Figure 4 pc_ip, here is specifically 192.168.1.10;
  • the specified temporary port is wsport in Figure 4 (that is, the abbreviation of websocket port), here is an example of randomly specifying port 1223.
  • the specific format of the instructions transmitted by the main route to each sub-router is as follows:
  • Step 203 After receiving the instruction from the main route, each sub-router starts its own websocket server to listen on the specified temporary port, waits for the browser to transmit the upgrade file, and returns the startup success message to the main route.
  • Step 204 after the main router receives the startup success message (i.e. success in Figure 4) returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and notifies all The browser transmits the upgrade file for the corresponding sub-routes.
  • the startup success message i.e. success in Figure 4
  • Step 205 the browser performs parameter setting according to the temporary authentication token received, the sub-routing IP and the temporary port, after setting, connect to the websocket server of the sub-routing through the websocket protocol, and pass the specified temporary port Transfer the upgrade file.
  • Step 206 after the upgrade file transmission is completed, the sub-router judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result.
  • the sub-routes will usually perform authentication based on the received two temporary authentication tokens and two browser IPs. If the authentication fails, the upgrade process will be directly ended, and the upgrade will continue after the authentication is successful.
  • the authentication process reference may be made to Embodiment 1, and details are not repeated here.
  • step 207 If the upgrade is successful, then perform step 207; if the upgrade fails, the main route notifies the browser to retransmit the upgrade file to the sub-router, and continues to judge whether the upgrade is successful, that is, repeat steps 205 and 206, Step 207 is executed until the sub-routes are successfully upgraded or until the number of transmissions of the upgraded file reaches the maximum number of retransmissions.
  • Step 207 is executed until the sub-routes are successfully upgraded or until the number of transmissions of the upgraded file reaches the maximum number of retransmissions.
  • Step 207 when the upgrade of the sub-routes is successful, the main route sends an upgrade end command (i.e. close in Figure 4) to the browser and the sub-routes, and the sub-routes destroy the corresponding temporary authentication token and close the corresponding the websocket server, the browser closes the corresponding websocket client.
  • an upgrade end command i.e. close in Figure 4
  • the embodiment of the present invention further provides an upgrade device under mesh networking, as shown in Figure 1 and Figure 4, which mainly includes a browser, a main router, and at least two sub-networks. routing.
  • the control command is mainly transmitted between the browser and the main router, and between the main router and each sub-router, and the upgrade file is transmitted by the browser to each sub-router. details as follows:
  • the browser is used to connect to the main route and submit a sub-router upgrade request to the main route; meanwhile, after receiving the message sent by the main route, the upgrade file is transmitted to the sub-router.
  • the browser can connect to the web server on the main route through an http encryption protocol (such as https protocol), and submit a sub-routing upgrade request to the main route; after receiving the message sent by the main route Afterwards, the browser carries out parameter setting according to the temporary authentication token received, the sub-routing IP and the temporary port, after being set up, connects to the websocket server of the sub-routing through the websocket protocol, and then passes the specified temporary port to the The upgrade file is transmitted to the sub-router.
  • an http encryption protocol such as https protocol
  • the main route is used to generate a temporary authentication token for this upgrade and a temporary port for each sub-router to receive the upgrade file after receiving the upgrade request of the sub-routes sent by the browser, and pass the underlying interface
  • the browser IP, the temporary authentication token and the temporary port are transmitted to each sub-router, waiting for the sub-routing to return the startup success message; after receiving the startup success message returned by the sub-routing, send the The temporary authentication token, the corresponding sub-router IP and the temporary port are sent to the browser, and the browser is notified to transmit the upgrade file for the corresponding sub-router.
  • the sub-route is used to start the corresponding temporary port after receiving the instruction of the main route, that is, start the corresponding websocket server to listen on the designated temporary port, and wait for the browser to update the upgrade file. transmit, and return the startup success information to the main router; after receiving the upgrade file sent by the browser, perform authentication based on the temporary authentication token and the browser IP, and when the authentication is successful Then upgrade based on the upgrade file.
  • the upgrade file transmission from the browser to the sub-router can be transferred from the main route to the direct transmission of the browser, the upgrade delay is greatly reduced, the implementation is simpler and the safety performance is improved; at the same time, the upgrade The transmission of files and the transmission of control commands are separated, that is, the control commands are transmitted from the main router to the sub-routes, and only the upgrade files are transferred between the browser and the sub-routes, realizing a one-to-many parallel upgrade mode of sub-routes, effectively improving the upgrade efficiency and because the sub-routing does not need a web server, the risk of the sub-routing being attacked is reduced, and the technical problems of insufficient upgrading performance, complex implementation and poor security of the existing upgrading scheme are solved.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed in the present invention are an upgrade method and apparatus under mesh networking. The method comprises: after receiving a sub-route upgrade request submitted by a browser, a main route generating a temporary authentication token and a temporary port of each sub-route, and transmitting same to each sub-route; after receiving an instruction of the main route, each sub-route starting the temporary port to wait for the browser to transmit an upgrade file, and returning start success information to the main route; after receiving the start success information, the main route sending the temporary authentication token, a sub-route IP and the temporary port to the browser, and the browser transmitting the upgrade file to the corresponding sub-route; and the sub-route performing authentication on the basis of the temporary authentication token and a browser IP, and performing an upgrade on the basis of the upgrade file after the authentication succeeds. In the present invention, an upgrade file from a browser to a sub-route is directly transmitted by the browser, such that an upgrade delay is greatly reduced; and the transmission of the upgrade file is separated from that of a control command, such that a one-to-many sub-route parallel upgrade mode is realized, and the upgrade efficiency is improved.

Description

一种mesh组网下的升级方法与装置An upgrade method and device under mesh networking 【技术领域】【Technical field】
本发明属于路由升级技术领域,更具体地,涉及一种mesh组网下的升级方法与装置。The invention belongs to the technical field of route upgrade, and more specifically relates to an upgrade method and device in a mesh network.
【背景技术】【Background technique】
mesh组网是一种新的无线局域网类型,由主路由设备和多个子路由设备组成(后续用主路由、子路由表示)。目前mesh组网方式下,需要在web(即网页)的同一页面对组网中的各子路由进行升级,web对于各子路由的升级方式大致如下:首先浏览器将升级文件传输给主路由,然后由主路由将该升级文件分发给各子路由,进而实现各子路由的升级。但这样一来就会导致升级效率较低,如果主路由下挂多个子路由,升级时间会较长,升级性能差。Mesh networking is a new type of wireless local area network, which consists of a main routing device and multiple sub-routing devices (represented by main routing and sub-routing later). In the current mesh networking mode, it is necessary to upgrade each sub-router in the network on the same page of the web (that is, a webpage). The upgrade method of the web for each sub-router is roughly as follows: first, the browser transmits the upgrade file to the main router, Then, the main router distributes the upgrade file to each sub-router, thereby realizing the upgrade of each sub-router. However, this will lead to low upgrade efficiency. If multiple sub-routes are connected to the main route, the upgrade time will be longer and the upgrade performance will be poor.
传统方式下浏览器通过一对多同时对子路由升级时,需要在各个子路由上单独配置web服务器(即web server)来接收升级文件,而每个子路由的web服务器要配置为允许跨域访问,才能让浏览器在一个页面上同时升级各个子路由;如果不配置跨域,就必须为每一个子路由单独打开一个新的升级页面进行操作,实现方式复杂。另外,通过允许跨越方式让浏览器一对多同时升级各个子路由时,这对安全性要求很高,但相关处理代码在浏览器中运行时,通过网络抓包和浏览器端都可以被黑客看到,且各个子路由开启了http服务也容易导致被攻击,导致存在比较严重的安全问题。其中,web服务器主要用于处理http协议的请求,因此也称为http服务器。In the traditional way, when the browser upgrades the sub-routes at the same time through one-to-many, it is necessary to configure a web server (ie web server) on each sub-routing to receive the upgrade file, and the web server of each sub-routing must be configured to allow cross-domain access , so that the browser can upgrade each sub-route at the same time on one page; if cross-domain configuration is not configured, a new upgrade page must be opened for each sub-route for operation, and the implementation method is complicated. In addition, by allowing the browser to upgrade each sub-router one-to-many at the same time by allowing the crossover method, this requires high security, but when the relevant processing code is running in the browser, it can be hacked through network capture and browser-side It can be seen that if the http service is enabled for each sub-router, it is easy to be attacked, resulting in serious security problems. Among them, the web server is mainly used to process requests of the http protocol, so it is also called an http server.
综上所述,由于存在升级性能、实现复杂以及升级安全问题方面的不足,在mesh组网应用中需要一种简单易行的路由升级实现方法。To sum up, due to the shortcomings of upgrade performance, complex implementation, and upgrade security issues, a simple and easy implementation method for routing upgrade is needed in mesh networking applications.
【发明内容】【Content of invention】
针对现有技术的以上缺陷或改进需求,本发明提供了一种mesh组网下的升级方法与装置,其目的在于通过将升级文件和控制命令的传输分离,实现一对多的子路由并行升级模式,有效提高升级效率,由此解决现有升级方案升级性能不足、实现复杂以及安全性较差的技术问题。In view of the above defects or improvement needs of the prior art, the present invention provides an upgrade method and device under mesh networking, the purpose of which is to realize parallel upgrade of one-to-many sub-routes by separating the transmission of upgrade files and control commands This model can effectively improve the upgrade efficiency, thereby solving the technical problems of insufficient upgrade performance, complex implementation and poor security of existing upgrade solutions.
为实现上述目的,按照本发明的一个方面,提供了一种mesh组网下的升级方法,包括:In order to achieve the above object, according to one aspect of the present invention, an upgrade method under mesh networking is provided, including:
主路由接收到浏览器提交的子路由升级请求后,生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由;After the main route receives the sub-routing upgrade request submitted by the browser, it generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and transmits the browser IP, the temporary authentication token and the temporary port For each sub-routing;
各子路由接收到所述主路由的指令后,分别启动对应的所述临时端口等待所述浏览器进行升级文件的传输,并返回启动成功信息给所述主路由;After receiving the instruction of the main route, each sub-router starts the corresponding temporary port and waits for the browser to transmit the upgrade file, and returns the start success information to the main route;
主路由接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,由所述浏览器根据接收到的信息将升级文件传输给对应的子路由;After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser sends the The upgrade file is transferred to the corresponding sub-router;
所述子路由基于所述临时认证令牌和所述浏览器IP进行认证,认证成功后基于所述升级文件进行升级。The sub-router performs authentication based on the temporary authentication token and the browser IP, and performs an upgrade based on the upgrade file after successful authentication.
优选地,所述主路由接收到浏览器提交的子路由升级请求后,生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由,具体包括:Preferably, after receiving the sub-routing upgrade request submitted by the browser, the main route generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and sends the browser IP, the temporary authentication token and The temporary port is transmitted to each sub-router, specifically including:
所述浏览器连接到所述主路由,并向所述主路由提交子路由升级请求;其中,所述子路由升级请求中携带有浏览器IP;The browser is connected to the main route, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries a browser IP;
所述主路由接收到所述子路由升级请求后,为本次升级生成临时认证令牌,并分别为各子路由指定用于接收升级文件的临时端口;After receiving the upgrade request of the sub-routes, the main route generates a temporary authentication token for this upgrade, and specifies temporary ports for receiving upgrade files for each sub-router respectively;
所述主路由通过底层接口将所述浏览器IP、所述临时认证令牌以及所述临时端口分别传输给各子路由。The main router transmits the browser IP, the temporary authentication token and the temporary port to each sub-router respectively through the bottom interface.
优选地,所述浏览器连接到所述主路由具体为:所述浏览器通过https 协议连接到所述主路由上的web服务器。Preferably, the browser connecting to the main route specifically includes: the browser connecting to the web server on the main route through https protocol.
优选地,所述子路由升级请求为对mesh组网中的部分子路由或全部子路由进行升级;其中,当对mesh组网中的部分子路由进行升级时,所述子路由升级请求中携带有需要进行升级的各子路由的子路由IP。Preferably, the sub-routes upgrade request is to upgrade some or all sub-routes in the mesh network; wherein, when upgrading some sub-routes in the mesh network, the sub-routes upgrade request carries There are sub-routing IPs of each sub-routing that needs to be upgraded.
优选地,所述临时认证令牌的生成方法具体为:采用加密算法对登录所述浏览器的用户信息和过期时间进行加密,形成所述临时认证令牌。Preferably, the method for generating the temporary authentication token specifically includes: using an encryption algorithm to encrypt the user information logging into the browser and the expiration time to form the temporary authentication token.
优选地,所述主路由接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,由所述浏览器根据接收到的信息将升级文件传输给对应的子路由,具体包括:Preferably, after receiving the startup success message returned by the sub-router, the main router sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser according to The received information will transmit the upgrade file to the corresponding sub-router, including:
所述主路由接收到所述子路由返回的启动成功消息后,根据所述浏览器IP将所述临时认证令牌、对应的子路由IP和所述临时端口发送给所述浏览器,通知所述浏览器为对应的子路由传输升级文件;After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser according to the browser IP, and notifies all The browser transmits the upgrade file for the corresponding sub-routes;
所述浏览器根据接收到的所述子路由IP和所述临时端口,通过websocket协议将所述升级文件传输给对应的子路由;其中,所述升级文件中携带有所述临时认证令牌和所述浏览器IP。The browser transmits the upgrade file to the corresponding sub-router through the websocket protocol according to the received sub-router IP and the temporary port; wherein, the upgrade file carries the temporary authentication token and The browser IP.
优选地,所述子路由基于所述临时认证令牌和所述浏览器IP进行认证,认证成功后基于所述升级文件进行升级,具体为:Preferably, the sub-routing is authenticated based on the temporary authentication token and the browser IP, and after successful authentication, it is upgraded based on the upgrade file, specifically:
所述子路由接收到所述浏览器发送来的所述升级文件后,从所述升级文件中提取出所述临时认证令牌和所述浏览器IP;After the sub-router receives the upgrade file sent by the browser, it extracts the temporary authentication token and the browser IP from the upgrade file;
所述子路由比较所述浏览器发送来的临时认证令牌与所述主路由发送来的临时认证令牌是否一致,以及所述浏览器发送来的浏览器IP与所述主路由发送来的浏览器IP是否一致;The sub-router compares whether the temporary authentication token sent by the browser is consistent with the temporary authentication token sent by the main route, and whether the browser IP sent by the browser is consistent with the browser IP sent by the main route. Whether the browser IP is consistent;
如果两个临时认证令牌一致且两个浏览器IP一致,则认证成功,所述子路由基于所述升级文件进行升级。If the two temporary authentication tokens are consistent and the IP addresses of the two browsers are consistent, the authentication is successful, and the sub-routes are upgraded based on the upgrade file.
优选地,在所述子路由基于所述升级文件进行升级时,所述方法还包括:Preferably, when the sub-routes are upgraded based on the upgrade file, the method further includes:
当所述子路由根据接收到的所述升级文件成功升级后,所述主路由发送升级结束命令给所述浏览器和对应子路由,结束对应子路由的升级过程。After the sub-routes are successfully upgraded according to the received upgrade file, the main router sends an upgrade end command to the browser and the corresponding sub-routes to end the upgrading process of the corresponding sub-routes.
优选地,所述子路由上配置有websocket服务器,则所述当所述子路由根据接收到的所述升级文件成功升级后,所述主路由发送升级结束命令给所述浏览器和对应子路由,结束对应子路由的升级过程,具体为:Preferably, a websocket server is configured on the sub-routes, and when the sub-routes are successfully upgraded according to the received upgrade file, the main route sends an upgrade end command to the browser and the corresponding sub-routes , to end the upgrade process of the corresponding sub-routes, specifically:
所述升级文件传输完成后,所述子路由判断自身是否升级成功,并根据判断结果发送升级成功消息或升级失败消息给所述主路由;After the upgrade file transmission is completed, the sub-router judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result;
如果升级成功,则所述主路由发送升级结束命令给所述浏览器和该子路由,通知该子路由销毁对应的临时认证令牌并关闭对应的websocket服务器,通知所述浏览器关闭websocket客户端,结束该子路由的升级过程;If the upgrade is successful, the main route sends an upgrade end command to the browser and the sub-router, notifies the sub-router to destroy the corresponding temporary authentication token and closes the corresponding websocket server, and notifies the browser to close the websocket client , end the upgrade process of the sub-routing;
如果升级失败,则所述主路由通知所述浏览器重新传输所述升级文件给该子路由,直至该子路由升级成功或传输次数达到最大重传次数。If the upgrade fails, the main router notifies the browser to retransmit the upgrade file to the sub-router until the sub-router is upgraded successfully or the number of times of transmission reaches the maximum number of retransmissions.
按照本发明的另一方面,提供了一种mesh组网下的升级装置,包括浏览器、主路由以及至少两个子路由;According to another aspect of the present invention, an upgrade device under mesh networking is provided, including a browser, a main router and at least two sub-routes;
所述浏览器用于连接到所述主路由,并向所述主路由提交子路由升级请求;同时在接收到所述主路由发送的消息后将升级文件传输给子路由;The browser is used to connect to the main route, and submit a sub-route upgrade request to the main route; at the same time, after receiving the message sent by the main route, the upgrade file is transmitted to the sub-router;
所述主路由用于在接收到所述子路由升级请求后生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由;同时在接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,通知所述浏览器进行所述升级文件的传输;The main route is used to generate a temporary authentication token and each sub-routing is used to receive the temporary port of the upgrade file after receiving the sub-routing upgrade request, and the browser IP, the temporary authentication token and the temporary The port is transmitted to each sub-router; at the same time, after receiving the startup success message returned by the sub-router, send the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and notify the browser The device transmits the upgrade file;
所述子路由用于在接收到所述主路由的指令后启动对应的所述临时端口,等待所述浏览器进行所述升级文件的传输,并返回所述启动成功信息给所述主路由;在接收到所述浏览器发送来的所述升级文件后基于所述临时认证令牌和所述浏览器IP进行认证,并在认证成功后基于所述升级文件进行升级。The sub-router is used to start the corresponding temporary port after receiving the instruction of the main route, wait for the browser to transmit the upgrade file, and return the startup success information to the main route; After receiving the upgrade file sent by the browser, perform authentication based on the temporary authentication token and the browser IP, and perform upgrade based on the upgrade file after successful authentication.
总体而言,通过本发明所构思的以上技术方案与现有技术相比,具有如下有益效果:本发明提供的路由升级方法中,浏览器到子路由的升级文件传输由主路由中转改为浏览器直接传送,升级时延大幅减少,实现更简单且安全性能提升;同时将升级文件的传输和控制命令的传输进行分离,即控制命令由主路由传输至子路由,浏览器和子路由之间只进行升级文件的传输,实现一对多的子路由并行升级模式,有效提高升级效率;而且由于子路由无需web服务器,减少了子路由被攻击的风险,解决了现有升级方案升级性能不足、实现复杂以及安全性较差的技术问题。Generally speaking, compared with the prior art, the above technical solution conceived by the present invention has the following beneficial effects: In the route upgrade method provided by the present invention, the upgrade file transmission from the browser to the sub-router is changed from the transfer of the main route to the browsing The upgrade delay is greatly reduced, and the implementation is simpler and the security performance is improved; at the same time, the transmission of the upgrade file and the transmission of the control command are separated, that is, the control command is transmitted from the main router to the sub-router, and only the browser and the sub-router are connected. The upgrade file is transmitted, and the one-to-many sub-routes parallel upgrade mode is realized, which effectively improves the upgrade efficiency; and because the sub-routes do not need a web server, the risk of sub-routes being attacked is reduced, and the lack of upgrade performance of the existing upgrade scheme is solved. Complex and poorly secured technical issues.
【附图说明】【Description of drawings】
为了更清楚地说明本发明实施例的技术方案,下面将对本发明实施例中所需要使用的附图作简单地介绍。显而易见地,下面所描述的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions of the embodiments of the present invention more clearly, the following will briefly introduce the drawings that are used in the embodiments of the present invention. Apparently, the drawings described below are only some embodiments of the present invention, and those skilled in the art can obtain other drawings according to these drawings without creative efforts.
图1是本发明实施例提供的一种mesh组网下的升级装置图;FIG. 1 is a diagram of an upgrade device under a mesh networking provided by an embodiment of the present invention;
图2是本发明实施例提供的一种mesh组网下的升级方法的流程图;Fig. 2 is a flow chart of an upgrade method under a mesh networking provided by an embodiment of the present invention;
图3是本发明实施例提供的一种mesh组网下的升级具体实施流程图;Fig. 3 is a specific implementation flowchart of an upgrade under a mesh networking provided by an embodiment of the present invention;
图4是本发明实施例提供的一种mesh组网下的升级数据流图。Fig. 4 is an upgrade data flow diagram in a mesh networking provided by an embodiment of the present invention.
【具体实施方式】【detailed description】
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.
在本发明各实施例中,符号“/”表示同时具有两种功能的含义,而对于符号“A和/或B”则表明由该符号连接的前后对象之间的组合包括“A”、“B”、“A和B”三种情况。In each embodiment of the present invention, the symbol "/" means that it has two functions at the same time, and the symbol "A and/or B" indicates that the combination between the front and back objects connected by the symbol includes "A", " B", "A and B" three situations.
此外,下面所描述的本发明各个实施方式中所涉及到的技术特征只要彼此之间未构成冲突就可以相互组合。下面就参考附图和实施例结合来详 细说明本发明。In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other. The present invention will be described in detail below with reference to the accompanying drawings and embodiments.
实施例1Example 1
为实现一对多的子路由并行升级模式,提高升级效率,解决现有升级方案升级性能不足、实现复杂以及安全性较差的技术问题,本发明实施例提供了一种mesh组网下的升级方法。其中,结合图1可知,控制命令主要是在浏览器与主路由之间、主路由与各子路由之间传输,而升级文件则是由浏览器传输给各子路由。In order to realize the parallel upgrade mode of one-to-many sub-routes, improve the upgrade efficiency, and solve the technical problems of insufficient upgrade performance, complex implementation and poor security of existing upgrade solutions, the embodiment of the present invention provides an upgrade under mesh networking method. Wherein, combined with FIG. 1, it can be seen that the control command is mainly transmitted between the browser and the main router, and between the main router and each sub-router, while the upgrade file is transmitted by the browser to each sub-router.
如图2所示,本发明实施例提供的路由升级方法主要包括:As shown in Figure 2, the route upgrade method provided by the embodiment of the present invention mainly includes:
步骤101,主路由接收到浏览器提交的子路由升级请求后,生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由。具体过程如下: Step 101, after the main route receives the sub-routing upgrade request submitted by the browser, it generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and sends the browser IP, the temporary authentication token and the Ephemeral ports are transmitted to each sub-router. The specific process is as follows:
首先,用户登录所述浏览器后,所述浏览器连接到所述主路由,并向所述主路由提交子路由升级请求;其中,所述子路由升级请求中携带有浏览器IP,以便所述主路由进行浏览器识别。需要说明的是,所述浏览器连接到所述主路由的过程具体可以为:所述浏览器通过http加密协议连接到所述主路由上的web服务器。例如,在具体的实施例中,所述http加密协议具体可采用https协议,即http的ssl(security socket layer,即安全套接字层)加密协议;当然也可采用其他合适的加密协议,在此不做具体限定。First, after the user logs in to the browser, the browser connects to the main route, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries the browser IP, so that all The above main route is used for browser identification. It should be noted that, the process of the browser connecting to the main route may specifically be: the browser connects to the web server on the main route through the http encryption protocol. For example, in a specific embodiment, the http encryption protocol can specifically use the https protocol, that is, the ssl (security socket layer, i.e. secure socket layer) encryption protocol of http; of course, other suitable encryption protocols can also be used. This is not specifically limited.
其次,所述主路由接收到所述子路由升级请求后,为本次升级生成临时认证令牌,并分别为各子路由指定用于接收升级文件的临时端口。具体地,所述主路由接收到所述子路由升级请求后就开始启动子路由升级控制流程,而所述子路由升级控制流程的第一步就是为本次升级生成临时认证令牌,即临时认证token,具体生成方法可以是:采用加密算法对登录所述浏览器的用户信息和过期时间进行加密,形成所述临时认证令牌,在数据通讯中使用,即某个对象接收到所述临时认证令牌后可进行解密校验,从而保证通讯安全。另外,所述主路由还分别为每个子路由指定一个临时端 口用来接收所述升级文件,所述临时端口可以是随机指定的,以防止被端口扫描软件攻击,增加通讯安全性,例如可以使用random函数随机产生40000-50000之间的端口,基本原则为只要不与***中已有在用的端口重复即可。Secondly, after receiving the upgrade request of the sub-routes, the main router generates a temporary authentication token for this upgrade, and specifies temporary ports for receiving upgrade files for each sub-router. Specifically, after the main router receives the sub-router upgrade request, it starts the sub-router upgrade control process, and the first step of the sub-router upgrade control process is to generate a temporary authentication token for this upgrade, that is, a temporary The specific generation method of the authentication token can be: using an encryption algorithm to encrypt the user information and the expiration time for logging into the browser to form the temporary authentication token, which is used in data communication, that is, a certain object receives the temporary authentication token. After the token is authenticated, decryption verification can be performed to ensure communication security. In addition, the main route also designates a temporary port for each sub-router to receive the upgrade file. The temporary port can be randomly designated to prevent attacks by port scanning software and increase communication security. For example, it can be used The random function randomly generates ports between 40000 and 50000. The basic principle is as long as they do not overlap with existing ports in the system.
最后,所述主路由通过底层接口将所述浏览器IP、所述临时认证令牌以及所述临时端口分别传输给各子路由。其中,所述底层接口相当于是一个逻辑管理通道,具体可以采用主子路由间常用的通信协议来实现,在此不做具体限定。所述主路由通常是将所述浏览器IP、所述临时认证令牌以及所述临时端口这些信息分别以指令的形式传输给对应的各子路由。Finally, the main router transmits the browser IP, the temporary authentication token, and the temporary port to each sub-router through the underlying interface. Wherein, the bottom layer interface is equivalent to a logical management channel, which can be implemented by using a commonly used communication protocol between the main and sub-routes, and is not specifically limited here. The main route usually transmits the information of the browser IP, the temporary authentication token and the temporary port to the corresponding sub-routes in the form of instructions.
需要说明的是,所述子路由升级请求可以是对mesh组网中的全部子路由进行升级,也可以说是对mesh组网中的部分子路由进行升级。其中,当对mesh组网中的部分子路由进行升级时,这种情况下所述浏览器之前已经和所述主路由有过交互过程,绘制有各子路由的拓扑信息,所以浏览器是保存有各子路由的IP的;用户登录所述浏览器后可将需要进行升级的子路由的IP设置到子路由升级请求中,因此所述子路由升级请求中会携带有需要进行升级的各子路由的子路由IP,以便所述主路由识别哪些子路由需要进行升级。当对mesh组网中的全部子路由进行升级时,由于所述主路由通常会存有mesh组网中各子路由的IP,因此所述子路由升级请求中可无需携带子路由IP,即用户登录所述浏览器后无需将全部子路由的IP一一设置到子路由升级请求中,因为此时所述主路由不需要识别哪些子路由需要进行升级,而是直接全部升级。It should be noted that the sub-route upgrade request may be to upgrade all sub-routes in the mesh network, or to upgrade some sub-routes in the mesh network. Among them, when some sub-routes in the mesh network are upgraded, in this case, the browser has interacted with the main route before, and the topology information of each sub-router is drawn, so the browser is to save There are IPs of each sub-routes; after the user logs in the browser, the IPs of the sub-routes that need to be upgraded can be set in the sub-routes upgrade request, so the sub-routes upgrade requests will carry the IPs of the sub-routes that need to be upgraded. The IP of the sub-routes of the route, so that the main route can identify which sub-routes need to be upgraded. When upgrading all the sub-routes in the mesh network, since the main route usually stores the IPs of the sub-routes in the mesh network, the sub-routes upgrade request does not need to carry the sub-routes IP, that is, the user After logging into the browser, it is not necessary to set the IPs of all the sub-routes into the sub-routing upgrade request one by one, because at this time the main route does not need to identify which sub-routes need to be upgraded, but directly upgrades all of them.
步骤102,各子路由接收到所述主路由的指令后,分别启动对应的所述临时端口等待所述浏览器进行升级文件的传输,并返回启动成功信息给所述主路由。Step 102: After receiving the instruction from the main route, each sub-router activates the corresponding temporary port, waits for the browser to transmit the upgrade file, and returns a start-up success message to the main route.
每个子路由上均配置有相应的websocket服务器,即支持websocket协议的服务器。各子路由接收到所述主路由的指令后,分别启动各自websocket 服务器在对应的临时端口进行侦听,以等待所述浏览器进行升级文件的传输,同时返回启动成功信息给所述主路由。其中,所述子路由此处接收到的所述浏览器IP和所述临时认证令牌,可在后续所述子路由接收到所述浏览器传输的升级文件时用于进行合法认证。Each sub-router is configured with a corresponding websocket server, that is, a server that supports the websocket protocol. After receiving the instruction from the main route, each sub-router starts its own websocket server to listen on the corresponding temporary port to wait for the browser to transmit the upgrade file, and at the same time returns startup success information to the main route. Wherein, the browser IP and the temporary authentication token received by the sub-router here may be used for legal authentication when the sub-router subsequently receives the upgrade file transmitted by the browser.
其中,web服务器用于处理http协议的请求,而websocket服务器用于处理websocket协议的请求,websocket协议是基于TCP(Transmission Control Protocol,即传输控制协议)的一种应用层协议,可实现双向通信。http协议与websocket协议的相同点在于两者都是应用层协议,不同点在于websocket协议的传输性能比http协议高,双向均可以通信。需要说明的是,传统方案中都需要在子路由配置web服务器,web服务器的功能较复杂、占用资源较多,同时也容易招致黑客攻击;而本发明是在子路由配置websocket服务器,websocket服务器的功能较为单一,所以占用资源也少,且由于业务使用的局限性,针对websocket服务器的攻击比web服务器少。Wherein, web server is used for processing the request of http protocol, and websocket server is used for processing the request of websocket protocol, and websocket protocol is a kind of application layer protocol based on TCP (Transmission Control Protocol, i.e. Transmission Control Protocol), which can realize two-way communication. The same point between the http protocol and the websocket protocol is that both are application layer protocols, and the difference is that the transmission performance of the websocket protocol is higher than that of the http protocol, and two-way communication is possible. It should be noted that, in the traditional scheme, it is necessary to configure the web server in the sub-routing, the function of the web server is more complicated, it takes up more resources, and it is easy to attract hackers; The function is relatively single, so it takes up less resources, and due to the limitations of business use, there are fewer attacks against websocket servers than web servers.
步骤103,主路由接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,由所述浏览器根据接收到的信息将升级文件传输给对应的子路由。具体过程如下: Step 103, after the main router receives the start-up success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser according to the received The information will transfer the upgrade file to the corresponding sub-router. The specific process is as follows:
首先,所述主路由接收到所述子路由返回的启动成功消息后,根据所述浏览器IP将所述临时认证令牌、对应的子路由IP和所述临时端口发送给所述浏览器,通知所述浏览器为对应的子路由传输升级文件。例如,如果子路由1此时返回启动成功消息,则所述主路由根据所述浏览器IP将所述临时认证令牌、子路由1的IP地址和子路由1指定的临时端口发送给对应IP地址的浏览器,以便通知所述浏览器为子路由1传输升级文件。First, after the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser according to the browser IP, The browser is notified to transmit the upgrade file for the corresponding sub-routes. For example, if sub-routing 1 returns a startup success message at this time, the main route sends the temporary authentication token, the IP address of sub-routing 1 and the temporary port specified by sub-routing 1 to the corresponding IP address according to the browser IP to notify the browser to transmit the upgrade file for subroute 1.
然后,所述浏览器根据接收到的所述子路由IP和所述临时端口,通过websocket协议将所述升级文件传输给对应的子路由。其中,所述浏览器支持websocket协议,基于接收到的子路由IP和临时端口,所述浏览器通过websocket协议连接到对应子路由的websocket服务器上指定的临时端口, 进而通过所述临时端口将所述升级文件传输给对应子路由;其中,所述升级文件中携带有所述临时认证令牌和所述浏览器IP,用于子路由后续进行合法认证。Then, the browser transmits the upgrade file to the corresponding sub-router through the websocket protocol according to the received sub-router IP and the temporary port. Wherein, the browser supports the websocket protocol, based on the received sub-routing IP and the temporary port, the browser connects to the designated temporary port on the websocket server of the corresponding sub-routing through the websocket protocol, and then passes the temporary port to the specified temporary port The upgrade file is transmitted to the corresponding sub-router; wherein, the upgrade file carries the temporary authentication token and the browser IP for subsequent legal authentication of the sub-router.
步骤104,所述子路由基于所述临时认证令牌和所述浏览器IP进行认证,认证成功后基于所述升级文件进行升级。 Step 104, the sub-router performs authentication based on the temporary authentication token and the browser IP, and performs an upgrade based on the upgrade file after the authentication succeeds.
首先,所述子路由接收到所述浏览器发送来的所述升级文件后,也就相当于收到了所述浏览器的升级请求,会从所述升级文件中提取出临时认证令牌和浏览器IP;然后,所述子路由会比较所述浏览器发送来的临时认证令牌与所述主路由发送来的临时认证令牌是否一致,以及所述浏览器发送来的浏览器IP与所述主路由发送来的浏览器IP是否一致;如果两个临时认证令牌一致且两个浏览器IP一致,则认为所述浏览器发来的升级请求合法,视为认证成功,则所述子路由会进一步基于所述升级文件进行升级。如果存在任一项不一致,则认为所述浏览器发来的升级请求不合法,视为认证失败,此时会直接结束升级过程。First of all, after the sub-router receives the upgrade file sent by the browser, it is equivalent to receiving the upgrade request of the browser, and will extract the temporary authentication token and browser authentication token from the upgrade file. Then, the sub-router will compare whether the temporary authentication token sent by the browser is consistent with the temporary authentication token sent by the main route, and whether the browser IP sent by the browser is consistent with the browser IP sent by the browser. Whether the IP of the browser sent by the main router is consistent; if the two temporary authentication tokens are consistent and the IPs of the two browsers are consistent, it is considered that the upgrade request sent by the browser is legal and the authentication is successful. Routing will be further upgraded based on the upgrade file. If there is any inconsistency, it is considered that the upgrade request sent by the browser is illegal and the authentication fails, and the upgrade process will be ended directly at this time.
进一步地,所述方法还包括:当所述子路由根据接收到的所述升级文件成功升级后,所述主路由发送升级结束命令给所述浏览器和对应子路由,结束对应子路由的升级过程。具体过程如下:Further, the method further includes: after the sub-routes are successfully upgraded according to the received upgrade file, the main route sends an upgrade end command to the browser and the corresponding sub-routes to end the upgrade of the corresponding sub-routes process. The specific process is as follows:
所述升级文件传输完成后,所述子路由首先判断自身是否升级成功,并根据判断结果发送升级成功消息或升级失败消息给所述主路由。其中,所述子路由判断自身是否升级成功的过程具体为:所述子路由对接收到的所述升级文件进行校验,并写入对应的存储区间flash中;如果校验成功且写入成功,则认定所述子路由升级成功;如果检验失败和/或写入失败,即其中任一环节出错,则认定所述子路由升级失败。After the upgrade file transmission is completed, the sub-router first judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result. Wherein, the process of the sub-router judging whether the upgrade is successful is specifically: the sub-router verifies the received upgrade file and writes it into the corresponding storage interval flash; if the verification is successful and the write is successful , it is determined that the upgrade of the sub-routes is successful; if the verification fails and/or the writing fails, that is, any link is faulty, it is determined that the upgrade of the sub-routes fails.
如果升级成功,则所述主路由发送升级结束命令给所述浏览器和该子路由,以便通知该子路由销毁对应的临时认证令牌并关闭对应的websocket服务器,通知所述浏览器关闭对应的websocket客户端,进而结束该子路由 的升级过程。If the upgrade is successful, the main route sends an upgrade end command to the browser and the sub-router, so as to notify the sub-router to destroy the corresponding temporary authentication token and close the corresponding websocket server, and notify the browser to close the corresponding websocket server. websocket client, and then end the upgrade process of the sub-router.
如果升级失败,则所述主路由通知所述浏览器重新传输所述升级文件给该子路由,并进行升级成功与否的判断,直至该子路由升级成功或直至升级文件的传输次数达到最大重传次数,则所述主路由发送升级结束命令给所述浏览器和该子路由,以便通知该子路由销毁对应的临时认证令牌并关闭对应的websocket服务器,通知所述浏览器关闭对应的websocket客户端,进而结束该子路由的升级过程。If the upgrade fails, the main router notifies the browser to retransmit the upgrade file to the sub-router, and judges whether the upgrade is successful, until the sub-router is upgraded successfully or until the number of transmissions of the upgrade file reaches the maximum pass times, the main route sends an upgrade end command to the browser and the sub-router, so as to notify the sub-router to destroy the corresponding temporary authentication token and close the corresponding websocket server, and notify the browser to close the corresponding websocket client, and then end the upgrade process of the sub-router.
例如,当mesh组网中有三个子路由时,每个子路由分别完成步骤102至步骤104,所述浏览器的页面上显示每个子路由有自己的升级进度条。假设子路由2首先完成升级,则子路由2对应的升级进度条走到100%处,表示升级成功,其余子路由继续升级;假设子路由1升级失败,则子路由1会继续重试升级,如果重试成功则升级进度条走到100%,如果达到最大重试次数还未成功则升级进度条停止,提示升级失败信息。直至三个子路由均提示升级成功或者升级失败时,表示本次升级完成。For example, when there are three sub-routes in the mesh network, each sub-router completes step 102 to step 104 respectively, and the page of the browser shows that each sub-router has its own upgrade progress bar. Assuming that sub-route 2 completes the upgrade first, the upgrade progress bar corresponding to sub-route 2 reaches 100%, indicating that the upgrade is successful, and the rest of the sub-routes continue to be upgraded; assuming that sub-router 1 fails to upgrade, sub-router 1 will continue to retry the upgrade. If the retries are successful, the upgrade progress bar will go to 100%. If the maximum number of retries is not successful, the upgrade progress bar will stop, and the upgrade failure message will be prompted. When all three sub-routes indicate that the upgrade is successful or failed, it means that the upgrade is complete.
本发明实施例提供的上述路由升级方法中,浏览器到子路由的升级文件传输由主路由中转改为浏览器直接传送,升级时延大幅减少,实现更简单且安全性能提升;同时将升级文件的传输和控制命令的传输进行分离,即控制命令由主路由传输至子路由,浏览器和子路由之间只进行升级文件的传输,实现一对多的子路由并行升级模式,有效提高升级效率;而且由于子路由无需web服务器,减少了子路由被攻击的风险,解决了现有升级方案升级性能不足、实现复杂以及安全性较差的技术问题。另外,控制命令可通过ssl加密,增加了安全性,而升级文件无需加密,提高了传输性能。In the above-mentioned route upgrade method provided by the embodiment of the present invention, the upgrade file transmission from the browser to the sub-router is changed from the transfer of the main route to the direct transmission of the browser, the upgrade delay is greatly reduced, the implementation is simpler and the security performance is improved; at the same time, the upgrade file The transmission of control commands is separated from the transmission of control commands, that is, the control commands are transmitted from the main router to the sub-routes, and only the upgrade files are transferred between the browser and the sub-routes, realizing a one-to-many parallel upgrade mode of sub-routes, effectively improving the upgrade efficiency; Moreover, since the sub-routing does not need a web server, the risk of the sub-routing being attacked is reduced, and the technical problems of insufficient upgrading performance, complicated implementation and poor security of the existing upgrading scheme are solved. In addition, the control command can be encrypted by SSL, which increases the security, while the upgrade file does not need to be encrypted, which improves the transmission performance.
实施例2Example 2
在上述实施例1的基础上,本发明实施例进一步提供了一种mesh组网下的升级方法的具体实施例,结合图3和图4(以设置两个子路由为例),具体过程如下:On the basis of the above-mentioned embodiment 1, the embodiment of the present invention further provides a specific embodiment of the upgrade method under the mesh networking, in combination with Fig. 3 and Fig. 4 (taking setting two sub-routes as an example), the specific process is as follows:
步骤201,用户浏览器通过https协议连接到主路由上的web服务器,并向所述主路由提交子路由升级请求;其中,所述子路由升级请求中携带有浏览器IP。 Step 201, the user browser connects to the web server on the main route through the https protocol, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries the browser IP.
结合图4,当所述主路由的IP地址(即主路由IP)为192.168.1.1,所述浏览器的IP地址(即浏览器IP)为192.168.1.10时,所述浏览器提交的子路由升级请求具体为:https://192.168.1.1/upgrade。In conjunction with Fig. 4, when the IP address of the main route (i.e. the main route IP) is 192.168.1.1, and the IP address of the browser (i.e. the browser IP) is 192.168.1.10, the sub-route submitted by the browser The specific upgrade request is: https://192.168.1.1/upgrade.
步骤202,主路由接收到所述子路由升级请求后,生成临时认证token以及各子路由用于接收升级文件的临时端口,并通过底层接口将浏览器IP、临时认证token以及临时端口传输给各子路由。 Step 202, after the main router receives the upgrade request of the sub-routes, it generates a temporary authentication token and a temporary port for each sub-router to receive the upgrade file, and transmits the browser IP, the temporary authentication token, and the temporary port to each sub-router through the underlying interface. child route.
其中,此处以生成32位随机字符串作为临时认证token为例,即图4中的dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD;浏览器通常是设置在用户pc(personal computer,即个人计算机)端,因此浏览器IP即图4中的pc_ip,此处具体为192.168.1.10;指定的临时端口即图4中的wsport(即websocket port的简写),此处以随机指定1223端口为例。在该实施例中,所述主路由传输给各子路由的指令具体格式如下:Among them, the 32-bit random character string is generated here as an example of a temporary authentication token, that is, dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD in Figure 4; the browser is usually set on the user's pc (personal computer, that is, a personal computer), so the browser IP is as shown in Figure 4 pc_ip, here is specifically 192.168.1.10; the specified temporary port is wsport in Figure 4 (that is, the abbreviation of websocket port), here is an example of randomly specifying port 1223. In this embodiment, the specific format of the instructions transmitted by the main route to each sub-router is as follows:
Figure PCTCN2022095181-appb-000001
Figure PCTCN2022095181-appb-000001
步骤203,各子路由接收到所述主路由的指令后,分别启动各自的websocket服务器在指定临时端口侦听,等待所述浏览器传输升级文件,并返回启动成功信息success给所述主路由。Step 203: After receiving the instruction from the main route, each sub-router starts its own websocket server to listen on the specified temporary port, waits for the browser to transmit the upgrade file, and returns the startup success message to the main route.
步骤204,所述主路由接收到所述子路由返回的启动成功消息(即图4中success)后,发送所述临时认证token、对应的子路由IP和临时端口给所述浏览器,通知所述浏览器为对应的子路由传输升级文件。 Step 204, after the main router receives the startup success message (i.e. success in Figure 4) returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and notifies all The browser transmits the upgrade file for the corresponding sub-routes.
步骤205,所述浏览器根据接收到的所述临时认证token、所述子路由IP和所述临时端口进行参数设置,设置好后通过websocket协议连接到子路由的websocket服务器,通过指定的临时端口传输所述升级文件。 Step 205, the browser performs parameter setting according to the temporary authentication token received, the sub-routing IP and the temporary port, after setting, connect to the websocket server of the sub-routing through the websocket protocol, and pass the specified temporary port Transfer the upgrade file.
假设某个子路由的IP地址为192.168.1.2,则进行参数设置后,所述websocket协议的消息体格式具体如下:Assuming that the IP address of a certain sub-route is 192.168.1.2, after parameter setting, the message body format of the websocket protocol is as follows:
ws//192.168.1.2:1223&token=dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD;ws//192.168.1.2:1223&token=dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD;
假设某个子路由的IP地址为192.168.1.3,则进行参数设置后,所述websocket协议的消息体格式具体如下:Assuming that the IP address of a certain sub-route is 192.168.1.3, after parameter setting, the message body format of the websocket protocol is as follows:
ws//192.168.1.3:1223&token=dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD。ws//192.168.1.3:1223&token=dn0C2ezBNRAs9MGTjNWPkEMUiOqwVkKD.
步骤206,升级文件传输完成后,所述子路由判断自身是否升级成功,并根据判断结果发送升级成功消息或升级失败消息给所述主路由。 Step 206, after the upgrade file transmission is completed, the sub-router judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result.
升级文件传输完成后,所述子路由通常会先基于接收到的两个临时认证令牌和两个浏览器IP进行认证,认证失败则直接结束升级过程,认证成功后再继续进行升级。认证过程可参考实施例1,在此不做赘述。After the upgrade file transfer is completed, the sub-routes will usually perform authentication based on the received two temporary authentication tokens and two browser IPs. If the authentication fails, the upgrade process will be directly ended, and the upgrade will continue after the authentication is successful. For the authentication process, reference may be made to Embodiment 1, and details are not repeated here.
如果升级成功,则执行步骤207;如果升级失败,则所述主路由通知所述浏览器重新传输所述升级文件给所述子路由,并继续判断是否升级成功,即重复步骤205和步骤206,直至所述子路由升级成功或直至升级文件的传输次数达到最大重传次数时,执行步骤207。其中,具体的判断升级成功与否的方法可参考实施例1中的相关介绍,在此不做赘述。If the upgrade is successful, then perform step 207; if the upgrade fails, the main route notifies the browser to retransmit the upgrade file to the sub-router, and continues to judge whether the upgrade is successful, that is, repeat steps 205 and 206, Step 207 is executed until the sub-routes are successfully upgraded or until the number of transmissions of the upgraded file reaches the maximum number of retransmissions. Wherein, for a specific method for judging whether the upgrade is successful or not, reference may be made to the relevant introduction in Embodiment 1, and details are not repeated here.
步骤207,所述子路由升级成功时,所述主路由发送升级结束命令(即图4中close)给所述浏览器和所述子路由,所述子路由销毁对应的临时认证token并关闭对应的websocket服务器,所述浏览器关闭对应的websocket客户端。 Step 207, when the upgrade of the sub-routes is successful, the main route sends an upgrade end command (i.e. close in Figure 4) to the browser and the sub-routes, and the sub-routes destroy the corresponding temporary authentication token and close the corresponding the websocket server, the browser closes the corresponding websocket client.
实施例3Example 3
在上述实施例1和实施例2的基础上,本发明实施例进一步提供了一种mesh组网下的升级装置,如图1和图4所示,主要包括浏览器、主路由 以及至少两个子路由。其中,控制命令主要是在所述浏览器与所述主路由之间、所述主路由与各子路由之间传输,而升级文件则是由所述浏览器传输给各子路由。具体如下:On the basis of the above-mentioned Embodiment 1 and Embodiment 2, the embodiment of the present invention further provides an upgrade device under mesh networking, as shown in Figure 1 and Figure 4, which mainly includes a browser, a main router, and at least two sub-networks. routing. Wherein, the control command is mainly transmitted between the browser and the main router, and between the main router and each sub-router, and the upgrade file is transmitted by the browser to each sub-router. details as follows:
所述浏览器用于连接到所述主路由,并向所述主路由提交子路由升级请求;同时在接收到所述主路由发送的消息后将升级文件传输给子路由。具体地,所述浏览器可通过http加密协议(例如https协议)连接到所述主路由上的web服务器,并向所述主路由提交子路由升级请求;在接收到所述主路由发送的消息后,所述浏览器根据接收到的临时认证令牌、子路由IP和临时端口进行参数设置,设置好后通过websocket协议连接到所述子路由的websocket服务器,进而通过指定的临时端口将所述升级文件传输给所述子路由。The browser is used to connect to the main route and submit a sub-router upgrade request to the main route; meanwhile, after receiving the message sent by the main route, the upgrade file is transmitted to the sub-router. Specifically, the browser can connect to the web server on the main route through an http encryption protocol (such as https protocol), and submit a sub-routing upgrade request to the main route; after receiving the message sent by the main route Afterwards, the browser carries out parameter setting according to the temporary authentication token received, the sub-routing IP and the temporary port, after being set up, connects to the websocket server of the sub-routing through the websocket protocol, and then passes the specified temporary port to the The upgrade file is transmitted to the sub-router.
所述主路由用于在接收到所述浏览器发来的所述子路由升级请求后,为本次升级生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并通过底层接口将所述浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由,等待所述子路由返回启动成功消息;在接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,通知所述浏览器为对应子路由进行所述升级文件的传输。The main route is used to generate a temporary authentication token for this upgrade and a temporary port for each sub-router to receive the upgrade file after receiving the upgrade request of the sub-routes sent by the browser, and pass the underlying interface The browser IP, the temporary authentication token and the temporary port are transmitted to each sub-router, waiting for the sub-routing to return the startup success message; after receiving the startup success message returned by the sub-routing, send the The temporary authentication token, the corresponding sub-router IP and the temporary port are sent to the browser, and the browser is notified to transmit the upgrade file for the corresponding sub-router.
所述子路由用于在接收到所述主路由的指令后,启动对应的所述临时端口,即启动对应websocket服务器在指定的临时端口进行侦听,等待所述浏览器进行所述升级文件的传输,并返回所述启动成功信息给所述主路由;在接收到所述浏览器发送来的所述升级文件后基于所述临时认证令牌和所述浏览器IP进行认证,并在认证成功后基于所述升级文件进行升级。The sub-route is used to start the corresponding temporary port after receiving the instruction of the main route, that is, start the corresponding websocket server to listen on the designated temporary port, and wait for the browser to update the upgrade file. transmit, and return the startup success information to the main router; after receiving the upgrade file sent by the browser, perform authentication based on the temporary authentication token and the browser IP, and when the authentication is successful Then upgrade based on the upgrade file.
其中,更具体的功能实现过程可参考实施例1和实施例2中的相关介绍,在此不做赘述。Wherein, for a more specific function realization process, reference may be made to relevant introductions in Embodiment 1 and Embodiment 2, and details are not repeated here.
通过本发明实施例提供的上述路由升级装置,浏览器到子路由的升级 文件传输可由主路由中转改为浏览器直接传送,升级时延大幅减少,实现更简单且安全性能提升;同时可将升级文件的传输和控制命令的传输进行分离,即控制命令由主路由传输至子路由,浏览器和子路由之间只进行升级文件的传输,实现一对多的子路由并行升级模式,有效提高升级效率;而且由于子路由无需web服务器,减少了子路由被攻击的风险,解决了现有升级方案升级性能不足、实现复杂以及安全性较差的技术问题。Through the above-mentioned route upgrade device provided by the embodiment of the present invention, the upgrade file transmission from the browser to the sub-router can be transferred from the main route to the direct transmission of the browser, the upgrade delay is greatly reduced, the implementation is simpler and the safety performance is improved; at the same time, the upgrade The transmission of files and the transmission of control commands are separated, that is, the control commands are transmitted from the main router to the sub-routes, and only the upgrade files are transferred between the browser and the sub-routes, realizing a one-to-many parallel upgrade mode of sub-routes, effectively improving the upgrade efficiency and because the sub-routing does not need a web server, the risk of the sub-routing being attacked is reduced, and the technical problems of insufficient upgrading performance, complex implementation and poor security of the existing upgrading scheme are solved.
本领域的技术人员容易理解,以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。It is easy for those skilled in the art to understand that the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention, All should be included within the protection scope of the present invention.

Claims (10)

  1. 一种mesh组网下的升级方法,其特征在于,包括:An upgrade method under mesh networking, characterized in that it comprises:
    主路由接收到浏览器提交的子路由升级请求后,生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由;After the main route receives the sub-routing upgrade request submitted by the browser, it generates a temporary authentication token and a temporary port for each sub-routing to receive the upgrade file, and transmits the browser IP, the temporary authentication token and the temporary port For each sub-routing;
    各子路由接收到所述主路由的指令后,分别启动对应的所述临时端口等待所述浏览器进行升级文件的传输,并返回启动成功信息给所述主路由;After receiving the instruction of the main route, each sub-router starts the corresponding temporary port and waits for the browser to transmit the upgrade file, and returns the start success information to the main route;
    主路由接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,由所述浏览器根据接收到的信息将升级文件传输给对应的子路由;After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and the browser sends the The upgrade file is transferred to the corresponding sub-router;
    所述子路由基于所述临时认证令牌和所述浏览器IP进行认证,认证成功后基于所述升级文件进行升级。The sub-router performs authentication based on the temporary authentication token and the browser IP, and performs an upgrade based on the upgrade file after successful authentication.
  2. 如权利要求1所述的mesh组网下的升级方法,其特征在于,所述主路由接收到浏览器提交的子路由升级请求后,生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由,具体包括:The upgrade method under the mesh networking according to claim 1, wherein after the main router receives the sub-router upgrade request submitted by the browser, it generates a temporary authentication token and each sub-router is used to receive the upgrade file Temporary port, and browser IP, described temporary authentication token and described temporary port are transmitted to each sub-routing, specifically include:
    所述浏览器连接到所述主路由,并向所述主路由提交子路由升级请求;其中,所述子路由升级请求中携带有浏览器IP;The browser is connected to the main route, and submits a sub-route upgrade request to the main route; wherein, the sub-route upgrade request carries a browser IP;
    所述主路由接收到所述子路由升级请求后,为本次升级生成临时认证令牌,并分别为各子路由指定用于接收升级文件的临时端口;After receiving the upgrade request of the sub-routes, the main route generates a temporary authentication token for this upgrade, and specifies temporary ports for receiving upgrade files for each sub-router respectively;
    所述主路由通过底层接口将所述浏览器IP、所述临时认证令牌以及所述临时端口分别传输给各子路由。The main router transmits the browser IP, the temporary authentication token and the temporary port to each sub-router respectively through the bottom interface.
  3. 如权利要求2所述的mesh组网下的升级方法,其特征在于,所述浏览器连接到所述主路由具体为:所述浏览器通过https协议连接到所述主 路由上的web服务器。The upgrading method under the mesh networking according to claim 2, wherein the browser is connected to the main route specifically as: the browser is connected to the web server on the main route through the https protocol.
  4. 如权利要求2所述的mesh组网下的升级方法,其特征在于,所述子路由升级请求为对mesh组网中的部分子路由或全部子路由进行升级;其中,当对mesh组网中的部分子路由进行升级时,所述子路由升级请求中携带有需要进行升级的各子路由的子路由IP。The upgrade method under the mesh networking according to claim 2, wherein the sub-routing upgrade request is to upgrade some or all sub-routes in the mesh networking; wherein, when the mesh networking When upgrading some of the sub-routes, the sub-routing upgrade request carries the sub-routing IPs of the sub-routes that need to be upgraded.
  5. 如权利要求2所述的mesh组网下的升级方法,其特征在于,所述临时认证令牌的生成方法具体为:采用加密算法对登录所述浏览器的用户信息和过期时间进行加密,形成所述临时认证令牌。The upgrade method under the mesh networking according to claim 2, wherein the generation method of the temporary authentication token is specifically: using an encryption algorithm to encrypt the user information and expiration time logged in the browser to form The temporary authentication token.
  6. 如权利要求1-5任一所述的mesh组网下的升级方法,其特征在于,所述主路由接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,由所述浏览器根据接收到的信息将升级文件传输给对应的子路由,具体包括:The upgrade method under any one of claims 1-5, wherein the main router sends the temporary authentication token, corresponding The sub-routing IP and the temporary port are given to the browser, and the browser transmits the upgrade file to the corresponding sub-routing according to the received information, specifically including:
    所述主路由接收到所述子路由返回的启动成功消息后,根据所述浏览器IP将所述临时认证令牌、对应的子路由IP和所述临时端口发送给所述浏览器,通知所述浏览器为对应的子路由传输升级文件;After the main router receives the startup success message returned by the sub-router, it sends the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser according to the browser IP, and notifies all The browser transmits the upgrade file for the corresponding sub-routes;
    所述浏览器根据接收到的所述子路由IP和所述临时端口,通过websocket协议将所述升级文件传输给对应的子路由;其中,所述升级文件中携带有所述临时认证令牌和所述浏览器IP。The browser transmits the upgrade file to the corresponding sub-router through the websocket protocol according to the received sub-router IP and the temporary port; wherein, the upgrade file carries the temporary authentication token and The browser IP.
  7. 如权利要求6所述的mesh组网下的升级方法,其特征在于,所述子路由基于所述临时认证令牌和所述浏览器IP进行认证,认证成功后基于所述升级文件进行升级,具体为:The upgrade method under the mesh networking according to claim 6, wherein the sub-routing is authenticated based on the temporary authentication token and the browser IP, and after successful authentication, the upgrade is performed based on the upgrade file, Specifically:
    所述子路由接收到所述浏览器发送来的所述升级文件后,从所述升级 文件中提取出所述临时认证令牌和所述浏览器IP;After the sub-route receives the upgrade file sent by the browser, it extracts the temporary authentication token and the browser IP from the upgrade file;
    所述子路由比较所述浏览器发送来的临时认证令牌与所述主路由发送来的临时认证令牌是否一致,以及所述浏览器发送来的浏览器IP与所述主路由发送来的浏览器IP是否一致;The sub-router compares whether the temporary authentication token sent by the browser is consistent with the temporary authentication token sent by the main route, and whether the browser IP sent by the browser is consistent with the browser IP sent by the main route. Whether the browser IP is consistent;
    如果两个临时认证令牌一致且两个浏览器IP一致,则认证成功,所述子路由基于所述升级文件进行升级。If the two temporary authentication tokens are consistent and the IP addresses of the two browsers are consistent, the authentication is successful, and the sub-routes are upgraded based on the upgrade file.
  8. 如权利要求1-5任一所述的mesh组网下的升级方法,其特征在于,在所述子路由基于所述升级文件进行升级时,所述方法还包括:The upgrade method under the mesh networking according to any one of claims 1-5, wherein when the sub-routes are upgraded based on the upgrade file, the method further comprises:
    当所述子路由根据接收到的所述升级文件成功升级后,所述主路由发送升级结束命令给所述浏览器和对应子路由,结束对应子路由的升级过程。After the sub-routes are successfully upgraded according to the received upgrade file, the main router sends an upgrade end command to the browser and the corresponding sub-routes to end the upgrading process of the corresponding sub-routes.
  9. 如权利要求8所述的mesh组网下的升级方法,其特征在于,所述子路由上配置有websocket服务器,则所述当所述子路由根据接收到的所述升级文件成功升级后,所述主路由发送升级结束命令给所述浏览器和对应子路由,结束对应子路由的升级过程,具体为:The upgrade method under the mesh networking according to claim 8, wherein a websocket server is configured on the sub-router, and when the sub-router is successfully upgraded according to the upgrade file received, the The main router sends an upgrade end command to the browser and the corresponding sub-routes, and ends the upgrade process of the corresponding sub-routes, specifically:
    所述升级文件传输完成后,所述子路由判断自身是否升级成功,并根据判断结果发送升级成功消息或升级失败消息给所述主路由;After the upgrade file transmission is completed, the sub-router judges whether the upgrade is successful, and sends an upgrade success message or an upgrade failure message to the main router according to the judgment result;
    如果升级成功,则所述主路由发送升级结束命令给所述浏览器和该子路由,通知该子路由销毁对应的临时认证令牌并关闭对应的websocket服务器,通知所述浏览器关闭websocket客户端,结束该子路由的升级过程;If the upgrade is successful, the main route sends an upgrade end command to the browser and the sub-router, notifies the sub-router to destroy the corresponding temporary authentication token and closes the corresponding websocket server, and notifies the browser to close the websocket client , end the upgrade process of the sub-routing;
    如果升级失败,则所述主路由通知所述浏览器重新传输所述升级文件给该子路由,直至该子路由升级成功或传输次数达到最大重传次数。If the upgrade fails, the main router notifies the browser to retransmit the upgrade file to the sub-router until the sub-router is upgraded successfully or the number of times of transmission reaches the maximum number of retransmissions.
  10. 一种mesh组网下的升级装置,其特征在于,包括浏览器、主路由以及至少两个子路由;An upgrade device under mesh networking, characterized in that it includes a browser, a main router and at least two sub-routes;
    所述浏览器用于连接到所述主路由,并向所述主路由提交子路由升级请求;同时在接收到所述主路由发送的消息后将升级文件传输给子路由;The browser is used to connect to the main route, and submit a sub-route upgrade request to the main route; at the same time, after receiving the message sent by the main route, the upgrade file is transmitted to the sub-router;
    所述主路由用于在接收到所述子路由升级请求后生成临时认证令牌以及各子路由用于接收升级文件的临时端口,并将浏览器IP、所述临时认证令牌以及所述临时端口传输给各子路由;同时在接收到所述子路由返回的启动成功消息后,发送所述临时认证令牌、对应的子路由IP和所述临时端口给所述浏览器,通知所述浏览器进行所述升级文件的传输;The main route is used to generate a temporary authentication token and each sub-routing is used to receive the temporary port of the upgrade file after receiving the sub-routing upgrade request, and the browser IP, the temporary authentication token and the temporary The port is transmitted to each sub-router; at the same time, after receiving the startup success message returned by the sub-router, send the temporary authentication token, the corresponding sub-router IP and the temporary port to the browser, and notify the browser The device transmits the upgrade file;
    所述子路由用于在接收到所述主路由的指令后启动对应的所述临时端口,等待所述浏览器进行所述升级文件的传输,并返回所述启动成功信息给所述主路由;在接收到所述浏览器发送来的所述升级文件后基于所述临时认证令牌和所述浏览器IP进行认证,并在认证成功后基于所述升级文件进行升级。The sub-router is used to start the corresponding temporary port after receiving the instruction of the main route, wait for the browser to transmit the upgrade file, and return the startup success information to the main route; After receiving the upgrade file sent by the browser, perform authentication based on the temporary authentication token and the browser IP, and perform upgrade based on the upgrade file after successful authentication.
PCT/CN2022/095181 2021-06-28 2022-05-26 Upgrade method and apparatus under mesh networking WO2023273719A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
BR112023011152A BR112023011152A2 (en) 2021-06-28 2022-05-26 UPDATE METHOD AND APPARATUS IN MESH NETWORK
MX2023007951A MX2023007951A (en) 2021-06-28 2022-05-26 Upgrade method and apparatus under mesh networking.

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110717147.2 2021-06-28
CN202110717147.2A CN113452782B (en) 2021-06-28 2021-06-28 Upgrading method and device under mesh networking

Publications (1)

Publication Number Publication Date
WO2023273719A1 true WO2023273719A1 (en) 2023-01-05

Family

ID=77813107

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/095181 WO2023273719A1 (en) 2021-06-28 2022-05-26 Upgrade method and apparatus under mesh networking

Country Status (5)

Country Link
CN (1) CN113452782B (en)
BR (1) BR112023011152A2 (en)
CL (1) CL2023001586A1 (en)
MX (1) MX2023007951A (en)
WO (1) WO2023273719A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116156501A (en) * 2023-04-19 2023-05-23 深圳市华曦达科技股份有限公司 Wireless grid network networking method, device and system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113452782B (en) * 2021-06-28 2022-04-26 烽火通信科技股份有限公司 Upgrading method and device under mesh networking
CN114666217B (en) * 2022-03-18 2023-10-20 深圳市天贝物联科技有限公司 One-key upgrading method and system based on easy mesh

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107454608A (en) * 2016-05-30 2017-12-08 北京信威通信技术股份有限公司 The upgrade method and device of Mesh network
CN107580071A (en) * 2017-09-28 2018-01-12 美的智慧家居科技有限公司 Master-slave equipment upgrade method, device and its equipment
CN112019434A (en) * 2020-07-28 2020-12-01 烽火通信科技股份有限公司 WEB centralized management method and device for networking equipment
CN112130877A (en) * 2020-09-08 2020-12-25 深圳市共进电子股份有限公司 Router firmware upgrading method and device, router and readable storage medium
CN112988198A (en) * 2021-04-15 2021-06-18 深圳市共进电子股份有限公司 mesh equipment multi-machine upgrading method and device and mesh equipment
CN113452782A (en) * 2021-06-28 2021-09-28 烽火通信科技股份有限公司 Upgrading method and device under mesh networking

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753872B (en) * 2013-12-30 2018-10-12 ***通信集团公司 Authentication method, authentication platform, business platform, network element and system
US9876679B2 (en) * 2014-09-12 2018-01-23 Adtran, Inc. Wireless mesh network firmware upgrade system and method
CN105373402A (en) * 2015-10-29 2016-03-02 努比亚技术有限公司 Device and method for software upgrading gated launch
CN106406946A (en) * 2016-09-12 2017-02-15 *** Method for automatically upgrading system software of multi-master and slave devices
CN106713047A (en) * 2017-01-12 2017-05-24 泰凌微电子(上海)有限公司 Node upgrading method and system in mesh network
CN106850699B (en) * 2017-04-10 2019-11-29 中国工商银行股份有限公司 A kind of mobile terminal login authentication method and system
WO2019062157A1 (en) * 2017-09-28 2019-04-04 美的智慧家居科技有限公司 Master-slave device upgrade method, apparatus, and device
CN110730104A (en) * 2019-10-29 2020-01-24 乐鑫信息科技(上海)股份有限公司 Method for upgrading multi-device batch firmware of mesh network device
CN111541564B (en) * 2020-04-16 2022-08-26 网经科技(苏州)有限公司 Method for upgrading equipment firmware in Mesh network
CN112559009A (en) * 2020-12-15 2021-03-26 深圳创维数字技术有限公司 Method, device and storage medium for synchronous upgrading under Mesh networking

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107454608A (en) * 2016-05-30 2017-12-08 北京信威通信技术股份有限公司 The upgrade method and device of Mesh network
CN107580071A (en) * 2017-09-28 2018-01-12 美的智慧家居科技有限公司 Master-slave equipment upgrade method, device and its equipment
CN112019434A (en) * 2020-07-28 2020-12-01 烽火通信科技股份有限公司 WEB centralized management method and device for networking equipment
CN112130877A (en) * 2020-09-08 2020-12-25 深圳市共进电子股份有限公司 Router firmware upgrading method and device, router and readable storage medium
CN112988198A (en) * 2021-04-15 2021-06-18 深圳市共进电子股份有限公司 mesh equipment multi-machine upgrading method and device and mesh equipment
CN113452782A (en) * 2021-06-28 2021-09-28 烽火通信科技股份有限公司 Upgrading method and device under mesh networking

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116156501A (en) * 2023-04-19 2023-05-23 深圳市华曦达科技股份有限公司 Wireless grid network networking method, device and system
CN116156501B (en) * 2023-04-19 2023-06-27 深圳市华曦达科技股份有限公司 Wireless grid network networking method, device and system

Also Published As

Publication number Publication date
MX2023007951A (en) 2023-07-17
CN113452782B (en) 2022-04-26
CN113452782A (en) 2021-09-28
CL2023001586A1 (en) 2023-10-30
BR112023011152A2 (en) 2024-01-30

Similar Documents

Publication Publication Date Title
WO2023273719A1 (en) Upgrade method and apparatus under mesh networking
JP5797739B2 (en) Method and system for reliable protocol tunneling over HTTP
US10263855B2 (en) Authenticating connections and program identity in a messaging system
US6826690B1 (en) Using device certificates for automated authentication of communicating devices
KR101786132B1 (en) Low-latency peer session establishment
US20170026372A1 (en) Common internet file system proxy authentication of multiple servers
US10972453B1 (en) Methods for token refreshment based on single sign-on (SSO) for federated identity environments and devices thereof
WO2022151867A1 (en) Method and apparatus for converting http into https bidirectional transparent proxy
WO2017067160A1 (en) Main stream connection establishment method and device based on mptcp
JP2018528679A (en) Device and method for establishing a connection in a load balancing system
US9215227B2 (en) Systems and methods for network communications
CN104967590B (en) A kind of methods, devices and systems for transmitting communication information
CN102315945A (en) Unified identity authentication method based on private agreement
JP2014160942A (en) Authentication method, transfer device, and authentication server
CN113328980B (en) TLS authentication method, device and system, electronic equipment and readable medium
TW201706901A (en) Authentication method, apparatus, and system
WO2019237576A1 (en) Method and apparatus for verifying communication performance of virtual machine
US20240146728A1 (en) Access control method, access control system, and related device
WO2009093308A1 (en) Connection control method, connection control server device, connection control client device, and program
US10958625B1 (en) Methods for secure access to services behind a firewall and devices thereof
CN112825521A (en) Trusted identity management method, system, equipment and storage medium for block chain application
US8646066B2 (en) Security protocol control apparatus and security protocol control method
CN112769835A (en) Method for initiating access request and terminal equipment
KR101971995B1 (en) Method for decryping secure sockets layer for security
US9042382B1 (en) Application update using multiple disparate networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22831542

Country of ref document: EP

Kind code of ref document: A1

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112023011152

Country of ref document: BR

WWE Wipo information: entry into national phase

Ref document number: MX/A/2023/007951

Country of ref document: MX

ENP Entry into the national phase

Ref document number: 112023011152

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20230606

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22831542

Country of ref document: EP

Kind code of ref document: A1