Annotation of wikisrc/examples/socket_programming/comment_1_4fa1037d20f091573b81c12b8e1fde24._comment, revision 1.1

1.1     ! wiki        1: [[!comment format=mdwn
        !             2:  username="https://www.google.com/accounts/o8/id?id=AItOawm4w8p8mQ2-kj0UGVKSlhhiAPbUYHlPpao"
        !             3:  nickname="Ashish"
        !             4:  subject="Using NetBSD based sockets, implement a TCP client and TCP Server to demonstrate trivially secure file download from server."
        !             5:  date="2014-07-01T06:32:32Z"
        !             6:  content="""
        !             7: Using NetBSD based sockets, implement a TCP client and TCP Server to demonstrate trivially secure file download from server.
        !             8: 
        !             9: Environment/Tools required:
        !            10: Linux RHEL4/5/6 and gcc/g++ compiler and vi editor
        !            11: (recommended)
        !            12: OR
        !            13: Windows XP/Vista/7/8 with Visual studio.
        !            14: Learning Objective for student:
        !            15: --------------------------------
        !            16: 1. Understand Protocol messaging and parsing.
        !            17: 2. Manage multiple connections at a server side
        !            18: 3. Manage the state of a connection at both client and server side.
        !            19: 4. Ability to use NetBSD Sockets via C API.
        !            20: 5. Binary vs Text and practical issues with Endianness !
        !            21: 6. Ability to effectively use fread, fwrite APIs for file management
        !            22: - can also use read/write system calls.
        !            23: 7. Understanding Standards and compatibility (and the inherent difficulty!)
        !            24: between different (not differing!) implementations.
        !            25: Note: This is a group assignment.
        !            26: Each group can have maximum of 10 students.
        !            27: - If group of 10 students is opted,
        !            28: 5 students may contribute to the client
        !            29: and another 5 students may contribute to the server.
        !            30: but put together at a minimum, the expected result is
        !            31: a group's server should work with its own client.
        !            32: - If a group's server/client are compatible with
        !            33: other group's client/servers, it will receive more credit.
        !            34: ** Each group is expected to write both the client and a server.\"
        !            35: -1-
        !            36: Details:
        !            37: -----------
        !            38: 1. The messaging mechanism is based on Type-Length-Value (TLV)
        !            39: The Message Format is
        !            40: TYPE Field ---- Length Field --- Value field ---------------
        !            41: ---- 8 bytes --- 4 Bytes int ---- buffer of length bytes ----
        !            42: Note: If Length Field is ZERO, then the Value field is empty
        !            43: which is still a perfectly valid message.
        !            44: - eg. LOGINOK message - See details below.
        !            45: 2. All types are of size 8 chars and always uppercase.
        !            46: Valid Types for Client messages are:
        !            47: LOGIN, AUTH, GETFILE
        !            48: Valid Types for Server messages are:
        !            49: NEEDAUTH, LOGINOK, DATA, ERROR
        !            50: As Type field is 8 bytes, it will employ 'SPACE' as padding.
        !            51: i.e. LOGIN will be sent as \"LOGIN \"
        !            52: 3. The message exchange details are as below:
        !            53: Client connects to the server.
        !            54: LOGIN is the first message sent by the client.
        !            55: If server requires authentication, it replies with NEEDAUTH message.
        !            56: If server does not require authentication, it replies with LOGINOK message.
        !            57: Client sends back AUTH message as a reply to NEEDAUTH message
        !            58: Server replies with LOGINOK if authentication successful, else
        !            59: replies will reply with ERROR and close the connection.
        !            60: Client if login was ok, i.e. received LOGINOK message, can send at any time,
        !            61: a file download request by sending the message GETFILE.
        !            62: Note: Only outgoing request must be in the network pipe.
        !            63: Upon receiving a GETFILE message, if server finds a matching file
        !            64: it can send the file contents back in the DATA message.
        !            65: If no matching file, it may send back an ERROR message.
        !            66: 4. Note, any time the client can close the connection and go away,
        !            67: - server needs to detect this and close the connection on its side as well.
        !            68: eg. if while server is sending a file, the client goes away,
        !            69: server needs to stop then and there.
        !            70: -2-
        !            71: 5. The Client upon receiving the DATA message should store the contents
        !            72: appropriately into a file for later viewing.
        !            73: 6. Server never advertises the file list on the server (unlike SCP/SFTP/FTP !)
        !            74: - so clients need to know the file names
        !            75: - a simple way is to query the user
        !            76: Note: A fancy UI is not required,
        !            77: rather a basic working UI with scanf() or fgets() should suffice.
        !            78: Note about GETFILE:
        !            79: The GETFILE message can send as value a full path name (absolute)
        !            80: or a relative path name. with \"/\" as directory separator.
        !            81: eg. If \"hello/details.txt\" is sent, server is supposed to
        !            82: look in its working directory the given path of the file.
        !            83: So in this case \"hello/details.txt\" and \"details.txt\" may refer
        !            84: to completely different files.
        !            85: Command Line arguments:
        !            86: -----------------------
        !            87: ./TSServer <serverBindIP> <serverBindPort> <serverWorkingDirectory>
        !            88: ./TSClient <serverIP> <serverPort> <downloadStoreDirectory>
        !            89: Note about Auth Mechanism:
        !            90: Any 2-way auth mechanism can be employed, trivially a
        !            91: Salted Password hash based mechanism can be employed.
        !            92: This avoids replay attacks!
        !            93: NOTE:
        !            94: * If the environment chosen is Linux, it comes with a tool called
        !            95: 'md5sum' which can be used to generate the Hashes
        !            96: on both client side and server side.
        !            97: * The server can store the list of passwords in some file.
        !            98: (Bad! Not secure, but ok for this barebones version)
        !            99: * Both the server and client programs may run in the same machine
        !           100: during development, but for testing it would be ideal to
        !           101: run them in different machines, to see how a client/server reacts
        !           102: when network goes away. ( Intentionally pull out the ethernet cable
        !           103: when the client is downloading a big file!)
        !           104: -3-
        !           105: Message Details
        !           106: ----------------
        !           107: There are totally 7 messages - Syntax/Structure is as below.
        !           108: 1. LOGIN <username>
        !           109: 2. NEEDAUTH <Some salt data> - randomly generated
        !           110: 3. AUTH <hash>
        !           111: 4. LOGINOK
        !           112: - no value sent. O byte length
        !           113: 5. ERROR
        !           114: - can be 0 byte length or contain an error string
        !           115: 6. GETFILE <filename>
        !           116: 7. DATA - x bytes indicating size + x bytes of data
        !           117: Note: x can be 0. which means empty file!
        !           118: A Sample Messaging
        !           119: C - Client; S - Server
        !           120: =============================================
        !           121: C: LOGIN rajesh
        !           122: S: NEEDAUTH aa1123
        !           123: C: AUTH <Hash(Password + aa1123)>
        !           124: S: LOGINOK
        !           125: C: GETFILE detail.txt
        !           126: S: ERROR \"No Such file\"
        !           127: C: GETFILE details.txt
        !           128: S: DATA 100 \"some data ... of 100 bytes\"
        !           129: Client closes the connection after receiving the DATA
        !           130: and stores the data received into a file.
        !           131: Extras/Optional: (Attempting will lead to Extra credit)
        !           132: ---------------------------------------------------------
        !           133: Server side :
        !           134: 1. Server can timeout an idle connection, where the idle timeout can be
        !           135: set as a command line argument.
        !           136: 2. Server can close the connection if client sends 'x' number of bad
        !           137: GETFILE messages. 'x' can be made configurable.
        !           138: 3. Server side handling of BAD Clients sending
        !           139: BAD/Invalid Messages/Out-of-Sequence Messages
        !           140: eg. A Client connecting and trying to send GETFILE Message without sending LOGIN
        !           141: 4. Implementing a simple Server side log with timestamp.
        !           142: 5. Server support for parallel multiple client connections
        !           143: with select() and FDSET mechanism of checking socket data availability
        !           144: or truly parallel threaded server!
        !           145: -4-
        !           146: Client side:
        !           147: 1. Supporting Parallel Connections to download multiple files from the server
        !           148: at a same time. eg. Via the UI can get the list of files as input from the user
        !           149: and open multiple parallel connections to the server
        !           150: send it to the server and start downloading the files at the same time.
        !           151: - Will need to reuse the connections as well.
        !           152: 2. Implementing a simple Client side download log with timestamp.
        !           153: 3. Take a download folder as a command line argument and
        !           154: all downloaded files with unique names to be stored in this folder.
        !           155: eg. if same file is downloaded twice, each filename will be unique
        !           156: by suffixing it with a timestamp.
        !           157: Note: As can be seen, the filesize in this barebones mechanism
        !           158: is restricted to 2^32 bytes - 4GB as the length field is only 4 Bytes.
        !           159: Extras (needs both server and client side co-operative changes)
        !           160: - Ability to support better Authentication schemes.
        !           161: - Ability to support big files on server side and client side
        !           162: - Ability to support RANGE where the server can send a portion of the file.
        !           163: RANGE message syntax:
        !           164: ---------------------
        !           165: RANGE <filename> start end --- Value field has delimiter as CRLF \"\r\n\"
        !           166: eg. RANGE details.txt
        !           167: 20
        !           168: 300
        !           169: When server receives a RANGE message it reads the file only the range requested
        !           170: i.e. 20 to 300 bytes (both inclusive) and returns that data.
        !           171: so data size will be typically end-start+1 bytes
        !           172: in this case 300-20+1 = 281 bytes
        !           173: Of course, if the file is much smaller than 300 bytes,
        !           174: server can only send the available bytes.
        !           175: Server should not choke on invalid RANGE values sent by a client,
        !           176: if 'start' is greater than 'end', etc.
        !           177: """]]

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb