308-767B Summary of Presentations Winter 1999
Part I Protocols
990128 Jean-Francois RAYMOND HTTP & CGI; hypertext transfer protocol
Mathias JOURDAIN SMTP: simple mail transfer protocol
990202 Qijia WANG HTTP server
Abbas MAHYARI archie survey using java for ftp
990204 Shaheen BOODOO gopher
Carlton DAVIS SSH, slogin: Secure SHell
990209 Heng JIA FTP client: File Transfer Protocol
Yawei CHEN MIME: Multipurpose Internet Mail Extensions
990211 Octavian CISMASU NNTP client: Network News Transfer Protocol
Jun QIU DNS map: Domain Name Server
990216 Kevin STRIKE whois clientt and server
Thierry DAGNINO POP 3 client: Post Office Protocol
990218 Xing YU telnet
Li-Qian GAO rlogin client & server
990302 Jing Lei ZHANG FTP server
Daniela GLASBERG archie client
990304 Rong LU Java RMI: remote method invocation
Brendan COTE IMAP client: Internet Message Access Protocol
Part II Applications
990309 Mathias JOURDAIN SSL & chat: Secure Socket Layer
Jean-Francois RAYMOND Digital cash server & client
990311 Carlton DAVIS NFS client & server: Network File System
Abbas MAHYARI A mail filter
990316 Qijia WANG Remote DB with JDBC: Java Database Connection
Shaheen BOODOO Approximate Altavista
990318 Heng JIA Chat: server & clients
Yawei CHEN Unix United: client & server
990323 Octavian CISMASU PVM: Parallel Virtual Machine
Jun QIU Message Streams
990325 Thierry DAGNINO Net Relix
Kevin STRIKE Search Engines
990330 Xing YU Mobile agents
Li-Qian GAO Document retrieval by email
990401 Jing Lei ZHANG Firewalls and Proxy
Daniela GLASBERG Remote DB with RMI: remote method invocation
990406 Rong LU MUD server and client: Multi-User Domains
Brendan COTE CORBA: Common Object Request Broker Architecture
Grouping by Topic
Protocols: DNS (Jun), FTP (Abbas, Heng, Jinglei), HTTP (Jean-Francois, Qijia),
IMAP (Brendan), NNTP (Octavian), POP3 (Thierry), rlogin (Li-Qian),
SMTP (Mathias), telnet (Xing)
Protocol assistants: Mail filter (Abbas), MIME (Yawei)
Security: SSH (Carlton), SSL (Mathias), firewalls (Jinglei)
Search & resources: (Kevin), approx. Altavista (Shaheen),
archie (Abbas, Daniela), gopher (Shaheen), whois(Kevin)
Remote objects, files: CORBA (Brendan), JDBC (Qijia), Net relix
(Thierry),
NFS (Carlton), PVM (Octavian), RMI (Rong, Daniela), Unix United
(Yawei)
Applications: Chat (Mathias, Heng), docs by email (Li-Qian),
eCash (Jean-Francois), MUD (Rong)
Refinements: message streams (Jun), mobile agents (Xing)
Notes
Part I Protocols
990128 Jean-Francois RAYMOND HTTP & CGI; hypertext transfer protocol
A GUI interface allows user to specify host and file and to LOAD, SAVE,
QUIT or RESET. LOAD issues GET and displays the body of the file.
SAVE invokes a perl CGI via POST to copy the remote file (instead of
using GET, which limits data length).
In addition, a spider was shown, which descends specially marked-up URLs
(to save parsing html) in an HTTP web to see if the pages have been
modified since 98/12/31. The search is multithreaded, so the order of visits
is indeterminate. It stops simply when it runs out of marked-up pages.
990128 Mathias JOURDAIN SMTP: simple mail transfer protocol
A GUI interface allows user to specify email address, subject, and message,
and to SEND or CANCEL the message. Illustrates HELO, MAIL, RCPT, DATA, QUIT
commands.
990202 Qijia WANG HTTP server
The server spawns a thread when a client request comes in, which handles
HEAD (for http header only) and GET (for header and (binary) file) commands.
Files can be .txt, .java, .gif, .class, .jpg, or .jpeg, or none, and are in
the directory /u16/ugrad/xing/767 (default ../767/index.html).
For forms, a servlet is shown (instead of a full CGI, which forks a heavy
process). The servlet (Hello) is invoked in the html, and has methods
called when GET is used (doGet) and when POST is used (doPost).
Telnet clients are used in both cases: a special GET invokes the
servlet.
990202 Abbas MAHYARI archie survey using java for ftp
Archie maintains a database of anonymous ftp site directory listings for users
to search. A simple (the original) version just transfers the results of
directory listing to a file. This is done here, for McGill's anonymous ftp
server, ftp.mcgill.ca. The transfer, which could be done by invoking ftp
itself, is mimicked by a java program running the two components of ftp:
the control connection (a client on port 21), and the data connection (a server
thread on a self-determined port). The control sends ls to ftp.mcgill.ca
and the data thread stores the response (the directory listing) in getdata.ftp.
(The search part is not done: this would be a grep on getdata.ftp.)
990204 Shaheen BOODOO gopher
Gopher is another resource locator, which uses a hierarchy of menus (manually
prepared). Here, a java program using URLs, and a java program using sockets,
are both used to find a given directory, using a second command-line argument
when lower-level directories are needed. These second arguments differ between
the two programs: the URL program needs the code that indicates whether the
target is a document (0), a directory (1), .. (The socket program did not work
running from McGill but did work running from outside.)
990204 Carlton DAVIS SSH, slogin: Secure SHell
To prevent interception of a session on a remote computer, use slogin instead
of rlogin. This invokes a secure shell, by which all net traffic is encrypted.
The java code sketched is for the initial handshaking up to the point where
both sides turn on encryption. There were two implementation difficulties:
(i) the server is not permitted to check if client is on reserved port (ii) we
need root permissions to validate client (iii) encryption is intended to be not
mimicked, so mimicking it is difficult.
990209 Heng JIA FTP client: File Transfer Protocol
The program supports both active (server: default) and passive (client) data
connections. It reads from stdIn commands to forward to the server. For
retrieve (RETR: type 0), store (STOR: type 1; includes store unique STOU,
append APPE), the filename is extracted from the input; for list (LIST: type -1;
includes name list NLIST) the filename is null; an active or passive data
connection is made and the operation done. Port (PORT) and passive (PASV)
commands get the port number respectively from stdIn and from the server.
Other commands (PWD, CDUP, CWD) are just passed along. (CWD argument is in the
line.) QUIT halts.
990209 Yawei CHEN MIME: Multipurpose Internet Mail Extensions
MIME supplements mail with user-defined boundaries between parts and sub-parts
of messages, and with encoding techniques to convert non-ascii files to ascii
so they may be mailed. Accepted content types for the parts include text/plain,
multipart, message, octet-stream, image. Base64 encoding breaks the bitstream
into 6-bit chunks and encodes each as a letter or ASCII symbol, with padding at
the end. The program is a mailer, and sends previously encoded files, if asked.
990211 Octavian CISMASU NNTP client: Network News Transfer Protocol
The client supports the GROUP (g), POST (c), LAST (p), NEXT (n), ARTICLE (r),
LIST (l), and QUIT (q) commands interactively. The protocol class also has a
method to handle server responses coded as numbers (200, 201, 205, 211, 215,
220, 223, 240, 340, 411, 412, 421, 422, 44x). Future work: subscribes, already
read, MIME extensions.
990211 Jun QIU DNS map: Domain Name Server
The domain name server is a distributed database with nodes containing, among
other things, identifiers of nodes authorized to answer questions beyond the
present node's scope. The program is a tool which takes single steps in this
graph. Output shows the process of tracing from concordia.edmonton.b.ca to
a.root-servers.net to relay.cdnnet.ca to kona.cc.mcgill.ca to
ika.cs.mcgill.ca. Much further effort produced a partial map of DNSs.
990216 Kevin STRIKE whois client and server
Whois interrogates a database of internet users at whois.internic.net.
The server program shown interrogates a local text file, database.txt, of 7
records and supports equivalents to the whois commands for searching generally,
names, email addresses, or handles (unique keys). The client shown is general,
just passing commands and responses to and from a server.
990216 Thierry DAGNINO POP 3 client: Post Office Protocol
The server acts like a post office box, collecting messages and waiting for
instructions from the user. This client hard-codes a session using the POP
commands USER, PASS (password), STAT (status), RETR # (1..), DELE #, QUIT.
There is also a secure mode login, using MA5 encryption.
990218 Xing YU telnet
The program simulates telnet connecting to (lisa, 23), (, 23), or
(, ), using option negotiation followed by login followed by just
relaying the input and output. The option negotiation is summarized by a state
diagram.
990218 Li-Qian GAO rlogin client & server
Rlogin uses a reserved port number (512..1023), and it must set the urgent bit
in the TCP header. We avoid the first by writing a server, too, and we don't
know how do do the second. The server must verify the password, then invoke
a shell to execute the commands sent it. The ShellCommHandler method of the
server just uses Runtime to execute each command as it comes in.
990302 Jing Lei ZHANG FTP server
The program recognizes 47 ftp commands and implements 30 of them. APPE, LIST,
RETR, and STOR spawn file-handling processes, and PASV spawns a process with a
ServerSocket for passive mode: each client has possibly several distinct
processes where needed. CWD, CDUP, and related commands modify the currentPath
variable, which is used in file handling. A regular ftp client can be used with
it on port 8190 (or, on a private machine, on the ftp port, 21), or telnet can
be used for the control connection.
990302 Daniela GLASBERG archie client
The program does not accept archie commands, but asks for keywords (server name,
internet domain, path, search type (exact, sub, subcase, regex, search term),
which set archie variables, and for other variables to set (maxhits, maxmatch,
maxhitspm). Method goGet() uses methods send and wait to formulate these
for the archie server. These depend, respectively, on send and receive in
another program, which emulates telnet talking to archie's telnet server,
including option negotiation.
990304 Rong LU Java RMI: remote method invocation
The programs use RMI to implement the distributed objects server (dos), with
the internet protocol for dos being used as a user command language: BIND to
instantiate a class and INVK to invoke a method of that object. The programs
support multiple hosts, so client host names are also specified in the
commands. Three server programs, with interfaces, are given, for Counter,
StopWatch, and StackCalc, respectively, and a client program are used. Users
cannot share individual objects.
990304 Brendan COTE IMAP client: Internet Message Access Protocol
The program interacts with the user by menu, sending the server commands from
LSUB (list mailboxes user subscribes to), SELECT (a mailbox), STATUS (count
messages in a mailbox), FETCH or EXPUNGE (a message), and LOGOUT. (The IMAP
EXPUNGE takes no argument but removes messages whose flags are set. The program
sets flags internally to do this.)
A difference from POP is that POP clients are expected to remove messages on
retrieval, but IMAP is used to maintain archives in a larger database.
Part II Applications
990309 Mathias JOURDAIN SSL & chat: Secure Socket Layer
The chat server connects to clients by secure sockets, which are implemented by
DES, the data encryption standard of the U. S. National Bureau of Standards.
(This was initiated by IBM and appears to be based on obfuscation.)
Diffie-Helman public-key encryption is used for the initial key exchange. The
project is an emulation of SSL in the context of the secure chat application.
990309 Jean-Francois RAYMOND Digital cash server & client
Through a GUI, the client can open an account (receiving 500 in free scrip for
this demonstration example), shop (receiving a list of merchandise), and buy
(spending some of the scrip). Security is provided by an is.logi.crypto
library. keyExProtClient and keyExProtServer, discussed in detail on the back
page, are extracted from the logi.crypto package and implement the Diffie-Helman
protocol, which is based on a weaker assumption than the discrete log, here also
used for initial key exchange. Hashing is used by the bank to detect
double-spending.
990311 Carlton DAVIS NFS client & server: Network File System
NFS pretends that a subtree of interest in a remote file hierarchy has been
appended at a leaf of the local file hierarchy, and it allows the user to use
the normal commands to navigate and to process files in the extended local
file hierarchy. The program uses Runtime to execute all commands except cd,
which is tracked by the variable pwd in the client.
990311 Abbas MAHYARI A mail filter
The filter replaces Thierry's POP3 client: after the hardcoded preliminaries,
it reads all outstanding messages into the local file mail.txt and then uses
grep (via Runtime) to find and display any message containing at least one
of the keywords that were supplied as command-line arguments to the filter prog.
A few experiments are done, and analyzed for precision and recall.
990316 Qijia WANG Remote DB with JDBC: Java Database Connection
JDBC is a package which embeds an SQL query into a Java string, conveys it to a
remote database, and receives the answer. The programs get a course number from
the command-line argument (RemoteQuery), or use a servlet to get it from
a web browser (javaSearch), then use SQL with joins to collect all data on that
course, JDBC to query the Solid database on lenny, convert the result to a
vector then a string (Search), and then print or display it. Instead of Search,
updates may be performed (RemoteUpdate). In addition, programs create tables and
insert values using JDBC.
990316 Shaheen BOODOO Approximate Altavista
The search engine built consists of an indexer, a server, and a client. The
indexer finds frequency counts of words in each document. Four file names are
found in altavis.txt. The first is not used. The second is the document to be
indexed. The third is a list of keywords. The fourth will be the index file.
The indexer uses grep via Runtime to generate the index by applying the
keywords to the document. The client allows queries consisting of one keyword
or of two keywords optionally followed by weights. In the server, two keywords
are ORed, and weights are multiplied by frequency counts then summed to give
result rankings. The server also uses grep.
990318 Heng JIA Chat: server & clients
Both programs are applets and use a TextArea to display all messages. The
client has a connect window naming user and server host, and a message window
with message display, writing area, and send and quit buttons. The server
spawns a thread for each client who connects and brodacasts all sent messages
to all threads (clients).
990318 Yawei CHEN Unix United: client & server
Unix United ("The Newcastle Connection") pretends that a forest of file
hierarchies (one per host) is united into a single tree by growing a common root
(or common supertree, if subgroups of hosts --- subforests --- are of interest).
The server maintains variable currentPath to track the present directory, and
provides methods to change it (cwd), to create (mkd), list (list) and remove
(rmd) directories, to delete a file (dele) and to jump to the global root(root),
all based on currentPath. This is all repeated in the client except that there
is no read. This is more difficult to emulate than NFS because root privileges
are needed to connect the trees at their roots.
990323 Octavian CISMASU PVM: Parallel Virtual Machine
PVM allows multiple machines linked by internet to share a computation. A master
program spawns (pvm_spawn) tasks (children), identified by int tid. The child
can discover its tid (pvm_mytid) and its parent's (pvm_parent). Both programs
can send (pvm_send) and receive (pvm_recv: blocking) data from each other: the
data is packed (pvm_pkint, pvm_pkstr, ..) and unpacked (pvm_upk<>) before and
after transmission. PVM demons must be installed on all machines, and are set
running in unix by pvm . Then the master is run.
The C programs shown are (a) a message exchange, (b) a 2*2 matrix multiplier
which sends rows of A and all of B to each child: both use two hosts.
990323 Jun QIU Message Streams
If two threads share a DataOutputStream, their outputs will interleave and
become garbled. MessageOutputStream is a buffered substitute which keeps the
messages separate: with the substitution, and the addition of a send command,
the same program will now not interleave the outputs of the threads.
At the receiving end, the messages, separated by MessageOutputStream, can
be distinguished by the MessageInputStream receive command, running also in
different threads: a single receiving thread would be required to wait between
messages.
990325 Thierry DAGNINO Net Relix
Relix is a relational database system which runs on various Unix platforms. The
program accepts commands from telnet (port 8221) to: CONNECT to a named host on
port 8221; LIST connected hosts (max. 5); parse (#) relix commands, then relay
them to the indicated host or execute them (via a Perl script to do the piping:
relix is restarted each time); GET or SEND a relation from or to a specified
host; RELATION, a suppoting comand, to send specs. prior to SEND. HOSTID is used
by the master to tell slaves their I.D. codes. The same program runs at all
sites, but one site is distinguished as master by the command-line argument m.
Telnet talks to this. Each site functions as a dedicated server (not threaded).
Because of the symmetry, GET just sends a SEND to the target site.
990325 Kevin STRIKE Search Engines
The programs for this Excite-based search engine are the two "spiders" GetURLs
(discovery) and Indexer (harvester), and the Search client and server. The
discovery spider looks in each page for `"http//' and writes the resulting URL
in file URL.txt. The harvester spider looks up each URL in this file, scans the
page for `'..`', and writes the pair (URL,title) to file
index.txt. SearchClient asks the user for a string, and passes it to
SearchServer, which checks it using indexOf on each line of index.txt.
Unlimited spidering can tie up hosts and the net, and a courtesy code is being
implemented through robots.txt files in host root directories.
990330 Xing YU Mobile agents
Mobile agents are code and data sent across the network to execute on a remote
machine. One reason is to reduce network traffic by moving dialogues to a single
site. In the application tried here, the dialogue would be a vendor asking a
client for name and two items to order, and replying with the total price.
Instead, the client sends the server the three answers (name;item1;item2) as a
single string, and sends, by binary ftp, the compiled program getprice.class.
The server executes this program, using Runtime, with name;item1;item2 as a
command-line argument. At the server site, getprice then interrogates the file
name.txt to authenticate the user, and the file stocks.txt to get and sum the
two prices.
990330 Li-Qian GAO Document retrieval by email
A site with email (through uucp, for instance) and web browser, but no internet
connection, can retrieve documents from a database or from a website through a
document-to-email server. Both Rserver and WebMail are clients to POP3, and
look in the POP3 mailbox for a suitably formatted message (first line is
"Retrieve", or contains "GET" or "HTTP", respectively: format errors cause a
help message to be sent to the user and a loop; no message closes the program).
The Rserver message has author and filename on the next two lines, and these
are mailed to the user if found. The WebMail message contains the URL, which
the program GETs via the HTML server.
990401 Jing Lei ZHANG Firewalls and Proxy
A proxy converts message data from outside a site to values and formats suitable
internally, and vice-versa. For instance if a firewall involves hiding ports by
using nonstandard values, or hides host names, a proxy can be used to let
certain permitted traffic through. The program, ftpProxy, running on rama
accepts ftp control input on port 8080 and relays it to the ftp server (port 21)
on kadru.
990401 Daniela GLASBERG Remote DB with RMI: remote method invocation
RMI hides the sockets: the client uses the lookup method of an object Naming
to identify host and the name of the server; the server uses the rebind method
of Naming to bind itself, using the same string. The server implements methods
(dropTables, insertValues, createTables, checkTables, and Query) which are
called remotely by the client when its GUI gets the corresponding keywords
(drop, insert, create, check, and ). Each method starts by loading the
Oracle JDBC driver. Except for checkTables, it sets up and executes the SQL.
Query and checkTables return a vector result to the client. The client displays
the result or the message.
990406 Rong LU MUD server and client: Multi-User Domains
The "tiny Java MUD" works like chat but with a DrawingBoard as well as a
TextBoard, so that users can play tic-tac-toe or can share graphical data.
The server recognizes the user or registers hem in a hashtable.
The client also has a hashtable for Client_Interface with two entries (text,
drawing) to handle either case. A "MultiplexOutputStream" class extends
MessageOutputStream by adding a label to distinguish text from drawing. Text
and drawings are transmitted from a client via the server to all clients, text
a line at a time and drawings a point pair at a time.
More ambitious MUDs allow users to meet ech other in educational or gaming
settings, and carry on discussions in subgroups.
990406 Brendan COTE CORBA: Common Object Request Broker Architecture
CORBA is a WWW for objects: creators can make them available, both methods and
state, and users can cause them to run at their site of origin and return
results. Search is supported, but by name only in the Java 2 implementation.
(More advanced support is for payment, security, events, persistence, and even
a form of relational link.) Because CORBA is polyglot, its own object-oriented
language, IDL (interface definition language) must be used to specify the class
and methods.
The server shown implements a 3-D vector package, with operations such as dot
product, magnitude, and angle, working directly on triplets of doubles. The
interface Vector is defined in IDL, with signatures for the three methods.
This causes class VectorImplBase to be generated, which the server inherits
and extends, implementing the methods. It also uses class NamingContextHelper
in the imported NamingContextPackage to permit searching for this new class.
The client does the same to find "Vector", and uses the generated VectorHelper
to refer to and invoke the methods.