------------------------- Week 06 Notes for CST8165 ------------------------- -Ian! D. Allen - idallen@idallen.ca Remember - knowing how to find out an answer is more important than memorizing the answer. Learn to fish! RTFM! (Read The Fine Manual) ------------------- INDEX to this file: - current and previous assignments - this week: continuing Application Protocols: SMTP - review SMTP protocol and extensions - implementing an SMTP client - introduction to Perl IPC - introduction to Perl Net::Telnet module - Perl SMTP client ------------------- * Current assignment: - lab2 programming comments: http://teaching.idallen.com/cst8165/06f/notes/lab02-comments.txt - new links on home page include a GDB tutorial "If you have eight hours to cut down a tree, it is best to spend six hours sharpening your axe and then two hours cutting down the tree." Background: + Read the news. Every week some Internet client or server software + is compromised by a "buffer overflow", where data is written off + into memory and the resulting fault lets the attacker take over the + machine. Internet-facing programs have to be robust and well-written. + + An Internet-visible server hands some amount of control of your + machine to anyone anywhere on the planet who wants to connect to it. + The slightest programming error on your part will be used to take down + your server or compromise it so that it can be used to attack others. + + My goal in CST8165 is to help you to write small but solid Internet + client/server programs that cannot be exploited by crackers. + That means zero tolerance for memory errors and buffer overflows. Q: Why must Internet-facing programs avoid buffer overflows? Q: What gcc flag turns on local symbols and line numbers for gdb and valgrind? Q: What does "valgrind" do? Q: Will valgrind find buffer overflow errors? Q: T/F Like in Java, when you have a buffer overflow in C language the program stops on the line causing the buffer overflow. * Review: SMTP protocol RFC2821 http://www.rfc-editor.org/rfc/rfc2821.txt - note allowed order of SMTP commands p.39 - you cannot reject an address if the HELO/EHLO name doesn't match the IP - note the structure of SMTP reply codes p.40 Q: What is the meaning of the first digit of an SMTP response code? RFC1869 defined the new EHLO greeting, allowing extensions http://www.rfc-editor.org/rfc/rfc1869.txt ABNF: ehlo-cmd ::= "EHLO" SP domain CR LF Q: Is the EHLO case-sensitive? Q: Is the domain optional? Q: What SHOULD an SMTP client do if the server refuses EHLO? (RFC2821 section 2.2.1 p.7, section 3.2 p. 16) Q: Do SMTP protocol lines end in CR+LF or just LF? (RFC2821 p.12) Q: Do Internet Message lines end in CR+LF or just LF? (RFC2821 p.12) Q: SMTP commands are given as double-quoted upper-case strings in the RFC. Does this mean they must be upper-case? * Creating a TCP connection to a socket using Perl - programming in C: lots of messy code and buffer management - C has poor string parsing and handling - C requires programmer to do memory management - need to handle time-out with select() or signals (SIGALRM!) - nc and telnet expect a Unix tty, not a process pipe An easier TCP client: using Perl modules - Perl raw (non-module) clients and servers look similar to C language: http://www.perl.com/doc/manual/html/pod/perlipc.html#Internet_TCP_Clients_and_Servers - getservbyname() looks up character string in /etc/services for you - getprotobyname() looks up character string in /etc/protocols for you - Perl's inet_aton does host name and DNS lookups for you! $ip = inet_aton("idallen.ca"); Perl has modules to simplify coding even further "For those preferring a higher-level interface to socket programming, the IO::Socket module provides an object-oriented approach." - recall the earlier example of a Perl socket client http://www.perl.com/doc/manual/html/pod/perlipc.html#Interactive_Client_with_IO_Sock - look at a sample Perl server using the Perl IO::Socket module: http://www.perl.com/doc/manual/html/pod/perlipc.html#TCP_Servers_with_IO_Socket * Using the Perl module Net::Telnet - another module to simplify coding of interactive socket applications - this module is easiest way to implement a Perl SMTP client http://www.perlfect.com/articles/telnet.shtml http://search.cpan.org/search?module=Net::Telnet http://search.cpan.org/~jrogers/Net-Telnet-3.03/lib/Net/Telnet.pm