CS491B FINAL PROJECT REPORT

Transcription

CS491B FINAL PROJECT REPORT
CS491B FINAL PROJECT REPORT
JSIM-Server
Abstract: JSIM (Java Secure Instant Messenger) is an instant messenger that has its
own protocol and uses Secure Socket Layer (SSL) as opposed to regular sockets. This
project is split into a client and a server side. In CS491A I developed the client side, and
in CS491B I have developed the server side. The “server” is split into three and includes
the main server application, an administrative application and database connectivity.
Martin Jarnes Olsen
Spring 2005
Table of Contents
1
2
3
4
5
6
7
Introduction ................................................................................................................3
1.1 Problem definition .................................................................................................3
1.2 Project description .................................................................................................3
1.3 Statement of scope .................................................................................................4
Technical background ................................................................................................5
2.1 Instant messengers .................................................................................................5
2.2 Java ........................................................................................................................5
System architecture ....................................................................................................6
3.1 Overview................................................................................................................6
3.2 The client ...............................................................................................................6
3.3 The server ..............................................................................................................8
3.4 The administrator...................................................................................................8
3.5 The database ..........................................................................................................9
Design and implementation details ..........................................................................10
4.1 SSL Sockets .........................................................................................................10
4.2 GUI Design ..........................................................................................................11
4.3 Implemented features...........................................................................................11
4.4 The Protocol.........................................................................................................12
Conclusion................................................................................................................14
Future work ..............................................................................................................14
References ................................................................................................................15
1
Introduction
1.1 Problem definition
The problem today is that a lot of the Internet traffic is still unencrypted. This includes
traffic such as email, chat, file transfers and video conversations. Gathering personal
information from individuals around the world has become an industry in itself. This can
easily be done by building a personal profile of users based on search history, email
history etc. In this project I will not focus on all these problems, but rather focus on chat
file transfers, and look at how this can be made more secure.
In CS491A I created the JSIM-client which can connect directly to other clients through
the Internet. Today most systems are behind a firewall, and the user would therefore have
to configure the firewall to support the JSIM-Client. Most firewalls allow all locally
initiated outgoing traffic. In addition to letting the client connect to each other I have now
added support to connect to a server. In this way configuring the firewall is not needed
since all traffic is outgoing and the server does all the forwarding of the traffic.
1.2 Project description
In CS491A I developed the JSIM-Client. In CS491B I have developed the JSIM-Server.
Having a server solves the problem of unencrypted traffic, as well as having to configure
the firewall each time a TCP-connection must be established. The project is split into two
parts:
●
Client – text transfers (chat), file transfers, capability of blocking IP addresses.
●
Server – supports text transfers, blocking of IP addresses. Incorporates
administrative application, the main server, and a database.
1.3 Statement of scope
●
The client must be able to connect to other clients as well as connecting to the
server. All traffic must be encrypted. The clients must be able to transfer text and
files.
●
The server must be able to receive incoming connections from clients. The protocol
must support forwarding of messages from client to client. The server must
broadcast who is online and when a user disconnects to all clients.
●
When a user registers the information must be saved in the database. Important
information such a username and password must be pulled out and verified before a
client connection can be successfully established. The database must also save IP
addresses that are banned.
●
The administrative application is merely an application for setting up the database
from a remote location, as well as monitoring the server, who is online/offline, and
banning IP addresses from the server.
2
Technical background
2.1 Instant messengers
Instant messengers are applications that support chat, file transfers as well as other
features. Most instant messengers are client/server based. The clients can connect to the
server. Both clients must connect to the server for communication to be established.
Some popular Instant messengers are MSN Messenger, AIM, Yahoo messenger etc.
2.2 Java
This project is written entirely in J2SE 1.5 (Source 1) and takes advantage of the
following packages:
●
javax.swing.* - GUI.
●
java.awt.* - Events, Layout managers, etc.
●
java.util.* - ArrayList, ToolBox etc.
●
java.net.* - Standard sockets.
●
javax.net.ssl.* - SSL sockets.
●
java.sql.* - SQL queries etc.
In addition to these packages an external API must be loaded into the jre/lib/ext directory
for the server to function correctly, the MySQL (Source 2) driver. This provides the
following package:
●
org.gjt.mm.mysql.* - Connection to MySQL database.
3
System architecture
3.1 Overview
The complete overview over the system can be seen in figure 1. The clients can connect
to each other, as well as connect to the server and communicate through this. The server
runs as a standalone applications but can be controlled by the administrator. User
information and information about banned IP addresses is stored in the database.
Figure 1: Overview over client, server, administrator and database.
3.2 The client
The client consists of many components. We can group them into GUI, controller and
managers. (Figure 2)
GUI
Controller
Managers
Figure 2: Client components overview.
The controller basically acts as a link between the GUI and the managers. The Managers
are split into different types:
•
Outgoing managers – These managers take care of all outgoing traffic.
•
Incoming managers – These managers take care of all incoming traffic. Thread
listens for new incoming sockets.
This again is split into different types:
•
File manager – Handles file traffic. (Outgoing/Incoming)
•
Text manager – Handles text traffic. (Outgoing/Incoming)
•
Server Manager – Handles server communication. (Outgoing)
Figure 3 shows the 3 different types of traffic handled by the managers. Figure 4 shows
the internal structure of the managers. The protocol is implemented at the level of the
sender/receiver and the reader/writer.
Figure 3: Client traffic.
Figure 4: Manager handling (left) file transfers and (right) text traffic.
3.3 The server
The server does not have any GUI components, thus simple in many ways. At the top
there is a controller. The controller handles the database, the adminlistener and the
clientlistener, and all interaction between those classes. The server listens for incoming
clients (multiple) and incoming administrator (only one), but does not initiate any
outgoing traffic. (Figure 5)
Figure 5: The server
3.4 The administrator
The administrator has GUI components at the top. The controller is in the middle
working between the actual socket and the GUI. The application does not listen for
incoming traffic (sockets), it only initiates. The socket connects s to the adminlistener
socket of the server.
Figure 6: The administrator application
3.5 The database
The database was modeled with simplicity and functionality in mind. For this purpose I
chose MySQL with MyISAM tables. (Figure 7)
Figure 7: Database model (EER notation)
4
Design and implementation details
4.1 SSL Sockets
For the network part of my application I have consequently used SSL Sockets. In Java
this is easy. Typically the usage spans over the following areas 1 :
1. Listening for incoming connection. (Example 1)
2. Creating new outgoing connection. (Example 2)
3. Constantly reading from a connection by using a thread.
import java.net.*;
import javax.net.ssl.*;
SSLServerSocket ss = null;
ss = (SSLServerSocket) SSLServerSocketFactory.getDefault().createServerSocket
(CLIENTLISTEN_PORT);
ss.setNeedClientAuth(false);
String cipherSuite [] = {"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
ss.setEnabledCipherSuites(cipherSuite);
Socket tmp_socket = ss.accept();
Example 1: Listening for incoming SSL connections.
import javax.net.ssl.*;
SSLSocket socket = (SSLSocket)SSLSocketFactory.getDefault().createSocket(host,port);
socket.setNeedClientAuth(false);
String cipherSuite [] = { "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA" };
socket.setEnabledCipherSuites(cipherSuite);
Example 2: Creating new outgoing connection.
1
Note: The examples are somewhat simplified to fit this purpose.
4.2 GUI Design
Most of the GUI has been created using the following API and as a combination between
them (Source 3):
•
javax.swing
o BoxLayout
o JFrame
o JPanel
•
java.awt
o BorderLayout
o FlowLayout
o GridBagLayout
o GridLayout
Other than that general graphical editing software have been used for creating icons and
images etc.
4.3 Implemented features
The client:
•
Text transfer (chat)
•
File transfers
•
Sockets over SSL
•
Application firewall
The server:
•
Administrator network interface
•
Client network interface
•
Database connectivity
•
Console application
•
Event system
The administrator:
•
Connect to server
•
After connecting set up the server with a database and maximum number of
allowed users.
•
Supported features (GUI) but not implemented (protocol):
o Monitoring, being able to see which users are online and which are offline,
also monitoring events.
o Banning IP addresses and seeing which IP addresses are banned.
4.4 The Protocol
Client/Client protocol:
•
Text transactions
o DISCONN – External chat closed.
o INIT – Initiate chat with other end.
o TXT <txt> - Sending text.
o PING – Keeping connection alive.
•
File transactions
o <Filename> - Name of file.
o <Filesize> - Filesize in bytes.
o TACC – Accept filetransfer.
o TDEN – Deny filetransfer.
o 1<100010010101…> - As file is sent (raw bytes) each block transaction
must be started with 1 to indicate healthy connection.
Client/Server protocol:
•
CONNECTED – Connection is established.
•
REGOK – Registration is ok.
•
REGREF – Registration is refused.
•
LOGINOK – Login is ok.
•
LOGINREF – Login is refused.
•
PING – Server to the client, keeping connection alive.
•
PONG – Client response to ping, only after ping.
•
NOCONN – Can not connect for some reason.
•
USERS <user1 user2 .. usern> - Users online.
•
ADDUSER <user> - A new user is online.
•
CHAT <txt> - Text transfer/chat.
•
REMOVEUSER <user> - A user has logged off.
•
CLOSECHAT – A user has closed the chat.
5
Conclusion
I have created a client, a server, an administrator and set up a database. The applications
are done, except for the administrator, which needs more work. The standard
functionality of the server is in place; users can register, log in, chat with other users, IP
addresses can be banned through the database. To sum it up:
•
Client – Done
•
Server – Done
•
Administrator – Needs more work
•
Database – Done
I am happy with my solution, and I think I have accomplished most of what I wanted to
create. The project has a lot of potential for future development and enhancements.
6
Future work
I will continue to work on this project. The most obvious future work will be:
•
Finishing the administrator.
•
Polish the GUI of the applications.
•
Fix bugs and errors.
Once this is ok I can start looking at multiserver support:
•
Several servers can connect to the same database.
•
Adds support for more users.
•
Needs stronger protocol, interserver communication etc.
7
References
Source 1: “Java Technology”, http://java.sun.com/
Source 2: “MySQL. The world’s most popular open source database”,
http://www.mysql.com/
Source 3: “A visual guide to layout managers”,
http://java.sun.com/docs/books/tutorial/uiswing/layout/visual.html
Appendix A: Screenshots
Screenshot 1: The JSIM Client (Client).
Screenshot 2: Connecting to client for chat (Client/Client).
Screenshot 3: Chatting with other client (Client/Client).
Screenshot 4: Sending a file (Client/Client).
Screenshot 5: Sending/Receiving files (Client/Client).
Screenshot 6: After sending/receiving a file (Client/Client).
Screenshot 7: The application firewall (Client/Client).
Screenshot 8: Banning a host (Client/Client).
Screenshot 9: Remove a ban (Client/Client).
Screenshot 10: Viewing list of banned hosts. (Client/Client)
Screenshot 11: Connect to the server (Client/Server).
Screenshot 12: The server running. (Server)
Screenshot 13: Server running, server is full. (Server)
Screenshot 14: List of users. (Client/Server)
Screenshot 15: Chatting. (Client/Server)
Screenshot 16: Chatting. Other end closed conversation. (Client/Server)
Screenshot 17: The administrator. (Admin)
Screenshot 18: Setting up a server with database. (Admin/Server)
Screenshot 19: Server setup. (Admin/Server)
Screenshot 20: After setting up the server. (Admin/Server)
Screenshot 21: After setting up the server 2. (Admin/Server)
Screenshot 22: After setting up the server 3. (Admin/Server)
Appendix B: User manual
Installation:
1. Unzip jsim.zip to desired location. (Figure 1)
Figure 1: Inside jsim.zip.
2. Make sure Java Runtime Environment 1.5 is installed or download from
http://java.sun.com/
3. Unzip mysql-connector-java-3.0.16-ga-bin.zip somewhere in the classpath (i.e.
jre/lib/ext) for the jsimserver to work.
4. Project is now installed.
The client:
1. Command to run the client: java –jar jsim.jar
2. If more than one client is running on the same host you must define the ports.
Example:
• java –jar jsim.jar –inports 20000 20001 –outports 21000 21002
• java –jar jsim.jar –inports 21000 21002 –outports 20000 20001
3. To chat with other client: click the “Client connect” button
host address (click “Connect”).
4. To send file to other client: click the “Send file” button
address and browse for the file to send (click “Send”).
5. To ban or unban hosts click “Preferences” button
and type in the
, type in the host
.
6. To connect to the server click “Server connect” button :
• Fill in host/IP and the port of the server.
• Fill in fields depending on if you are registered or not.
• Note: Make sure server is started and accepts clients first.
The server:
1. Command to run the server: java –jar jsimserver.jar
2. In the console, fill in what ports you want to listen for clients.
3. Next, fill in the port you want to listen for administrator.
4. Choose a username and password for the administrator and fill this in.
5. You should now be somewhere like in figure 2.
Figure 2: The server.
(Note: The server is not accepting incoming clients yet; you must set it up first via
the administrator)
The administrator:
1. Command to run the administrator: java –jar jsimadmin.jar
2. A tabbed pane with two panes will appear: Database, and Server.
3. Fill in the correct information for the database, for example the testdatabase that is
set up for this purpose:
• Host: jsim.engineerorama.com
• Username: jsimuser
• Password: clawfinger.
4. Fill in the correct information for the server, for example:
• Host/IP: localhost
• Port number, user and password what ever is set up (figure 2).
• Set how many clients you want to allow to your server. (Minimum 2
maximum 1000).
• Click “Start server”.
5. The server will now start listening for incoming clients (Figure 3).
Figure 3: The server is set up and waiting for clients.
The database:
1. Inside the file jsimdb.sql.zip you will find the database scheme. Load this into a
MySQL database server and set it up with appropriate grants and users for this
project.
2. Or you can use the database I have set up at:
• Host: jsim.engineerorama.com
• Username: jsimuser
• Password: clawfinger.
3. If you chose step two, you can log in to the database using a web-browser and the
address is http://jsim.engineerorama.com/ (PHPMyAdmin).
• Username: jsimuser
• Password: clawfinger.
4. For testing purposes, log in using a web-browser and add users or IP-addresses to
be banned.