Showing posts with label protocols. Show all posts
Showing posts with label protocols. Show all posts

Saturday, October 22, 2022

[FIXED] How to allow connections to a socket only within the same host in java

      , , , ,      No comments   

Issue

I have a use-case where I want to open a socket and allow connections that are coming only from the same host/machine in which the socket is opened. I don't want to allow any connections from other hosts.

Basically, I want to simulate VM protocol concept of Apache ActiveMQ which works on port 61616.

I want to create something like this:

Socket socket = new Socket("127.0.0.1", 5000)

Is there a way we can do this in Java? Or is there any workaround for this?


Solution

Simply create a ServerSocket that is bound to 127.0.0.1 for IPv4 or ::1 for IPv6. Only clients on the localhost will be able to connect to it.



Answered By - Remy Lebeau
Answer Checked By - Mildred Charles (PHPFixing Admin)

[FIXED] How many tuples are there in a connection?

      , , , ,      No comments   

Issue

Some people said that there are 4 tuples in a connection

client IP address, client port number, server IP address, server port number

Some said that there are 5

client IP address, client port number, server IP address, server port number, protocol

Which one is correct ?


Solution

You've misunderstood the terminology. A TCP connection is identified by a 5-tuple. That means one tuple, with 5 elements. The five elements are:

  1. Protocol. This is often omitted as it is understood that we are talking about TCP, which leaves 4.
  2. Source IP address.
  3. Source port.
  4. Target IP address.
  5. Target port.


Answered By - user207421
Answer Checked By - Gilberto Lyons (PHPFixing Admin)

Tuesday, September 6, 2022

[FIXED] What are the advantages of using a GET request over a POST request?

      , , , ,      No comments   

Issue

Several of my ajax applications in the past have used GET request but now I'm starting to use POST request instead. POST requests seem to be slightly more secure and definitely more url friendly/pretty. Thus, i'm wondering if there is any reason why I should use GET request at all.


Solution

I generally set up the question as thus: Does anything important change after the request? (Logging and the like notwithstanding). If it does, it should be a POST request, if it doesn't, it should be a GET request.

I'm glad that you call POST requests "slightly" more secure, because that's pretty much what they are; it's trivial to fake a POST request by a user to a page. Making it a POST request, however, prevents web accelerators or reloads from re-triggering the action accidentally.

As AJAX, there is one more consideration: if you are returning JSON with callback support, be very careful not to put any sensitive data that you don't want other websites to be able to see in there. Wikipedia had a vulnerability along these lines where the user anti-CSRF token was revealed via their JSON API.



Answered By - Edward Z. Yang
Answer Checked By - Gilberto Lyons (PHPFixing Admin)

Thursday, August 11, 2022

[FIXED] How SQL Server store/transfer decimal stream

      , , ,      No comments   

Issue

I'm working on MS-TDS protocol, what I'm trying todo is to read/write TDS stream, and get/set a System.Data.DataTable from/to it. I got all C# types working already, except decimal varchar(max) varbinary(max) columns

in C#, I got following results for 12345678912345678912.3456789m and 1234567891234567891.23456789m

var bits = decimal.GetBits(12345678912345678912.3456789m)
using (var ms = new System.IO.MemoryStream())
{
    foreach (var b in bits)
        ms.Write(BitConverter.GetBytes(b), 0, 4);
    var decimalBytes = ms.ToArray();
}

 10 15 5F 04 7C 9F B1 E3 F2 FD 1E 66 00 00 00 07 00
 10 15 5F 04 7C 9F B1 E3 F2 FD 1E 66 00 00 00 08 00

these totally make sense to me, the last byte is decimal size(position), which is 7 and 8, the value part is the same. but in sql, they look completely different:

SELECT CAST(CAST(12345678912345678912.3456789 AS decimal(38,15)) AS varbinary)
SELECT CAST(CAST(1234567891234567891.23456789 AS decimal(38,15)) AS varbinary)
results:
0x260F 0001 0075 AA3F 0AF2 2A3A DB18 0560 B060 0200
0x260F 0001 80D8 5D06 01E5 9D52 7C82 0070 DE3C 0000

and in TDS stream DataType=[0x6A,0x11,0x26,0x0F] decimal(38,15), sql server returns this:

0x81, // token "COLMETADATA"
0x03, 0x00, 0x00, 0x00, // 3 columns

0x00, 0x00, 0x00, 0x00, 0x09, 0x00, // usertype = 0, falgs = 9
0xa7, 0xff, 0xff, 0x09, 0x04, 0xd0, 0x00, 0x34, // 0xA7=BIGVARCHRTYPE  0xffff=MAX, 
0x0e, 0x56, 0x00, 0x41, 0x00, 0x52, 0x00, 0x43, 0x00, 0x48, 0x00, 0x41, 0x00, 0x52, 0x00, 0x4d, 0x00, 0x41, 0x00, 0x58, 0x00, 0x5f, 0x00, 0x43, 0x00, 0x6f, 0x00, 0x6c, 0x00, // unicode "VARCHARMAX_Col"

0x00, 0x00, 0x00, 0x00, 0x09, 0x00, // usertype = 0, falgs = 9
0x6a, 0x11, 0x26, 0x0f, // 0x6A=DECIMAL  0x11=Size, precision = (38,15)
0x0b, 0x44, 0x00, 0x45, 0x00, 0x43, 0x00, 0x49, 0x00, 0x4d, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x5f, 0x00, 0x43, 0x00, 0x6f, 0x00, 0x6c, 0x00, // unicode "DECIMAL_Col"

0x00, 0x00, 0x00, 0x00, 0x09, 0x00, // usertype = 0, falgs = 9
0xa5, 0xff, 0xff, // 0xA5=BIGVARBINTYPE 0xffff=MAX
0x0d, 0x56, 0x00, 0x41, 0x00, 0x52, 0x00, 0x42, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4d, 0x00, 0x41, 0x00, 0x58, 0x00, 0x5f, 0x00, 0x43, 0x00, 0x6f, 0x00, 0x6c, 0x00, // unicode "VARBINMAX_Col"

0xd1, // token "ROW"
0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x41, 0x41, 0x41, 0x41, 0x42, 0x00, 0x00, 0x00, 0x00, // varchar(max) value, how to read this ?
0x11, 0x01, 0x00, 0x92, 0xa8, 0x7c, 0x7e, 0xe4, 0x25, 0x1a, 0x0e, 0xab, 0x6b, 0x4d, 0x82, 0x84, 0x04, 0x00, // decimal value, how to read this ?
0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x61, 0x61, 0x61, 0x61, 0x62, 0x00, 0x00, 0x00, 0x00, // varbinary(max) value, how to read this ?

0xd1, // token "ROW"
0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x41, 0x41, 0x41, 0x41, 0x43, 0x00, 0x00, 0x00, 0x00,
0x11, 0x01, 0x00, 0x75, 0xaa, 0x3f, 0xa6, 0x63, 0x9d, 0x02, 0x1b, 0x91, 0x57, 0xa1, 0xa6, 0x73, 0x00, 0x00,
0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x61, 0x61, 0x61, 0x61, 0x63, 0x00, 0x00, 0x00, 0x00,

0xd2,  // token "NBCROW"
0x05,  // NullBitmap 00000101:  1st and 3rd columns are null
0x11, 0x01, 0x50, 0x24, 0xc2, 0x2a, 0xf2, 0x77, 0xd5, 0x97, 0x0f, 0x03, 0xee, 0xf5, 0x02, 0x00, 0x00, 0x00,

decimal value in the 1st row is 

0x11, 0x01, 0x00, 0x92, 0xa8, 0x7c, 0x7e, 0xe4, 0x25, 0x1a, 0x0e, 0xab, 0x6b, 0x4d, 0x82, 0x84, 0x04, 0x00,

0x11 should be length, 0x01 means positive value (from this post How does SQL Server store decimal type values internally?) Question: how can I resolving these bytes to a decimal value? and how should I write varchar(max) varbinary(max) value to TDS ROW TokenStream? Any help is appreciated


Solution

I figured it out. the difference is TDS stream use the first byte as sign and use fixed Decimal point, decimal.GetBits use few bits in last byte as sign and Decimal point

// write decimal to TDS stream
static byte[] DecimalBytes(decimal dec, int precision = 15)
{
    var round = decimal.Round(dec, precision);
    var valueToWrite = round;
    var sign = round < 0 ? (byte)0x00 : (byte)0x01;
    // get the string
    var str = round.ToString();
    // string without Decimal point
    var numbers = str.Replace(".", string.Empty);
    var dotIdx = str.IndexOf('.');
    if (dotIdx > 0)
    {
        // there must be {precision} digits on the right side of "."
        var padding = precision - (numbers.Length - dotIdx);
        // padding numbers with '0' to precision length
        numbers = numbers.PadRight(numbers.Length + padding, '0');
    }
    else
    {
        numbers = numbers.PadRight(numbers.Length + precision, '0');
    }
    if (!decimal.TryParse(numbers, out valueToWrite))
    {
        throw new ArgumentOutOfRangeException($"Invalid decimal value for Database Type decimal(38,{precision})");
    }
    using (var ms = new System.IO.MemoryStream())
    {
        var bits = decimal.GetBits(valueToWrite);
        ms.WriteByte(0x0D); // length=13
        ms.WriteByte(sign);
        ms.Write(BitConverter.GetBytes(bits[0]), 0, 4);
        ms.Write(BitConverter.GetBytes(bits[1]), 0, 4);
        ms.Write(BitConverter.GetBytes(bits[2]), 0, 4);
        return ms.ToArray();
    }
}


Answered By - Leowan
Answer Checked By - Marilyn (PHPFixing Volunteer)

Wednesday, July 13, 2022

[FIXED] Which protocol to use for sending JMS messages?

      , ,      No comments   

Issue

I need some advise to implement the best protocol (not http, tcp, ...) te send messages.

  • Should I send Serialized Objects? (POJO's)
  • Should I send technology independent XML messages?
  • What would be recommended? Both will work, but what is best practice. Sharing a library is not what I prefer, but is it easy to work with XML? Are there better alternatives? Thanks in advance!

I have one server, with a 1000 clients connected. The server delivers task to the clients. The clients send information back after executing different tasks.

How should I send a task to a JMS client with some parameters?

A task is nothing more than an action and some parameters.

  • Example: "action=measure; parameters: duration=100sec; samples=100" --> collect 100 samples during 100 seconds.
  • Example: "action=config; parameters: set of configuration parameters" --> to change the client configuration
  • Example: "action=stop" --> Stop the client (the system wil restart after a daily reboot)

A report is nothing more than data.

  • Example: "list of 100 values from measurement"
  • Example: "the content of a log-file"

I have read many articles, but couldn't find an answer for this question. Thanks in advance.


Solution

This is our current implementation.

We define a protocol with an XSD and let this generate classes (POJO's). This allows us to marshal/unmarshal the objects and send them as XML objects.

Our XSD:

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
           xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
           jaxb:version="2.0">

    <!-- Ping
        The server will send a ping to a client and waits for a pong.
    ****************************************************************** -->
    <xs:element name="Ping">
        <xs:complexType>
            <xs:sequence>
                <xs:element name="client" type="xs:string"/>
                <xs:element name="message" type="xs:string"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>

    <!-- Pong
        The client will send a pong back to the server.
    ****************************************************************** -->
    <xs:element name="Pong">
        <xs:complexType>
            <xs:sequence>
                <xs:element name="client" type="xs:string"/>
                <xs:element name="message" type="xs:string"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>

    <!-- Alive
        The client will send an alive message when it starts up.
        The time is local client time.
    ****************************************************************** -->
    <xs:element name="Alive">
        <xs:complexType>
            <xs:sequence>
                <xs:element name="client" type="xs:string"/>
                <xs:element name="time" type="xs:string"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>

    <!-- ... Many more message definitions ...
    ****************************************************************** -->

</xs:schema>

Our test class:

public class JaxbFacadeTest {

    @Test
    public void testPing() throws JAXBException, SAXException, UnsupportedEncodingException {
        System.out.println("testPing");
        Ping ping = new Ping();
        ping.setClient("guid-client");
        ping.setMessage("Ping Message");
        String marshalToString = JaxbFacade.getInstance().marshalToString(ping);
        System.out.println(marshalToString);
    }

    @Test
    public void testPong() throws JAXBException, SAXException, UnsupportedEncodingException {
        System.out.println("testPong");
        Pong pong = new Pong();
        pong.setClient("guid-client");
        pong.setMessage("Ping Message");
        String marshalToString = JaxbFacade.getInstance().marshalToString(pong);
        System.out.println(marshalToString);
    }

    @Test
    public void testAlive() throws JAXBException, SAXException, UnsupportedEncodingException {
        System.out.println("testAlive");
        Date now = new Date();
        Alive alive = new Alive();
        alive.setClient("guid-client");
        alive.setTime(now.toString());
        String marshalToString = JaxbFacade.getInstance().marshalToString(alive);
        System.out.println(marshalToString);
    }

    //Many more
}

The classes are generated with maven:

<build>
    <resources>
        <resource>
            <directory>${project.basedir}/src/main/xsd</directory>
            <targetPath>com/test/package/client/jaxb</targetPath>
        </resource>
    </resources>
    <plugins>
        <plugin>
            <groupId>org.jvnet.jaxb2.maven2</groupId>
            <artifactId>maven-jaxb2-plugin</artifactId>
            <executions>
                <execution>
                    <id>jaxb</id>
                    <goals>
                        <goal>generate</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <generatePackage>com.test.package.client.jaxb</generatePackage>
                <schemaDirectory>${project.basedir}/src/main/xsd</schemaDirectory>
            </configuration>
        </plugin>
    </plugins>
</build>


Answered By - Dimitri Dewaele
Answer Checked By - Clifford M. (PHPFixing Volunteer)

Thursday, April 21, 2022

[FIXED] What does Java's UDP _DatagramSocket.connect()_ do?

      , , , ,      No comments   

Issue

I've recently seen the a little tutorial about Java's UDP API and I've looked at the javadocs of the DatagramSocket and DatagramPacket classes. The class DatagramSocket contains several connect() and one disconnect() methods. But isn't UDP a protocol without connections?

What do these connect and disconnect methods do?


Solution

From the javadocs of DatagramSocket#connect(InetAddress address, int port):

Connects the socket to a remote address for this socket. When a socket is connected to a remote address, packets may only be sent to or received from that address. By default a datagram socket is not connected.

...

When a socket is connected, receive and send will not perform any security checks on incoming and outgoing packets, other than matching the packet's and the socket's address and port. On a send operation, if the packet's address is set and the packet's address and the socket's address do not match, an IllegalArgumentException will be thrown. A socket connected to a multicast address may only be used to send packets.

So it's not really a way to establish a "connection" the same way TCP does, but a way to prevent sending or receiving packets to/from other addresses.



Answered By - M A
Answer Checked By - Mary Flores (PHPFixing Volunteer)

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...