Real Software Forums

The forum for Real Studio and other Real Software products.
[ REAL Software Website | Board Index ]
It is currently Thu Sep 19, 2019 1:19 am
xojo

All times are UTC - 5 hours




Post new topic Reply to topic  [ 52 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
 Post subject: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 7:51 am 
Offline
User avatar

Joined: Sun Oct 28, 2012 4:54 am
Posts: 264
Location: Herts, UK
Hi All,

Having downloaded the ServerSocketServer example project I am trying to understand how to communicate with a single connected client referencing it's remote IP address.

I have added a method to the ServerSocket with a Method Name of "ActiveConnections" with both Parameters and Return Type fields left "blank" with the following Code.

dim Data As string = "hello"

If UBound(ServerSocket.ActiveConnections) > 0 Then
Dim i As Integer
For i = 1 to UBound(ServerSocket.ActiveConnections)

If ServerSocket.ActiveConnections(i).RemoteAddress = "10.10.10.1" Then
ServerSocket.ActiveConnections(i).Write Data
End If
Next

End If

The problem is that I am getting the following error at debug time.

This Method requires fewer parameters than were passes
If ServerSocket.ActiveConnections(i).RemoteAddress = "10.10.10.1"

Maybe it's just me but there seems to be very little resource in the tutorials/language reference to help understand how SocketServer.ActiveConnections() can be used to send data to a single socket instance.


Any Help would be really appreciated...

:wink:

_________________
Real Studio 2012 R2
SysInfo
BackTrack Linux/BackBox Linux/Debian Lenny/Windows 7/Windows 8/OpenWRT/OpenBSD
& Yes it's me in the Avatar


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 8:12 am 
Offline
Site Admin
User avatar

Joined: Tue May 06, 2008 1:07 pm
Posts: 1464
Location: NotEvenOnTheMap, CT
IP Addresses are not unique. You should generate your own identifier of some sort.

Anyway, your issue is that ServerSocket.ActiveConnections is not an array, it is a method that returns an array. You should do something like
Dim Pool() As TCPSocket = ServerSocket.ActiveConnections()
If Pool <> Nil Then
For Each Socket As TCPSocket In Pool
If Socket.SomeIdentifier = TheIdentifierYouWant Then
Socket.Write(Data)
Exit For Socket
End If
Next
End If

_________________
Thom McGrath - @tekcor
Web Framework Architect, Real Software, Inc.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 11:27 am 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
Thom McGrath wrote:
IP Addresses are not unique.



What?
I'll admit I am rusty on my networking but I'm pretty sure IP addresses are unique during that connection.

Example :
If you've got 1,000 users connected to your chat server there will be 1,000 unique IP addresses connected. One for each user's connection/hardware. No two IP addresses will be the same. That is one of the major purposes of having an IP address. Unique identification.

It is also true that each hardware's assigned IP address may change over time while not connected (I am not sure if they have the ability to change an IP address while an active connection is happening, I have never heard of this). This is especially true when dynamic IP addresses are used as opposed to static IP addresses which change less often. That means that user 'Sam' can connect to the server this moment and have an IP address of 23.34.12.10. Then for whatever reason ISP changes, hardware resets, etc. Sam's hardware / access point has been assigned a different IP address.

That means when he reconnects to your server Sam's IP address is now different to what it previously was. It may now be 26.34.111.32 but the number is still unique. Only Sam's hardware is using that number on the internet. No other user will have that exact IP address. His IP address changing happens before the user connects to your server so don't think you have to do anything on the server end, you don't.

Most of us currently still use IPv4 type IP addresses but because there are so many hardware devices continuously being used we are running out of IPv4 addresses. There are not enough numbers to support all of the devices. That is why we're going to switching to using IPv6 in the near future. Many of today's devices are already IPv6 compatible / enabled.


If you are using a private message type chat function where user A is trying to private chat user B, then using the IP addresses is a good choice. Same is true for doing a broadcast/shout type message where all users receive the message (Assuming we're talking about TCPsocket connections which is what you should be using).

I don't know what Thom is talking about.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 11:44 am 
Offline

Joined: Fri Jan 06, 2006 3:21 pm
Posts: 12388
Location: Portland, OR USA
If Sam and Joe are sitting next to each other on the couch and they both connect to your serversocket, they will have the same RemoteAddress (assuming NAT traversal).


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 11:49 am 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
timhare wrote:
If Sam and Joe are sitting next to each other on the couch and they both connect to your serversocket, they will have the same RemoteAddress (assuming NAT traversal).


We are not talking about a local network connection we are talking about connections over the internet (right?)

I also don't think that is exactly true.

They will each have a unique sub-IP address assigned by their router.
Right? You can check against that.

For example no two users on the same router have the same sub IP address.
That is a main part of the router's job - to assign sub IP addresses and let multiple users share the main internet connection.


IF you are dealing with local connections then use the sub IP address OR disallow duplicate IP's by looping through your active connections and checking against them.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 11:57 am 
Offline

Joined: Fri Jan 06, 2006 3:21 pm
Posts: 12388
Location: Portland, OR USA
Right, but RemoteAddress itself does not distinguish between them. They will both show the router's public IP address.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 12:21 pm 
Offline
Site Admin
User avatar

Joined: Tue May 06, 2008 1:07 pm
Posts: 1464
Location: NotEvenOnTheMap, CT
Yeah, the server cannot "see" anything past the router. So 1 or 17 people on the same network, it doesn't matter, the server will see them all at the same address. Heck, 2 instances on the same computer will have the same issue even without a router.

IP addresses are unique to a subnet, not globally unique. For identification purposes such as this, they are not unique enough.

_________________
Thom McGrath - @tekcor
Web Framework Architect, Real Software, Inc.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 4:04 pm 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
Guys, the RS client knows it's sub-IP address.
This is to be posted to the server and to be used with the outside IP which the server knows.

That provides unique identification.

It's been a while so I don't remember the RS networking functions but I've done this.

Maybe later I'll look at some of my code and post it so the OP knows how to do it.


Last edited by J.Sh3ppard on Thu Nov 08, 2012 4:37 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 4:13 pm 
Offline
Site Admin
User avatar

Joined: Tue May 06, 2008 1:07 pm
Posts: 1464
Location: NotEvenOnTheMap, CT
J.Sh3ppard wrote:
Guys, the RS client knows it's sub-IP address.

So? That means you need to build a unique id from the WAN IP, the LAN IP, and the subnet mask... and potentially the gateway IP, then send all that to the server. Even then, two connections from the same machine STILL fail this test.

Or just use a GUID function to generate a disposable identifier server side. One of these solutions is dramatically easier and more fool proof.

_________________
Thom McGrath - @tekcor
Web Framework Architect, Real Software, Inc.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 4:28 pm 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
I've never had a problem getting the outside IP on the server, and getting the unique sub-ip from the RS client using socket.localaddress.

Thom McGrath wrote:
IP addresses are unique to a subnet, not globally unique. For identification purposes such as this, they are not unique enough.


When combined with the outside IP address the sub IP's are unique or at least they always have been for me and my projects.

Combine those two (the outside IP and it's internal sub-ip) for the user's unique ID and I've never encountered a problem.

To get the sub-IP you can use:
Router Assigned IP = tcpsocket.LocalAddress
It doesn't get any easier than that.

I'm betting it's easier for the OP to grab the sub-IP from the RS client and grab the outside IP on the server (as he's already done) than it is to do what you're saying. And what you're saying is also not 100% fool proof. We haven't even talked about spoofing yet.

The OP already has the code checking for an IP he just isn't using enough of the IP address.


Last edited by J.Sh3ppard on Thu Nov 08, 2012 4:51 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 4:45 pm 
Offline
Site Admin
User avatar

Joined: Tue May 06, 2008 1:07 pm
Posts: 1464
Location: NotEvenOnTheMap, CT
J.Sh3ppard wrote:
I've never had a problem getting the outside IP on the server, and getting the unique sub-ip from the RS client using socket.localaddress.

Combine those two and I've never encountered a problem.

Router Assigned IP = tcpsocket.LocalAddress

I'm betting it's easier for the OP to grab the sub-IP from the RS client and grab the outside IP on the server than it is to do what you're saying. And what you're saying is also not 100% fool proof. We haven't even talked about spoofing yet.

Yes, but your method is exactly as susceptible to spoofing. And it's absolutely more complex. Watch this:
Protected Function CreateIDString(Length As Integer = 12, Chars As String = "") As String
if chars = "" then
chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
end
dim m as integer = len(chars)
dim i,r as integer
dim s(-1) as string
redim s(length)

for i = 1 to length
r = ceil(rnd * m)
s(i - 1) = mid(chars,r,1)
next

return join(s,"")
End Function


Then your socket constructor:
Super.Constructor
Self.Identifier = CreateIDString(32)


Done. Every connection now has a unique ID. Well, the odds of collision are about as good as being killed in a supernova. But it's still dramatically more reliable than trying to build an identifier from client information.

I mean, what about two users inside a company on different subnets. There's a collision under your proposal if they have the same LAN IP. Just because you've never run into the problem doesn't mean it doesn't exist. You can combine all the hardware specs you want, there is still a far greater chance of collision than just using a large random string or an official GUUID function.

Heck, you can just use an incrementing integer!

IP Addresses are not meant to be used in this way.

_________________
Thom McGrath - @tekcor
Web Framework Architect, Real Software, Inc.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 5:06 pm 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
What you're saying also works but it can also be spoofed/hacked.


I use randomly generated unique ID's with php sessions using HTTP. Partially because it's stateless and I usually didn't make the client (a web browser). I don't think I've ever needed to generate a random ID for TCP work.


Don't forget their userid login information is also unique (or should be) and can be used as part of the identifier.

Using an IP address to help stop a spoof or other attack - someone who's copied or duplicated the unique ID is good. Without checking the IP addresses it's easier for them to spoof.


Last edited by J.Sh3ppard on Thu Nov 08, 2012 5:14 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 5:10 pm 
Offline
Site Admin
User avatar

Joined: Tue May 06, 2008 1:07 pm
Posts: 1464
Location: NotEvenOnTheMap, CT
J.Sh3ppard wrote:
What you're saying also works but it can also be spoofed/hacked.

That's true of any time you have to trust the client. Including asking the client its LAN address.

_________________
Thom McGrath - @tekcor
Web Framework Architect, Real Software, Inc.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 5:54 pm 
Offline

Joined: Tue Mar 23, 2010 8:44 pm
Posts: 673
You may also need to give access to some users to certain areas while preventing access to others giving each user an access level or levels. You can easily do this by storing your access level values in the database with the user's name/id. It can be as easy as storing in the database like Ashley:1,4,69. The numbers represent what features or areas the user can access.

Want to know if Ashley has access to area 69? Check it.
Checking against a randomly generated ID does nothing for this and it seems like it would create more work than necessary (to me).

If you want something more secure you can of course encrypt the access levels or use something else entirely. I'm assuming you're not working on the next NSA defense system. If someone has access to your server they can pretty much do anything they want anyway.

As I wrote it's been a long time since I've done this stuff but I've never had a problem and I'm starting to kind of remember some details as we keep discussing of what I've done in the past.

What Thom is suggesting (using a unique random ID) is how HTTP -a stateless connection is handled. When developing using HTTP, I too use a randomly generated ID (php sessions). The reason is so the user doesn't need to re-login with every request. The new connection is made, the unique ID is sent and that's verification enough in most cases. That might be one reason why Thom is suggesting using a random ID.

If you have a unique user ID that's been authenticated and logged in and not disconnected, why would you want to generate a random ID representing that user instead of using his unique login ID?

His username IS (part of ) the unique ID. Even if in wackyworld you somehow get two identical IP's they will still be unique because of their unique user ID attached to them making up the identifier. So Ashley and Joe could be using the same everything having the same IP (not likely) but still be unique users because their identification includes their unique username.


Top
 Profile  
Reply with quote  
 Post subject: Re: ServerSocket Example Project ActiveConnections
PostPosted: Thu Nov 08, 2012 6:35 pm 
Offline

Joined: Fri Jan 06, 2006 3:21 pm
Posts: 12388
Location: Portland, OR USA
We've drifted through a lot of different scenarios here. Thom basically said, "RemoteAddress isn't necessarily unique, so devise some other identifier." You have provided a few different ways of building that identifier. You're both saying pretty much the same thing.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 52 posts ]  Go to page 1, 2, 3, 4  Next

All times are UTC - 5 hours


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group