Server/client Pair


Recommended Posts

I have made a very simple server/client pair. It is able to send a textfile using sockets. Any suggestion or comments would be appreciated. I have a few(lots actually) points I am unsure about.

1. is running a service on my computer like this safe?

2. Will it get very complicated to set it up to get mulitple connectins at the same time?

3. I noticed I can't seem to get two connections at the same time. Would I need to use threads for this? ---> edit added, I'm having trouble wirting a threaded app.

edit added --->Someone else suggested I just run an ftp server. That might be the way to go.

this is the server

#!/usr/bin/env python

# this is the server, it recieves a textfile from the client

import sys
import socket

# this function takes the string and changes it into a textfile
def write_file(textstring):
title = textstring.splitlines()[0]
myfileo =open(title, 'w')
myfileo.writelines(textstring)
myfileo.close()

def main():

# creates a socket
mysocket = socket.socket ( socket.AF_INET, socket.SOCK_STREAM )
mysocket.bind ( ( '', int(sys.argv[1]) ) )
mysocket.listen ( 5 )

# this while statment allows the server to stay open
while True:
conn, addr = mysocket.accept()
print 'We have opened a connection with', addr

# this loop recieves the message and puts it into a string
full_message = ""
while True:
data = conn.recv ( 1000000 )
if not data:
break
full_message += data
conn.close()
write_file(full_message)

main()

this is the client

#!/usr/bin/env python

# client for sending text file

import sys
import socket

# following lines read the file into a string
myfile = open( '/etc/samba/smb.conf' , 'r')
text_file = myfile.read()

# these lines create and connect through a socket
mysocket = socket.socket ( socket.AF_INET, socket.SOCK_STREAM )
mysocket.connect ( ( '127.0.0.1', int(sys.argv[1]) ) )

# this line sends the file
mysocket.send(text_file)
mysocket.close()

Edited by shanenin
Link to post
Share on other sites
1. is running a service on my computer like this safe?

Nope. It's open to a pair of DoS attacks. Someone can keep pumping bytes through the server until it runs out of memory and blows up, or they can keep pumping messages until you run out of disk space.

2. Will it get very complicated to set it up to get mulitple connectins at the same time?

Yup.

3. I noticed I can't seem to get two connections at the same time. Would I need to use threads for this? ---> edit added, I'm having trouble wirting a threaded app.

You don't need threads. In fact you probably don't want threads. You would wrap the socket I/O up in a set of state machines that handle each transaction and then use non-blocking (or overlapped, on Windows) I/O to drive the state machines. Basically you'd be a writing a tiny multitasking operating systems. Not really all that difficult, but a bit of a pain. The network frameworks like Twisted take care of most of the grunt work for you.

edit added --->Someone else suggested I just run an ftp server. That might be the way to go.

*cough* I did suggest HTTP in the other thread :)

Edited by jcl
Link to post
Share on other sites
edit added --->Someone else suggested I just run an ftp server. That might be the way to go.

*cough* I did suggest HTTP in the other thread :)

Actually you might be to able save yourself a lot of trouble if you use HTTP. Install a server, write a little CGI script to receive files, and use Python's HTTP convenience libraries to POST the file from the client to the server. The client might be slightly more complex but the server could be reduced to teensy script to store the incoming file.

ya but what you said seemed hard(foreign), I did not fully understand it

just run a vftp server, then you can use pythons ftp modules to upload files

that seems easier(in my mind). I understand those concepts a little better.

Thanks jcl :-) I always appreciate your input

Edited by shanenin
Link to post
Share on other sites
ya but what you said seemed hard(foreign), I did not fully understand it

HTTP is pretty simple. To POST a file you open a connection to the HTTP server and then send something that looks like

POST <path> HTTP/1.0
Content-Length: <length of data in bytes>

<data>

(The structure is different for HTTP 1.1.) Python has HTTP client libraries that will take care of that for you.

On the server side you have a CGI script associated with <path> that reads the <data> from stdin (CGI arranges for the socket to be bound to stdin and stdout) and writes it to a file. Simple as that. Nice thing is that client isn't much more complex than the ones you've written (it just needs the HTTP header) and the HTTP server takes care pretty much everything on the server side for you. The CGI script really could be a half-dozen lines. Let me see if I can throw together an example.

that seems easier(in my mind). I understand those concepts a little better.

They'd be about equally difficult, I suppose.

Edit: Quicky Python client:

#!/usr/bin/python

import socket
import sys

if len(sys.argv) != 5:
print "usage: client server port path file"
sys.exit(1)

server = sys.argv[1]
port = int(sys.argv[2])
path = sys.argv[3]
filename = sys.argv[4]

file = open(filename)

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((server, port))

data = file.read()

sock.send("POST " + path + " HTTP/1.0\r\n")
sock.send("Content-Length: " + str(len(data)) + "\r\n\r\n")
sock.send(data)

sock.close()
file.close()

Server:

#!/usr/bin/python

import sys

file = open("/tmp/foo", "w")
data = sys.stdin.read()
file.write(data)
file.close()

Edit: That's just the server I used to test the client. The real server would do something useful, of course.

Edited by jcl
Link to post
Share on other sites

I think i decided to use pscp to send the files out. It seems like the most secure and easy way to go.

Well kind of secure. In theory any of my clients could get access to my computer, since they would have a private key and putty installed. Is it possible to have a user account, the one they would have ssh access to, have virtually no privledges? Ideally if they logged in, they would not be able to do anything.

edit added later//

the more I think about it, this way seems really unsafe

Edited by shanenin
Link to post
Share on other sites

yes.. it is.. you would have given them strait access to your system..

they could, if they wanted try to escalate privlages.

plus I have had problems with putty over 2 gigs.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...