CSS 432 - FAQ on Program 4: Domain Name Service

CSS 432
FAQ on Program 4: Domain Name Service

Q1: getpeername( )

The compiler objects to me using a sockaddr_in as the first argument. It seems to be expecting a sockaddr instead. However, when I use sockaddr, it doesn't have sin_addr and sin_port as data members. Is there another arglist or variation on getpeername that I should be using?

A: If you type "man getpeername" from a Linux command line, you'll get the following manual message:

GETPEERNAME(2)             Linux Programmered peer socket

SYNOPSIS
       #include 

       int getpeername(int s, struct sockaddr *name, socklen_t *namelen);

DESCRIPTION
       getpeername()  returns  the  name of the peer connected to socket s.  The namelen
       parameter should be initialized to indicate the amount of  space  pointed  to  by
       name.   On  return  it  contains the actual size of the name returned (in bytes).
       The name is truncated if the buffer provided is too small.
 

From this message, you could write code as follows:

struct sockaddr_in clientAddr;

socklen_t addrLen = sizeof( clientAddr );

getpeername( socket, (sockaddr *)&clientAddr, &addrLen) );

Q2: How can I verify that my spoofcheck.cpp can detect an actual spoof?

A. Unfortunately, you can verify only correct (i.e., non-spoofing) client connections with your spoofcheck.cpp.

This is because we are not authorized to hack and change TCP packets. getpeername( ) scrutinises a packet received from a client who may be lying and putting a false source address. On the other hand gethostbyaddr( ) is returned from DNS, given an address from a client. If a client put a false address, DNS will return NULL. In our case, unless we design a malicious client program that changes its TCP packet, we can't verify the spoofing check. So, our test only verifies honest clients' information.