Note de seminar Specializare

Retele de calculatoare I Info 3

Lab 12
Descriere: Client FTP, protocolul SSL

Obiective: Aplicatie care foloseste protocolul FTP in Java. Suport pentru protocolul SSL (Secure
Socket Layer)

Programa

1. Client FTP

File Transfer Protocol (FTP) este un protocol care permite utilizatorilor autorizai s transfere
fiiere de la i ctre servere aflate la distan. FTP stabilete o conexiune de obicei n mod pasiv
(Passive Mode) n care clientul preia structura de directoare, transfer fiiere i apoi se
deconecteaz.

Serverele FTP pot fi configurate s accepte conexiuni anonime sau s impun autentificarea
utilizatorului la deschiderea sesiunii de lucru. De asemenea serverul ntrerupe conexiunea dup un
anumit timp de inactivitate. FTP funcioneaz implicit pe portul 21.

Sistemele de operare ofer clieni FTP n form text sau grafic. Programele client sub form de text
transfer serverului comenzile date de utilizator de la tastatur i afieaz rspunsul serverului pe
ecran. Exist i programe client FTP grafice care ofer o interfa grafic pentru gestionarea
fiierelor ntr-o sesiune de lucru FTP. Comenzile sunt generate automat iar rspunsul serverului
este interpretat i afiat grafic.

Urmatorul exemplu implementeaza in Java specificatiile RFC 959 pentru a crea un client FTP in
mod text.

http://www.faqs.org/rfcs/rfc959.html

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.Socket;
import java.util.StringTokenizer;

/**
* SimpleFTP este o implementare in Java a unui client FTP
*/
public class SimpleFTP {
Retele de calculatoare I

private Socket socket = null;

private BufferedReader reader = null;
private BufferedWriter writer = null;
private static boolean DEBUG = true;

/**
* Implementarea metodei connect
*/
public synchronized void connect(String host, int port, String user,
String pass) throws IOException {

if (socket != null) {
throw new IOException("Client FTP conectat. Deconectati!");
}

socket = new Socket(host, port);

reader = new BufferedReader(new InputStreamReader(socket.getInputStream()));
writer = new BufferedWriter(
new OutputStreamWriter(socket.getOutputStream()));

//tratare erori
String response = readLine();
if (!response.startsWith("220 ")) {
throw new IOException("Eroare 220: " + response);
}

sendLine("USER " + user);

response = readLine();
if (!response.startsWith("331 ")) {
throw new IOException("Eroare 331: " + response);
}

sendLine("PASS " + pass);

response = readLine();
if (!response.startsWith("230 ")) {
throw new IOException("Eroare 230: parola incorecta " + response);
}

System.out.println(">> Conexiunea FTP a fost stabilita");

}

/**
* Deconectare de la serverul FTP
*/
public synchronized void disconnect() throws IOException {
try {
sendLine("QUIT");
} finally {
socket = null;
}
}

/**
* Intoarce directorul curent
*/
public synchronized String pwd() throws IOException {
sendLine("PWD");
String dir = null;
String response = readLine();
if (response.startsWith("257 ")) {
int firstQuote = response.indexOf('\"');
Retele de calculatoare I

int secondQuote = response.indexOf('\"', firstQuote + 1);

if (secondQuote > 0) {
dir = response.substring(firstQuote + 1, secondQuote);
}
}

System.out.println(">> Directorul curent este: " + dir);

return dir;
}

/**
* Schimba directorul curent
*/
public synchronized boolean cwd(String dir) throws IOException {
sendLine("CWD " + dir);
String response = readLine();
return (response.startsWith("250 "));
}

/**
* Transfera un fisier folosind modul pasiv.
*/
public synchronized boolean stor(InputStream inputStream, String filename)
throws IOException {

BufferedInputStream input = new BufferedInputStream(inputStream);

sendLine("PASV");
String response = readLine();
if (!response.startsWith("227 ")) {
throw new IOException("Serverul FTP nu acepta modul pasiv: " + response);
}

String ip = null;
int port = -1;
int opening = response.indexOf('(');
int closing = response.indexOf(')', opening + 1);
if (closing > 0) {
String dataLink = response.substring(opening + 1, closing);
StringTokenizer tokenizer = new StringTokenizer(dataLink, ",");
try {
ip = tokenizer.nextToken() + "." + tokenizer.nextToken() + "."
+ tokenizer.nextToken() + "." + tokenizer.nextToken();
port = Integer.parseInt(tokenizer.nextToken()) * 256
+ Integer.parseInt(tokenizer.nextToken());
} catch (Exception e) {
throw new IOException("Eroare Bad data link: " + response);
}
}

sendLine("STOR " + filename);

Socket dataSocket = new Socket(ip, port);

BufferedOutputStream output =
new BufferedOutputStream(dataSocket.getOutputStream());
byte[] buffer = new byte[4096];
int bytesRead = 0;
while ((bytesRead = input.read(buffer)) != -1) {
output.write(buffer, 0, bytesRead);
}
output.flush();
output.close();
input.close();
Retele de calculatoare I

response = readLine();
return response.startsWith("226 ");
}

/**
* Bynary transfer mode
*/
public synchronized boolean bin() throws IOException {
sendLine("TYPE I");
String response = readLine();
return (response.startsWith("200 "));
}

/**
* ASCII transfer mode (default)
*/
public synchronized boolean ascii() throws IOException {
sendLine("TYPE A");
String response = readLine();
return (response.startsWith("200 "));
}

/**
* RAW transfer mode
*/
private void sendLine(String line) throws IOException {
if (socket == null) {
throw new IOException("Conexiune inexistenta.");
}
try {
writer.write(line + "\r\n");
writer.flush();
if (DEBUG) {
System.out.println("> " + line);
}
} catch (IOException e) {
socket = null;
throw e;
}
}

private String readLine() throws IOException {

String line = reader.readLine();
if (DEBUG) {
System.out.println("< " + line);
}
return line;
}

public static void main(String args []) throws Exception{

SimpleFTP ftp = new SimpleFTP();

// conectare la serverul FTP

ftp.connect("172.16.0.93",21,"student","student");

// foloseste modul binar

ftp.bin();

// afiseaza directorul curent

ftp.pwd();

// schimba directorul curent

ftp.cwd("docs");
Retele de calculatoare I

// file upload
ftp.stor(new FileInputStream(new File("fisier.jpg")), "fisier.jpg");

// deconectare de la serverul FTP

ftp.disconnect();
}
}

2. SSL in Java

Certificate

Pentru a crea un certificat putem sa utilizam programul keytool.exe care face parte din Java SDK.
Programul poate fi gasit in directorul $JAVA_HOME/bin

Comanda pentru a genera un certficat este

keytool -genkey -keystore mySrvKeystore -keyalg RSA

Programul va solicita informatii despre proprietarul certificatului precum si o parola. Introduceti

parola 123456. Puteti sa folositi orice parola dar in acest caz trebuie modificat si codul
programelor. Dupa generare, certificatul va fi salvat in directorul de lucru sub numele de
mySrvKeystore.

EchoServerSSL

import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;

public class EchoServerSSL {

public static void main(String[] args) {

try {

SSLServerSocketFactory sslserverfactory =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

SSLServerSocket sslserversocket =
(SSLServerSocket)sslserverfactory.createServerSocket(9999);

SSLSocket sslsocket = (SSLSocket) sslserversocket.accept();

InputStream input = sslsocket.getInputStream();

InputStreamReader inputreader =
new InputStreamReader(input);

BufferedReader br =
new BufferedReader(inputreader);

String string = null;

while ((string = br.readLine()) != null) {
System.out.println(string);
System.out.flush();
}
Retele de calculatoare I

}catch (Exception e) {
e.printStackTrace();
}
}
}

EchoClientSSL

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

public class EchoClientSSL {

public static void main(String[] args) {
try {
SSLSocketFactory sslsocketfactory =
(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket =
(SSLSocket) sslsocketfactory.createSocket("localhost", 9999);

BufferedReader br = new BufferedReader(

new InputStreamReader(System.in));

OutputStream outputstream = sslsocket.getOutputStream();

OutputStreamWriter outputwriter =
new OutputStreamWriter(outputstream);
BufferedWriter bw = new BufferedWriter(outputwriter);

String string = null;

while ((string = br.readLine()) != null) {
bw.write(string + '\n');
bw.flush();
}
} catch (Exception e) {
e.printStackTrace();
}
}
}

Rularea aplicatiei client-server SSL

Certificatul creat la pasul 1 trebui copiat in directorul care contine fisierul bytecode pentru Server si
acesta trebuie lansat folosind comanda

java -Djavax.net.ssl.keyStore=mySrvKeystore
-Djavax.net.ssl.keyStorePassword=123456
EchoServerSSL

Daca au fost utilizate alte valori la crearea certificatului, comanda trebuie modificata corespunzator.

Copiati certificatul in directorul care contine fisierul class pentru Client si lansati comanda

java -Djavax.net.ssl.trustStore=mySrvKeystore
-Djavax.net.ssl.trustStorePassword=123456
EchoClientSSL
Retele de calculatoare I

Problema 1. Studiati RFC959 si adaugati suport pentru afisarea fisierelor din directorul curent
programului client FTP.

Problema 2. Adaugati clientului FTP o interfata grafica minimala care sa contina campuri de text
care sa permita introducerea numelui de utilizator, parolei, portului, adresei precum si efectuarea de
comenzi: conectare, deconectare, upload/download pentru un fisier specificat.

Problema 3. Realizati o aplicatie client-server care foloseste protocolul SSL. Aplicatia este de fapt
un joc al carui scop este ghicirea unui numar. Atunci cand serverul este pornit el va salva un numar
aleator intre 0 si 100.

int randomNumber=(int)(Math.random()*100);

Clientul va citi numere de la tastatura si va trimite aceste numere la server.Serverul va raspunde

prin mesaje (MARE, MIC, CORECT). Clientul trebuie sa poata introduce numere pana cand
primeste valoarea CORECT.

Bibliografie

1. Java API, http://java.sun.com/j2se/1.4.2/docs/api/

2. Elliotte Rusty Harold, Java Network Programming, 3rd Edition
3. RFC959, http://www.faqs.org/rfcs/rfc959.html
4. Java SSL, http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/package-summary.html
5. Java Developers Almanac, http://www.exampledepot.com/egs/javax.net.ssl/pkg.html
6. V. Patriciu, M. Pietrosanu-Ene, I. Bica, C. Cristea, Securitatea Informatica n Unix si Internet,
Editura Tehnica, Bucuresti 1998.
7. E. Petac, D. Petac, Principii si tehnici de protectie a informatiei n retelele de calculatoare,
Matrix Rom, Bucuresti 1998.