CS491B FINAL PROJECT REPORT

JSIM-Server

Abstract: JSIM (Java Secure Instant Messenger) is an instant messenger that has its own protocol and uses Secure Socket Layer (SSL) as opposed to regular sockets. This project is split into a client and a server side. In CS491A I developed the client side, and in CS491B I have developed the server side. The server is split into three and includes the main server application, an administrative application and database connectivity.

Martin Jarnes Olsen Spring 2005

Table of Contents
1 Introduction ................................................................................................................3 1.1 Problem definition .................................................................................................3 1.2 Project description .................................................................................................3 1.3 Statement of scope .................................................................................................4 Technical background ................................................................................................5 2.1 Instant messengers .................................................................................................5 2.2 Java ........................................................................................................................5 System architecture ....................................................................................................6 3.1 Overview................................................................................................................6 3.2 The client ...............................................................................................................6 3.3 The server ..............................................................................................................8 3.4 The administrator...................................................................................................8 3.5 The database ..........................................................................................................9 Design and implementation details ..........................................................................10 4.1 SSL Sockets .........................................................................................................10 4.2 GUI Design ..........................................................................................................11 4.3 Implemented features...........................................................................................11 4.4 The Protocol.........................................................................................................12 Conclusion................................................................................................................14 Future work ..............................................................................................................14 References ................................................................................................................15

2 3

5 6 7

Introduction

1.1 Problem definition

The problem today is that a lot of the Internet traffic is still unencrypted. This includes traffic such as email, chat, file transfers and video conversations. Gathering personal information from individuals around the world has become an industry in itself. This can easily be done by building a personal profile of users based on search history, email history etc. In this project I will not focus on all these problems, but rather focus on chat file transfers, and look at how this can be made more secure. In CS491A I created the JSIM-client which can connect directly to other clients through the Internet. Today most systems are behind a firewall, and the user would therefore have to configure the firewall to support the JSIM-Client. Most firewalls allow all locally initiated outgoing traffic. In addition to letting the client connect to each other I have now added support to connect to a server. In this way configuring the firewall is not needed since all traffic is outgoing and the server does all the forwarding of the traffic.

1.2 Project description

In CS491A I developed the JSIM-Client. In CS491B I have developed the JSIM-Server. Having a server solves the problem of unencrypted traffic, as well as having to configure the firewall each time a TCP-connection must be established. The project is split into two parts:

Client text transfers (chat), file transfers, capability of blocking IP addresses. Server supports text transfers, blocking of IP addresses. Incorporates administrative application, the main server, and a database.

1.3 Statement of scope

The client must be able to connect to other clients as well as connecting to the server. All traffic must be encrypted. The clients must be able to transfer text and files.

The server must be able to receive incoming connections from clients. The protocol must support forwarding of messages from client to client. The server must broadcast who is online and when a user disconnects to all clients.

When a user registers the information must be saved in the database. Important information such a username and password must be pulled out and verified before a client connection can be successfully established. The database must also save IP addresses that are banned.

The administrative application is merely an application for setting up the database from a remote location, as well as monitoring the server, who is online/offline, and banning IP addresses from the server.

Technical background

2.1 Instant messengers

Instant messengers are applications that support chat, file transfers as well as other features. Most instant messengers are client/server based. The clients can connect to the server. Both clients must connect to the server for communication to be established. Some popular Instant messengers are MSN Messenger, AIM, Yahoo messenger etc.

2.2 Java
This project is written entirely in J2SE 1.5 (Source 1) and takes advantage of the following packages:

javax.swing.* - GUI. java.awt.* - Events, Layout managers, etc. java.util.* - ArrayList, ToolBox etc. java.net.* - Standard sockets. javax.net.ssl.* - SSL sockets. java.sql.* - SQL queries etc.

In addition to these packages an external API must be loaded into the jre/lib/ext directory for the server to function correctly, the MySQL (Source 2) driver. This provides the following package:

org.gjt.mm.mysql.* - Connection to MySQL database.

System architecture

3.1 Overview
The complete overview over the system can be seen in figure 1. The clients can connect to each other, as well as connect to the server and communicate through this. The server runs as a standalone applications but can be controlled by the administrator. User information and information about banned IP addresses is stored in the database.

Figure 1: Overview over client, server, administrator and database.

3.2 The client

The client consists of many components. We can group them into GUI, controller and managers. (Figure 2) GUI

Controller Managers
Figure 2: Client components overview.

The controller basically acts as a link between the GUI and the managers. The Managers are split into different types: Outgoing managers These managers take care of all outgoing traffic. Incoming managers These managers take care of all incoming traffic. Thread listens for new incoming sockets. This again is split into different types: File manager Handles file traffic. (Outgoing/Incoming) Text manager Handles text traffic. (Outgoing/Incoming) Server Manager Handles server communication. (Outgoing)

Figure 3 shows the 3 different types of traffic handled by the managers. Figure 4 shows the internal structure of the managers. The protocol is implemented at the level of the sender/receiver and the reader/writer.

Figure 3: Client traffic.

Figure 4: Manager handling (left) file transfers and (right) text traffic.

3.3 The server

The server does not have any GUI components, thus simple in many ways. At the top there is a controller. The controller handles the database, the adminlistener and the clientlistener, and all interaction between those classes. The server listens for incoming clients (multiple) and incoming administrator (only one), but does not initiate any outgoing traffic. (Figure 5)

Figure 5: The server

3.4 The administrator

The administrator has GUI components at the top. The controller is in the middle working between the actual socket and the GUI. The application does not listen for incoming traffic (sockets), it only initiates. The socket connects s to the adminlistener socket of the server.

Figure 6: The administrator application

3.5 The database

The database was modeled with simplicity and functionality in mind. For this purpose I chose MySQL with MyISAM tables. (Figure 7)

Figure 7: Database model (EER notation)

Design and implementation details

4.1 SSL Sockets

For the network part of my application I have consequently used SSL Sockets. In Java this is easy. Typically the usage spans over the following areas 1 : 1. Listening for incoming connection. (Example 1) 2. Creating new outgoing connection. (Example 2) 3. Constantly reading from a connection by using a thread.

import java.net.*; import javax.net.ssl.*; SSLServerSocket ss = null; ss = (SSLServerSocket) SSLServerSocketFactory.getDefault().createServerSocket (CLIENTLISTEN_PORT); ss.setNeedClientAuth(false); String cipherSuite [] = {"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}; ss.setEnabledCipherSuites(cipherSuite); Socket tmp_socket = ss.accept(); Example 1: Listening for incoming SSL connections. import javax.net.ssl.*; SSLSocket socket = (SSLSocket)SSLSocketFactory.getDefault().createSocket(host,port); socket.setNeedClientAuth(false); String cipherSuite [] = { "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA" }; socket.setEnabledCipherSuites(cipherSuite); Example 2: Creating new outgoing connection.

Note: The examples are somewhat simplified to fit this purpose.

4.2 GUI Design

Most of the GUI has been created using the following API and as a combination between them (Source 3): javax.swing o BoxLayout o JFrame o JPanel java.awt o BorderLayout o FlowLayout o GridBagLayout o GridLayout Other than that general graphical editing software have been used for creating icons and images etc.

4.3 Implemented features

The client: Text transfer (chat) File transfers Sockets over SSL Application firewall

The server: Administrator network interface Client network interface Database connectivity Console application Event system

The administrator: Connect to server After connecting set up the server with a database and maximum number of allowed users. Supported features (GUI) but not implemented (protocol): o Monitoring, being able to see which users are online and which are offline, also monitoring events. o Banning IP addresses and seeing which IP addresses are banned.

4.4 The Protocol

Client/Client protocol: Text transactions o DISCONN External chat closed. o INIT Initiate chat with other end. o TXT <txt> - Sending text. o PING Keeping connection alive. File transactions o <Filename> - Name of file. o <Filesize> - Filesize in bytes. o TACC Accept filetransfer. o TDEN Deny filetransfer. o 1<100010010101> - As file is sent (raw bytes) each block transaction must be started with 1 to indicate healthy connection.

Client/Server protocol: CONNECTED Connection is established. REGOK Registration is ok. REGREF Registration is refused. LOGINOK Login is ok. LOGINREF Login is refused. PING Server to the client, keeping connection alive. PONG Client response to ping, only after ping. NOCONN Can not connect for some reason. USERS <user1 user2 .. usern> - Users online. ADDUSER <user> - A new user is online. CHAT <txt> - Text transfer/chat. REMOVEUSER <user> - A user has logged off. CLOSECHAT A user has closed the chat.

Conclusion

I have created a client, a server, an administrator and set up a database. The applications are done, except for the administrator, which needs more work. The standard functionality of the server is in place; users can register, log in, chat with other users, IP addresses can be banned through the database. To sum it up: Client Done Server Done Administrator Needs more work Database Done

I am happy with my solution, and I think I have accomplished most of what I wanted to create. The project has a lot of potential for future development and enhancements.

Future work
Finishing the administrator. Polish the GUI of the applications. Fix bugs and errors.

I will continue to work on this project. The most obvious future work will be:

Once this is ok I can start looking at multiserver support: Several servers can connect to the same database. Adds support for more users. Needs stronger protocol, interserver communication etc.

References

Source 1: Java Technology, http://java.sun.com/ Source 2: MySQL. The worlds most popular open source database, http://www.mysql.com/ Source 3: A visual guide to layout managers, http://java.sun.com/docs/books/tutorial/uiswing/layout/visual.html

Appendix A: Screenshots

Screenshot 1: The JSIM Client (Client).

Screenshot 2: Connecting to client for chat (Client/Client).

Screenshot 3: Chatting with other client (Client/Client).

Screenshot 4: Sending a file (Client/Client).

Screenshot 5: Sending/Receiving files (Client/Client).

Screenshot 6: After sending/receiving a file (Client/Client).

Screenshot 7: The application firewall (Client/Client).

Screenshot 8: Banning a host (Client/Client).

Screenshot 9: Remove a ban (Client/Client).

Screenshot 10: Viewing list of banned hosts. (Client/Client)

Screenshot 11: Connect to the server (Client/Server).

Screenshot 12: The server running. (Server)

Screenshot 13: Server running, server is full. (Server)

Screenshot 14: List of users. (Client/Server)

Screenshot 15: Chatting. (Client/Server)

Screenshot 16: Chatting. Other end closed conversation. (Client/Server)

Screenshot 17: The administrator. (Admin)

Screenshot 18: Setting up a server with database. (Admin/Server)

Screenshot 19: Server setup. (Admin/Server)

Screenshot 20: After setting up the server. (Admin/Server)

Screenshot 21: After setting up the server 2. (Admin/Server)

Screenshot 22: After setting up the server 3. (Admin/Server)

Appendix B: User manual

Installation:
1. Unzip jsim.zip to desired location. (Figure 1)

Figure 1: Inside jsim.zip.

2. Make sure Java Runtime Environment 1.5 is installed or download from http://java.sun.com/ 3. Unzip mysql-connector-java-3.0.16-ga-bin.zip somewhere in the classpath (i.e. jre/lib/ext) for the jsimserver to work. 4. Project is now installed.

The client:
1. Command to run the client: java jar jsim.jar 2. If more than one client is running on the same host you must define the ports. Example: java jar jsim.jar inports 20000 20001 outports 21000 21002 java jar jsim.jar inports 21000 21002 outports 20000 20001 3. To chat with other client: click the Client connect button host address (click Connect). 4. To send file to other client: click the Send file button address and browse for the file to send (click Send). 5. To ban or unban hosts click Preferences button . and type in the

, type in the host

6. To connect to the server click Server connect button : Fill in host/IP and the port of the server. Fill in fields depending on if you are registered or not. Note: Make sure server is started and accepts clients first.

The server:
1. Command to run the server: java jar jsimserver.jar 2. In the console, fill in what ports you want to listen for clients. 3. Next, fill in the port you want to listen for administrator. 4. Choose a username and password for the administrator and fill this in. 5. You should now be somewhere like in figure 2.

Figure 2: The server.

(Note: The server is not accepting incoming clients yet; you must set it up first via the administrator)

The administrator:
1. Command to run the administrator: java jar jsimadmin.jar 2. A tabbed pane with two panes will appear: Database, and Server. 3. Fill in the correct information for the database, for example the testdatabase that is set up for this purpose: Host: jsim.engineerorama.com Username: jsimuser Password: clawfinger.

4. Fill in the correct information for the server, for example: Host/IP: localhost Port number, user and password what ever is set up (figure 2). Set how many clients you want to allow to your server. (Minimum 2 maximum 1000). Click Start server. 5. The server will now start listening for incoming clients (Figure 3).

Figure 3: The server is set up and waiting for clients.

The database:
1. Inside the file jsimdb.sql.zip you will find the database scheme. Load this into a MySQL database server and set it up with appropriate grants and users for this project. 2. Or you can use the database I have set up at: Host: jsim.engineerorama.com Username: jsimuser Password: clawfinger. 3. If you chose step two, you can log in to the database using a web-browser and the address is http://jsim.engineerorama.com/ (PHPMyAdmin). Username: jsimuser Password: clawfinger. 4. For testing purposes, log in using a web-browser and add users or IP-addresses to be banned.