You are on page 1of 47

Lecture 7

TELNET Protocol & HyperText Transfer Protocol


CPE 401 / 601 Computer Network Systems

slides are modified from Dave Hollinger

TELNET vs. telnet


TELNET is a

general, bi-directional, eight-bit byte oriented communications facility.

protocol that provides a

telnet is a

TELNET protocol over TCP.

program that supports the

Many application protocols are built upon the

TELNET protocol.

TELNET

The TELNET Protocol


Reference: RFC 854 TCP connection

data and control over the same connection.


Network Virtual Terminal intermediate representation of a generic terminal. provides a standard language for communication of terminal control functions.
TELNET 3

Network Virtual Terminal

Server Process
NVT
TCP

NVT
TCP

TELNET

Negotiated Options
All NVTs support a minimal set of capabilities.

Some terminals have more capabilities than the minimal set.

The set of options is not part of the TELNET

protocol,

so that new terminal features can be incorporated without changing the TELNET protocol.

Two endpoints negotiate a set of mutually

acceptable options

Line mode vs. character mode echo modes character set (EBCDIC vs. ASCII)

TELNET

Control Functions
TELNET includes support for a series of

control functions commonly supported by servers.

This provides a uniform mechanism for

communication of (the supported) control functions.

TELNET

Control Functions
Interrupt Process (IP)

suspend/abort process.

Abort Output (AO)

send no more output to users terminal.


check to see if system is still running. delete last character sent

Are You There (AYT)

Erase Character (EC)

Erase Line (EL)

delete all input in current line.


TELNET 7

Command Structure
All TELNET commands and data flow through

the same TCP connection. Commands start with a special character called the Interpret as Command escape character
The IAC code is 255. If a 255 is sent as data - it must be followed by another 255.

If IAC is found and the next byte is IAC

a single byte is presented to application/terminal the TELNET layer interprets this as a command.
TELNET 8

If IAC is followed by any other code

Playing with TELNET


You can use the telnet program to play with

the TELNET protocol.

telnet is a

generic TCP client.

Sends whatever you type to the TCP socket. Prints whatever comes back through the TCP socket Useful for testing TCP servers (ASCII based protocols).
Many Unix systems have these servers running

(by default):
echo daytime

port 7 port 13

discard chargen

port 9 port 19
TELNET 9

telnet hostname port


> telnet amele-2.cse.unr.edu 7 Trying 134.197.40.246... Connected to amele-2.cse.unr.edu (134.197.40.246). Escape character is '^]'. Hi mehmet Hi mehmet stop it stop it ^] telnet> quit Connection closed.

TELNET

10

telnet vs. TCP


Not all TCP servers talk TELNET (most don't)

You can use the telnet program to play with

these servers, but the fancy commands won't do anything.

type ^], then "help" for a list of fancy TELNET stuff you can do in telnet.

TELNET

11

HyperText Transfer Protocol (HTTP)


HTTP is the protocol that supports

communication between web browsers and web servers.

A Web Server is a HTTP server Most clients/servers today speak version 1.1,

but 1.0 is also in use.


RFC 1945 (HTTP 1.0) RFC 2616 (HTTP 1.1)

HTTP

13

From the RFC


HTTP is an application-level protocol with

the lightness and speed necessary for distributed, hypermedia information systems.

Transport Independence The HTTP protocol generally takes place over a TCP connection, but the protocol itself is not dependent on a specific transport layer.
HTTP 14

Request - Response
HTTP has a simple structure:

client sends a request server returns a reply.

HTTP can support multiple request-reply

exchanges over a single TCP connection.

The well known TCP port for HTTP servers is

port 80.

Other ports can be used as well...


HTTP 15

HTTP 1.0+ Request


Lines of text (ASCII). Lines end with CRLF

\r\n

First line is called Request-Line

Request-Line Headers . . .
blank line

Content...
HTTP 16

Request Line
Method URI HTTP-Version\r\n
The request line contains 3

tokens (words).

space characters separate the tokens. Newline (\n) seems to work by itself but the protocol requires CRLF

HTTP

17

Request Method
The Request Method can be:

GET PUT

HEAD POST

DELETE TRACE OPTIONS

future expansion is supported


GET, HEAD and POST are supported

everywhere (including Lab 2!).


OPTIONS & TRACE.

HTTP 1.1 servers often support PUT, DELETE,


HTTP 18

Methods
GET:

retrieve information identified by the URI.

Typically used to retrieve an HTML document

HEAD:

retrieve meta-information about the URI.

used to find out if a document has changed

POST:

send information to a URI and retrieve result.


HTTP 19

used to submit a form

More Methods
PUT:

Store information in location named by URI.

DELETE: remove

entity identified by URI.

TRACE: used to trace HTTP forwarding

through proxies, tunnels, etc.

OPTIONS: used to determine the capabilities

of the server, or characteristics of a named resource.


HTTP

20

URI: Universal Resource Identifier


URIs defined in RFC 2396. Absolute URI: scheme://hostname[:port]/path http://www.cse.unr.edu:80/~mgunes/cpe401

Relative URI: /path /blah/foo

No server mentioned
HTTP 21

URI Usage
When dealing with a HTTP 1.1 server, only a

path is used (no scheme or hostname).

HTTP 1.1 servers are required to be capable of handling an absolute URI, but there are still some out there that wont

When dealing with a

absolute URI is used.

proxy HTTP server, an

client has to tell the proxy where to get the document!

more on proxy servers in a bit.

HTTP

22

HTTP Version Number


HTTP/1.0 or HTTP/1.1
Starting with HTTP 1.0 the version number is

part of every request.

Client tells the server what version it can talk (what options are supported, etc).

HTTP 0.9 did not include a version number in

a request line.

If a server gets a request line with no HTTP version number, it assumes 0.9 HTTP 0.9 was used for many years.
HTTP 23

The Header Lines


Request Headers provide information to the

server about the client

what kind of client what kind of content will be accepted who is making the request
Each header line contains

an attribute name followed by a : followed by a space and the attribute value.

There can be 0 headers (HTTP 1.0) HTTP 1.1 requires a Host: header
HTTP 24

Example HTTP Headers


Accept: text/html Host: www.cse.unr.edu From: mgunes@cse.unr.edu User-Agent: Mozilla/4.0

Referer: http://www.unr.edu/

HTTP

25

End of the Headers


Each header ends with a CRLF ( \r\n )
The end of the header section is marked

with a blank line.

just CRLF

For GET and HEAD requests, the end of the

headers is the end of the request!

HTTP

26

POST
A POST request includes some

data) after the headers (after the blank line).

content (some

There is no format for the data (just raw

bytes).

A POST request must include a Content-

Length line in the headers:

Content-length: 267

HTTP

27

Example POST Request


POST /~mgunes/cpe401/grades.cgi HTTP/1.1 Accept: */* Host: www.cse.unr.edu User-Agent: SecretAgent V2.3 Content-Length: 35 Referer: http://www.unr.edu/ stuid=6660182722&item=test1&grade=99

HTTP

28

Example GET Request


GET /~mgunes/cpe401/lab1.htm HTTP/1.1 Accept: */* Host: www.cse.unr.edu User-Agent: Internet Explorer From: mgunes@cse.unr.edu Referer: http://www.unr.edu/ There is a blank line here!

HTTP

29

HTTP Response
ASCII Status Line Headers Section

Status-Line Headers . . .
blank line

Content...

Content can be anything (not just text) typically an HTML document or some kind of image.

HTTP

30

Response Status Line


HTTP-Version
Status 1xx 2xx 3xx 4xx 5xx

Status-Code

Message

Code is 3 digit number (for computers)


Informational Success Redirection Client Error Server Error

Message is text (for humans)


HTTP 31

Example Status Lines


HTTP/1.0 200 OK HTTP/1.0 301 Moved Permanently HTTP/1.0 400 Bad Request HTTP/1.0 500 Internal Server Error

HTTP

32

Response Headers
Provide the client with information about

the returned entity (document).

what kind of document how big the document is how the document is encoded when the document was last modified
Response headers end with blank line

HTTP

33

Response Header Examples


Date: Wed, 30 Jan 2002 12:48:17 EST Server: Apache/1.17 Content-Type: text/html Content-Length: 1756

Content-Encoding: gzip

HTTP

34

Content
Content can be anything (sequence of raw

bytes).

Content-Length header is required for any

response that includes content.

Content-Type header also required.

HTTP

35

Single Request/Reply
The client sends a complete request.

The server sends back the entire reply.


The server closes its socket. If the client needs another document it

must open a new connection.

This was the default for HTTP 1.0


HTTP 36

Persistent Connections
HTTP 1.1 supports persistent connections

(this is the default).


TCP connection.

Multiple requests can be handled over a single

The Connection: header is used to

exchange information about persistence (HTTP/1.1)

1.0 Clients used a Keep-alive: header

HTTP

37

Try it with telnet


> telnet www.cse.unr.edu 80 GET / HTTP/1.0 HTTP/1.0 200 OK Server: Apache ...

HTTP

38

Try it with telnet (persistent)


> telnet www.cse.unr.edu 80 GET / HTTP/1.1 Host: www.cse.unr.edu HTTP/1.0 200 OK Server: Apache ...

HTTP

39

HTTP Proxy Server

Browser

Proxy

HTTP Server

HTTP

40

Network Lab #2 HTTP Proxy


You need to write a proxy server.
Must be able to handle GET, HEAD and POST

requests.

Filtering: Your proxy will be given a list of

domain names on the command line, you should refuse to forward requests to any server whose name is within a specified domain.

send back status line: 403 Forbidden.

Lab #2

41

The code you need


Proxy is both a client and a server Parsing the HTTP request is needed. You need to understand HTTP You will need to parse headers. need to look at Content-length, Connection, etc.

Lab #2

42

Testing
Tell your browser to use a proxy

Edit preferences/options.

Interrupt a long transfer (press stop). Fill out a form (probably uses POST). Test it with a browser. Test it with telnet Write an abusive client and a rude server!
Lab #2 43

What is expected
We should be able to surf through your proxy!

Proxy should print some info about each

request (print the request line).

No memory leaks! Check every system call for errors!

We should not be able to kill your proxy by


sending a bad request. using a server that sends bad replies.

No crashes, no matter what kind of nonsense we send your proxy.


Lab #2 44

HTTP V1.1 Details


The RFC is 114 pages!
we dont expect you to read it all or to

support every nitty-gritty detail. work on creating a working proxy (one you can use through a browser).

performance is not a big deal (but it shouldnt be horribly worse than without your proxy).

Dont worry about persistence, pipelining,

chunking, etc.

you need to turn off persistence if you don't want to handle it.
Lab #2 45

HTTP Headers
You will need to look at the Content-Length

header in a POST.

you need to know how many bytes to read after the end of the headers.

You will need to either look at

Connection (Proxy-Connection) headers or (at a minimum) to force Connection: close as a request header.
Lab #2

46

Stuff you might need to know


(that we have not covered)
Converting hostnames to IP addresses. Handling signals (SIGPIPE)

Check out section 5.13 in the text

Providing Concurrency (not required, but not

hard either).

just fork the server after calling accept. MAKE SURE YOU TAKE CARE OF ZOMBIES!
Lab #2 47