ch17_08.htm

By Tom Christiansen and Nathan Torkington ISBN 1-56592-243-3 First Edition, published August 1998

<HTML
><HEAD
>
<TITLE>Recipe 17.7. Identifying the Other End of a Socket (Perl Cookbook)</TITLE>
<META
NAME="DC.title"
CONTENT="Perl Cookbook"><META
NAME="DC.creator"
CONTENT="Tom Christiansen &amp; Nathan Torkington"><META
NAME="DC.publisher"
CONTENT="O'Reilly &amp; Associates, Inc."><META
NAME="DC.date"
CONTENT="1999-07-02T01:44:32Z"><META
NAME="DC.type"
CONTENT="Text.Monograph"><META
NAME="DC.format"
CONTENT="text/html"
SCHEME="MIME"><META
NAME="DC.source"
CONTENT="1-56592-243-3"
SCHEME="ISBN"><META
NAME="DC.language"
CONTENT="en-US"><META
NAME="generator"
CONTENT="Jade 1.1/O'Reilly DocBook 3.0 to HTML 4.0"><LINK
REV="made"
HREF="mailto:online-books@oreilly.com"
TITLE="Online Books Comments"><LINK
REL="up"
HREF="ch17_01.htm"
TITLE="17. Sockets"><LINK
REL="prev"
HREF="ch17_07.htm"
TITLE="17.6. Using UNIX Domain Sockets"><LINK
REL="next"
HREF="ch17_09.htm"
TITLE="17.8. Finding Your Own Name and Address"></HEAD
><BODY
BGCOLOR="#FFFFFF"><img alt="Book Home" border="0" src="gifs/smbanner.gif" usemap="#banner-map" /><map name="banner-map"><area shape="rect" coords="1,-2,616,66" href="index.htm" alt="Perl Cookbook"><area shape="rect" coords="629,-11,726,25" href="jobjects/fsearch.htm" alt="Search this book" /></map><div class="navbar"><p>
<TABLE
WIDTH="684"
BORDER="0"
CELLSPACING="0"
CELLPADDING="0"
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="sect1"
HREF="ch17_07.htm"
TITLE="17.6. Using UNIX Domain Sockets"
><IMG
SRC="../gifs/txtpreva.gif"
ALT="Previous: 17.6. Using UNIX Domain Sockets"
BORDER="0"></A
></TD
><TD
ALIGN="CENTER"
VALIGN="TOP"
WIDTH="228"
><B
><FONT
FACE="ARIEL,HELVETICA,HELV,SANSERIF"
SIZE="-1"
><A
CLASS="chapter"
REL="up"
HREF="ch17_01.htm"
TITLE="17. Sockets"
></A
></FONT
></B
></TD
><TD
ALIGN="RIGHT"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="sect1"
HREF="ch17_09.htm"
TITLE="17.8. Finding Your Own Name and Address"
><IMG
SRC="../gifs/txtnexta.gif"
ALT="Next: 17.8. Finding Your Own Name and Address"
BORDER="0"></A
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="sect1"
><H2
CLASS="sect1"
><A
CLASS="title"
NAME="ch17-26620"
>17.7. Identifying the Other End of a Socket</A
></H2
><DIV
CLASS="sect2"
><H3
CLASS="sect2"
><A
CLASS="title"
NAME="ch17-pgfId-922"
>Problem<A
CLASS="indexterm"
NAME="ch17-idx-1000004772-0"
></A
><A
CLASS="indexterm"
NAME="ch17-idx-1000004772-1"
></A
></A
></H3
><P
CLASS="para"
>You have a socket and want to identify the machine at the other end.</P
></DIV
><DIV
CLASS="sect2"
><H3
CLASS="sect2"
><A
CLASS="title"
NAME="ch17-pgfId-928"
>Solution</A
></H3
><P
CLASS="para"
>If you're only interested in the IP address of the remote machine, use:</P
><PRE
CLASS="programlisting"
>use Socket;

$other_end         = getpeername(SOCKET)
    or die &quot;Couldn't identify other end: $!\n&quot;;
($port, $iaddr)    = unpack_sockaddr_in($other_end);
$ip_address        = inet_ntoa($iaddr);</PRE
><P
CLASS="para"
>If you want its actual host name, use:</P
><PRE
CLASS="programlisting"
>use Socket;

$other_end        = getpeername(SOCKET)
    or die &quot;Couldn't identify other end: $!\n&quot;;
($port, $iaddr)   = unpack_sockaddr_in($other_end);
$actual_ip        = inet_ntoa($iaddr);
$claimed_hostname = gethostbyaddr($iaddr, AF_INET);
@name_lookup      = gethostbyname($claimed_hostname)
    or die &quot;Could not look up $claimed_hostname : $!\n&quot;;
@resolved_ips     = map { inet_ntoa($_) }
    @name_lookup[ 4 .. $#ips_for_hostname ];</PRE
></DIV
><DIV
CLASS="sect2"
><H3
CLASS="sect2"
><A
CLASS="title"
NAME="ch17-pgfId-970"
>Discussion</A
></H3
><P
CLASS="para"
>For a long time, figuring out who connected to you was considered more straightforward than it really is. The <CODE
CLASS="literal"
>getpeername</CODE
> function returns the IP address of the remote machine in a packed binary structure (or <CODE
CLASS="literal"
>undef</CODE
> if an error occurred). To unpack it, use <CODE
CLASS="literal"
>inet_ntoa</CODE
>. If you want the name of the remote end, call <CODE
CLASS="literal"
>gethostbyaddr</CODE
> to look up the name of the machine in the DNS tables, right?</P
><P
CLASS="para"
>Not really. That's only half the solution. Because a name lookup goes to the name's owner's DNS server and a lookup of an IP addresses goes to the address's owner's DNS server, you have to contend with the possibility that the machine that connected to you is giving incorrect names. For instance, the machine <CODE
CLASS="literal"
>evil.crackers.org</CODE
> could belong to malevolent cyberpirates who tell their DNS server that its IP address (<CODE
CLASS="literal"
>1.2.3.4</CODE
>) should be identified as <CODE
CLASS="literal"
>trusted.dod.gov</CODE
>. If your program trusts <CODE
CLASS="literal"
>trusted.dod.gov</CODE
>, a connection from <CODE
CLASS="literal"
>evil.crackers.org</CODE
> will cause <CODE
CLASS="literal"
>getpeername</CODE
> to return the right IP address (<CODE
CLASS="literal"
>1.2.3.4</CODE
>), but <CODE
CLASS="literal"
>gethostbyaddr</CODE
> will return the duplicitous name.</P
><P
CLASS="para"
>To avoid this problem, we take the (possibly deceitful) name returned by <CODE
CLASS="literal"
>get-hostbyaddr</CODE
><A
CLASS="indexterm"
NAME="ch17-idx-1000004778-0"
></A
><A
CLASS="indexterm"
NAME="ch17-idx-1000004778-1"
></A
> and look it up again with <CODE
CLASS="literal"
>gethostbyname</CODE
>. In the case of <CODE
CLASS="literal"
>evil.crackers.org</CODE
>, the lookup of <CODE
CLASS="literal"
>trusted.dod.gov</CODE
> will be done through <CODE
CLASS="literal"
>dod.gov</CODE
>'s DNS servers, and will return the real IP address(es) for <CODE
CLASS="literal"
>trusted.dod.gov</CODE
>. Because many machines have more than one IP address (multihomed web servers are the obvious example), we can't use the simplified form of <CODE
CLASS="literal"
>gethostbyname</CODE
>:</P
><PRE
CLASS="programlisting"
>$packed_ip  = gethostbyname($name) or die &quot;Couldn't look up $name : $!\n&quot;;
$ip_address = inet_ntoa($packed_ip);</PRE
><P
CLASS="para"
>So far we've assumed we're dealing with an Internet domain application. You can also call <CODE
CLASS="literal"
>getpeername</CODE
> on a Unix domain socket. If the other end called <CODE
CLASS="literal"
>bind</CODE
>, you'll get the filename they bound to. If the other end <EM
CLASS="emphasis"
>didn't</EM
> call <CODE
CLASS="literal"
>bind</CODE
>, however, <CODE
CLASS="literal"
>getpeername</CODE
> may return an empty string (unpacked), a packed string with oddball garbage in it, or <CODE
CLASS="literal"
>undef</CODE
> to indicate an error, or your computer may reboot. (These possibilities are listed in descending order of probability and desirability.) This is what we in the computer business call "undefined behavior."<A
CLASS="indexterm"
NAME="ch17-idx-1000004774-0"
></A
><A
CLASS="indexterm"
NAME="ch17-idx-1000004774-1"
></A
></P
><P
CLASS="para"
>Even this level of paranoia and mistrust isn't enough. It's still possible for people to fake out DNS servers they don't directly control, so don't use hostnames for identification or authentication. True paranoiacs and misanthropes use cryptographically-secure methods.</P
></DIV
><DIV
CLASS="sect2"
><H3
CLASS="sect2"
><A
CLASS="title"
NAME="ch17-pgfId-1000005818"
>See Also</A
></H3
><P
CLASS="para"
>The 
<A
CLASS="olink"
HREF="../prog/ch03_047.htm"
>&#13;<CODE
CLASS="literal"
>gethostbyaddr</CODE
></A
>, 

<A
CLASS="olink"
HREF="../prog/ch03_048.htm"
>&#13;<CODE
CLASS="literal"
>gethostbyname</CODE
></A
>, and 

<A
CLASS="olink"
HREF="../prog/ch03_054.htm"
>&#13;<CODE
CLASS="literal"
>getpeername</CODE
></A
> in <A
CLASS="olink"
HREF="../prog/ch03_01.htm"
>Chapter 3</A
> of <A
CLASS="citetitle"
HREF="../prog/index.htm"
TITLE="Programming Perl"
><CITE
CLASS="citetitle"
>Programming Perl</CITE
></A
> and in <I
CLASS="filename"
>perlfunc </I
>(1); the <CODE
CLASS="literal"
>inet_ntoa</CODE
> in the standard Socket module; the documentation for the standard IO::Socket and Net::hostnet modules</P
></DIV
></DIV
><DIV
CLASS="htmlnav"
><P
></P
><HR
ALIGN="LEFT"
WIDTH="684"
TITLE="footer"><TABLE
WIDTH="684"
BORDER="0"
CELLSPACING="0"
CELLPADDING="0"
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="sect1"
HREF="ch17_07.htm"
TITLE="17.6. Using UNIX Domain Sockets"
><IMG
SRC="../gifs/txtpreva.gif"
ALT="Previous: 17.6. Using UNIX Domain Sockets"
BORDER="0"></A
></TD
><TD
ALIGN="CENTER"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="book"
HREF="index.htm"
TITLE="Perl Cookbook"
><IMG
SRC="../gifs/txthome.gif"
ALT="Perl Cookbook"
BORDER="0"></A
></TD
><TD
ALIGN="RIGHT"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="sect1"
HREF="ch17_09.htm"
TITLE="17.8. Finding Your Own Name and Address"
><IMG
SRC="../gifs/txtnexta.gif"
ALT="Next: 17.8. Finding Your Own Name and Address"
BORDER="0"></A
></TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="228"
>17.6. Using UNIX Domain Sockets</TD
><TD
ALIGN="CENTER"
VALIGN="TOP"
WIDTH="228"
><A
CLASS="index"
HREF="index/index.htm"
TITLE="Book Index"
><IMG
SRC="../gifs/index.gif"
ALT="Book Index"
BORDER="0"></A
></TD
><TD
ALIGN="RIGHT"
VALIGN="TOP"
WIDTH="228"
>17.8. Finding Your Own Name and Address</TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="684"
TITLE="footer"><FONT
SIZE="-1"
></DIV<!-- LIBRARY NAV BAR --> <img src="../gifs/smnavbar.gif" usemap="#library-map" border="0" alt="Library Navigation Links"><p> <a href="copyrght.htm">Copyright &copy; 2002</a> O'Reilly &amp; Associates. All rights reserved.</font> </p> <map name="library-map"> <area shape="rect" coords="1,0,85,94" href="../index.htm"><area shape="rect" coords="86,1,178,103" href="../lwp/index.htm"><area shape="rect" coords="180,0,265,103" href="../lperl/index.htm"><area shape="rect" coords="267,0,353,105" href="../perlnut/index.htm"><area shape="rect" coords="354,1,446,115" href="../prog/index.htm"><area shape="rect" coords="448,0,526,132" href="../tk/index.htm"><area shape="rect" coords="528,1,615,119" href="../cookbook/index.htm"><area shape="rect" coords="617,0,690,135" href="../pxml/index.htm"></map> </BODY
></HTML
>