Introduction to the Peer-to-Peer Sockets Project

Sky-Tiger · 发表于 2009-3-14 23:56

Working with the P2P InetAddress Class

The P2P Sockets package includes an implementation of java.net.InetAddress that works the same as InetAddress and that subclasses it.

The following examples show different ways in which to create a P2PInetAddress object.

// Create an InetAddress where we know the host
// name but not the IP address.
// This will not search the network to find the
// corresponding IP address.
InetAddress inetAddr = P2PInetAddress.getByAddress("www.nike.laborpolicy", null);

// Create an InetAddress where we know the IP
// address but not the host name.
// This will not search the network to find the
// corresponding host name.
InetAddress inetAddr = P2PInetAddress.getByAddress("55.32.77.34", null);

// Create an InetAddress where we know both the
// IP address and the host name.
// No searching will occur on the network
byte ipAddress[] = new byte[4];
ipAddress[0] = 55;
ipAddress[1] = 32;
ipAddress[2] = 77;
ipAddress[3] = 34;
InetAddress inetAddr = P2PInetAddress.getByAddress("www.nike.laborpolicy", ipAddress);

// Create an InetAddress object using the hostname.
// The network will be searched for the corresponding IP address
InetAddress inetAddr = P2PInetAddress.getByName("www.boobah.cat");

// Create an InetAddress object using the hostname.
// The network will be searched for the corresponding IP address
InetAddress inetAddress[] = P2PInetAddress.getAllByName("www.boobah.cat");

// Create an InetAddress object using the IP address.
// The network will be searched for the corresponding host name
byte ipAddress[] = new byte[4];
ipAddress[0] = 55;
ipAddress[1] = 32;
ipAddress[2] = 77;
ipAddress[3] = 34;
InetAddress inetAddr = P2PInetAddress.getByAddress(ipAddress);

// Get the host name and IP address for the local host
InetAddress inetAddr = P2PInetAddress.getLocalHost();

Once you have an P2PInetAddress object, you can treat it like a normal InetAddress object:

InetAddress inetAddr = P2PInetAddress.getByName("www.boobah.cat");
String hostName = inetAddr.getHostName();
String ipAddressString = inetAddr.getHostAddress();
byte ipAddress[] = inetAddr.getAddress();
boolean isLocalhost = inetAddr.isLoopbackAddress();

P2P server sockets have an interesting problem that standard server sockets do not have. Because the P2P Sockets system implements its own simple DNS system, we need a way to create an InetAddress for a host name that does not exist yet; we explicitly don't want to search the network to resolve a given host name into an IP address, or vice versa, because neither of them exist yet. We would then use this InetAddress object to instantiate a P2PServerSocket to bind a new host name and IP address. P2P Sockets currently overloads the standard getByAddress(String host, byte address[]) method to avoid resolving information that is not given. This is the recommended method to use to generate a P2PInetAddress object, since contacting the network to resolve the extra information is wasteful and not really needed. To check to see if a given host name or IP address is already taken, use the methods on the P2PNameService class, which were detailed in the section above:

InetAddress objects can be used to start P2P sockets or server sockets, just as in standard Java sockets and server sockets:

InetAddress inetAddr = P2PInetAddress.getByAddress("www.boobah.cat", null);
ServerSocket server = new P2PServerSocket(inetAddr, 80);
.......
.......
.......
InetAddress inetAddr = P2PInetAddress.getByAddress("www.boobah.cat", null);
Socket server = new P2PSocket(inetAddr, 80);

Sky-Tiger · 发表于 2009-3-14 23:56

The Loopback (127.0.0.1) and Any (0.0.0.0) Addresses

The P2P Sockets package provides a simple implementation of the Any IP address, which is 0.0.0.0. In normal TCP/IP parlance for server sockets, the Any interface says "start a server socket with any of the available IP addresses available on this machine; I don't know which it is and don't care." In the context of P2P Server Sockets, hosts can not be "multi-homed;" i.e., have more than one IP address. Instead, they are given an automatic host name that is autogenerated from their JXTA peer names. For example, if a peer is named BradGNUberg, then the peer would be given the automatic host name www.BradGNUberg.peer. By default, the prefix is "www." and the suffix is ".peer". These values are currently not customizable, but future versions will expose this capability.

We use this automatic peer name to resolve the Any or Loopback address:

// In the following example, assume the peer's
// local JXTA name is BradGNUberg.
InetAddress inetAddr = P2PInetAddress.getLocalHost();
ServerSocket socket = new P2PServerSocket(inetAddr, 100);
// returns "www.BradGNUberg.peer"
String hostName = socket.getHostName();

Before this will work, however, you must start up a P2PServerSocket for the localhost on a given port.

P2P server sockets also provides support for another feature for compatibility with normal server sockets, though it will probably only rarely be used. Normal TCP/IP server sockets can be started with the any interface and no port specified. This would start the server socket on a random "private" port about 1024. The P2PServerSocket class supports the same thing; if you start it with no host name or the Any interface and no port, a random port number will be generated above 1024 but less than 65536. You could then retrieve this port number from the server socket and send it to client sockets over another channel to inform them of a private, random port that is available.

Sky-Tiger · 发表于 2009-3-14 23:57

Limitations and Security Concerns

The P2P Sockets project currently has the following limitations and security issues:

*

   Spoofing host names and IP address on the peer network is trivial, as no mechanism currently exists to securely associate a given host name or IP address with a specific peer or peer group.
*

   The network is vulnerable to denial-of-service attacks, where one peer floods the network with requests or attempts to continuously create server sockets.
*

   The P2P Sockets package does not currently tie into the JVM Security Manager architecture, which would sandbox the code according to a security policy. Once a peer is exposed on a network, other peers could take advantage of flaws in the Java Virtual Machine or the P2P Sockets layer itself to compromise the peer computer. Being able to sandbox the peer code away from native machine resources would help this, but is not currently possible, since P2P Sockets doesn't check the security manager before any operation. It is also dangerous to include a JSP engine on an ordinary user's personal computer, as JSP depends on javac, the Java compiler. It is dangerous to include a network path to a language compiler, as this is a common way to compromise a computer and gain further access. You should precompile your JSPs into servlets and bundle the servlets with your peer programs instead of the full JSP engine.
*

   Multicast IP addresses and Multicast sockets are not supported.
*

   UDP sockets are not supported.
*

   Site-local/private IP addresses (192.168.x.x) are not supported. Create your own private peer group if you want to simulate a private site address.
*

   The various socket options, such as SoLinger, are not supported and are ignored.
*

   Non-blocking I/O socket channels are not supported.
*

   Loopback socket servers are exposed outside of their local machine, which is incorrect.
*

   SSL/HTTPS is not supported.
*

   The JXTA Configurator is still invoked if there is no JXTA configuration. This has several problems. First, it is one of the last pieces of P2P Sockets that exposes programmers to JXTA concepts, and second, it requires users to delve into a complex configuration system to figure out if they are behind a firewall or NAT device. A future project will address autoconfiguring these properties by having the peer "introspect" itself to see if it is behind a firewall, a NAT device, etc.