Note: do not transmit a null-character (0) at the end of the string … transmit characters only up to and including the new-line (\n).

The server will parse the three tokens to determine that this is a port-forwarding request, and will forward all data received on this connection to port <portnum> on the machine specified by <remoteHost>. The parameter <portnum> is an ASCII representation of the port number to forward, so for example if we wish to forward port 6312, <portnum> is the character ‘6’ followed by ‘3’ followed by ‘1’ followed by ‘2’.

Note: do not transmit a null-character (0) at the end of the string … transmit characters only up to and including the new-line (\n).

<username> the login name for the user on the remote system

<hostname> the name of the remote system to login to

<port> the port on which the server (mySS) is listening

<lportN> the Nth local port to forward

<rportN> the Nth remote port to forward to

<hostN> the Nth remote host to forward to

This will create a remote login session for user maclean on eddie.cdf, and forward any attempts to connect to port 1234 on the local machine to port 110 on mail.cs.toronto.edu.

• using select(), monitor the keyboard and the socket connection for new data coming in; when a new character is available from the keyboard, encrypt it and write it to the socket; when a new character is available from the socket, read it and decrypt it and write it to stdout (the display).
• when the connection is terminated, restore the terminal to its original state (see libRawTerm.a below), and exit(). [Note: this will kill all threads handling forwarded connections … don’t worry about it]
• all of the remote login code may take place in main() if you wish

The getuid() function returns the user ID of the person running mySS. Since every user has a unique user ID, this ensures that no two CSC209 students will attempt to bind the same port, even if they run mySS on the same machine.

1. Set up a listening socket on the appropriate port
2. As each new connection comes in, compute and transmit the 128-byte key.
3. Read the request header from the client, and spawn the appropriate thread to handle it
4. For a remote login request, the thread should create a pipe, spawn a child via fork() and exec() a copy of rlogin where stdin, stdout and stderr have been redirected into the pipe via a call to dup2(). As the thread receives characters from the client (via the socket), it decrypts them and writes them to the pipe. As the thread reads characters from the pipe, it encrypts them and writes them to the socket.
5. For a port-forwarding request, the thread should open a connection to the requested port on the requested host (called the ‘remote connection’). As each character is received from the client, decrypt it and write it to the remote connection. As each byte is received from the remote connection, encrypt it and send it to the client.
6. Every time a new connection is made, the server prints (to stdout), the time of the new connection, its type (login/forward), the client who connected (IP address of client, and in the case of forwarding which remote host and port are being connected to)

I will provide two pieces of code to make this assignment simpler. All files will be found in /u/csc209h/include and /u/csc209h/lib.

1. libRC4.a, rc4.h: this header file together with its library will allow you to perform RC4 encryption/decryption of a character stream. In /u/csc209h/src I will provide the file TestRC4.c which will demonstrate the use of this library.
2. libRawTerm.a, RawTerm.h: this header file and library will allow you to place the client’s terminal into "raw" mode. In this mode no processing is done before characters reach the client, meaning that the client will be able transmit all keys pressed directly across the network connection. For example, if the client’s user types ^C, then instead of sending SIGINT to the client, the ^C is transmitted to the remote login session, and SIGINT is sent to the remote process.

• Use at least 10 assert() statements.
• You must use select(); marks will be deducted for improper use (if in doubt, ask).
• You may only use fork()/exec() for invoking rlogin; all other concurrency must be achieved using POSIX threads.
• You must use multiple files, and provide a makefile, which compiles both your client and server programs.
• You may only use INET domain sockets.
• Your code must work interchangeably with a client and server that I will provide no later than November 25^th. That is, your client must work with my server, and your server must work with my client

1. To create a remote login for the client, have the server thread managing the communications with the client fork() a child, and after redirecting stdin, stdout and stderr make the following call:
   if (strcmp(username,me) == 0)
   execlp("rlogin", "rlogin", "-l", "", "localhost", (char *)0);
   else
   execlp("rlogin", "rlogin", "-l", username, "localhost", (char *)0);
   where username points to a null-terminated string containing the login name to be used, and me points to a null-terminated string containing the login name of the person running the server. The importance of this statement will be explained in class.
2. To make the server port available for re-use immediately upon termination of the server, include the following code fragment in your server before binding the socket:
   int opt = 1 ;
   if (setsockopt(soc, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)))
   {
   perror("Unable to set server socket for re-use! "); exit(1);
   }
   where soc is the socket your server will be listening on.
3. Likewise, when you write data to a socket, don’t write null characters that are not actually part of the data.
4. Don’t try and write the whole program at once (remember, Rome wasn’t built in a day). Instead, break it down into manageable chunks, and code/test each chunk in some order. A sample breakdown might be:
   * write remote login connection without encryption
   * add encryption to above
   * write port forwarding, without encryption
   * add encryption to above
   Of course, each of these components can be broken down into smaller subtasks. It’s better to hand in a working but incomplete program than a complete program that doesn’t work at all.
5. To link the libraries, include the following parameters to gcc:
   -L/u/csc209h/lib –lRawTerm –lRC4
6. Comment out the following line in your .logout file (i.e. place a ‘#’ in front of it):
   /usr/bin/kill –HUP –1 >& /dev/null

When you are ready to submit your programs, you will use tar to combine all your source files (*.c and *.h) and your makefile into a single file named secure.tar. Use gzip to compress this file, thus creating secure.tar.gz.

You must hand in a printed version of your program, as well as submitting it electronically on CDF using "submit -N a4 csc209h secure.tar.gz". You can overwrite a previous submission by adding the "-f" switch to the submit command. No external documentation is required, but your program should be well documented.