Book Image

Hands-On Network Programming with C

By : Lewis Van Winkle
Book Image

Hands-On Network Programming with C

By: Lewis Van Winkle

Overview of this book

Network programming enables processes to communicate with each other over a computer network, but it is a complex task that requires programming with multiple libraries and protocols. With its support for third-party libraries and structured documentation, C is an ideal language to write network programs. Complete with step-by-step explanations of essential concepts and practical examples, this C network programming book begins with the fundamentals of Internet Protocol, TCP, and UDP. You’ll explore client-server and peer-to-peer models for information sharing and connectivity with remote computers. The book will also cover HTTP and HTTPS for communicating between your browser and website, and delve into hostname resolution with DNS, which is crucial to the functioning of the modern web. As you advance, you’ll gain insights into asynchronous socket programming and streams, and explore debugging and error handling. Finally, you’ll study network monitoring and implement security best practices. By the end of this book, you’ll have experience of working with client-server applications and be able to implement new network programs in C. The code in this book is compatible with the older C99 version as well as the latest C18 and C++17 standards. You’ll work with robust, reliable, and secure code that is portable across operating systems, including Winsock sockets for Windows and POSIX sockets for Linux and macOS.
Table of Contents (26 chapters)
Title Page
About Packt

Security and robustness

One of the most important rules, when developing networked code, is that your program should never trust the connected peer. Your code should never assume that the connected peer sends data in a particular format. This is especially vital for server code that may communicate with multiple clients at once.

If your code doesn't carefully check for errors and unexpected conditions, then it will be vulnerable to exploits.

Consider the following code which receives data into a buffer until a space character is found:

char buffer[1028] = {0};
char *p = buffer;

while (!strstr(p, " "))
    p += recv(client, p, 1028, 0);

The preceding code works simply. It reserves 1,028 bytes of buffer space and then uses recv() to write received data into that space. The p pointer is updated on each read to indicate where the next data should be written. The code then loops until the strstr() function detects a space character.

That code could be useful to read data from a client until an HTTP...