Book Image

Hands-On Network Programming with C

By : Lewis Van Winkle
Book Image

Hands-On Network Programming with C

By: Lewis Van Winkle

Overview of this book

Network programming enables processes to communicate with each other over a computer network, but it is a complex task that requires programming with multiple libraries and protocols. With its support for third-party libraries and structured documentation, C is an ideal language to write network programs. Complete with step-by-step explanations of essential concepts and practical examples, this C network programming book begins with the fundamentals of Internet Protocol, TCP, and UDP. You’ll explore client-server and peer-to-peer models for information sharing and connectivity with remote computers. The book will also cover HTTP and HTTPS for communicating between your browser and website, and delve into hostname resolution with DNS, which is crucial to the functioning of the modern web. As you advance, you’ll gain insights into asynchronous socket programming and streams, and explore debugging and error handling. Finally, you’ll study network monitoring and implement security best practices. By the end of this book, you’ll have experience of working with client-server applications and be able to implement new network programs in C. The code in this book is compatible with the older C99 version as well as the latest C18 and C++17 standards. You’ll work with robust, reliable, and secure code that is portable across operating systems, including Winsock sockets for Windows and POSIX sockets for Linux and macOS.
Table of Contents (26 chapters)
Title Page
About Packt

Chapter 10, Implementing a Secure Web Server

  1. How does a client decide whether it should trust a server's certificate?

There are various ways a client can trust a server's certificate. The chain-of-trust model is the most common. In this model, the client explicitly trusts an authority. The client then implicitly trusts any certificates it encounters that are signed by this trusted authority.

  1. What is the main issue with self-signed certificates?

Self-signed certificates aren't signed by a trusted certificate authority. Web browsers won't know to trust self-signed certificates unless the user adds a special exception.

  1. What can cause SSL_accept() to fail?

SSL_accept() fails if the client doesn't trust the server's certificate or if the client and server can't agree on a mutually supported protocol version and cipher suite.

  1. Can select() be used to multiplex connections for HTTPS servers?

Yes, but be aware that select() works on the underlying TCP connection layer, not on the TLS layer. Therefore, when select() indicates that a socket has data waiting, it does not necessarily mean that there is new TLS data ready.