I have a web server with my web site and I am trying to stress test it but I don't seem to be able. I think that the problem is that there is a limited number of concurrent connections in XP (Pro).
I wrote a simple client in C# for stress testing:
...
for (int i = 0; i < _numThread; i++)
{
Thread t = new Thread(CallGetHttp);
t.Start();
}
...
private void CallGetHttp()
{
WebRequest wrGETURL;
wrGETURL = WebRequest.Create(_url);
WebProxy myProxy = new WebProxy("myproxy", 80);
myProxy.BypassProxyOnLocal = true;
wrGETURL.Proxy = WebProxy.GetDefaultProxy();
Stream objStream;
objStream = wrGETURL.GetResponse().GetResponseStream();
StreamReader objReader = new StreamReader(objStream);
..
}
Is this proper? If so, how can I increase the number of concurrent connections?
The connection limit is on inbound sockets, and it's hardcoded into XP's network stack to prevent them being used as servers (more money for Microsoft...) Your only choice is to move to Windows Server if your on a microsoft stack, or legally move to linux if your code will suppport it. Look into mono provided that your not doing anything too specific.
Also be careful to fall into the virtual PC trap. Network access from microsoft virtual PC is via the XP network stack. So if you run linux inside a VM inside XP, you're still constrained to the 10 inbound connections.
Related
I have a windows desktop application on .NET Framework that a user can interact with. There is a "connect" button that sets up Apache Geode client connection to Geode Server.
When Geode Server is down (Locator - there is only 1) the desktop application hangs indefinitely and needs to be forcefully closed.
This is how we connenect to the server and hangs on last line indefinitely:
PoolFactory poolFactory = _cache.GetPoolManager()
.CreateFactory()
.SetSubscriptionEnabled(true)
.AddLocator(_host, _port);
return poolFactory.Create(_serviceName);
I would like to add a time-out period for this method to return or throw exceptions or anything.
Alternatively, I've wrapped it on a different kind of timer outside of this to just return, but when trying to run the above code again (to try to connect the application again) the pool is still trying to connect.
I have tried to destroy it like this:
//destroy the pool
var poolManager = _cache.GetPoolManager();
if (poolManager != null)
{
var pool = poolManager.Find(_serviceName);
if (pool != null && pool.Destroyed == false)
pool.Destroy();
}
But then the pool.Destroy(); hangs indefinateley
How can I have a mechanism to attempt to connect to the Geode server, return if not connected within 10 seconds, then leave and are able to try to connect again using the same cache?
Note above was trying to re-use the same cache, probably setting cache to null and trying all over again would work, but I am looking for a more correct way to do it.
Depending on what version of .NET native client you are using. There is a property in 10.x connect-timeout that should work. Additionally, you can wrap your connection code under try{...}catch{} block and handle an exception for Apache.Geode.Client.TimeoutException and/or ": No locators available".
Example:
var _cache = new CacheFactory()
.Set("log-level", "config")
.Set("log-file", "C:\temp\test.log")
.Set("connect-timeout", "26000ms")
.Create();
_cache.GetPoolManager()
.CreateFactory()
.SetSubscriptionEnabled(true)
.AddLocator(hostname-or-ip", port-number)
.Create("TestPool");
I'm having trouble with UWP. I am trying to bind a StreamSocketListener to act as a small web server but after 20 or so connections the ReadAsync function hangs and the application eventually closes without an error.
Here is the code I'm using:
private const uint bufferSize = 1024;
private int port = 9000;
public async void Start()
{
StreamSocketListener listener = new StreamSocketListener();
listener.ConnectionReceived += async (sender, args) =>
{
string request = null;
using (IInputStream input = args.Socket.InputStream)
{
byte[] data = new byte[bufferSize];
IBuffer buffer = data.AsBuffer();
uint bytesRead = bufferSize;
while (bytesRead == bufferSize)
{
IBuffer result = await input.ReadAsync(buffer, bufferSize, InputStreamOptions.Partial);
request += Encoding.ASCII.GetString(result.ToArray());
bytesRead = buffer.Length;
}
processRequest(getPath(request), args.Socket.OutputStream);
}
};
await listener.BindServiceNameAsync(port.ToString());
}
You'd better dispose the disused connection in time. When your app receive a new connection, you could release the previous connection in its ConnectionReceived event handler. You could see the official code sample also does the same thing. SocketActivityStreamSocket/cs/Server
I am using similar code (I found it somewhere online) on my Raspberry Pi 3 acting as a simple web server, yeah.. it is very frustrated. Indeed, I ran into the same issue and I did use "args.Socket.Dispose()" on each request to solve PART OF THE PROBLEM.
I have a windows service client connecting to my Pi simple web server every 30 seconds and my Pi background service just hangs after around 1.5 to 2 hours. After debugging for many hours, I tried to remove the "await" from input.ReadSync, also make sure that your ProcessRequest doesn't do any async/await. It solved my problem, the server becomes stable without hangging. For me it is okay, since I only have one client, so Sync or Async doesn't really matter to me.
One weird problem though... it seems like randomly during the day, the "request" string will receive some garbage instead of the real HTTP request. I still haven't figured out why. BTW, There is a very good open source project on GitHub called "Catnap.Server", it seems to look pretty powerful. I haven't tried it but if you look at that implementation, they are using Streamreader instead of ReadAsync.
My windows service client has been working perfectly for 3 years when it was connecting to my old version of Raspberry Pi which ran on NOOBS linux, Apache and PHP. It was rock solid stable... just want to give Win 10 IoT a try and we have to implement our own web server!!??? My experience so far isn't that pleasant honestly.
I'm building a kext for an extra layer of security on OS X (built around KAtuh). I'm using a client in userspace that connects to the kext over sockets (as advised by Apple), and basically controls the kext. Because the product is supposed to provide extra security for OS X, it is important that it is "as secure as possible" against attacks. One attack vector is the following: A malicious process impersonates the client and sends malicious control data to the kext, disabling the security mechanism.. I want to prevent this by doing authentication upon connection. Here are my solutions:
Run the client as root, use CTL_FLAG_PRIVILEGED flag to ensure only root clients can connect to the kext. I'm not sure if I want to have my client run in privileged mode (again: extra attack vector).
Let the kext be connected to only one client. However, this is easily by-passable.
Ideally, I want to verify the identity of the client that connects through static int ctl_connect(kern_ctl_ref ctl_ref, struct sockaddr_ctl *sac, void **unitinfo). How can I do this?
I can also do packet authentication in static int ctl_set(kern_ctl_ref ctl_ref, u_int32_t unit, void *unitinfo, int opt, void *data, size_t len), however, I would have to come up with a dynamic shared secret. I was thinking about secret = SHA256(getUDID()), but AFAIK there are no crypto KPI's available, neither a way to getUDID() from kernelspace.
Are there any other idea's on doing "proper" authentication of clients?
I have asked Apple's Developer Tech Support this question, and they have said the only supported way to restrict user client access to kexts is to distinguish between root and non-root processes.
Personally, for the purposes of reducing the attack surface, it would indeed be useful to drop user client privileges. The Linux way of checking for a specific group membership seems like it should work on OS X too. (For example, you typically need to be part of the 'kvm' group to use the KVM virtualisation technology on Linux.) The only way to become a member of the group is via root privileges (setting up the Launch Daemon's GroupName requires root privileges) so this should be secure. I have yet to try this myself, but I've got 2 projects where this would make sense so I'll give it a go and will update this answer with my findings.
Apple has implemented functionality in the AMFI kext (<sys/codesign.h> header) that can be used to obtain the TeamID from a signed binary. If this header would be public, this is exactly what could be used to authenticate the client process connecting to the kext.
/*
* Function: csfg_get_teamid
*
* Description: This returns a pointer to
* the teamid for the fileglob fg
*/
const char *
csfg_get_teamid(struct fileglob *fg)
{
struct ubc_info *uip;
const char *str = NULL;
vnode_t vp;
if (FILEGLOB_DTYPE(fg) != DTYPE_VNODE)
return NULL;
vp = (struct vnode *)fg->fg_data;
if (vp == NULL)
return NULL;
vnode_lock(vp);
if (!UBCINFOEXISTS(vp))
goto out;
uip = vp->v_ubcinfo;
if (uip == NULL)
goto out;
if (uip->cs_blobs == NULL)
goto out;
/* It is OK to extract the teamid from the first blob
because all blobs of a vnode must have the same teamid */
str = uip->cs_blobs->csb_teamid;
out:
vnode_unlock(vp);
return str;
}
Here is my problem:
I have a closed-source third-party Win32 application, which acts as a server for other programs via named pipes, i.e. it expects its clients to do smth like this:
HANDLE h = CreateFile("\\\\.\\pipe\\$pipe_name$", GENERIC_READ | GENERIC_WRITE, etc...);
// ...
TransactNamedPipe(h, buf, etc...);
// ...
CloseHandle(h);
This app runs perfectly in WINE, except that I can't communicate with it. So here is my question:
What exactly does WINE do when it is requested to open a pipe? Does it, say, map it to some FIFO file in ~/.wine/ or wherever? Is there any way to communicate with such program from a Linux application? Google doesn't know anything about it.
Thank you.
Named pipes are hosted by the WINE server process. Requests are sent to this process by the WINE clients. For example, CreateNamedPipe uses a request like:
SERVER_START_REQ( open_file_object )
{
req->access = access;
req->attributes = attr->Attributes;
req->rootdir = wine_server_obj_handle( attr->RootDirectory );
req->sharing = sharing;
req->options = options;
wine_server_add_data( req, attr->ObjectName->Buffer, attr->ObjectName->Length );
io->u.Status = wine_server_call( req );
*handle = wine_server_ptr_handle( reply->handle );
}
The server manages connecting the named pipe. Once a client and server have connected, the WINE server gets out of the way by sending an fd to the client. I think this fd is just an anonymous pipe created by the WINE server, one end being sent to the pipe server and one end to the pipe client.
Named Pipes in a wine official wiki
this article could help too: http://lkcl.net/namedpipes/namedpipes-emulation.txt
I am working with a 3rd party device which opens a tcp port that only allows one connection at a time. If my app connects to the port, all other connections are denied.
I'd like to find an app that basically connects to this port, then allows others to connect to it on a different port.
Any data sent out of the device's port is then rebroadcast to any connected client.
I know how to write such an app, but it seems like it would be something someone else has already thought off and written it & shared, and I could avoid taking the time to write it.
basicaly code would be:
1) start a tcp socket server, binding to TO_PORT (clients connect to this)
2) connect as a client to DEVICE_IP:DEVICE_PORT
3) when data is read into a buffer from DEVICE_IP:DEVICE_PORT, the buffer content is resent to each connected client.
4) everything else that makes it a stable, working program.
This is for windows, and I'd prefer it not require a java install.
My google skills have failed me.
Anyone know of such an app?
Not a complete solution for you, but might be interesting, though
http://www.codeproject.com/KB/IP/serversocket.aspx
http://www.codeproject.com/KB/IP/UniversalTCPSocketClass.aspx
Guess I'll answer my own question.
I implemented the solution my self.
Key points to my solution:
A class named IPClient which wraps up a TcpClient instance, uses async model of calling TcpClient.BeginConnect, BeginRead, etc. It has a Timer used for reconnecting if it loses connection.
This is the class that connects to the device.
It's public interface would look something like this:
public class IPClient{
public event EventHandler<MyConnectedArgs> Connected;
public event EventHandler<MyDisconnectedArgs>Disconnected;
public event EventHandler<MyDataReceivedArgs> DataReceived;
public bool Connect(string address, int port){...}
public bool Disconnect() {...}
}
To open the port that would allow other clients to connect, I used this library: http://codeproject.com/KB/IP/BasicTcpServer.aspx and modified it a bit.
It's job was to open a port, accept connections, and do the following:
in the Connected handler, start the listening port
in the Disconnected handler, stop the listening port
in the DataReceived handler, broadcast the data to any connected clients.
I'll leave out the rest of the boring details, but say it wasn't "too hard", and eventually I just had to roll my own.
command line usage: myapp.exe remote_addr remote_port listen_port
psuedocode/main idea of my program main:
static int Main(string[] args){
//SetConsoleCtrlHandler(my callback re: ctrl+C,etc)
//get command line params
var ipClient = new IPClient();
var myprovider = MyTcpServiceProvider();
var server = new TcpServer(myProvider, listenPort);
ipClient.Connected += (sender, e) => server.Start();
ipClient.Disconnected += (sender,e) => server.Stop();
ipClient.DataReceived += (sender,e)=> provider.BroadcastToClients(e.Data);
ipClient.Connect(remoteAddress, remotePort);
//wait for Ctrl+C or program exit
//shutdown code,etc
return 0;
}