• C

string compare validation doesnt work

hi all,
the program involved of the client-server communication, but the communication between both side seems not the cause of problem, after server retrieved the name and password from the client, parameter is pass into the login function to validate the user. but the program output is not as what i expected since the string compare is not work, all the coding for client and server is provided. and a password.txt is a must so that the server side can open the file for validation checking. hopes to see the solution for my problem as soon as possible.

server.c coding:
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>
#include <time.h>

void dostuff(int);
void error(char *msg);
int login(int sockfd);
int validate(char name[8],char pass[32]);
static char name[8];
static char pass[32];
FILE *loginfile,*logfile;

int main(int argc, char *argv[])
{      int sockfd, newsockfd, portno, clilen, pid;
           struct sockaddr_in serv_addr, cli_addr;

      if (argc < 2)
      {
            fprintf(stderr,"No port number defined\n");
              exit(1);
           }
      sockfd = socket(AF_INET, SOCK_STREAM, 0);
           if (sockfd < 0)
              error("Error opening socket");
           bzero((char *) &serv_addr, sizeof(serv_addr));
           portno = atoi(argv[1]);
           serv_addr.sin_family = AF_INET;
           serv_addr.sin_port = htons(portno);
           serv_addr.sin_addr.s_addr = INADDR_ANY;
           if (bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0)
                    error("Error on binding");
           listen(sockfd,5);
           clilen = sizeof(cli_addr);
           while (1)
      {            newsockfd = accept(sockfd, (struct sockaddr *) &cli_addr, &clilen);
               if (newsockfd < 0)
                         error("Error accepting incoming connection!\n");
               pid = fork();
               if (pid < 0)
                         error("Error creating child process!\n");
               if (pid == 0)
            {            close(sockfd);
                  login(newsockfd);
                         exit(0);
               }
               else
            {      close(newsockfd);      }
           }
      return 0;
}

void error(char *msg)
{
      perror(msg);
      exit(1);
}

int login(int newsockfd)
{      int n;
      int authorized;
      char temp[256];
      bzero(name,8);
      bzero(pass,32);
      bzero(temp,256);
      n=read(newsockfd,&temp,255);
      if(n<0)
            error("Error reading from socket");
      strcpy(name,temp);
      printf("Name entered: %s",name);
      bzero(temp,256);
      n=read(newsockfd,&temp,255);
      if(n<0)
            error("ERROR reading from socket");
      strcpy(pass,temp);
      printf("Password entered: %s\n",pass);
      bzero(temp,256);

      authorized=(validate(name,pass));

      if(authorized==1)
            printf("success");
      else
            printf("failed");
}

int validate(char name[8],char pass[32])
{      char checkname[8];
      char checkpassword[32];
      printf("Validating user...\n");
      printf("username: %s",name);
      printf("password: %s\n",pass);
      if((loginfile=fopen("password.txt","r"))==NULL)
            printf("Login file not found");
      else
      {      do
            {      fscanf(loginfile,"%s %s",&checkname,&checkpassword);
                  printf("cu: %s cp: %s\n",checkname,checkpassword);
                  if(strcmp(checkname,name)==0)
                  {
                        if(strcmp(checkpassword,pass)==0)
                        {
                              fclose(loginfile);
                              return 1;
                        }
                  }
            }while(!feof(loginfile));
            fclose(loginfile);
            return 0;
      }
}
-----------------------------------------------------------------------------------------------------------
client.c coding
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>

void error(char *msg);

int main(int argc, char *argv[])
{          int sockfd, portno, n;
          struct sockaddr_in serv_addr;
          struct hostent *server;
          char buffer[256];
          if (argc < 3)
      {      fprintf(stderr,"Please provide the hostname and port number!\n", argv[0]);
                   exit(0);
          }
          portno = atoi(argv[2]);
          sockfd = socket(AF_INET, SOCK_STREAM, 0);
          if (sockfd < 0)
              error("Error opening socket!");
          server = gethostbyname(argv[1]);
          if (server == NULL)
      {            fprintf(stderr,"Error, no such host!\n");
              exit(0);
          }
          bzero((char *) &serv_addr, sizeof(serv_addr));
          serv_addr.sin_family = AF_INET;
          bcopy((char *)server->h_addr, (char *)&serv_addr.sin_addr.s_addr, server->h_length);
          serv_addr.sin_port = htons(portno);
          if (connect(sockfd,&serv_addr,sizeof(serv_addr)) < 0)
              error("Error connecting");
      printf("Restricted users only.\n");
          printf("Please enter your name: ");
          bzero(buffer,256);
          fgets(buffer,255,stdin);
          n = write(sockfd,buffer,strlen(buffer));
          if (n < 0)
               error("Error writing to socket");
          bzero(buffer,256);
          printf("Please enter your password: ");
          fgets(buffer,255,stdin);
          n = write(sockfd,buffer,strlen(buffer));
          if (n < 0)
               error("Error writing to socket");
          return 0;
}

void error(char *msg)
{
    perror(msg);
    exit(0);
}
-----------------------------------------------------------------------------------------------------------
password.txt:
12345678 1234
23456789 2345
-----------------------------------------------------------------------------------------------------------
server.c result:
user$ server 50000
Name entered: 12345678
Password entered: 1234

Validating user...
username: 12345678
password: 1234

cu: 12345678 cp: 1234
cu: 23456789 cp: 2345
cu: 23456789 cp: 2345
-----------------------------------------------------------------------------------------------------------
client.c result:
user$ client localhost 50000
Restricted users only.
Please enter your name: 12345678
Please enter your password: 1234
user$
LVL 4
CSLEEDSAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

imladrisCommented:
HMmm. I can't explain all of your observations in detail. However, I suspect a bunch of the problem is in the validate method.

int validate(char name[8],char pass[32])
{     char checkname[8];
     char checkpassword[32];
     printf("Validating user...\n");
     printf("username: %s",name);
     printf("password: %s\n",pass);
     ...
     ...


You are showing 8 character user names; however, you have only allocated 8 bytes for checkname. This will mean that the trailing zero (that denotes the end of the string) will be overflowing into other memory with unpredictable results.

So, if you ensure that name and checkname are 9 (or perhaps a more generous 10) bytes, that will definitely take care of some possible corruption. It may or may not alter the current behaviour you are getting.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cryptosidCommented:
Also the definition of the validate function is somewhat doubtful , it should be

int validate(char name[],char pass[])


Regards,
Siddhesh
0
CSLEEDSAuthor Commented:
ok, now i have increase the size of the name, checkname, pass, checkpassword to 10 and 40 accordingly. beside of that, i have change the definition of the validate function as mentioned by cryptosid as well, but the program stil giving me the same result. any other recommendation?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

CSLEEDSAuthor Commented:
i got it!
the problem was come from the fgets() function in the client side where the strlen of the buffer should b minus by 1 where the string is automatically append with a \n at the end.

and the code to write the input to buffer should b as shown below:
          fgets(buffer,255,stdin);
          n = write(sockfd,buffer,strlen(buffer)-1);
0
cryptosidCommented:
On second thoughts, what could be happening is. when you specify strlen(buffer) and lets say it includes '\n' character, its possible that '\n' gets converted into 2 characters '\r' and '\l' which results in a buffer overrun when you pass a 8 letter user-id which because of the '\n' would become a 10 letter userid in binary.

I don't know for sure, but a debug might enlighten things up for you, hope the problem is resolved.

Regards,
Siddhesh
0
CSLEEDSAuthor Commented:
thanks for both of you to giving me a hand, the problem has been solved in the earlier time, sorry for my late respond to accept the answer, thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.