Help with Designing or Debugging CORBA Applications
This article explores how I have added some useful extensions to an open-source protocol analyzer in order to allow the extraction of OMG IDL (interface definition language) defined data types from TCP/IP traffic (using GIOP/IIOP). I also discuss the development and use of a helpful tool (idl2eth) that can take your own OMG IDL file(s) and generate protocol analyzer plugins, and lead you through the steps of creating your own plugin for the CORBA project you are working on.
So, if you are designing or debugging a CORBA application that is using GIOP/IIOP, you can take the CORBA IDL file(s) and generate plugins that will decode your data and show you what it looks like "on the wire".
This would be most useful for debugging, say, traffic between a client and server or for learning how OMG IDL data types are marshaled via CDR (common data representation) Transfer Syntax onto an octet stream. It also would aid ORB interoperability testing, especially considering the number of new ORB implementations that are appearing lately.
For brevity, I'll refer to OMG IDL as IDL in this article. It is important, however, to remember that there are other forms of IDL besides OMG IDL in use daily. They will not be discussed here.
With the proliferation of so many IP-based protocols in today's networks, it is hardly surprising that the need arises for good protocol analyzers. They generally have the ability to monitor many different types of traffic and to sort or filter them according to the users' wishes.
The resulting data normally is captured (optionally passing through one or more capture filters) and also displayed (optionally passing through one or more display filters), so that one can sort out the interesting packets from the rest.
A wonderful example of an open-source protocol analyzer is Ethereal (www.ethereal.com). It is a highly capable analyzer that compiles and runs (thanks to autoconf) on many flavors of UNIX (including Linux), Windows, MacOS X, etc.
It can capture packets from a number of different types of networking devices and also can read capture files taken earlier using either Ethereal or other programs such as tcpdump, snoop and various other network analyzer programs. The following is a list of capture file formats it can read (Ethereal's native format is the libpcap format also used by tcpdump, so captures taken with Ethereal can be read by other programs that read tcpdump captures, such as tcpdump itself): libpcap/tcpdump, snoop, Shomiti, LANalyzer, MS Network Monitor, AIX iptrace, NetXray, Sniffer, Sniffer Pro, RADCOM, Lucent/Ascend debug output, Toshiba ISDN router snoop output, HPUX nettl, ISDN4BSD i4btrace utility, Cisco Secure IDS and pppd log files (pppdump format).
Ethereal also understands many different protocols, from AARP to ZEBRA, and a lot of others in between. I would estimate that it understands in excess of 200 protocols according to the latest Ethereal CVS tree.
Some of the more common protocols it can decode are DNS (domain name service), NFS (network file system), Telnet, SMB (server message block protocol), HTTP (hypertext transfer protocol) and POP (post office protocol).
It also has the ability to follow TCP streams and has useful filtering capabilities. (For the impatient, you can jump ahead and look at Figure 4 to see Ethereal in action.) And it has the ability to incorporate new protocols as either plugin dissectors or built-in dissectors.
Built-in dissectors are compiled as part of the Ethereal binary, whereas a plugin dissector is a shared library and loaded at runtime. This helps keep the Ethereal binary down to a reasonable size and also allows protocol dissection code to be distributed as a shared library if you wish. It also means, because its a shared lib, if you modify the plugin and run make again, the Ethereal binary is not recompiled, and this saves a lot of time.
Like most things in life, it is when we are faced with a problem to solve that we seek out solutions. For our staff at Ericsson Inc., based in the Telecom Corridor in Richardson, Texas, we were interested in debugging some CORBA traffic on the wire to support our R&D efforts involving CORBA applications.
I was already familiar with Ethereal and saw that some initial code to decode the GIOP header information was present in Ethereal, but that it had progressed no further. This is partly due to the fact that once the header information is decoded, then the payload is highly dependent on which CORBA operation is being called at that time. The operations that, for example, a CORBA server (or servant) provide are defined using OMG IDL.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide