Bug#351403: tftp uses wrong source port in last ack datagram on local connection

Sat, 04 Feb 2006 09:31:57 -0800 

Package: tftp
Version: 0.17-12
When tftp is used to retrieve a file from a TFTP server that is located on the same host, the last ACK datagram it sends in response to the last DATA datagram from the server has a wrong source port number, different from the one used in the request and in the previous ACKs. This results in an ICMP "port unreachable" error being sent and the server resending the last data datagram after time-out. Except from this, it does not seem to have any other side effects, the file is correctly retrieved since the last DATA datagram was received anyway. 

Here is a tcpdump trace of the following sequence :

$ tftp localhost
tftp> get chain.b
Received 734 bytes in 0.1 seconds

15:34:48.175800 127.0.0.1.1050 > 127.0.0.1.69:  19 RRQ "chain.b" (DF)
15:34:48.212424 127.0.0.1.1051 > 127.0.0.1.1050:  udp 516 (DF)
15:34:48.212878 127.0.0.1.1050 > 127.0.0.1.1051:  udp 4 (DF)
15:34:48.214088 127.0.0.1.1051 > 127.0.0.1.1050:  udp 226 (DF)
15:34:48.214495 127.0.0.1.1052 > 127.0.0.1.1051:  udp 4 (DF)

15:34:48.214624 127.0.0.1 > 127.0.0.1: icmp: 127.0.0.1 udp port 1051 
unreachable [tos 0xc0]

15:34:53.214761 127.0.0.1.1051 > 127.0.0.1.1050:  udp 226 (DF)

15:34:53.214887 127.0.0.1 > 127.0.0.1: icmp: 127.0.0.1 udp port 1050 
unreachable [tos 0xc0]



In this sequence, tftp uses source port 1050 to send the Read Request 
(RRQ) and ACKs, except for the last ACK that unexpectedly has source 
port 1052 instead. The TFTP server (tftpd) uses source port 1051.


Notes :

- When the TFTP server is a remote host, the last ACK sent by tftp has 
the same (correct) source port as the previous RRQ and ACK datagrams.



- When tftp is used to send a file to either the local host or a remote 
host, all DATA datagrams sent have the same source port.



- atftp, another TFTP client, does not exhibit such behavior when 
retrieving files from either the local host or a remote host.



System : Debian GNU/Linux 3.1 (Sarge), kernel 2.4.32 and 2.4.18, libc6 
2.3.2.ds1-22.



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]















    











					Reply via email to