Can anyone comment on this patch?
http://www.kame.net/dev/cvsweb.cgi/kame/freebsd4/sys/kern/uipc_socket.c
Kris
----- Forwarded message from [EMAIL PROTECTED] -----
Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: accept(2) behavior with tcp RST right after handshake
X-Template-Reply-To: [EMAIL PROTECTED]
X-Template-Return-Receipt-To: [EMAIL PROTECTED]
X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2
From: [EMAIL PROTECTED]
Date: Wed, 07 Feb 2001 21:39:49 +0900
X-UIDL: aff7d2fbee72775e2137abcde0bef0d0
i believe you will want to merge this.
scenario:
- you are listening to tcp port
- someone comes in, handshake (SYN, SYNACK, ACK)
- someone sends RST
- your server issues accept(2)
previous behavior: accept(2) returns successful result with zero-
length sockaddr.
new behavior: return ECONNABORTED.
effect:
- if someone runs nmap against your machine, and you are unlucky,
your server listening to tcp port (like BIND9) can get
segv/abort due to unexpected zero-length sockaddr + successful
error return on accept(2).
itojun
------- Forwarded Messages
Return-Path: [EMAIL PROTECTED]
Return-Path: <[EMAIL PROTECTED]>
Received: from orange.kame.net (orange.kame.net [203.178.141.194])
by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id VAA00242
for <[EMAIL PROTECTED]>; Wed, 7 Feb 2001 21:35:16 +0900 (JST)
Received: (from daemon@localhost)
by orange.kame.net (8.9.3+3.2W/3.7W/smtpfeed 1.06) id VAA48429;
Wed, 7 Feb 2001 21:35:16 +0900 (JST)
Received: (from itojun@localhost)
by orange.kame.net (8.9.3+3.2W/3.7W) id VAA48423;
Wed, 7 Feb 2001 21:35:15 +0900 (JST)
Date: Wed, 7 Feb 2001 21:35:15 +0900 (JST)
From: Jun-ichiro itojun Hagino <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
To: cvs-kame:;
Subject: kame cvs commit: kame/freebsd4/sys/kern uipc_socket.c kame/netbsd/sys/kern
uipc_socket.c kame/openbsd/sys/kern uipc_socket.c
Reply-to: [EMAIL PROTECTED]
X-Filter: mailagent [version 3.0 PL68] for [EMAIL PROTECTED]
itojun 2001/02/07 21:35:15 JST
Modified files:
freebsd4/sys/kern uipc_socket.c
netbsd/sys/kern uipc_socket.c
openbsd/sys/kern uipc_socket.c
Log:
return ECONNABORTED, if the socket (tcp connection for example)
is disconnected by RST right before accept(2). fixes PR 10698/12027.
checked with SUSv2, XNET 5.2, and Stevens (unix network programming
vol 1 2nd ed) section 5.11.
Revision Changes Path
1.2 +243 -10 kame/freebsd4/sys/kern/uipc_socket.c
1.3 +1 -1 kame/netbsd/sys/kern/uipc_socket.c
1.3 +1 -1 kame/openbsd/sys/kern/uipc_socket.c
------- Message 2
Return-Path: [EMAIL PROTECTED]
Return-Path: <[EMAIL PROTECTED]>
Received: from orange.kame.net (orange.kame.net [203.178.141.194])
by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id VAA00253
for <[EMAIL PROTECTED]>; Wed, 7 Feb 2001 21:35:20 +0900 (JST)
Received: (from itojun@localhost)
by orange.kame.net (8.9.3+3.2W/3.7W/smtpfeed 1.06) id VAA48466;
Wed, 7 Feb 2001 21:35:19 +0900 (JST)
Date: Wed, 7 Feb 2001 21:35:19 +0900 (JST)
From: Jun-ichiro itojun Hagino <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: kame-local cvs commit: kame/bsdi4/sys/kern uipc_socket.c
X-Filter: mailagent [version 3.0 PL68] for [EMAIL PROTECTED]
itojun 2001/02/07 21:35:19 JST
Modified files:
bsdi4/sys/kern uipc_socket.c
Log:
return ECONNABORTED, if the socket (tcp connection for example)
is disconnected by RST right before accept(2). fixes PR 10698/12027.
checked with SUSv2, XNET 5.2, and Stevens (unix network programming
vol 1 2nd ed) section 5.11.
Revision Changes Path
1.4 +1 -1 kame/bsdi4/sys/kern/uipc_socket.c
------- End of Forwarded Messages
----- End forwarded message -----
PGP signature