[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment:
The TCP-issues from my post are all resolved. I now know how TCP works; the
behaviour of python seems to be correct.
About the imap-behaviour:
m...@harga ~$ python
Python 2.5.5 (r255:77872, Apr 21 2010, 08:40:04)
[GCC 4.4.3] on linux2
Type help, copyright, credits or license for more information.
import imaplib
c = imaplib.IMAP4_SSL(post.in.tum.de)
c.login(toelke, XXX)
('OK', ['LOGIN Ok.'])
c.logout()
('BYE', ['Courier-IMAP server shutting down'])
C-d
m...@harga ~$
At the time of the logout() the server closes his connection and sends a
FIN-packet. If python is closed, it sends not a FIN-Packet but a RST-paket.
The problem I have with this is, that the Linux-Packetfilter-Firewall does
not expect this RST-Packet either and in out configuration logs this as a
connection in the wrong state which is generally a security-problem.
Our workaround for the last year has been
iptables -A OUTPUT -p tcp --tcp-flags ACK,RST ACK,RST -d 131.159.22.43 -j DROP
Thanks for the help!
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue5565
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment:
The TCP-issues from my post are all resolved. I now know how TCP works; the
behaviour of python seems to be correct.
About the imap-behaviour:
m...@harga ~$ python
Python 2.5.5 (r255:77872, Apr 21 2010, 08:40:04)
[GCC 4.4.3] on linux2
Type help, copyright, credits or license for more information.
import imaplib
c = imaplib.IMAP4_SSL(post.in.tum.de)
c.login(toelke, XXX)
('OK', ['LOGIN Ok.'])
c.logout()
('BYE', ['Courier-IMAP server shutting down'])
C-d
m...@harga ~$
At the time of the logout() the server closes his connection and sends a
FIN-packet. If python is closed, it sends not a FIN-Packet but a RST-paket.
The problem I have with this is, that the Linux-Packetfilter-Firewall does
not expect this RST-Packet either and in out configuration logs this as a
connection in the wrong state which is generally a security-problem.
Our workaround for the last year has been
iptables -A OUTPUT -p tcp --tcp-flags ACK,RST ACK,RST -d 131.159.22.43 -j DROP
Thanks for the help!
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue5565
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment: Just FYI, this issue is in python2.6, too. Only, that in 2.6 the GC does not collect the objects immediately, so that very soon I have a galore of connections in the CLOSE_WAIT-State. And I checked, I can not read anymore data out of the socket. Is this a bug in the ssl-implemantation? -- versions: +Python 2.6 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5565 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
