[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment: The TCP-issues from my post are all resolved. I now know how TCP works; the behaviour of python seems to be correct. About the imap-behaviour: m...@harga ~$ python Python 2.5.5 (r255:77872, Apr 21 2010, 08:40:04) [GCC 4.4.3] on linux2 Type help, copyright, credits or license for more information. import imaplib c = imaplib.IMAP4_SSL(post.in.tum.de) c.login(toelke, XXX) ('OK', ['LOGIN Ok.']) c.logout() ('BYE', ['Courier-IMAP server shutting down']) C-d m...@harga ~$ At the time of the logout() the server closes his connection and sends a FIN-packet. If python is closed, it sends not a FIN-Packet but a RST-paket. The problem I have with this is, that the Linux-Packetfilter-Firewall does not expect this RST-Packet either and in out configuration logs this as a connection in the wrong state which is generally a security-problem. Our workaround for the last year has been iptables -A OUTPUT -p tcp --tcp-flags ACK,RST ACK,RST -d 131.159.22.43 -j DROP Thanks for the help! -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5565 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment: The TCP-issues from my post are all resolved. I now know how TCP works; the behaviour of python seems to be correct. About the imap-behaviour: m...@harga ~$ python Python 2.5.5 (r255:77872, Apr 21 2010, 08:40:04) [GCC 4.4.3] on linux2 Type help, copyright, credits or license for more information. import imaplib c = imaplib.IMAP4_SSL(post.in.tum.de) c.login(toelke, XXX) ('OK', ['LOGIN Ok.']) c.logout() ('BYE', ['Courier-IMAP server shutting down']) C-d m...@harga ~$ At the time of the logout() the server closes his connection and sends a FIN-packet. If python is closed, it sends not a FIN-Packet but a RST-paket. The problem I have with this is, that the Linux-Packetfilter-Firewall does not expect this RST-Packet either and in out configuration logs this as a connection in the wrong state which is generally a security-problem. Our workaround for the last year has been iptables -A OUTPUT -p tcp --tcp-flags ACK,RST ACK,RST -d 131.159.22.43 -j DROP Thanks for the help! -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5565 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue5565] Strange behavior when I logout() with IMAP4_SSL
Philipp Tölke toelke...@model.in.tum.de added the comment: Just FYI, this issue is in python2.6, too. Only, that in 2.6 the GC does not collect the objects immediately, so that very soon I have a galore of connections in the CLOSE_WAIT-State. And I checked, I can not read anymore data out of the socket. Is this a bug in the ssl-implemantation? -- versions: +Python 2.6 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5565 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com