From owner-freebsd-net Wed Feb 7 12:18: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 92E8B37B491; Wed, 7 Feb 2001 12:17:39 -0800 (PST) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.1/8.11.1) with SMTP id f17KHYh18273; Wed, 7 Feb 2001 15:17:34 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Wed, 7 Feb 2001 15:17:34 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Kris Kennaway Cc: net@freebsd.org, security-officer@freebsd.org Subject: Re: [itojun@iijlab.net: accept(2) behavior with tcp RST right after handshake] In-Reply-To: <20010207101417.A28791@mollari.cthul.hu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Won't comment on the implementation as I have't had a chance to review it yet, but the description sounds right, and compatible with http://www.opengroup.org/orc/DOCS/XNS/text/accept.htm http://www.fifi.org/cgi-bin/man2html/usr/share/man/man2/accept.2.gz There are some interesting comments with noting in a quote in http://www.humanfactor.com/cgi-bin/cgi-delegate/apache-ML/nh/1997/Jan/1176.html I hope to take a look at the implementation this evening. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Wed, 7 Feb 2001, Kris Kennaway wrote: > Can anyone comment on this patch? > > http://www.kame.net/dev/cvsweb.cgi/kame/freebsd4/sys/kern/uipc_socket.c > > Kris > > ----- Forwarded message from itojun@iijlab.net ----- > > Delivered-To: kkenn@localhost.obsecurity.org > Delivered-To: kris@freebsd.org > To: merge@kame.net > Subject: accept(2) behavior with tcp RST right after handshake > X-Template-Reply-To: itojun@itojun.org > X-Template-Return-Receipt-To: itojun@itojun.org > X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 > From: itojun@iijlab.net > Date: Wed, 07 Feb 2001 21:39:49 +0900 > X-UIDL: aff7d2fbee72775e2137abcde0bef0d0 > > i believe you will want to merge this. > scenario: > - you are listening to tcp port > - someone comes in, handshake (SYN, SYNACK, ACK) > - someone sends RST > - your server issues accept(2) > previous behavior: accept(2) returns successful result with zero- > length sockaddr. > new behavior: return ECONNABORTED. > > effect: > - if someone runs nmap against your machine, and you are unlucky, > your server listening to tcp port (like BIND9) can get > segv/abort due to unexpected zero-length sockaddr + successful > error return on accept(2). > > itojun > > ------- Forwarded Messages > > Return-Path: owner-cvs-kame@kame.net > Return-Path: > Received: from orange.kame.net (orange.kame.net [203.178.141.194]) > by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id VAA00242 > for ; Wed, 7 Feb 2001 21:35:16 +0900 (JST) > Received: (from daemon@localhost) > by orange.kame.net (8.9.3+3.2W/3.7W/smtpfeed 1.06) id VAA48429; > Wed, 7 Feb 2001 21:35:16 +0900 (JST) > Received: (from itojun@localhost) > by orange.kame.net (8.9.3+3.2W/3.7W) id VAA48423; > Wed, 7 Feb 2001 21:35:15 +0900 (JST) > Date: Wed, 7 Feb 2001 21:35:15 +0900 (JST) > From: Jun-ichiro itojun Hagino > Message-Id: <200102071235.VAA48423@orange.kame.net> > To: cvs-kame:; > Subject: kame cvs commit: kame/freebsd4/sys/kern uipc_socket.c kame/netbsd/sys/kern > uipc_socket.c kame/openbsd/sys/kern uipc_socket.c > Reply-to: core@kame.net > X-Filter: mailagent [version 3.0 PL68] for itojun@itojun.org > > itojun 2001/02/07 21:35:15 JST > > Modified files: > freebsd4/sys/kern uipc_socket.c > netbsd/sys/kern uipc_socket.c > openbsd/sys/kern uipc_socket.c > Log: > return ECONNABORTED, if the socket (tcp connection for example) > is disconnected by RST right before accept(2). fixes PR 10698/12027. > checked with SUSv2, XNET 5.2, and Stevens (unix network programming > vol 1 2nd ed) section 5.11. > > Revision Changes Path > 1.2 +243 -10 kame/freebsd4/sys/kern/uipc_socket.c > 1.3 +1 -1 kame/netbsd/sys/kern/uipc_socket.c > 1.3 +1 -1 kame/openbsd/sys/kern/uipc_socket.c > > ------- Message 2 > > Return-Path: owner-cvs-kame-local@kame.net > Return-Path: > Received: from orange.kame.net (orange.kame.net [203.178.141.194]) > by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id VAA00253 > for ; Wed, 7 Feb 2001 21:35:20 +0900 (JST) > Received: (from itojun@localhost) > by orange.kame.net (8.9.3+3.2W/3.7W/smtpfeed 1.06) id VAA48466; > Wed, 7 Feb 2001 21:35:19 +0900 (JST) > Date: Wed, 7 Feb 2001 21:35:19 +0900 (JST) > From: Jun-ichiro itojun Hagino > Message-Id: <200102071235.VAA48466@orange.kame.net> > To: cvs-kame-local@kame.net > Subject: kame-local cvs commit: kame/bsdi4/sys/kern uipc_socket.c > X-Filter: mailagent [version 3.0 PL68] for itojun@itojun.org > > itojun 2001/02/07 21:35:19 JST > > Modified files: > bsdi4/sys/kern uipc_socket.c > Log: > return ECONNABORTED, if the socket (tcp connection for example) > is disconnected by RST right before accept(2). fixes PR 10698/12027. > checked with SUSv2, XNET 5.2, and Stevens (unix network programming > vol 1 2nd ed) section 5.11. > > Revision Changes Path > 1.4 +1 -1 kame/bsdi4/sys/kern/uipc_socket.c > > ------- End of Forwarded Messages > > > > ----- End forwarded message ----- > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message