From owner-freebsd-net@FreeBSD.ORG Sun Apr 13 17:27:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A401F37B404 for ; Sun, 13 Apr 2003 17:27:44 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id C78A743FA3 for ; Sun, 13 Apr 2003 17:27:43 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 84464 invoked from network); 14 Apr 2003 00:27:42 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 14 Apr 2003 00:27:42 -0000 X-pair-Authenticated: 209.68.2.70 Date: Sun, 13 Apr 2003 14:23:54 -0500 (CDT) From: Mike Silbersack To: "M. Warner Losh" In-Reply-To: <20030412.212059.42399637.imp@bsdimp.com> Message-ID: <20030413142156.O44423@odysseus.silby.com> References: <109.225ca595.2bc723f2@aol.com> <20030412.204912.76964336.imp@bsdimp.com> <20030412.212059.42399637.imp@bsdimp.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: barney@pit.databus.com cc: net@freebsd.org Subject: Re: connect(2) behavior with unreacheable hosts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2003 00:27:45 -0000 On Sat, 12 Apr 2003, M. Warner Losh wrote: > In message: <20030413030500.GA64896@pit.databus.com> > Barney Wolff writes: > : On Sat, Apr 12, 2003 at 08:49:12PM -0600, M. Warner Losh wrote: > : > In message: <109.225ca595.2bc723f2@aol.com> > : > BelletJr@aol.com writes: > : > : Why does not connect(2) return any error when trying to connect to a host > : > : unreachable because of an infinite loop in the routes? No time-out occurs and > : > : the value 0 is returned by connect(2). > : > > : > Hmmmmm, you are correct. I was sure that you were nuts, but on > : > -current the following program returns no error at all... Telnet > : > shows the same behavior. This is clearly wrong. > : > : It's not just current; stable behaves exactly the same. The problem is > : that the icmp time-exceeded packet gets translated into an error code > : of 0, which confuses things. I've filed a PR with a suggested fix: > : http://www.freebsd.org/cgi/query-pr.cgi?pr=50839 > > Ah. I see. I wonder if any of the net folks can review this... > > Warner EPLATEFULL, but it sounds correct... Barney, have you tried doing some sort of test where sendmail or ftpd tries making a connection to a TTL exceeded IP? I'm curious if they handle the situation gracefully or not. (If they don't, then maybe this is serious enough to require security branch merges.) Mike "Silby" Silbersack