| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Aug 2007 12:40:48 +0400 From: Alexey Kuznetsov <kuznet@....inr.ac.ru> To: Lennert Buytenhek <buytenh@...tstofly.org> Cc: TJ <linux@...orld.net>, netdev@...r.kernel.org Subject: Re: Problem with implementation of TCP_DEFER_ACCEPT? Hello! > > At present with TCP_DEFER_ACCEPT the kernel treats the RFC 793 handshake > > as invalid; dropping the ACK from the client without replying so the > > client doesn't know the server has in fact set it's internal ACKed flag. > > > > If the client doesn't send a packet containing data before the SYN_ACK > > time-outs finally expire the connection will be dropped. > > A brought this up a long, long time ago, and I seem to remember > Alexey Kuznetsov explained me at the time that this was intentional. Obviously, I said something like "it is exactly what TCP_DEFER_ACCEPT does". There is no protocol violation here, ACK from client is considered as lost, it is quite normal and happens all the time. Handshake is not complete, server remains in SYN-RECV state and continues to retransmit SYN-ACK. If client tried to cheat and is not going to send its request, connection will time out. Alexey - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists