| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Dec 2010 23:44:00 +0300 From: Дмитрий Балакин <dmitriy.balakin@...neiron.ru> To: Eric Dumazet <eric.dumazet@...il.com> Cc: Stephen Hemminger <shemminger@...tta.com>, netdev@...r.kernel.org Subject: Re: Fw: [Bug 24842] New: Compatibility issue with uggly Windows RFC1323 implementation. 2010/12/13 Eric Dumazet <eric.dumazet@...il.com>: > Le lundi 13 décembre 2010 à 08:59 -0800, Stephen Hemminger a écrit : >> >> Begin forwarded message: >> >> Date: Mon, 13 Dec 2010 14:29:58 GMT >> From: bugzilla-daemon@...zilla.kernel.org >> To: shemminger@...ux-foundation.org >> Subject: [Bug 24842] New: Compatibility issue with uggly Windows RFC1323 implementation. >> >> >> https://bugzilla.kernel.org/show_bug.cgi?id=24842 >> >> Summary: Compatibility issue with uggly Windows RFC1323 >> implementation. >> Product: Networking >> Version: 2.5 >> Kernel Version: All >> Platform: All >> OS/Version: Linux >> Tree: Mainline >> Status: NEW >> Severity: normal >> Priority: P1 >> Component: IPV4 >> AssignedTo: shemminger@...ux-foundation.org >> ReportedBy: dmitriy.balakin@...neiron.ru >> Regression: No >> >> >> Created an attachment (id=40012) >> --> (https://bugzilla.kernel.org/attachment.cgi?id=40012) >> Patch >> >> First, sorry for my bad english. >> >> The issue is that Linux-based OS sometimes can't make an tcp connection to some >> Windows servers with switched on buggy implementation of rfc1323, that >> described on this forum: >> http://www.network-builders.com/windows-tcp-timestamp-not-compliant-rfc-1323-a-t80898.html. >> >> Because some Windows hosts implementation of rfc1323 bases on randomly >> generated TSval and sent first value of TSval as 0, the difference of recent >> and new TSval sometimes has been affected by a sign magic issue and the PAWS >> mechanism has been triggered. Anyway, the rfc1323 has discribes the condition >> of PAWS as "0 < (t - s) < 2**31", that has been right implementation in current >> linux kernel, but incompatible with Windows bug. >> >> For example, the one of affected to this issue Windows host is behind >> relay.n-l-e.ru:80 >> >> I think that my small patch makes the kernel more compatible with this windows >> bug. >> >> - > > I have no problem connecting my linux client to relay.n-l-e.ru:80 > > Could you elaborate please ? > > 18:13:12.444250 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [S], > seq 665972386, win 5840, options [mss 1460,sackOK,TS val 1746885 ecr > 0,nop,wscale 7], length 0 > 18:13:12.473912 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [S.], > seq 190215045, ack 665972387, win 5792, options [mss 1460,sackOK,TS val > 730697107 ecr 1746885,nop,wscale 0], length 0 > 18:13:12.473976 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [.], > ack 1, win 46, options [nop,nop,TS val 1746888 ecr 730697107], length 0 > 18:13:14.984153 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [P.], > seq 1:8, ack 1, win 46, options [nop,nop,TS val 1747139 ecr 730697107], > length 7 > 18:13:15.013901 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [.], > ack 8, win 5792, options [nop,nop,TS val 730697360 ecr 1747139], length > 0 > 18:13:15.377879 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [P.], > seq 8:10, ack 1, win 46, options [nop,nop,TS val 1747178 ecr 730697360], > length 2 > 18:13:15.403900 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [.], > ack 10, win 5792, options [nop,nop,TS val 730697399 ecr 1747178], length > 0 > 18:13:15.461384 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [P.], > seq 1:159, ack 10, win 5792, options [nop,nop,TS val 730697405 ecr > 1747178], length 158 > 18:13:15.461429 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [.], > ack 159, win 54, options [nop,nop,TS val 1747186 ecr 730697405], length > 0 > 18:13:15.461448 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [F.], > seq 159, ack 10, win 5792, options [nop,nop,TS val 730697405 ecr > 1747178], length 0 > 18:13:15.461607 IP 10.150.51.215.51781 > 212.176.201.162.80: Flags [F.], > seq 10, ack 160, win 54, options [nop,nop,TS val 1747186 ecr 730697405], > length 0 > 18:13:15.533846 IP 212.176.201.162.80 > 10.150.51.215.51781: Flags [.], > ack 11, win 5792, options [nop,nop,TS val 730697412 ecr 1747186], length > 0 > > > Problems occur only when the remote side sets the TC val > 2147483647, ie when there is a sign: 23:40:52.726909 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [S], seq 1116163452, win 5840, options [mss 1460,sackOK,TS val 141403 ecr 0,nop,wscale 6], length 0 23:40:52.737227 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [S.], seq 4019723831, ack 1116163453, win 16384, options [mss 1360,nop,wscale 0,nop,nop,TS val 0 ecr 0,nop,nop,sackOK], length 0 23:40:52.737392 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [.], ack 1, win 92, options [nop,nop,TS val 141405 ecr 0], length 0 23:40:52.737926 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [P.], seq 1:113, ack 1, win 92, options [nop,nop,TS val 141405 ecr 0], length 112 23:40:52.749101 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [P.], seq 1:415, ack 113, win 65423, options [nop,nop,TS val 3503477357 ecr 141403], length 414 23:40:52.749219 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [.], ack 1, win 92, options [nop,nop,TS val 141408 ecr 0], length 0 23:40:53.002253 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [P.], seq 1:113, ack 1, win 92, options [nop,nop,TS val 141472 ecr 0], length 112 23:40:53.012252 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [P.], ack 113, win 65423, options [nop,nop,TS val 0 ecr 141408], length 0 23:40:55.665916 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [P.], seq 1:415, ack 113, win 65423, options [nop,nop,TS val 3503477387 ecr 141408], length 414 23:40:55.666023 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [.], ack 1, win 92, options [nop,nop,TS val 142137 ecr 0], length 0 23:40:55.676963 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [P.], seq 1:415, ack 113, win 65423, options [nop,nop,TS val 3503477387 ecr 142137], length 414 23:40:55.677007 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [.], ack 1, win 92, options [nop,nop,TS val 142140 ecr 0], length 0 23:41:01.683646 IP 212.176.201.162.80 > 213.141.147.8.33778: Flags [P.], seq 1:415, ack 113, win 65423, options [nop,nop,TS val 3503477447 ecr 142140], length 414 23:41:01.683752 IP 213.141.147.8.33778 > 212.176.201.162.80: Flags [.], ack 1, win 92, options [nop,nop,TS val 143642 ecr 0], length 0 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists