| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Dec 2016 13:04:43 +0100 From: Marco Zunino <eng.marco.zunino@...il.com> To: netdev@...r.kernel.org Subject: Trigger EHOSTUNREACH Hallo everyone, hope you are having a good day we are building a networking testing tool to simulate network error condition, and we are having difficulties triggering the EHOSTUNREACH socket error. We are trying to trigger this error by sending an ICMP packet type=3 code=3 on an open STREAM socket, but it has no effect. Based on RFC1122 and the code here https://github.com/torvalds/linux/blob/e76d21c40bd6c67fd4e2c1540d77e113df962b4d/net/ipv4/tcp_ipv4.c#L353 I would expect the this ICMP packet to abort the socket connection with a EHOSTUNREACH error on the client side, but this does not happen. In RFC5927 we also see basically all hard_error should not be considered so, and TCP connection never being aborted as a result of ICMP error, for security and robustness reason. If we send the same ICMP on a STREAM socket in SYN_SENT state (while still waiting for the SYN_ACK to be received) the socket fails but with an error ECONNREFUSED. Could you give us a direction to better understand how ICMP errors interact with TCP sockets? What about DGRAM sockets? Thank you! - Z
Powered by blists - more mailing lists