| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180519.170050.615996932572513152.davem@davemloft.net>
Date: Sat, 19 May 2018 17:00:50 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: dbanerje@...mai.com
Cc: netdev@...r.kernel.org, kuznet@....inr.ac.ru,
yoshfuji@...ux-ipv6.org
Subject: Re: [PATCH RFC net-next 1/1] tcp: close socket without reset on
incoming data
From: Debabrata Banerjee <dbanerje@...mai.com>
Date: Fri, 18 May 2018 15:01:41 -0400
> When TCP_CLOSE_NORST is set before a close(), offload sinking of
> unwanted data to the kernel with low resource usage, with a timeout of
> TCP_LINGER2. The socket will transition to FIN_WAIT1 and then FIN_WAIT2
> where it will ack data until either the timeout is hit, or a RST or FIN
> is received.
>
> Signed-off-by: Debabrata Banerjee <dbanerje@...mai.com>
This is a very serious protocol violation.
You're telling the remote end that you received the data even though
the socket was closed and nothing actually "sunk" the bytes.
This doesn't even go into the issues of sending cumulative ACKs in
response to data which is arbitrarily out-of-order.
The whole problem is that the post data is sent before the client
looks to see if the server is willing to accept the post data or not.
A: I'd like to send you 200MB of crap
[ 200MB of craaaa...
B: Sorry I won't be accepting that, please don't send it.
CLOSE, send reset since some of crap is queued up and
was never read
A: aaaaapp... received RESET
A: Why didn't B accept my 200MB of crap?
Sorry, you'll need to deal with this issue in another way.
Thanks.
Powered by blists - more mailing lists