Menu
▾
▴
Re: [Beepcore-java-users] BEEPcore broken w.r.t. TCP
|
From: Harsh D. <hda...@io...> - 2004-03-03 19:23:19
|
Forgive me for my ignorance but I don't understand how an application can keep TCP stack from sending CLOSE? Can you describe a simple scenario that I can simulate to reproduce this bug (not necessarily with beepcore-java). Harsh Mario Jeckle said: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Working these days on a research prototype with the lasted > implementation of BEEP available from www.beepcore.org we discovered a > serious flaw. > > Obviously the library does not issue TCP's CLOSE command after having > received the CLOSING primitive which is received as a result of an TCP > packet flagged with FIN. Actually, the ACK flagged message is sent back > to the client by the server, but the required FIN message is missing. > > As a result of this the TCP connection of the server side remains in > status CLOSE_WAITING almost forever until the process is killed or the > machine is rebooted. > > This can be reproduced under various Linux versions including the > latest kernel (i.e., 2.6.3) and even machines running Windows. > Fortunately, Windows (XP) limits the number of processed in state > CLOSE_WAITING to 15 per process and cleans the open connections without > user interaction automatically if an additional one reaches the > mentioned state. > > Concerning Unix/Linux versions (the problem of remaining CLOSE_WAITING > connections is also reported for HP UX) this behavior of BEEPcore might > introduce the possibility of attacking the machine running BEEP since > the server will run out of free sockets after a while. > > Could you please re-check this since it hinders us from using BEEP in > practice. > > Also feedback on this issue and even potential mistakes from our side > is highly appreciated. > > Best, > Mario > > - -- > Prof. Mario Jeckle > University of Applied Sciences Furtwangen > Dept. Business Applications of Computer Science > > W3C Representative of DaimlerChrysler Research and Technology > OMG Representative of DaimlerChrysler > > URL: http://www.jeckle.de > MailTo:ma...@je... > MailTo:je...@fh... > > My public key: http://www.jeckle.de/marioJeckle.pub > > [mail really from me _always_ has this signature and is signed > digitally - -- mail without it is forged spam] > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFAQYMQ46tt20EwGqwRAkY7AKC87JxDWLTOJZFIEPU/DYY0jjjGOwCff29G > lW8fiQ8bYCRDcAEez7Sf0CQ= > =l6YW > -----END PGP SIGNATURE----- > > > ------------------------------------------------------- > SF.Net is sponsored by: Speed Start Your Linux Apps Now. > Build and deploy apps & Web services for Linux with > a free DVD software kit from IBM. Click Now! > http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click > _______________________________________________ > Beepcore-java-users mailing list > Bee...@li... > https://lists.sourceforge.net/lists/listinfo/beepcore-java-users -- Harsh Daharwal IOS Networks Inc. http://www.iosnetworks.com |
