Thread: [Beepcore-java-users] BEEPcore broken w.r.t. TCP
Status: Beta
Brought to you by:
huston
Menu
▾
▴
beepcore-java-users
|
From: Mario J. <ma...@je...> - 2004-02-29 06:17:20
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Working these days on a research prototype with the lasted implementation of BEEP available from www.beepcore.org we discovered a serious flaw. Obviously the library does not issue TCP's CLOSE command after having received the CLOSING primitive which is received as a result of an TCP packet flagged with FIN. Actually, the ACK flagged message is sent back to the client by the server, but the required FIN message is missing. As a result of this the TCP connection of the server side remains in status CLOSE_WAITING almost forever until the process is killed or the machine is rebooted. This can be reproduced under various Linux versions including the latest kernel (i.e., 2.6.3) and even machines running Windows. Fortunately, Windows (XP) limits the number of processed in state CLOSE_WAITING to 15 per process and cleans the open connections without user interaction automatically if an additional one reaches the mentioned state. Concerning Unix/Linux versions (the problem of remaining CLOSE_WAITING connections is also reported for HP UX) this behavior of BEEPcore might introduce the possibility of attacking the machine running BEEP since the server will run out of free sockets after a while. Could you please re-check this since it hinders us from using BEEP in practice. Also feedback on this issue and even potential mistakes from our side is highly appreciated. Best, Mario - -- Prof. Mario Jeckle University of Applied Sciences Furtwangen Dept. Business Applications of Computer Science W3C Representative of DaimlerChrysler Research and Technology OMG Representative of DaimlerChrysler URL: http://www.jeckle.de MailTo:ma...@je... MailTo:je...@fh... My public key: http://www.jeckle.de/marioJeckle.pub [mail really from me _always_ has this signature and is signed digitally - -- mail without it is forged spam] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAQYMQ46tt20EwGqwRAkY7AKC87JxDWLTOJZFIEPU/DYY0jjjGOwCff29G lW8fiQ8bYCRDcAEez7Sf0CQ= =l6YW -----END PGP SIGNATURE----- |
|
From: Harsh D. <hda...@io...> - 2004-03-03 19:23:19
|
Forgive me for my ignorance but I don't understand how an application can keep TCP stack from sending CLOSE? Can you describe a simple scenario that I can simulate to reproduce this bug (not necessarily with beepcore-java). Harsh Mario Jeckle said: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Working these days on a research prototype with the lasted > implementation of BEEP available from www.beepcore.org we discovered a > serious flaw. > > Obviously the library does not issue TCP's CLOSE command after having > received the CLOSING primitive which is received as a result of an TCP > packet flagged with FIN. Actually, the ACK flagged message is sent back > to the client by the server, but the required FIN message is missing. > > As a result of this the TCP connection of the server side remains in > status CLOSE_WAITING almost forever until the process is killed or the > machine is rebooted. > > This can be reproduced under various Linux versions including the > latest kernel (i.e., 2.6.3) and even machines running Windows. > Fortunately, Windows (XP) limits the number of processed in state > CLOSE_WAITING to 15 per process and cleans the open connections without > user interaction automatically if an additional one reaches the > mentioned state. > > Concerning Unix/Linux versions (the problem of remaining CLOSE_WAITING > connections is also reported for HP UX) this behavior of BEEPcore might > introduce the possibility of attacking the machine running BEEP since > the server will run out of free sockets after a while. > > Could you please re-check this since it hinders us from using BEEP in > practice. > > Also feedback on this issue and even potential mistakes from our side > is highly appreciated. > > Best, > Mario > > - -- > Prof. Mario Jeckle > University of Applied Sciences Furtwangen > Dept. Business Applications of Computer Science > > W3C Representative of DaimlerChrysler Research and Technology > OMG Representative of DaimlerChrysler > > URL: http://www.jeckle.de > MailTo:ma...@je... > MailTo:je...@fh... > > My public key: http://www.jeckle.de/marioJeckle.pub > > [mail really from me _always_ has this signature and is signed > digitally - -- mail without it is forged spam] > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFAQYMQ46tt20EwGqwRAkY7AKC87JxDWLTOJZFIEPU/DYY0jjjGOwCff29G > lW8fiQ8bYCRDcAEez7Sf0CQ= > =l6YW > -----END PGP SIGNATURE----- > > > ------------------------------------------------------- > SF.Net is sponsored by: Speed Start Your Linux Apps Now. > Build and deploy apps & Web services for Linux with > a free DVD software kit from IBM. Click Now! > http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click > _______________________________________________ > Beepcore-java-users mailing list > Bee...@li... > https://lists.sourceforge.net/lists/listinfo/beepcore-java-users -- Harsh Daharwal IOS Networks Inc. http://www.iosnetworks.com |
|
From: Mario J. <ma...@je...> - 2004-03-06 19:47:37
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 | Forgive me for my ignorance but I don't understand how an application >can | keep TCP stack from sending CLOSE? Can you describe a simple scenario |that | I can simulate to reproduce this bug (not necessarily with |beepcore-java). Using BEEPing (which is shipped as a sample application bundled with beepcore-java) on Linux should do the trick, unfortunately. Just echo a few bytes between client and server and you should be able to reproduce the sockets kept open at the server side. It seems to work also under WindowsXP, whereas after reaching 15 open sockets in state WAIT_CLOSE all sockets will be closed by the operating system. Best, Mario -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFASikM46tt20EwGqwRAvB8AJ4+KpTqfQ7OmRCM7kbMEsiVSkYbGwCgmW9J Mv0Pvj/rUFQ0EjcnMpmmGBI= =Pr4C -----END PGP SIGNATURE----- |
