[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shadow doesn't send an RST response if server has no associated socket for incoming TCP packet #2162

Open
stevenengler opened this issue May 17, 2022 · 1 comment
Open

Shadow doesn't send an RST response if server has no associated socket for incoming TCP packet #2162

stevenengler opened this issue May 17, 2022 · 1 comment
Labels
Type: Bug Error or flaw producing unexpected results
Milestone
Validate and impr...

Comments

@stevenengler
Copy link
Contributor
stevenengler commented May 17, 2022
edited
Loading

If a host receives a TCP packet at a port that doesn't have a bound socket (no socket for the 5-tuple), the host just drops the packet without sending an RST packet.

shadow/src/main/host/network_interface.c

Lines 406 to 411 in d8481e5

/* if the socket closed, just drop the packet */
if (socket.type != CST_NONE) {
compatsocket_pushInPacket(&socket, host, packet);
} else {
packet_addDeliveryStatus(packet, PDS_RCV_INTERFACE_DROPPED);
}

This isn't super weird since normally a firewall will drop these packets, but in Shadow these are also dropped on localhost which is unexpected. In Shadow, a connect() on localhost to an unbound port will block forever (or until some timeout, I'm unsure which) since the connecting localhost socket will never receive a response.

Edit: Some discussion in #2679.
@stevenengler stevenengler added the Type: Bug Error or flaw producing unexpected results label May 17, 2022
@stevenengler stevenengler changed the title Shadow doesn't sent an RST response if server has no associated socket for incoming TCP packet Shadow doesn't send an RST response if server has no associated socket for incoming TCP packet May 17, 2022
@stevenengler
Copy link
Contributor Author

The proper behaviour is probably to follow RFC 9293 3.10.7.1.:

If the state is CLOSED (i.e., TCB does not exist), then all data in the incoming segment is discarded. An incoming segment containing a RST is discarded. An incoming segment not containing a RST causes a RST to be sent in response. The acknowledgment and sequence field values are selected to make the reset sequence acceptable to the TCP endpoint that sent the offending segment.

If the ACK bit is off, sequence number zero is used,

<SEQ=0><ACK=SEG.SEQ+SEG.LEN><CTL=RST,ACK>

If the ACK bit is on,

<SEQ=SEG.ACK><CTL=RST>

Return.

In Shadow packets can only be sent from sockets, but we won't have a socket to send this rst packet from. We might want the network interface to have its own list of rst packets which it takes packets from when networkinterface_pop is called.

@stevenengler stevenengler mentioned this issue Sep 6, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Bug Error or flaw producing unexpected results
Projects
None yet
Milestone
Validate and improve TCP simulation a...
Development

No branches or pull requests
1 participant
@stevenengler