classification
Title: socket.close close telnet with RST
Type: behavior Stage: resolved
Components: Library (Lib) Versions: Python 2.5
process
Status: closed Resolution: not a bug
Dependencies: Superseder:
Assigned To: Nosy List: neologix, r.david.murray, sean216
Priority: normal Keywords:

Created on 2010-12-17 07:40 by sean216, last changed 2010-12-22 01:12 by sean216. This issue is now closed.

Messages (6)
msg124187 - (view) Author: (sean216) Date: 2010-12-17 07:40
when use socket.close to close the telnet connection, in normal usage the tcp disconnect will be (socket.close send the TCP FIN)

      TCP A                                                TCP B

  1.  ESTABLISHED                                          ESTABLISHED

  2.  (Close)
      FIN-WAIT-1  --> <SEQ=100><ACK=300><CTL=FIN,ACK>  --> CLOSE-WAIT

  3.  FIN-WAIT-2  <-- <SEQ=300><ACK=101><CTL=ACK>      <-- CLOSE-WAIT

  4.                                                       (Close)
      TIME-WAIT   <-- <SEQ=300><ACK=101><CTL=FIN,ACK>  <-- LAST-ACK

  5.  TIME-WAIT   --> <SEQ=101><ACK=301><CTL=ACK>      --> CLOSED

  6.  (2 MSL)
      CLOSED                                                      
but sometimes socket.close will send TCP RST to disconnect the telnet and with wrong sequence number. This kind of RST will be considering as Network RST attack, and this packet will be dropped, the telnet connection will still established and cannot be closed.
Seems python socket.close has some issues.

    def close(self):
        self._sock = _closedsocket()
        dummy = self._sock._dummy
        for method in _delegate_methods:
            setattr(self, method, dummy)
    close.__doc__ = _realsocket.close.__doc__
msg124188 - (view) Author: (sean216) Date: 2010-12-17 07:44
def close(self):
        self._sock = _closedsocket()
        dummy = self._sock._dummy
        for method in _delegate_methods:
            setattr(self, method, dummy)
    close.__doc__ = _realsocket.close.__doc__

socket.close function use Python25\DLLs\_socket.pyd, how to get _socket.pyd sorce code?
msg124193 - (view) Author: Charles-Fran├žois Natali (neologix) * (Python committer) Date: 2010-12-17 09:07
> but sometimes socket.close will send TCP RST to disconnect the telnet and with wrong sequence number

This is called a a "half-duplex" TCP close sequence. Your application is probably closing the socket while there are still data in the receive socket buffer (i.e. unread), so the TCP/IP stack sends a RST to inform the remote end that data has been lost. See RFC 1122 section 4.2.2.13.
Note that in your sample capture, I don't see any invalid sequence/ack number.
Your application should probably not close the connection at this time.

> This kind of RST will be considering as Network RST attack, and this packet will be dropped, the telnet connection will still established and cannot be closed.

There you firewell is broken. Sending a RST in this context is perfectly valid.

As far as I know, this issue is due to your application and firewall settings, and not to Python. Furthermore, Python just calls the underlying close(2) syscall, so even if there were an issue, it's an OS one, nothing Python could do about it.
msg124199 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2010-12-17 12:58
The source used to create _socket.pyd is in Modules/socketmodule.c in the source code tarball available from the python web site.  As neologix says, it is a thin wrapper around the OS level socket library.
msg124424 - (view) Author: (sean216) Date: 2010-12-21 09:51
> Note that in your sample capture, I don't see any invalid sequence/ack number.

please check telnet_unnormal RST.pcap in No. 1600-1602,the 1602 RST meseage is the invalid sequence/ack number 172.
msg124434 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2010-12-21 16:47
Regardless, Python doesn't generate the tcp/ip sequence numbers, the OS socket library does, so this is not a bug in Python.  If you follow the code link I posted you will see that, other than Python internal bookkeeping, the only thing socket.close does is to call the platform socket close method.
History
Date User Action Args
2010-12-22 01:12:51sean216setfiles: - telnet_unnormal RST.pcap
2010-12-22 01:12:46sean216setfiles: - normal RST and fin.pcap
2010-12-21 16:47:15r.david.murraysetstatus: open -> closed

messages: + msg124434
2010-12-21 09:51:52sean216setstatus: closed -> open

messages: + msg124424
2010-12-17 12:58:43r.david.murraysetstatus: open -> closed

nosy: + r.david.murray
messages: + msg124199

resolution: not a bug
stage: resolved
2010-12-17 09:07:15neologixsetnosy: + neologix
messages: + msg124193
2010-12-17 07:44:46sean216setmessages: + msg124188
2010-12-17 07:41:11sean216setfiles: + normal RST and fin.pcap
2010-12-17 07:40:36sean216create