Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14631
| Path | csiph.com!xmission!news.snarked.org!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail |
|---|---|
| From | dirk+bash@testssl.sh |
| Newsgroups | gnu.bash.bug |
| Subject | Re: bash sockets: printf \x0a does TCP fragmentation |
| Date | Sat, 22 Sep 2018 10:21:53 +0200 |
| Lines | 55 |
| Approved | bug-bash@gnu.org |
| Message-ID | <mailman.1127.1537604525.1284.bug-bash@gnu.org> (permalink) |
| References | <c6de6616-dda0-570d-de56-419e7676be8a@cbii-hh.de> <69b48113-bc58-e0c8-a551-03a7e72d88d4@case.edu> |
| NNTP-Posting-Host | lists.gnu.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=utf-8 |
| Content-Transfer-Encoding | 8bit |
| X-Trace | usenet.stanford.edu 1537604526 14562 208.118.235.17 (22 Sep 2018 08:22:06 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | bug-bash@gnu.org |
| To | chet.ramey@case.edu |
| Envelope-to | bug-bash@gnu.org |
| Openpgp | preference=signencrypt |
| Autocrypt | addr=dirk+bash@testssl.sh; prefer-encrypt=mutual; keydata= xsFNBFSxqIwBEAClqHueTe+Ro+I4jReXss4DKwfeKhl23yuEZ7wN7GxBwGxslYxY15sJWhJ1 C0eglGwNGd/P3ObGgdNiT/DDvQzKFe8wcpCUnAOuE+ZnylBnqVD6xUmd+mPl6j9B7ByP42mY 81EK2ZSJ84mWjwOjT66pxjvWq7jzWfBA+QEQTlxiF18CFiHnv9XoLAD5yk04x6DyBGQZtobB YmN9uujK+nrbXPO4qQ+h4xWhWZ5U/77O2R0JgvrwvROfa+sS+oaP+9TTAko9BJYr0wfZ1meY C/fqidB0ihgTJjHgR4wjeklA5xvrwMHNSNcCN+fPYzfUcQsrQ+kY+NskkPYNr/3zbAvhPoT4 YXk8XQs1pNFNS9qF33iKWgU+zqKTC4NxqduVZGinpGhDZcACIE2fXrllMB7NW6/9BundIoaf XRchVPxJpujvQE91IAQktSWqVbQb7O8CSJQybDoAPRZvh/9ayIhBRx76oYLNAIrjFElBEhx9 hAloH0wCcXS1DvbvcQL9qz61qF09fuH/T1jB/YRkzk1EMmB3pO4hjC27yNiUuDKZlz5PUZoZ O7SJFdcvDxlAmBK6I3D1TQvldDljbZl/vhcuSmX41rp//ChTVxdE7p7RnK2KxoZLob2m8AYO zva5bokelFHQFjFz28/FPiMLmns/rsnZWRcQA4dCUSyHPnlRTQARAQABzSFEaXJrIFdldHRl ciA8ZGlyay53ZXR0ZXJAZ3V1Zy5kZT7CwX0EEwECACcCGwMFCQlmAYACHgECF4AFAlSxqlAF CwkIBwMFFQoJCAsFFgIDAQAACgkQya7s4dCnRWnq4Q//WV0ebAlej0vMVpp6H8SlnHvPwMAe ZuUDOSxUjnlk9QUtxlkjrnBRbpwTYJaLBi6dk8AE53qRFUOEKu7KMS2PenDDU1WcRGddkFu+ YW/WIzE+pplMhPnk3F13uOJhO8DDFoxQdgHbRPFlcfCQaLoN8gYMPAaSHnLndNTUvhSQQYmu obFbR2QQDbtM3TxO80fpxQm3gSyHi303abODYCF7k0yw57IY1lczsPUv1PYEM+9Y9TW7s9JS mKvO4wQvBdUXaghhoR13qWrxbiPq12UxtB3tHkS6tRcalQqxT7ZWsktqqvha30fueB+8Otlh GOhA6sFSWpegw2iOoC6L+9JYsxx9wYBtWFM39tDh/sBcz3YKMpM2XdasHsLfy5rE1El4N6WP wGCQ+iKFZt6CtO+LCI3XZPN1mqfx93zOA288nnqPMCkMfqyTMAeKzsuoFgbzfDy1TQBy+09w QVY9d+JrrIL4YO2UoVfsm2YjcsKjjKzsmxUrCxKfcO0CCEdh7+LjmtHanFi2/Oy+jt49rikW 2Gt+lrwZZFJh3v05+pVvENpJn3VTNQkGz0dif7yNaFQUYyTwQ5ot1B51FRlAUE6KETfO3Zbc nRzSxQ8jqs42u04ZVgaTLlRCPooyhR3ULUGIUOxxo1HitDioVUT1HPyGxniqtEexIGJEVn3h EwCLpw7OwU0EVLGojAEQAK3c39f4dV5ZM0jdfIwF+oJXZr2mfof7jMDFvZKOmjb2S6fqQnVi 47rr8n9kcGxlWmfsBVOOekVa6BCOJvJVY+dzaqJA9Y0h/0RGCmVqgIx/dSgUFtRQ/HnWeQ2V o6hpOBhE+XNLqaZZSPuZ+kpjppXMxMh0GZyGpUWUgA3HFPbZl3YcZk3hAU0ZlJZ9qy2NZYYy V6WQylO8sCSJ+rb4pBiHAE+BsIM6YbU9CER1zGty5sd9QWoS33/YWrbXuC5dSiF6xbncrVE4 74cGvke+z3VewST8S7S+xy0Xsh+qbgFOK+6qWQJmKxj19/J//+JoDOoTTPW1izJc5NSxuO9o Tls4TD+njA2JK/A0Jnlve+/vW83lkbd4iJhr1hDDPReyl5CIkdlaXJsu0e9j77wen6qfgRRs AjvVgE/kox235bms6MLcHgH2tiO613I8iu+weL3xsBJXpUB0V8eHwusA9JOuMGLeWrQFt9dh glfeoOLNzt1eA23v0ncHHF7kdL5yOTbkLtryWx6ztjnmWKV1+zKh0Z3NR25t0s+gR8Mjz09m Qp9fKVsTQCcloQuTl/Z6DwORMkhtxEam39OSvrIbjQF3tB4qEKSxauX+pMo3l8tEAx7FoT2F xCPKkr+OX3CVSBRF/aP1IErc9r82JdErMmaPM/35LPE7ApSaRRfc8cdPABEBAAHCwWUEGAEC AA8FAlSxqIwCGwwFCQlmAYAACgkQya7s4dCnRWm1iw/9E17eZ2VfFlTd5Vnh6e2nqxRO3Z74 pIvAKuKE2o2LmJvncZDNUgVktaCiA7H328bnUSd1+Hx+O/0UshcqQbeSGBq4BO51mUnbdBVV XtF1P6h7Jcxwv5/UEWQ1g21jUAflZnQTAFSLHvWP4s80Shsj5vzljFN2wutZXHN7mdMZBqxI d8HLUn5ECChHUB5a6uqHosp4UpMQJTTmbaA56KcqgFRG36TKYtemNmnhvXYhGxR+02cPmJs1 qaMbbkNBAQWLJjb2ix5oPmAccDleEdLxZVYCNX4Cq5IBiqdG988vdq8kyjTcFjw74mT4wNBS xhr6P6ox+eublYRiYP2MHHEaH64plj0XIXoaXEUK7pB02ATguDc+iMq6GUBbSF3nExtLGVUk Id3XjVoJdqz1XJ25z3MhPBAnr07eA9PUIzpWGJpCBBkqV4rCL26VZZgyDzFoEs69f3PzsjZr cqVIaXmlDy/ij1OY0pExMT9qa/AXRN1PSLgOvYqzkcwM1Xo9DYycJa1viSagPrLdmYBGQBaM xFmTNHuJYbTwXaZC18YkXJSlXbsUazoki+4WLUF/DPY2yL7fdvNhe1SPzWPSKQspv2b453KH A/EJRgHEoqVEYSm/zyLD9oXcS50KlwgghDPnFLp0yp/ooRFPy4wQ3j0xp9pZVV2V7b+i081m A/hqo7fCwfMEGAEIACYWIQQzLjFaOt2q7moROVfJruzh0KdFaQUCWUP5wgIbAgUJAuY8gACB CRDJruzh0KdFaXYgBBkWCAAdFiEEu+44xYV6RNw/MO5qzFXuFSFkehkFAllD+cIACgkQzFXu FSFkehlnFgEAzMMahul6aHTiMK1EPvBJkqUtZXhpCPNW713G58DkonEBAKxaRFItRxf/p1E+ 9aAINhfXLP1DvSuWP/GFiAda+sEPH/MP/1Y5Qa+WBs4AWNXyF7DPsc45z0E2R38k4VC9+hve 2nEav/Joa0oqQJlJAME/bgXX1YQ9O6i/kAzIbeFp+WMTMU/dP/K2PTh0E8tH/bM1Rv9oDLoO 9TFJx/3roBvym9oTJuWVYgfd/57JABn1VKiyP60ZEKdTlelH5uohkhEJ87G1kAOOKAE/kDfx 6UZW8SvMKESNyHSvg+H7YpJhuMBoMhj5rjYjTwbM2gcH73c8QPan2T354NwULQsQ1ISjT1R+ nj0EDq+nQGHOUZnKs2jvFn+qwV7pHSChd5N+D7AkJ0PbkXKfrgp7mDPOkK+02h0m35iPUiGD X823M/342k812BCK69VeXKXmRX6L2wThb4LKzpDKMLtVk8UzJ+Kpb/uua+SToPWxjnhkWouL 66gqKaDQfqE3S3D/CunoPzt3zZaFhqfAiCYunpbHHlgqhUCeOGe+/frT297DAkS+W4gGSwrT HMtS3FMs5uLjT+e6zizZ6oWjqz7xc9KCGvSbbxOR4Xh7V7whDkEVh4RtUx/MORGnkQ/8Vlkl PorqZV8FgMB+tMrWDcljdpHJ39lWyLQQPmwqhr8huF6wM6egsRmpYTA+tnkAPRzOqEZDsenT y9FhQVoiW4+yZcMAtBAxVjrF7IPwZ8ZiC+MIUtpCTezO9lA2AmQVOvAO+rLMMmTeWOjJwsF8 BBgBCAAmFiEEMy4xWjrdqu5qETlXya7s4dCnRWkFAllD+eYCGwwFCQLmPIAACgkQya7s4dCn RWnJtA/9FjnVZxJz60YZOSE9ouWKdbZaX9M0n5q3hWtt6YIJAvbTNvA5lZbBxwvp4MuJPlhL OzkAdTfVe95OxpnEzALeT7/RA8s38ir67MQQBK/EEImyeTGu/UL8kT57lsW/T15lFGD30ixD 8W3NBfUS/ohF8DPNRtSeQx9WUdXXSwR/O/SNtSo7+M4xqmoA9xcYmPGc8l8nxDfvvqtX6nLe wWqg4m5fKxVbl1DD/xdz7P2sec/BeIJwDZxAVw4i8tQlgWY5wnUmHbf8rA788aNfMTmRwwZz 4PtqKy8P9WLPMf6ogqACRbnqJEcVrO32bHe7jiSo8b4Eq0dj6lQSLxx+jBCZjCVoHe+kjP0M gsEjW5smwBFj5Gx3pbk3YaeIQxxo6Aw8ktguyNuTmpgMbz3f8lUULqruiltOI442Hg/6YBxe ZUPNEKVpttqXIGzi+LHVeLFZ7d5acpCAYWsyg5ycUUbvM/bpbimOx9l8LJrbytdHAkWllpBA eqB64BWtQrlBwXS5yFYNgzlvJXGsbGaFHzIi5AKjYPbPw8BzF1JKe48yJQg0O3L9HJOwAsPg 0znJ14tpiW56CDABH2Yt7w0FZ32FEFpUiPN8jRt5QLQ5quAAltH69RkzQ2thIOCBiEdXBIph QDq64ekD2YgbnJXCsfli5AOhc8aH7yQnOmVG6LcMuqw= |
| User-Agent | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0 |
| In-Reply-To | <69b48113-bc58-e0c8-a551-03a7e72d88d4@case.edu> |
| Content-Language | en-US |
| X-Df-Sender | NDM2MjM5 |
| X-detected-operating-system | by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] |
| X-Received-From | 80.67.18.16 |
| X-BeenThere | bug-bash@gnu.org |
| X-Mailman-Version | 2.1.21 |
| Precedence | list |
| List-Id | Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org> |
| List-Unsubscribe | <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe> |
| List-Archive | <http://lists.gnu.org/archive/html/bug-bash/> |
| List-Post | <mailto:bug-bash@gnu.org> |
| List-Help | <mailto:bug-bash-request@gnu.org?subject=help> |
| List-Subscribe | <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe> |
| Xref | csiph.com gnu.bash.bug:14631 |
Show key headers only | View raw
On 9/22/18 1:34 AM, Chet Ramey wrote: > On 9/21/18 4:13 PM, dirk+bash@testssl.sh wrote: >> >> Hello there, >> >> we discovered a strange phenomenon in the project testssl.sh: >> >> After opening a TCP socket with a fd (here: 5), when writing to it, >> it seems that >> >> printf -- "$data" >&5 2>/dev/null >> >> does not do what it is intended. "$data" is a ClientHello like >> >> '\x16\x03\x01\x2\x00\x01\x00\x1\xfc\x03\x03\x54\x51\x1e\x7a\xde\xad\xbe\xef\x31\x33\x07\x00\x00\x00\x00\x00\xcf\xbd\x39\x04\xcc\x16\x0a\...' >> >> Each \x0a like the last one causes a new TCP fragment to begin which can be easily >> spotted when using wireshark while running e.g. > > Newline? It's probably that stdout is line-buffered and the newline causes > a flush, which results in a write(2). Anything one can do on the level of bash or non-syscall land? What about ulimit -b ? >> If there's a workaround, please let me know. (tried to add "%b" with no >> effect). Otherwise I believe it's a bug. > > How? Does the emitted output not correspond to what's passed to printf > in some way? "\x0a" is a legitimate byte which is send from time to time over the socket. It happens if the record layer is e.g. 522 bytes (\x02\x0a), if a standard cipher is included in the handshake like (\xc0\x0a) or DES-CBC3-SHA (\x00\x0a) ECDHE-ECDSA-AES256-SHA or at any other occasion. Everything works as expected and like a charm for years now -- the only thing isthe underlying TCP fragmentation which is caused as a side effect by sending \x0a. As indicated a few servers under certain condition can't cope with it asif the TCP first segment is too small they don't treat this as ClientHello and just drop the packet, see thread @ https://github.com/drwetter/testssl.sh/pull/1113, specifically the hint wrt https://support.f5.com/csp/article/K53322151 . My stance is simply if I use in the internal feature of bash for TCP socket programming I didn't expect to have side effects like this. Thx, Dirk
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: bash sockets: printf \x0a does TCP fragmentation dirk+bash@testssl.sh - 2018-09-22 10:21 +0200
csiph-web