I am using a server that is crashing following a call to recv() returning -1 and errno set to ECONNRESET. I originally found this condition using nmap (I’m not a cracker, was just testing if the port was open at the time.) However, nmap uses raw sockets so I’m not too happy submitting this as a test case to the developers. I would rather write a client program in C that can cause the ECONNRESET.
So far I have tried two things: connect() to the server from my client and then shutdown() the socket immediately after connecting. recv() on the server still returned 1 (I have inserted debugging code so I can see the return value.) I also tried calling send() with some string and then immediately calling shutdown(). No dice, the string was transmitted fine.
So how would I cause this condition? Non portable is fine, I am using Linux.
The problem is that you are calling
shutdown. Callcloseinstead.Take a look at a TCP state diagram.
http://tangentsoft.net/wskfaq/articles/debugging-tcp.html
Basically,
shutdowncloses a socket “politely” by sending a FIN and waiting for the peer to finish (FIN -> ACK/FIN -> ACK -> closed), at which point you callcloseand all is good. If you callclosewithout callingshutdownfirst, it’s the “impolite” version which sends a RST — the equivalent of hanging up in the middle of a phone call, without waiting for the other person to finish what they’re saying.Think of “shutdown” as “say goodbye”, and “close” as “hang up”. You always have to hang up, but you don’t have to say goodbye first.
About nmap: It is perfectly acceptable to give developers a test case with nmap. That’s one of the main purposes of nmap anyway.