Read this by @majek04. Then think about the attack this is needed to prevent. TCP as specified is not adversarial. https://blog.cloudflare.com/this-is-strictly-a-violation-of-the-tcp-specification/ …
Oh so it's just a one-way shutdown()? That doesn't seem to match the article's analysis though.
-
-
I know little more than the article, but it checks out to me. The article problem is asymmetric timeout/state.
-
Well in the article the peer close()d socket rather than just shutdown(SHUT_WR). So why can't kernel reap it?
-
no, wait, the client side is reaped. The server side did NOT call close() (root cause), and leaked, and dangled
-
Right. I'm saying, if the peer (client) fully closed the socket, I can't see any motive for CLOSE_WAIT.
-
ah, right. I don’t think the client has a way to communicate a full close of a socket, though. FIN is 1W close.
-
RST is a full close
End of conversation
New conversation -
-
-
specifically, shutdown(fd, SHUT_WR) must send a FIN, complete all pending writes, make future writes fail.
-
Right. But in the article the peer used close not shutdown.
-
twit really is a shit medium to talk about this. Anyway, I put some summary here: http://pastebin.com/aZUtxBxG
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.