Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support half-closes #6

Open
ethanwu10 opened this issue Jun 19, 2021 · 1 comment
Open

support half-closes #6

ethanwu10 opened this issue Jun 19, 2021 · 1 comment
Labels
enhancement New feature or request

Comments

@ethanwu10
Copy link
Member

When one side (typically the client) half-closes the TCP stream to send an EOF to the other side, the connection is immediately terminated instead of allowing communications to continue for a short period. This behavior is sometimes used for signalling, especially if it is intentional for the program being hosted in the jail to only process after the EOF (e.g. sort), and thus is not compatible with the current implementation of redpwn/jail

Currently, in the jail proxy server for PoW, whenever one end of the socket reaches EOF, the entire socket is then close()d, which likely breaks half-closes at the proxy server.
In addition, nsjail also immediately kills the process when the connection is half-closed, breaking half-close when jail is operating without a PoW in exec mode. We will need a patch to nsjail first to either disable the behavior or trigger the kill after a short delay.

@ginkoid ginkoid added the enhancement New feature or request label Nov 27, 2021
@DeadPackets
Copy link

I fully support this enhancement. We heavily rely on this jail for our CTFs, and we regularly package web challenges inside it. It is extremely painful to have to work with web challenges that restart the entire environment on every connection, so having half-closes would be absolutely great for this use-case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants