View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000150 | Kolibri OS (trunk) | Applications | public | 2022-01-27 09:59 | 2024-02-23 21:17 |
| Reporter | floppy121 | Assigned To | hidnplayr | ||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | Any x86 / Любой x86 | OS | KolibriOS | OS Version | SVN autobuilds |
| Summary | 0000150: IRCC doesn't support "ping-cookie" and fails connecting to any servers using them | ||||
| Description | After my InspIRCd server used for the last issue (http://bugs.kolibrios.org/view.php?id=149) got broken (no clean installs helped) - this time I got UnrealIRCd 5.2.3 for Windows 7 from https://www.unrealircd.org/download/5.2 , and used an almost-default config with as few changes as possible. HexChat connects successfully to this UnrealIRCd server. However, IRCC fails with a "PING-PONG" error: [Timestamp] * Connecting to XXX.XXX.XXX.XXX [Timestamp] -servername- *** Looking up your hostname... [Timestamp] -servername- *** Found your hostname (cached) [Timestamp] -servername- ERROR: Invalid PING response. Your client must respond back with PONG :<cookie> This reply message is from UnrealIRCd source code - pingpong.c (lines 100+) : https://github.com/unrealircd/unrealircd/blob/unreal52/src/modules/pingpong.c Then I found this server-side setting of UnrealIRCd: https://www.unrealircd.org/docs/Set_block#set::ping-cookie ===== set::ping-cookie Syntax: set::ping-cookie <yes|no> When a client connects, send a "ping cookie" consisting of a random string that the client should respond with. All clients should cope with this and do so without bothering the user. Ping cookies are a security measure. It helps in preventing blind HTTP-POST attacks and similar security issues. It also helps against TCP spoofing on very old operating systems. The default is yes (enabled). Changing this to no is a big security risk. ===== If I go to my almost-default unrealircd.conf , find the "/* Network configuration */ set {" code block (lines 420+) and add a ping-cookie "no"; line to it, as following: ===== ... set { ... prefix-quit "Quit"; ping-cookie "no"; /* Cloak keys ... ===== then IRCC can connect to this server successfully. Unfortunately, this is a server-side setting, which means that IRCC can't connect to many IRC servers with this ping-cookie stuff enabled. Looking at replies here - https://forums.unrealircd.org/viewtopic.php?t=2098#top , it seems that IRCC should reply to a server message like "PING :B0156928" with "PONG :B0156928". Also: "Note that, again because of the IRC protocol, you MUST pong back to any subsequent ping requests that may happen (eg: because of idle time), as outlined in RFC1459 section 4.6.2." | ||||
| Tags | No tags attached. | ||||
| SVN revision / ревизия SVN | r9671 | ||||
| Type of distribution / Тип дистрибутива | img / образ дискеты | ||||
|
|
Although cmd_ping is implemented at serverparser.inc , it does not work with UnrealIRCd for some reason. http://websvn.kolibrios.org/filedetails.php?repname=Kolibri+OS&path=%2Fprograms%2Fnetwork%2Fircc%2Fserverparser.inc |
|
|
Please provide example of actual PING request and (if present) erroneous PONG reply from IRCc. It can be captured with wireshark for example. |
|
|
Here's a relevant extracted data from Wireshark (MAC addresses replaced by XX's - client, YY's - server) : 1) PING request by UnrealIRCd server: Internet Relay Chat Response: PING :3D038D38 Command: PING Trailer: 3D038D38 0000 XX XX XX XX XX XX YY YY YY YY YY YY 08 00 45 00 ============..E. 0010 00 44 9b 74 40 00 40 06 8a e9 0a 2a 00 01 0a 2a .D.t@.@....*...* 0020 00 02 1a 0b e5 71 60 09 e5 b9 ca 40 ed cb 80 18 .....q`....@.... 0030 01 fe 14 8d 00 00 01 01 08 0a b9 dc dd 2e cd 4b ...............K 0040 0b 00 50 49 4e 47 20 3a 33 44 30 33 38 44 33 38 ..PING :3D038D38 0050 0d 0a .. 2) PONG reply by IRCC client - for some reason it's not complete: Internet Relay Chat Request: PONG :3D0 Command: PONG Trailer: 3D0 0000 YY YY YY YY YY YY XX XX XX XX XX XX 08 00 45 00 ============..E. 0010 00 33 00 00 00 00 80 06 26 6f 0a 2a 00 02 0a 2a .3......&o.*...* 0020 00 01 e5 71 1a 0b ca 40 ed cb 60 09 e5 c9 50 10 ...q...@..`...P. 0030 80 00 ee f6 00 00 50 4f 4e 47 20 3a 33 44 30 0a ......PONG :3D0. 0040 0d . |
|
|
Fixed in #9979 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-01-27 09:59 | floppy121 | New Issue | |
| 2022-01-28 14:52 | floppy121 | Assigned To | => hidnplayr |
| 2022-01-28 14:52 | floppy121 | Status | new => assigned |
| 2022-01-30 08:25 | floppy121 | Note Added: 0000234 | |
| 2022-01-30 08:55 | hidnplayr | Note Added: 0000235 | |
| 2022-01-31 19:25 | floppy121 | Note Added: 0000237 | |
| 2024-02-23 21:17 | hidnplayr | Status | assigned => resolved |
| 2024-02-23 21:17 | hidnplayr | Resolution | open => fixed |
| 2024-02-23 21:17 | hidnplayr | Note Added: 0000252 |
