Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

fuzzingserver abruptly closes the TCP connection #78

Open
lpinca opened this issue Dec 11, 2017 · 0 comments
Open

fuzzingserver abruptly closes the TCP connection #78

lpinca opened this issue Dec 11, 2017 · 0 comments

Comments

@lpinca
Copy link

lpinca commented Dec 11, 2017
edited
Loading

Description

When the client sends a masked close frame, the server abruptly closes the TCP connection.

Reproducible in

version: 0.7.5
Node.js version(s): 4.8.7, 6.12.2, 8.9.3, 9.2.1
OS version(s): Ubuntu 16.04

Steps to reproduce

1. Start the fuzzingserver
(wstest) luigi@ubuntu:~/test$ uname -a
Linux ubuntu 4.4.0-103-generic #126-Ubuntu SMP Mon Dec 4 16:23:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
(wstest) luigi@ubuntu:~/test$ cat fuzzingserver.json 
{
  "url": "ws://192.168.0.31:9001",
  "outdir": "./reports/clients",
  "cases": ["*"],
  "exclude-cases": [],
  "exclude-agent-cases": {}
}
(wstest) luigi@ubuntu:~/test$ wstest -m fuzzingserver
Using implicit spec file 'fuzzingserver.json'
Loading spec from /home/luigi/test/fuzzingserver.json

Using Twisted reactor class <class 'twisted.internet.epollreactor.EPollReactor'>
Using UTF8 Validator class <type 'wsaccel.utf8validator.Utf8Validator'>
Using XOR Masker classes <type 'wsaccel.xormask.XorMaskerNull'>

Autobahn WebSockets 0.7.5/0.10.9 Fuzzing Server (Port 9001)
Ok, will run 519 test cases for any clients connecting
2. Run the following Node.js script
const assert = require('assert');
const net = require('net');

const host = '192.168.0.31';
const port = 9001;

const socket = net.createConnection(port, host, () => {
  socket.write([
    'GET /getCaseCount HTTP/1.1',
    `Host: ${host}:${port}`,
    'Upgrade: websocket',
    'Connection: Upgrade',
    'Sec-WebSocket-Key: huuKcUUBDmV/8iQBsEF8IA==',
    'Sec-WebSocket-Version: 13',
    '\r\n'
  ].join('\r\n'));
});

socket.on('data', (chunk) => {
  const headers = Buffer.from([
    'HTTP/1.1 101 Switching Protocols',
    'Server: AutobahnTestSuite/0.7.5-0.10.9',
    'X-Powered-By: AutobahnPython/0.10.9',
    'Upgrade: WebSocket',
    'Connection: Upgrade',
    'Sec-WebSocket-Accept: 158w9A++bqKnjX8gj72FqUAfNQA=',
    '\r\n'
  ].join('\r\n'));

  const data = Buffer.from('81033531398800', 'hex');
  const expected = Buffer.concat([headers, data]);

  assert.ok(chunk.equals(expected));

  socket.write(Buffer.from('8882ed036357eeeb', 'hex'));
  socket.end();
});

socket.on('end', () => console.log('end'));
socket.on('error', console.error);

Expected result

The connection is closed cleanly.

Actual result

An error is emitted on the socket.

{ Error: read ECONNRESET
    at _errnoException (util.js:1031:13)
    at TCP.onread (net.js:619:25) errno: 'ECONNRESET', code: 'ECONNRESET', syscall: 'read' }

Additional details

The connection is closed cleanly if the client sends an unmasked close frame.

socket.write(Buffer.from('880203E8', 'hex'));
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lpinca