hi benoit, On Tue, 2006-10-31 at 12:54 +0200, Benoit Panizzon wrote: > It looks like we have been able to quite exactly figure out what goes wrong. > > From Kernel 2.6.17 on, the tcp_window_scaling code was changed. > found on: > http://inodes.org/blog/2006/09/06/tcp-window-scaling-and-kernel-2617/ > > Linux starts with very small packets. > > Our POP +OK string is exaclty 47 bytes long and split into two reads: > 46 bytes + 1 byte > > check_tcp apparently fails if a read is split into multiple reads and > terminates thos two reads with \0 and overwrites the first 46 bytes by > terminating them with \0 after the lenght of the second read, thus leaving > something like "+O" or even shorter remaining in the buffer. > > If the string is shorter everything is OK as it fits into one read. > If the string is longer, the overwriting happens after the +OK and again the > check is OK.
thanks for the extra info. strange new features in the kernel... i
guess there must be some rationale for it. a question though: wouldn't
it be a better general solution to concatenate the read results
rather than changing kernel settings (of course this might mean more
code in the plugin)?
sean
signature.asc
Description: This is a digitally signed message part
