EXTERNAL: OSError: [Errno 48] Address already in use

Chris Angelico rosuav at gmail.com
Tue Jul 3 09:40:45 EDT 2018


On Tue, Jul 3, 2018 at 10:26 PM, Marko Rauhamaa <marko at pacujo.net> wrote:
> Gregory Ewing <greg.ewing at canterbury.ac.nz>:
>
>> Marko Rauhamaa wrote:
>>> Nevertheless, the later socket object cannot unilaterally take over a
>>> socket using SO_REUSEADDR. The earlier socket object must have set the
>>> same option previously.
>>
>> I just did an experiment that suggests that's not the case.
>> I created a socket without SO_REUSEADDR, made a connection to
>> it, and killed it. Then I created another socket within the
>> timeout period with SO_REUSEADDR, and it succeeded.
>>
>> This was on MacOSX -- it's possible that other systems
>> behave differently.
>
> I tried it, too, (on Linux) and it failed.
>
> It's crucial that the killed party is the server for the situation to
> arise.
>
> That's why polite clients close their end of the connection before
> the server. Whoever closes first will suffer the TIME-WAIT state.

The same thing can happen with clients AND servers, but it's very
common with clients to allow an arbitrary port number to be chosen for
you. To trigger this problem from the client end, you would need to
use the same port. An attacker can do this easily.

ChrisA


More information about the Python-list mailing list