PyMISP icon indicating copy to clipboard operation
PyMISP copied to clipboard

Published 20 hours ago verified publisher icon MISP

TCP_KEEPIDLE, TCP_KEEPINTVL and TCP_KEEPCNT not present in all operating systems

Open mhpcchaves opened this issue 1 year ago • 4 comments

After upgrading one of my pymisp instances that runs on OpenBSD system to 2.4.160, it presented the following error:

In [1]: import pymisp
---------------------------------------------------------------------------
AttributeError                            Traceback (most recent call last)
<ipython-input-1-a87cdefbe0c6> in <module>
----> 1 import pymisp

~/MISP/PyMISP/lib/python3.9/site-packages/pymisp/__init__.py in <module>
     42     from .tools import update_objects  # noqa
     43
---> 44     from .api import PyMISP, register_user  # noqa
     45     from .api import PyMISP as ExpandedPyMISP  # noqa
     46     from .tools import load_warninglists  # noqa

~/MISP/PyMISP/lib/python3.9/site-packages/pymisp/api.py in <module>
     35 HTTPConnection.default_socket_options = 
HTTPConnection.default_socket_options + [
     36     (socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1),  # enable keepalive
---> 37     (socket.SOL_TCP, socket.TCP_KEEPIDLE, 30),  # Start pinging after 30s of idle time
     38     (socket.SOL_TCP, socket.TCP_KEEPINTVL, 10),  # ping every 10s
     39     (socket.SOL_TCP, socket.TCP_KEEPCNT, 6)  # kill the connection if 6 ping fail  (60s total)

AttributeError: module 'socket' has no attribute 'TCP_KEEPIDLE'

The attributes TCP_KEEPIDLE, TCP_KEEPINTVL, and TCP_KEEPCNT from socket module are not present in all operating systems.

Any chance of making this code portable?

mhpcchaves avatar Aug 09 '22 18:08 mhpcchaves

hmmm this is annoying.

I will make it linux-only as a quick fix (I bet it is also an issue and windows, now that I think about it), and I can use the proper options for BSD if you know what they are.

Rafiot avatar Aug 09 '22 19:08 Rafiot

Fixed: https://github.com/MISP/PyMISP/commit/a5f9ac996cd247cc3f319017ff28895bd0b7cd34

Rafiot avatar Aug 09 '22 19:08 Rafiot

I know that OpenBSD doesn't implement these options. It works on FreeBSD (tested). I don't know about other *BSD distros. As you said, I also think it might be an issue on Windows.

mhpcchaves avatar Aug 09 '22 19:08 mhpcchaves

Right. Well, no very long query for BSD and Windows users, at least for now.

It is an edge case anyway as far as I know, and only when you have a proxy in between that kills the connection if there are no keepalive packets.

Rafiot avatar Aug 09 '22 21:08 Rafiot