Search squid archive

Broken Apple devices - repeated 407s

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Apple devices seem to be pretty broken when it comes to handling authenticated proxies. However, sometimes I see behaviour that is so broken that it could almost be considered a DoS attack: Devices that make a request, get a 407 back from the proxy and immediately make the same request again, still with no authentication credentials - the proxy returns a 407, of course, and the client requests again... repeatedly, with no kind of a back-off timer, going on for hours on end. For example:

28/Apr/2014:07:45:36.194 0 10.203.1.18 TCP_DENIED/407 4660 CONNECT p02-ubiquity.icloud.com:443 - HIER_NONE/- text/html "ubd/289 CFNetwork/673.4 Darwin/13.1.0 (x86_64) (Macmini5%2C1)" 28/Apr/2014:07:45:36.205 0 10.203.1.18 TCP_DENIED/407 4660 CONNECT p02-ubiquity.icloud.com:443 - HIER_NONE/- text/html "ubd/289 CFNetwork/673.4 Darwin/13.1.0 (x86_64) (Macmini5%2C1)" 28/Apr/2014:07:45:36.215 0 10.203.1.18 TCP_DENIED/407 4660 CONNECT p02-ubiquity.icloud.com:443 - HIER_NONE/- text/html "ubd/289 CFNetwork/673.4 Darwin/13.1.0 (x86_64) (Macmini5%2C1)"

(continues like that with about 100ms between requests).

And other similar requests:

28/Apr/2014:07:45:28.793 0 10.203.1.18 TCP_DENIED/407 4649 CONNECT keyvalueservice.icloud.com:443 - HIER_NONE/- text/html "SyncedDefaults/91.30 (Mac OS X 10.9.2 (13C1021))" 28/Apr/2014:07:45:58.358 0 10.203.1.18 TCP_DENIED/407 4630 CONNECT p02-caldav.icloud.com:443 - HIER_NONE/- text/html "Mac_OS_X/10.9.2 (13C1021) CalendarAgent/176" 28/Apr/2014:07:45:59.114 0 10.203.1.18 TCP_DENIED/407 4612 CONNECT p02-bookmarks.icloud.com:443 - HIER_NONE/- text/html "CoreDAV/229.6 (13C1021)"

etc... It happens from both OS X and iOS devices every so often (presumably flattens the iphone battery pretty quickly!)

Clearly this is a bug in Apple's software (which I have reported, but they seem uninterested in fixing it*), but I'm wondering if anyone else has observed this behaviour and come up with any good ideas to mitigate it on the proxy side?


<rant>
* Apple's bug reporting process seems to be:
1. I report a bug with lots of information regarding the OS version on the device, how to replicate the problem, etc. 2. They sit on it for a few weeks before asking me to provide them with lots of logs from the device itself, which generally I can't easily do because I don't personally have the device. 3. I jump through the hoops and provide them with the information they request.
4. They sit on the bug and never bother to respond or fix it.

So given that (3) involves me spending quite a bit of time getting hold of a device and replicating the problem, even though I provided them enough information to do this themselves, and it basically seems to be a complete waste of my time since they then ignore the bug, I've largely given up reporting them now... Which is a shame - I don't mind spending time collecting debugging information if it's actually going to help get the bug fixed, but with Apple this doesn't seem to happen.
</rant>

--
 - Steve Hill
   Technical Director
   Opendium Limited     http://www.opendium.com

Direct contacts:
   Instant messager: xmpp:steve@xxxxxxxxxxxx
   Email:            steve@xxxxxxxxxxxx
   Phone:            sip:steve@xxxxxxxxxxxx

Sales / enquiries contacts:
   Email:            sales@xxxxxxxxxxxx
   Phone:            +44-844-9791439 / sip:sales@xxxxxxxxxxxx

Support contacts:
   Email:            support@xxxxxxxxxxxx
   Phone:            +44-844-4844916 / sip:support@xxxxxxxxxxxx




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux