Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <41416396.48B2E11E@dessent.net>
Date: Fri, 10 Sep 2004 01:19:34 -0700
From: Brian Dessent <brian AT dessent DOT net>
Organization: My own little world...
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: rsync + xp sp2 failing
References: <20040909202553 DOT 8B672E598 AT wildcard DOT curl DOT com> <4140C972 DOT 6030408 AT iwcenter DOT com> <20040909220929 DOT GA30475 AT cygbert DOT vinschen DOT de>
Content-Type: text/plain; charset=iso-8859-1
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id i8A8G2rQ018280

Corinna Vinschen wrote:

> All WSADuplicateSocket calls fail with 10045, "operation is not supported
> for the type of object referenced", even thought the above created socket
> handles are referenced.  That's weird.
> 
> I'm still running XP SP1 and I can't reproduce this.  I'm wondering if
> that's a side effect of the new firewall in XP2.  Did you try with
> switching off the firewall entirely?

FWIW this error happens frequently enough for Apache under windows that
it's in their FAQ:
<http://httpd.apache.org/docs/misc/FAQ.html#WSADuplicateSocket>

---- quote ----
Apache for Windows does not start. Error log contains this message:
"[crit] (10045) The attempted operation is not supported for the type of
object referenced: Parent: WSADuplicateSocket failed for socket ###".
What does this mean?

We have seen this problem when Apache is run on systems along with
Virtual Private Networking clients like Aventail Connect. Aventail
Connect is a Layered Service Provider (LSP) that inserts itself, as a
"shim," between the Winsock 2 API and Window's native Winsock 2
implementation. The Aventail Connect shim does not implement
WSADuplicateSocket, which is the cause of the failure.

The shim is not unloaded when Aventail Connect is shut down. Once
observed, the problem persists until the shim is either explicitly
unloaded or the machine is rebooted. Another potential solution (not
tested) is to add apache.exe to the Aventail "Connect Exclusion List".

Apache is affected in a similar way by any firewall program that isn't
correctly configured. Assure you exclude your Apache server ports
(usually port 80) from the list of ports to block. Refer to your
firewall program's documentation for the how-to.
---- end quote ----

It's probably not directly related, but there is this blurb about LSP
from the page on
<http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#XSLTsection127121120120>

---- quote ----
Winsock self-healing

Detailed description

Winsock, Windows’ network socket facility for applications, is
extensible by a mechanism known as a Layered Service Provider (LSP).
Winsock LSPs are available for a wide range of useful purposes,
including internet parental controls, and web content filtering. In
previous versions of Windows XP, removing a malformed (also known as
“buggy”) LSP could result in corruption of the Winsock catalog in the
registry, potentially resulting in a loss of all network connectivity.
Winsock now has the ability to self-heal after a user uninstalls such an
LSP. 
---- end quote ----

And finally, although it's probably not relevant, the following passage
from
<http://msdn.microsoft.com/security/productinfo/xpsp2/default.aspx?pull=/library/en-us/dnwxp/html/securityinxpsp2.asp>
might help track down the problem:

---- quote ----
IPv4 Inbound Connections for Applications. An application that completes
a listen operation on a TCP socket or successfully binds to a UDP socket
through Winsock is covered by this scenario. Examples of these
applications include audio and video in MSN or Windows Messenger, or
hosting a multiplayer game. For this scenario, ICF can automatically
open and close ports as needed by the application. When an application
that needs to listen on a port or ports is being installed by an
administrator, it will need to ask the user if he/she wants to allow the
application to open ports in the firewall. If the user consents to this,
then the application should use the INetFwV4AuthorizedApplication API to
add itself to the AuthorizedApplications collection as enabled. If the
user does not consent, then the application should use the
INetFwV4AuthorizedApplication API to add itself to the
AuthorizedApplications collection as disabled.
---- end quote ----

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/