IETF Logo Mail Archive

Re: [hybi] WebSocket handshake (HTTP and SSO)

Willy Tarreau <w@1wt.eu> Thu, 02 September 2010 05:38 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 50CC13A68D5 for <hybi@core3.amsl.com>; Wed, 1 Sep 2010 22:38:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.685
X-Spam-Level:
X-Spam-Status: No, score=-2.685 tagged_above=-999 required=5 tests=[AWL=-0.642, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BLszo9WzKAmR for <hybi@core3.amsl.com>; Wed, 1 Sep 2010 22:38:16 -0700 (PDT)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by core3.amsl.com (Postfix) with ESMTP id 17B583A68F0 for <hybi@ietf.org>; Wed, 1 Sep 2010 22:38:12 -0700 (PDT)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id o825capb012037; Thu, 2 Sep 2010 07:38:36 +0200
Date: Thu, 02 Sep 2010 07:38:36 +0200
From: Willy Tarreau <w@1wt.eu>
To: "Ian Fette (????????????????????????)" <ifette@google.com>
Message-ID: <20100902053836.GG10275@1wt.eu>
References: <4C7BDA8F.4080107@caucho.com> <4C7BF060.7070501@isdg.net> <4C7C2A33.6010405@caucho.com> <4C7C746F.1040006@isdg.net> <4C7D2B74.8030702@caucho.com> <4C7D5B20.9030503@isdg.net> <4C7DAECB.7050905@caucho.com> <AANLkTikS7L_04HDAsL6t+FrHZKVXQN2Gx1gmjh4gYLcb@mail.gmail.com> <AANLkTik3joD9ZKk8gtt5Nwa9kX0FpyGd6ZGc-G6yUPOc@mail.gmail.com> <AANLkTi=N_BTgPtFWRQd1i9EwSGB5vXT-poGexJ-cXOdQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AANLkTi=N_BTgPtFWRQd1i9EwSGB5vXT-poGexJ-cXOdQ@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: hybi <hybi@ietf.org>, Brodie Thiesfield <brodie@jellycan.com>
Subject: Re: [hybi] WebSocket handshake (HTTP and SSO)
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Sep 2010 05:38:17 -0000

On Wed, Sep 01, 2010 at 09:36:18AM -0700, Ian Fette (????????????????????????) wrote:
> First, I'm not sure how important it is that the numbers are _strongly_
> random, so long as they come from a sufficiently large pool of options (e.g.
> from 0 to INT_MAX). The point of the handshake is not to establish e.g. key
> material that will be used for securing the connection. Rather, the point of
> the handshake is to ensure that each end is actually a WebSocket
> server/client. Using the same number all the time could mean that the server
> could always give back the same response, which would not be desirable as
> that would imply that the server might not actually be parsing the entire
> handshake, but rather just echoing things back. Using a different number
> each time ensures that the server is actually parsing the handshake and not
> just returning a predefined value. How strong the RNG is doesn't seem to be
> critical for this, unless I've missed something.

While not *that* important, it should be at least a little bit. The example
that Greg gave (1/48 to guess the random) means that blind attacks targetting
browsers that have that poor RNGs may still have a massive impact if the
request can be forged so that a victim server's response matches one of these
random numbers.

> As for the spaces, it's to protect against injection as you say. The goal is
> to prevent it from being smuggled in the PATH in such a way that that e.g. a
> HTTP request could be misinterpreted as a WS handshake request. As spaces
> must be encoded in the path (%20) this is designed to prevent against that,
> ditto with CRLF.

In my opinion this was only necessary because of the HTTP-like imitation
which was an incomplete implementation. With real HTTP, you can't make the
req-uri slip into the headers, because the CRLF terminates the request line.

> I think the worry is that a hex number in the header could be potentially
> confused, and not offer the same protections.

Well, we already have Content-MD5 in HTTP and it does not cause such a mess.
Once again, I think *some* of the defenses were implemented because the
protocol was redesigned from scratch and needed to have at least some
intrinsic protections that HTTP offers by default but this one could not
benefit from. That's exactly where relying on proven stable protocols is
a lot better than trying to reinvent the wheel.

Regards,
Willy

v2.23.0 | Report a Bug | By Email