Re: [IPsec] rfc8229bis missing advise on error handling in IKE_INIT
Tommy Pauly <tpauly@apple.com> Sat, 20 March 2021 02:55 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BEE63A1840 for <ipsec@ietfa.amsl.com>; Fri, 19 Mar 2021 19:55:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level:
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.248, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j4CBcs4SPJ6I for <ipsec@ietfa.amsl.com>; Fri, 19 Mar 2021 19:55:18 -0700 (PDT)
Received: from rn-mailsvcp-ppex-lapp15.apple.com (rn-mailsvcp-ppex-lapp15.rno.apple.com [17.179.253.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7FDC3A1841 for <ipsec@ietf.org>; Fri, 19 Mar 2021 19:55:18 -0700 (PDT)
Received: from pps.filterd (rn-mailsvcp-ppex-lapp15.rno.apple.com [127.0.0.1]) by rn-mailsvcp-ppex-lapp15.rno.apple.com (8.16.0.43/8.16.0.43) with SMTP id 12K2kjNJ022810; Fri, 19 Mar 2021 19:55:17 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=hCsH/MbdAGLMhNZs/PTxJYbM9BX7zXJd7tw+ZbtQ7as=; b=MwaSPrKSukrCeovZMopxbpCgXaB4vZIJ1Np1l19WU2NHhrRnZYLd4JTnwvQ8ClDOQeZX YtyNYk8i5ljkkbXu9ogTFnjSXHBSsQUOvv2TNod8nViIGgMxgrroRy7l+bY7xzN2+Igz 8bcrEl2uq86ClpD5B4ztQdlIt84d3T3YyHYwH/aS25CudJ1Oy7kt4g6xbkRQSZy/t6ns TKSBKllsaTtw+wnwSe/XeA1LPhIC6mqsBxtyhpTFPrfYDvb6Ha2CH0yW1tMqZS1eVcbr rZvyQcoePGRq2offDq8AZ9ZEm54ldR2Dxg3Dw5utEvlk4bmI+jqM3JMh8dAjjvjlfimZ yg==
Received: from rn-mailsvcp-mta-lapp04.rno.apple.com (rn-mailsvcp-mta-lapp04.rno.apple.com [10.225.203.152]) by rn-mailsvcp-ppex-lapp15.rno.apple.com with ESMTP id 378uug528m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 19 Mar 2021 19:55:17 -0700
Received: from rn-mailsvcp-mmp-lapp03.rno.apple.com (rn-mailsvcp-mmp-lapp03.rno.apple.com [17.179.253.16]) by rn-mailsvcp-mta-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) with ESMTPS id <0QQ800J07YS5UL80@rn-mailsvcp-mta-lapp04.rno.apple.com>; Fri, 19 Mar 2021 19:55:17 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp03.rno.apple.com by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) id <0QQ800U00YARNW00@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Fri, 19 Mar 2021 19:55:17 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 0ffb4ba06162e7d0023839378ebed949
X-Va-E-CD: e7144734a20af5efeb0c744cc6042ad5
X-Va-R-CD: 467dc9fd8d7b0273a6a945c4da1e9d4d
X-Va-CD: 0
X-Va-ID: 789dcb5c-cd3d-4044-a177-f9af2062b453
X-V-A:
X-V-T-CD: 0ffb4ba06162e7d0023839378ebed949
X-V-E-CD: e7144734a20af5efeb0c744cc6042ad5
X-V-R-CD: 467dc9fd8d7b0273a6a945c4da1e9d4d
X-V-CD: 0
X-V-ID: 9463576e-06d7-4026-a0e1-11bbd4489be3
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-19_12:2021-03-19, 2021-03-19 signatures=0
Received: from smtpclient.apple (unknown [17.11.143.91]) by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) with ESMTPSA id <0QQ800V9OYS45400@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Fri, 19 Mar 2021 19:55:16 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <175D1553-0884-4237-A9E9-A8FED64A6986@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_DB2CE5CD-7CFB-476C-B29F-14D0BDEBDD40"
MIME-version: 1.0 (Mac OS X Mail 15.0 \(3668.0.5\))
Date: Fri, 19 Mar 2021 19:55:16 -0700
In-reply-to: <e37b5c6c-cee5-8d94-b1dd-899c862fea5d@nohats.ca>
Cc: "ipsec@ietf.org WG" <ipsec@ietf.org>
To: Paul Wouters <paul@nohats.ca>
References: <e37b5c6c-cee5-8d94-b1dd-899c862fea5d@nohats.ca>
X-Mailer: Apple Mail (2.3668.0.5)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-19_12:2021-03-19, 2021-03-19 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/C976Ascq_nNRtld90PXvrL_lDhM>
Subject: Re: [IPsec] rfc8229bis missing advise on error handling in IKE_INIT
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Mar 2021 02:55:21 -0000
> On Mar 19, 2021, at 12:36 PM, Paul Wouters <paul@nohats.ca> wrote: > > > Hi, > > We have implemented TCP but are running in some issues where the RFC and > the bis draft does not give us clarify. > > If the IKE_INIT over TCP gets back an INVALID_KE, what is supposed to > happen? Is the responder expected to close the TCP session, since it > never created a state for this exchange? Is the initiator expected > to re-use the TCP connection to send a fresh new IKE_INIT request > with the proper KE ? This case is similar to the COOKIE case, but > there the initiator is expected to keep state and re-use, except > one is not supposed to trigger COOKIES on TCP. My interpretation here, and the way our client works, is that the connection may be reused. From 7296: If the initiator guesses wrong, the responder will respond with a Notify payload of type INVALID_KE_PAYLOAD indicating the selected group. In this case, the initiator MUST retry the IKE_SA_INIT with the corrected Diffie-Hellman group. This implies that the new IKE_SA_INIT is a retry of the same IKE SA. Indeed, at least for our client, we don’t reset the SA values. If that is the interpretation of the retry after INVALID_KE_PAYLOAD, it doesn’t violate 8229: Multiple IKE SAs MUST NOT share a single TCP connection, unless one is a rekey of an existing IKE SA, in which case there will temporarily be two IKE SAs on the same TCP connection. > > Note I think this sentence is incorrect: > > Moreover, a TCP Responder creates state once a SYN packet is received > > libreswan listens on the TCP socket, but for INVALID_KE responses it > creates a response without creating a state. This sounds like a good clarification to make. We can say that it may create state at that point. > > Similarly, when IKE_AUTH fails with NO_PROPOSAL_CHOSEN or > AUTHENTICATION_FAILED, who is responsible for closing the TCP socket? > The initiator or the responder? 8229 says: In order to close an IKE session, either the Initiator or Responder SHOULD gracefully tear down IKE SAs with DELETE payloads. Once the SA has been deleted, the TCP Originator SHOULD close the TCP connection if it does not intend to use the connection for another IKE session to the TCP Responder. If the connection is left idle and the TCP Responder needs to clean up resources, the TCP Responder MAY close the TCP connection. This generally means: client goes first when closing TCP, but server should close if the client doesn’t in time. > > Perhaps a similar issue happens when an IKE lifetime is reached before > a rekey or re-auth happened. But in that case I guess the party sending > the delete can linger briefly for the reply and then close the socket > if it didn't get closed by the responder to the delete request. Note also that a new TCP connection can always be used for an IKE SA from an old connection; that is allowed, so it’s possible that if the server closes too early, the client will reopen with a new connection to send remaining messages. Thanks, Tommy > > Paul > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] rfc8229bis missing advise on error handli… Paul Wouters
- Re: [IPsec] rfc8229bis missing advise on error ha… Tommy Pauly
- Re: [IPsec] rfc8229bis missing advise on error ha… Valery Smyslov
- Re: [IPsec] rfc8229bis missing advise on error ha… Paul Wouters