IETF Logo Mail Archive

[quicwg/base-drafts] Handling of connection ID in handshake creates corner cases (#843)

Christian Huitema <notifications@github.com> Mon, 09 October 2017 17:30 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54682134723 for <quic-issues@ietfa.amsl.com>; Mon, 9 Oct 2017 10:30:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5039-Q8xFwN for <quic-issues@ietfa.amsl.com>; Mon, 9 Oct 2017 10:30:54 -0700 (PDT)
Received: from o3.sgmail.github.com (o3.sgmail.github.com [192.254.112.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EF0C134722 for <quic-issues@ietf.org>; Mon, 9 Oct 2017 10:30:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=d5DeLPI9JUBVZHGmNSc5zLWF41M=; b=krk5rs72vvvJ1znU /KMMaH97upyavXatSwajF9bAYT67feaeGNhMI0PlhMcqD5JhJWNX+uBqRX9oEakZ SZDOIKTfv7hjgAmdrQEuSh3zvip4NsOB5CQ6hnATgmCFQ0kRnrycx9iDrAszoJxg 6B7QsRykk0yVpMeqZ/R2RubN3kY=
Received: by filter1093p1mdw1.sendgrid.net with SMTP id filter1093p1mdw1-19949-59DBB24D-21 2017-10-09 17:30:53.532121223 +0000 UTC
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2b-ext-cp1-prd.iad.github.net [192.30.253.17]) by ismtpd0005p1iad1.sendgrid.net (SG) with ESMTP id c335Hn40S5uPUdHeKCH2Aw for <quic-issues@ietf.org>; Mon, 09 Oct 2017 17:30:53.484 +0000 (UTC)
Date: Mon, 09 Oct 2017 17:30:53 +0000
From: Christian Huitema <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab10f9720bebedad48e67f6231dc2cc710ac87668492cf0000000115f3744c92a169ce0fbbdfd8@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/843@github.com>
Subject: [quicwg/base-drafts] Handling of connection ID in handshake creates corner cases (#843)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_59dbb24cd45d1_3c0a3fa170f36f284156"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3ME01bz8JB3re4+StbwXRoXY3RBPi7G2qYHK 1jYQC0w5DkBLl7S8Rehv/jtM+PLfnx+Mu66k6KdG/AgSFg83T6KKaOM2h3377pDFk9JaDu5ZLreAPN mixt7QE7sqSuUHle6pYPuBLCv524KKc1j8WKFXTSKs1RuwZfD1JDuy1cDaPS46av3LCwbMsdnLNSkj Y=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/-KnkKDKgxy7bwW84Q3svocDu5aA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2017 17:30:56 -0000

I just finished writing a test case to replicate a failure mode that I observed during interop testing. The test case goes as follow:

1) start connection #1 from client to server;

2) nuke connection #1 at the client side because something went wrong, as it often does during interop tests;

3) start connection #2 from client to server, using the same 5-tuple as connection #1.

The good news is that in most case I can make it work, the connection #2 succeeds and the test passes. The bad news is that there is one corner case that creates random failures. After the client sends the Client Initial packet it is waiting for a "server clear text" message, and it can receive either:

* the "server clear text" message generated by the server in response to the client initial packet of connection #2;

* or, a retransmission of the "server clear text" message of connection #1, because it was not yet acknowledged when connection #1 was nuked.

If the client accepts the message from connection #1, it will set the connection ID to the connection #1 value, and the TLS handshake will fail because #1 and #2 used different key shares. So the client really wants to pick the "right" server clear text message. But as far as QUIC is concerned, there is no easy way to tell, since both messages carry a connection ID that is unrelated to the client-chosen initial connection ID.

Do we want to handle that corner case?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/843

v2.35.0 | Report a Bug | By Email | System Status