Re: [tcpm] [Technical Errata Reported] RFC7413 (4239)
Joe Touch <touch@isi.edu> Sat, 24 January 2015 20:46 UTC
Return-Path: <touch@isi.edu>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C68C1A005C for <tcpm@ietfa.amsl.com>; Sat, 24 Jan 2015 12:46:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7sBTVL9QYOA for <tcpm@ietfa.amsl.com>; Sat, 24 Jan 2015 12:46:25 -0800 (PST)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CB261A0037 for <tcpm@ietf.org>; Sat, 24 Jan 2015 12:46:25 -0800 (PST)
Received: from [192.168.1.11] (pool-71-103-148-202.lsanca.dsl-w.verizon.net [71.103.148.202]) (authenticated bits=0) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id t0OKcOjP001060 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sat, 24 Jan 2015 12:38:33 -0800 (PST)
Message-ID: <54C402C0.6050609@isi.edu>
Date: Sat, 24 Jan 2015 12:38:24 -0800
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Matthew Luckie <mjl@caida.org>
References: <20150122232420.282F5187A98@rfc-editor.org> <54C2DE6E.2010505@isi.edu> <20150124035751.GA32450@spandex.luckie.org.nz> <54C3D063.5000500@isi.edu> <20150124184240.GA23985@spandex.luckie.org.nz>
In-Reply-To: <20150124184240.GA23985@spandex.luckie.org.nz>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpm/cDfKJnKZAJ7pGYULOMWo6IsJwfQ>
X-Mailman-Approved-At: Sun, 25 Jan 2015 10:42:42 -0800
Cc: tcpm@ietf.org, mls.ietf@gmail.com, RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [tcpm] [Technical Errata Reported] RFC7413 (4239)
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Jan 2015 20:46:26 -0000
On 1/24/2015 10:42 AM, Matthew Luckie wrote: >>>>> A length field of zero would mean an invalid TCP option. >>>> >>>> Disagree. The correct reason is, IMO: >>>> >>>> The Nil option has no bytes beyond the Kind and Length >>>> fields required in all TCP options, and the Length field >>>> includes the space used for Kind and Length. >>>> >>>> The interpretation of an option with a 0 length should not be discussed >>>> in the errata or future updates to this doc; it is out of scope. >>>> >>>> (AFAICT, if it were observed, the entire segment would have to be deemed >>>> invalid, not just that individual option. But that's not germane to this >>>> errata). >>> >>> I do not think that the reasoning behind this errata needs to be >>> discussed in future updates to the RFC (I put my reasoning in the >>> Notes field of the errata form) but I absolutely believe that a TCP >>> option defined after RFC793 with a length of zero is an invalid option >>> that will cause a TCP receiver to stop processing the options. >> >> It should be interpreted as a malformed segment, not simply stop the >> processing of the options. > > OK. I took a more careful read of your responses and I think we are > somewhat in agreement, about L<2 being malformed. But, the source of > two TCP stacks (Linux tcp_parse_options() and FreeBSD tcp_doptions()) > show that they just stop processing the options when they get a TLV > option with a L < 2, rather than discard the segment. I think that is a mistake in both implementations. Once something nonsensical occurs in a TCP header, the segment should be discarded. Logging it (with rate limiting) would be nice too. But the rest of the message clearly should not be acted upon. Joe
- [tcpm] [Technical Errata Reported] RFC7413 (4239) RFC Errata System
- Re: [tcpm] [Technical Errata Reported] RFC7413 (4… Joe Touch
- Re: [tcpm] [Technical Errata Reported] RFC7413 (4… Matthew Luckie
- Re: [tcpm] [Technical Errata Reported] RFC7413 (4… Matthew Luckie
- Re: [tcpm] [Technical Errata Reported] RFC7413 (4… Joe Touch
- Re: [tcpm] [Technical Errata Reported] RFC7413 (4… Joe Touch
- [tcpm] [Errata Verified] RFC7413 (4239) RFC Errata System