Re: [tcpm] ECN++ control packet handling

Bob Briscoe <ietf@bobbriscoe.net> Tue, 09 February 2021 15:48 UTC

Return-Path: <ietf@bobbriscoe.net>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4728A3A0E7F; Tue, 9 Feb 2021 07:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.432
X-Spam-Level:
X-Spam-Status: No, score=-1.432 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hzf6u5t6L8Sb; Tue, 9 Feb 2021 07:48:56 -0800 (PST)
Received: from mail-ssdrsserver2.hosting.co.uk (mail-ssdrsserver2.hosting.co.uk [185.185.84.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A7373A0E4B; Tue, 9 Feb 2021 07:48:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:Cc:From:References:To:Subject:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=SX4YueNZikv3e41Z3J1Ix2CsbEmSBLHyzqqm29MlFsI=; b=79UHRn/87IBOy79TzkSj1ItlF T0UjvqsLIQIZoFnXmCLg/DFV1zPV55FNF+dfz39oH+6pgfrZHQ/FvET6ZSl/mUmNbt8zltd6lWJPP PZD8HoaiQBGEZ7ZzM+C+2kZoXm1VzAfAAtpsUesoyvVekSNgMHESN+f2oA54NSy2YP6tsQVuZh3gj T4dtfCYRtVq8hBEm9ZeWW2+5SkrGW00xJqmzvjG4QOtOUaP8c0P7oX77kHNfbF2nSEBIIuLAfCSMT s9rtQQ/WnxY15T1a8HhRjhGkUUFMUrDF0A6S18spQ6PxbRCynZ5mRbHGnnj2suvNkR5MljYOo/Kqb J+3pb6Bfw==;
Received: from 67.153.238.178.in-addr.arpa ([178.238.153.67]:47862 helo=[192.168.1.11]) by ssdrsserver2.hosting.co.uk with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <ietf@bobbriscoe.net>) id 1l9VG2-0006Yp-1u; Tue, 09 Feb 2021 15:48:54 +0000
To: "Scheffenegger, Richard" <rs.ietf@gmx.at>
References: <d5754c0e-f45b-9cf0-1a68-e90eee0740c7@gmx.at>
From: Bob Briscoe <ietf@bobbriscoe.net>
Cc: "tcpm@ietf.org" <tcpm@ietf.org>, draft-ietf-tcpm-generalized-ecn@ietf.org
Message-ID: <391747b3-b513-1063-ba6a-5011d5ef0b0c@bobbriscoe.net>
Date: Tue, 09 Feb 2021 15:48:52 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <d5754c0e-f45b-9cf0-1a68-e90eee0740c7@gmx.at>
Content-Type: multipart/alternative; boundary="------------36BD4DBD4350BADC1EFAF0CF"
Content-Language: en-GB
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ssdrsserver2.hosting.co.uk
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: ssdrsserver2.hosting.co.uk: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: ssdrsserver2.hosting.co.uk: in@bobbriscoe.net
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/l7w3QtV4ndaTqSGk9ANAx1DMvPE>
Subject: Re: [tcpm] ECN++ control packet handling
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2021 15:48:58 -0000

Richard,

Good point. Thanks for noticing this potential implementation pit-fall.

In my local copy of the ECN++ draft I have added the following to the 
end of "3.2.6 RST (Send)":

+ Implementers SHOULD ensure that RST packets (and control packets

+ generally) are always sent out with the same ECN field regardless of

+ the TCP state machine. Otherwise the ECN field could reveal internal

+ TCP state. For instance, the ECN field on a RST ought not to reveal

+ any distinction between a non-listening port, a recently in-use

+ port, and a closed session port.

And I've added this to the end of Security Considerations:

+ Section 3.2.6 on sending TCP RSTs points out

+ that implementers need to take care to ensure that the ECN field on a

+ RST does not depend on TCP's state machine. Otherwise the internal

+ information revealed could be of use to potential attackers. This point

+ applies more generally to all control packets, not just RSTs.

Do you think that's correct / sufficient?

Cheers

Bob

On 08/02/2021 21:03, Scheffenegger, Richard wrote:
> Hi Bob, Marcelo,
>
> While working on the ecn++ code for fbsd patch, I found that the
> codepath for dealing with out-of-window, past-established and
> non-listening ports is actually quite different there.
>
> Casually glancing over the draft for ecn++, I didn’t find a reference
> specifically about the handling of RST (non-listening port, vs. closing
> session etc).
>
> This may need a hint in the security section, that an implementation
> should ensure, that control packets are always sent out with similar
> headers, regardless of the TCP state machine. Otherwise, you could
> potentially leak information (eg. Recently in-use ports) which may be a
> clue to malicious players…
>
>
> Richard Scheffenegger
>
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm

-- 
________________________________________________________________
Bob Briscoe                               http://bobbriscoe.net/