IETF Logo Mail Archive

Re: [TLS] Sending fatal alerts over TCP

Martin Rex <mrex@sap.com> Wed, 21 December 2011 03:52 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CAC211E8073 for <tls@ietfa.amsl.com>; Tue, 20 Dec 2011 19:52:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.177
X-Spam-Level:
X-Spam-Status: No, score=-10.177 tagged_above=-999 required=5 tests=[AWL=0.028, BAYES_00=-2.599, DATE_IN_PAST_03_06=0.044, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rFuSCkvqF1-k for <tls@ietfa.amsl.com>; Tue, 20 Dec 2011 19:52:46 -0800 (PST)
Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [155.56.68.140]) by ietfa.amsl.com (Postfix) with ESMTP id 8A79821F846C for <tls@ietf.org>; Tue, 20 Dec 2011 19:52:46 -0800 (PST)
Received: from mail.sap.corp by smtpde02.sap-ag.de (26) with ESMTP id pBL3qcAH020729 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 21 Dec 2011 04:52:43 +0100 (MET)
From: Martin Rex <mrex@sap.com>
Message-Id: <201112210352.pBL3qcvd022885@fs4113.wdf.sap.corp>
Orig-To: mrex@sap.com
To: fweimer@bfk.de, tls@ietf.org
Date: Tue, 20 Dec 2011 22:53:18 +0100
In-Reply-To: <201112202125.pBKLPh03000374@fs4113.wdf.sap.corp> from "Martin Rex" at Dec 20, 11 10:25:43 pm
Sender: mrex@sap.com
X-SAP: out
Cc: tls@ietf.org
Subject: Re: [TLS] Sending fatal alerts over TCP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2011 03:52:47 -0000

(clarified & re-sent)

Martin Rex wrote:
> 
> Florian Weimer wrote:
> > 
> > TCP has the property that connection shutdowns can overtake application
> > data if connections are used in full-duplex mode.

No, it can not (for implementations conforming to rfc1122).

>From rfc1122, Section 4.2.2.13 "Closing a connection":

     http://tools.ietf.org/html/rfc1122#page-88

     A host MAY implement a "half-duplex" TCP close sequence, so
     that an application that has called CLOSE cannot continue to
     read data from the connection.  If such a host issues a
     CLOSE call while received data is still pending in TCP, or
     if new data is received after CLOSE is called, its TCP
     SHOULD send a RST to show that data was lost.

"Application calling CLOSE" refers to calling shutdown()
(rather than close(), which would destroy the socket handle)
in terms of BSD sockets.

That paragraph from rfc1122 means that a TCP implementation could
decide to treat shutdown(socket,SHUT_WR) and shutdown(socket,SHUT_RD)
always and exactly the same as shutdown(socket,SHUT_RDWR),
i.e. not support a unidirectional/partial closure.


> 
> > Here's an example:
> > 
> > (1)  X sends a fatal TLS alert to Y
> > (2)  X shuts down the connection
> > (3)  Y sends data to X
> > (4)  X receives from Y, sends RST to signal data loss to Y
> > (5)  Y receives RST
> > 
> > (6) At this point, when Y tries to send further data,
> > it will receive EPIPE from the sockets API.

Correct.


>
> > When it tries to read data, it will receive ECONNRESET.

That can not happen _unless_ some buggy code in the application on Y
called shutdown(socket,SHUT_WR) when being faced with EPIPE on send().

>
> > Note that this behavior is not related
> > to the SO_LINGER socket option.

I believe this is incorrect.  If X is using SO_LINGER, then
(2) will cause X to send a TCP FIN to Y, which the TCP
implementation on X ought to translate into a regular
End-Of-File on recv(), rather than ECONNRESET.


>
> > According to the socket API sepcification, there is no way
> > to access the initial TLS alert.

As long as Y does not call shutdown() on the socket, it will
receive all data that arrived on the socket prior to seeing
End-of-file (X with SO_LINGER) or ECONNRESET (X without SO_LINGER)
on recv().


If you have some app on Y _not_ seeing the fatal TLS alert
(but you saw it coming in on the network with a tool like Wireshark,
then there is probably incorrect app code that erroneously called
shutdown(socket,SHUT_WR) while using a TCP implementation that
does not support a full-duplex close, or an incorrect app that
called shutdown(socket,SHUT_RDWR), maybe as an inappropriate
knee-jerk reaction of being faced with EPIPE on send(),
prior to trying to recv() the alert.


-Martin

v2.23.0 | Report a Bug | By Email