IETF Logo Mail Archive

Re: [TLS] Sending fatal alerts over TCP

Florian Weimer <fweimer@bfk.de> Wed, 21 December 2011 12:32 UTC

Return-Path: <fweimer@bfk.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70B6B21F84FB for <tls@ietfa.amsl.com>; Wed, 21 Dec 2011 04:32:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.369
X-Spam-Level:
X-Spam-Status: No, score=-1.369 tagged_above=-999 required=5 tests=[AWL=0.880, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30cpJ451tjE2 for <tls@ietfa.amsl.com>; Wed, 21 Dec 2011 04:32:22 -0800 (PST)
Received: from mx01.bfk.de (mx01.bfk.de [193.227.124.2]) by ietfa.amsl.com (Postfix) with ESMTP id 95E5A21F84E5 for <tls@ietf.org>; Wed, 21 Dec 2011 04:32:22 -0800 (PST)
Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1RdLLG-0000SU-Jf; Wed, 21 Dec 2011 12:32:18 +0000
Received: by bfk.de with local id 1RdLLG-0008Sd-FU; Wed, 21 Dec 2011 12:32:18 +0000
From: Florian Weimer <fweimer@bfk.de>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <E1RdBvn-0004or-PG@login01.fos.auckland.ac.nz>
Date: Wed, 21 Dec 2011 12:32:18 +0000
In-Reply-To: <E1RdBvn-0004or-PG@login01.fos.auckland.ac.nz> (Peter Gutmann's message of "Wed, 21 Dec 2011 15:29:23 +1300")
Message-ID: <82hb0ugl65.fsf@mid.bfk.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: tls@ietf.org
Subject: Re: [TLS] Sending fatal alerts over TCP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2011 12:32:23 -0000

* Peter Gutmann:

> Florian Weimer <fweimer@bfk.de> writes:
>
>>What is the best way to deal with this? 
>
> If it's the other side that does it then there's not much you can do, if
> you're doing it then you need to wander into a twisty little maze of
> shutdown()/close() passages, all different, buggy, and incompatible:

Yeah, that's about as much fine print as I feared.  Thanks.

Fortunately, I'm only trying to resolve an interoperability problem
between GNUTLS and the OpenJDK implementation.  There seems to be some
confusion about the error reporting for connection failures, and I'm
trying to provide better messages to consumers.  It turns out that both
GNUTLS and OpenJDK properly report the certificate_unknown alert during
handshake failure when talking to themselves implementation.  The
difference between GNUTLS and OpenJDK when talking to an OpenJDK server
is this: the GNUTLS client sends the Certificate and Client Key Exchange
messages in separate TLS records and (in the way we use it) TCP
segments, while the OpenJDK client uses a single TLS record in a single
TCP segment.  As a result, the race leading to reception of an early RST
is rarely lost by the OpenJDK client (if ever).

I changed the GNUTLS client to create just one TCP segment per server
round-trip, and I can now read the TLS alert before the RST segment
arrives.  So the fix was quite trivial after all.

-- 
Florian Weimer                <fweimer@bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

v2.23.0 | Report a Bug | By Email