Open Bug 1829391 Opened 3 years ago Updated 3 years ago

Inconsistent Handling of DTLS Alerts

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Version:
3.89
Type:
defect

Tracking

(Not tracked)

People

(Reporter: djackson, Unassigned)

Details

Attachments

(1 file)

Bug 1829391 - Tidy up DTLS ACK Error Handling Path. r=mt
48 bytes, text/x-phabricator-request
Details

We generally try to avoid sending alerts in DTLS in line with the RFC, but we don't handle this consistently.

Depends on D176155

RFC 9147:

4.5.2.  Handling Invalid Records

   Unlike TLS, DTLS is resilient in the face of invalid records (e.g.,
   invalid formatting, length, MAC, etc.).  In general, invalid records
   SHOULD be silently discarded, thus preserving the association;
   however, an error MAY be logged for diagnostic purposes.
   Implementations which choose to generate an alert instead MUST
   generate fatal alerts to avoid attacks where the attacker repeatedly
   probes the implementation to see how it responds to various types of
   error.  Note that if DTLS is run over UDP, then any implementation
   which does this will be extremely susceptible to DoS attacks because
   UDP forgery is so easy.  Thus, generating fatal alerts is NOT
   RECOMMENDED for such transports, both to increase the reliability of
   DTLS service and to avoid the risk of spoofing attacks sending
   traffic to unrelated third parties.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: