TLS: last data bytes not delivered when read in several small buffers

Thu, 26 Mar 2009 08:00:02 -0700 

Hello,
I've an application (OFTP protocol) which runs over TLS. Actually OFTP is one application and TLS is managed by a gateway application running in a DMZ. 
The gateway application is linked against OpenSSL libraries version 0.9.8g

What occurs:
OFTP negotiate a "credit" at start session time. It's composed of a packet size and a number of packets. Say 4096 x 30 in the following explanation. Each OFTP packet is preceded by 4 bytes header. So the whole data is 4100 bytes. These packets are sent by the remote partner to my TLS gateway. When a file is sent, the sender is allowed to send the "credit" (i.e. 30 times 4100 bytes) bytes, and it waits for a new credit from the receiver (simply the upper case letter "C"). Then the sender is allowed to send again 30 x 4100 bytes. So, in my example, TLS carries encrypted payloads whose length is 4128 bytes (4100 + TLS header). These payloads are fragmented and reassembled by TCPIP (usually 3 to 4 TCP packets). My gateway receives the 30 reassembled payloads (verified with Wireshark). In the gateway, the application reads the data by buffers of 1500 bytes. So for one TLS payload : 1500 + 1500 + 1100. Everything runs smoothly up to the last payload of the OFTP credit : the application read the first 1500 bytes, then "select(...)" no more indicates that something has to be read on the fd. So the OFTP application behind the gateway doesn't send the new "credit authorisation" because it didn't receive the complete previous credit. And the sender waits until its inactivity timer (more or less 2 minutes) triggers. Then the sender closes the connection (with a raw RST, which is not very clever !). At this time, select(...) indicates that something is ready to be read and the gateway application gets the second 1500 bytes buffer and the final 1100 one. And OFTP sends its credit, but its too late !
I can walk around the issue by reading SSL with a 16384 bytes buffer. But I lose the "broken flow" feature, which is interesting from a security point of view. 

Does somebody have any clue ?

--
Francis GASCHET / NUMLOG
http://www.numlog.fr
Tel.: +33 (0) 130 791 616
Fax.: +33 (0) 130 819 286


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to