ssl - What happens after TCP ZeroWindow is introduced? -
in client/server communication, seeing tcp zerowindow client.
what expected scenario(what flags set , send) after situation?
below possible logs getting. in case server sends rst packet terminate connection.why has happened?
client(hp ux machine), server (rhel machine)
wireshark dump on server
17:55:03.756500 tcp 62 58304 → 1556 [syn] seq=0 win=32768 len=0 mss=1460 ws=1 17:55:03.756522 tcp 62 1556 → 58304 [syn, ack] seq=0 ack=1 win=14600 len=0 mss=1460 ws=128 17:55:03.760562 tlsv1.2 571 client hello 17:55:03.760588 tcp 54 1556 → 58304 [ack] seq=1 ack=518 win=15744 len=0 17:55:03.769564 tcp 1514 1556 → 58304 [ack] seq=1 ack=518 win=15744 len=1460 [tcp segment of reassembled pdu] 17:55:03.769588 tlsv1.2 618 server hello, certificate, server key exchange, certificate request, server hello done 17:55:03.769689 tcp 60 58304 → 1556 [ack] seq=518 ack=1461 win=32768 len=0 17:55:03.828427 tcp 60 58304 → 1556 [ack] seq=518 ack=2025 win=32768 len=0 17:55:23.789662 tlsv1.2 61 alert (level: fatal, description: unexpected message) 17:55:23.789748 tcp 54 1556 → 58304 [fin, ack] seq=2032 ack=518 win=15744 len=0 17:55:23.789951 tcp 60 58304 → 1556 [ack] seq=518 ack=2033 win=32768 len=0 17:55:25.662787 tlsv1.2 192 [tcp zerowindow] , certificate, client key exchange, change cipher spec, encrypted handshake message 17:55:25.662798 tcp 54 1556 → 58304 [rst] seq=2033 win=0 len=0 client curl logs
info: alpn, offering http/1.1 info: cipher selection: all:!export:!export40:!export56:!anull:!low:!rc4:@strength info: set certificate verify locations: info: tlsv1.2 (out), tls header, certificate status (22): info: tlsv1.2 (out), tls handshake, client hello (1): info: tlsv1.2 (in), tls handshake, server hello (2): info: tlsv1.2 (in), tls handshake, certificate (11): info: tlsv1.2 (in), tls handshake, server key exchange (12): info: tlsv1.2 (in), tls handshake, request cert (13): info: tlsv1.2 (in), tls handshake, server finished (14): info: tlsv1.2 (out), tls handshake, certificate (11): info: tlsv1.2 (out), tls handshake, client key exchange (16): info: tlsv1.2 (out), tls change cipher, client hello (1): info: tlsv1.2 (out), tls handshake, finished (20): info: tlsv1.2 (in), tls alert, server hello (2): info: error:140943f2:ssl routines:ssl3_read_bytes:sslv3 alert unexpected message info: closing connection 0 the question expected flow of control when tcp zerowindow occurs , how communication restarted after zerowindow timeout?
below in description of alert packet. not sure un expected.
transmission control protocol,seq: 2025, ack: 518, len: 7 [stream index: 2439] [tcp segment len: 7] sequence number: 2025 (relative sequence number) [next sequence number: 2032 (relative sequence number)] acknowledgment number: 518 (relative ack number) 0101 .... = header length: 20 bytes (5) flags: 0x018 (psh, ack) window size value: 123 [calculated window size: 15744] [window size scaling factor: 128] checksum: 0x9e59 [unverified] [checksum status: unverified] urgent pointer: 0 [seq/ack analysis] [irtt: 0.004062000 seconds] [bytes in flight: 7] [bytes sent since last psh flag: 7] tcp payload (7 bytes) secure sockets layer tlsv1.2 record layer: alert (level: fatal, description: unexpected message) content type: alert (21) version: tls 1.2 (0x0303) length: 2 alert message level: fatal (2) description: unexpected message (10) please let me else information might helpful through.
the peer advertises different window size, possibly in response window probe. 0 window on final rst isn't relevant.
the server has sent fin/ack before final rst. don't overlook it. have sent didn't like, in case client certificate.
Comments
Post a Comment