[gnutls-devel] GnuTLS | GnuTLS sends protocol_version alert when client message contains unrecognized version (#1230)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Fri May 7 04:54:48 CEST 2021

Weiqi Wang created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1230

## Description:

The client sends a message with type alert (\x15) and invalid version number (\x83\x01) GnuTLS responds with protocol_version alert. At terminal, GnuTLS server prints ```Error in handshake: A packet with illegal or unsupported version was received```, thus I think the illegal and unsupported version are handled in the same way. However this doesn't seem to conform to RFC 5246.

As per RFC 5246, the protocol version is defined as "recognized but not supported". Since the version used by client is \x83\x01, I think it should be interpreted as "not recognized".

RFC 5246 also states that server MUST accept any value {03,XX} as record layer version. Combining the two requirements together, I think the logic should be
If the record version is {03,XX} {
	server accepts it
	If the actual version is not supported {
		send protocol_version alert
Else (the major version is not 03) {
	the server shouldn't complain. //Because the version is not recognized, which means it's not the case of protocol_version alert.

>The protocol version the client has attempted to negotiate is
>recognized but not supported.  (For example, old protocol versions
>might be avoided for security reasons.)

>Earlier versions of the TLS specification were not fully clear on
what the record layer version number (TLSPlaintext.version) should
contain when sending ClientHello (i.e., before it is known which
version of the protocol will be employed).  Thus, TLS servers
compliant with this specification MUST accept any value {03,XX} as
the record layer version number for ClientHello.

## Version of gnutls used:

GnuTLS 3.7.0 commit 7e44152fd4076afb0b64ed311fd092669e71fa1e

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)

Ubuntu 18.04

## How reproducible:

Steps to Reproduce:

```gnutls-serv --priority NORMAL:-VERS-ALL:+VERS-TLS1.2:-COMP-ALL:+COMP-NONE --x509keyfile /path/to/key.pem --x509certfile /path/to/cert.pem -p 44331 --noticket -a --http```

```echo -n -e "\x15\x83\x01\x00\x02\x02\x50" | nc 44331```

## Actual results:
GnuTLS sends protocol_version alert. The capture file is attached.

## Expected results:
Not send protocol_version alert. Besides, in this specific case, I'm not sure whether unexpected_message should be sent since the server is expecting client hello but got an alert.

## Attachments:

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1230
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210507/846460f5/attachment.html>

More information about the Gnutls-devel mailing list