Use TLS over UDP connection

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Use TLS over UDP connection

saurav barik
Hello,

I am trying to implement TLS security (in the client side) over a UDP
connection. I have a parallel TCP connection(to the same server) over
which TLS is already done and it works fine. In the same session of my
application I am creating a UDP connection to the same server (UDP
socket) and am trying to do a TLS handshake. When I call SSL_connect()
over UDP connection, it fails with "SSL_ERROR_SYSCALL" error. When I
checked the error with ERR_get_error() I get a value of 0. Can I use
TLS over a UDP connection(I understand DTLS can be used but my project
needs TLS)?

Please share some pointers. Thanks for your time.

Regards,
Saurav
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Use TLS over UDP connection

Jan Just Keijser-2
Hi,

saurav barik wrote:

> Hello,
>
> I am trying to implement TLS security (in the client side) over a UDP
> connection. I have a parallel TCP connection(to the same server) over
> which TLS is already done and it works fine. In the same session of my
> application I am creating a UDP connection to the same server (UDP
> socket) and am trying to do a TLS handshake. When I call SSL_connect()
> over UDP connection, it fails with "SSL_ERROR_SYSCALL" error. When I
> checked the error with ERR_get_error() I get a value of 0. Can I use
> TLS over a UDP connection(I understand DTLS can be used but my project
> needs TLS)?
>
> Please share some pointers. Thanks for your time.
>  
read the openvpn source code
  http://swupdate.openvpn.org/community/releases/openvpn-2.3.0.tar.gz
the control channel is implemented using TLS over UDP (with a few extra's).

HTH,

JJK

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Use TLS over UDP connection

Michael Tuexen-4
In reply to this post by saurav barik
On Feb 22, 2013, at 6:24 AM, saurav barik wrote:

> Hello,
>
> I am trying to implement TLS security (in the client side) over a UDP
> connection. I have a parallel TCP connection(to the same server) over
> which TLS is already done and it works fine. In the same session of my
> application I am creating a UDP connection to the same server (UDP
> socket) and am trying to do a TLS handshake. When I call SSL_connect()
> over UDP connection, it fails with "SSL_ERROR_SYSCALL" error. When I
> checked the error with ERR_get_error() I get a value of 0. Can I use
> TLS over a UDP connection(I understand DTLS can be used but my project
> needs TLS)?
>
> Please share some pointers. Thanks for your time.
TLS doesn't work over UDP, use DTLS instead.

Best regards
Michael
>
> Regards,
> Saurav
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [hidden email]
> Automated List Manager                           [hidden email]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Use TLS over UDP connection

Dave Thompson-5
In reply to this post by saurav barik
> From: [hidden email] On Behalf Of saurav barik
> Sent: Friday, 22 February, 2013 00:41

I think this fits better on -users and put that first, but if you
ask both lists please indicate in the message (as I did) because
people don't necessarily read both and see the duplication.

> I am trying to implement TLS security (in the client side) over a UDP
> connection. I have a parallel TCP connection(to the same server) over
> which TLS is already done and it works fine. In the same session of my
> application I am creating a UDP connection to the same server (UDP
> socket) and am trying to do a TLS handshake. When I call SSL_connect()
> over UDP connection, it fails with "SSL_ERROR_SYSCALL" error. When I
> checked the error with ERR_get_error() I get a value of 0. Can I use

If SSL_connect/etc returns -1 and SSL_get_error returns _SYSCALL, then
the error information is in the OS (errno on Unix or WSAGetLastError()
on Windows) instead of, or sometimes (rarely?) in addition to,
ERR_get_error and friends. See man -3ssl SSL_get_error.

> TLS over a UDP connection(I understand DTLS can be used but my project
> needs TLS)?
>
There is no such thing as a UDP connection; UDP is connectionless.

I haven't examined socket-BIO's support for UDP (DGRAM) to see if
non-DTLS protocols could successfully call it. Even if it does,
or you substitute a BIO that does, TLS can't work for long over
UDP semantics, which can lose reorder and duplicate packets.

TLS depends on TCP's reliable in-order transport. DTLS basically
re-implements enough of TCP to make TLS functionality work. If
you don't do either of those, and you develop on two machines on
a single quiet LAN segment as common in development environments
it may appear to work at least sometimes; if you then deploy to
users on the real internet or even just a large organization
intranet, the chances of it working plummet.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Use TLS over UDP connection

David Woodhouse-7
On Sun, 2013-02-24 at 22:26 -0500, Dave Thompson wrote:
> TLS depends on TCP's reliable in-order transport. DTLS basically
> re-implements enough of TCP to make TLS functionality work.

That isn't entirely true. Or at least it's misleadingly phrased.

DTLS copes with packet loss and packet re-ordering. If your data are
transported over DTLS you'd best make sure your application is expecting
to cope with packet loss and re-ordering too.

DTLS does its own retries of the handshake messages, and I suppose
strictly speaking that *is* "enough of TCP to make DTLS functionality
work". But you should be careful not to give the impression that DTLS
will magically give you an in-order, guaranteed-delivery data stream.
It won't; it's still a datagram protocol at heart.

--
David Woodhouse                            Open Source Technology Centre
[hidden email]                              Intel Corporation

smime.p7s (8K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Use TLS over UDP connection

Dave Thompson-5
> From: [hidden email] On Behalf Of David Woodhouse
> Sent: Monday, 25 February, 2013 05:54

> On Sun, 2013-02-24 at 22:26 -0500, Dave Thompson wrote:
> > TLS depends on TCP's reliable in-order transport. DTLS basically
> > re-implements enough of TCP to make TLS functionality work.
>
> That isn't entirely true. Or at least it's misleadingly phrased.
>
> DTLS copes with packet loss and packet re-ordering. If your data are
> transported over DTLS you'd best make sure your application
> is expecting to cope with packet loss and re-ordering too.
>
> DTLS does its own retries of the handshake messages, and I suppose
> strictly speaking that *is* "enough of TCP to make DTLS functionality
> work". But you should be careful not to give the impression that DTLS
> will magically give you an in-order, guaranteed-delivery data stream.
> It won't; it's still a datagram protocol at heart.
>
You're right; I was thinking mostly of handshake, and also compressed
too much. What I meant is (more like): DTLS/UDP uses techniques of
sequence-numbering, sequence-checking, and retries similar to TCP
-- and X.25 and SNA and other reliable-ish protocols -- to work
nearly as well as TLS/TCP, for some value of nearly. While TLS/UDP
wouldn't have any such capabilities, and work much worse.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]