Closed
Description
Describe the bug
When Unbound is configured for DoT/DoH and some clients don't send the mandatory close_notify alert on shutdown. This causes unbound to log about this error if it was compiled against OpenSSL 3 (I think OpenSSL < 3 ignored this by default):
# journalctl -fu unbound
Feb 14 13:32:36 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
Feb 14 14:06:39 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
Feb 14 15:09:14 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
Feb 14 15:36:21 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
Feb 14 15:40:04 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
Feb 14 15:45:51 fw unbound[135]: [135:0] error: could not SSL_read crypto error:0A000126:SSL routines::unexpected eof while reading
System:
- Unbound version: 1.17.1
- OS: Ubuntu 22.04.1 x86_64
unbound -Voutput:
# unbound -V
Version 1.17.1
Configure line: --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking --with-pythonmodule --with-pyunbound --enable-systemd --with-libnghttp2 --with-chroot-dir= --disable-rpath --with-pidfile=/run/unbound.pid --with-libevent --enable-tfo-client --with-rootkey-file=/usr/share/dns/root.key --enable-tfo-server
Linked libs: libevent 2.1.12-stable (it uses epoll), OpenSSL 3.0.2 15 Mar 2022
Linked modules: dns64 python respip validator iterator
TCP Fastopen feature available
BSD licensed, see LICENSE in source package for details.
Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues
On the client side, it's a mix of systemd-resolved (249.11) using DoT and Firefox (109.0.1) using DoH.
Additional information
I don't think DNS over TLS/HTTPS is subject to truncation attacks as messages lengths are verified using the length field for DoT or the content-length for DoH.
If you can confirm the above, the recommended workaround is to use SSL_OP_IGNORE_UNEXPECTED_EOF to ignore buggy clients.
Additional information about TLS truncation attacks:
Metadata
Metadata
Assignees
Labels
No labels