From 00f93ff0a43c0ee24465243b5c574d89d0d81e6f Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 31 Jan 2022 20:13:03 +0100
Subject:  ssl: Add more unexpected alerts

Malicious clients might try to DOS attack by keeping connections alive
by sending warning alerts or application data packages instead of
client hello messages. Although the server timeout will mitigate this
we can catch this early and send an unexpected message alert.

Also make some document clarifications.
---
 lib/ssl/doc/src/ssl.xml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'lib/ssl/doc/src/ssl.xml')

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 846e42f0ee..66c44fec1b 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -1737,6 +1737,11 @@ fun(srp, Username :: binary(), UserState :: term()) ->
 	the process owning the sslsocket will receive messages of type 
 	<seetype marker="#active_msgs"> active_msgs() </seetype>
 	</p>	
+
+	<warning><p>Not setting the timeout makes the server more vulnerable to
+	DoS attacks.
+	</p></warning>
+	
       </desc>
     </func>
 
@@ -1749,9 +1754,11 @@ fun(srp, Username :: binary(), UserState :: term()) ->
 	or equivalent, socket to an SSL socket, that is, performs
         the TLS server-side handshake and returns a TLS socket.</p>
 
-	<warning><p>The <c>Socket</c> shall be in passive mode ({active,
-	false}) before calling this function or else the behavior of this function
-	is undefined.
+	<warning><p>The ordinary <c>Socket</c> shall be in passive mode ({active,
+	false}) before calling this function, and before the client tries
+	to connect with TLS, or else the behavior of this function
+	is undefined. The best way to ensure this is to create the ordinary listen socket
+	in passive mode.
 	</p></warning>
 
 	<p>If <c>Socket</c> is an 
@@ -1760,6 +1767,10 @@ fun(srp, Username :: binary(), UserState :: term()) ->
 	<seemfa marker="#listen/2">listen/2</seemfa> and then performs
 	the TLS/DTLS handshake. Returns a new TLS/DTLS socket if the handshake is successful.</p>
 
+	<warning><p>Not setting the timeout makes the server more vulnerable to
+	DoS attacks.
+	</p></warning>
+	
 	<p>
 	  If option <c>{handshake, hello}</c> is specified the handshake is
 	  paused after receiving the client hello message and the
-- 
cgit v1.2.1