Fragment Length, Fragment Offset Non-conformance bug #73
Comments
|
Your code base is not the current develop branch as you indicate (fragment_offset is not used). If #64 is merged into the develop branch, then the non-conformance you mention will get caught. Even with #62 I am not sure where the non conformance is (24 bit masking) that allows the bad packet to get through.. The packet capture is telling me Fatal Alert: Handshake Failure has happened (sent back by the Server), but am unable to decrypt the encrypted handshakes. |
|
The problem is solved now. Thank you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Non-conformance Bug
Version: development branch
Expected behavior
The DTLS RFC specifies the following requirement regarding the
fragment offsetandfragment lengthwhen fragmentation is not present:Actual behavior
One can complete a handshake with the following values for the
fragment_offsetandfragment_length:CKE.message_length = 17
CKE.fragment_length = 16777198
CKE.fragment_offset = 255
The problem also exists when the server sends records with non-compliant
Fragment_offsetandfragment_length.I have attached the handshake trace for the mentioned non-conformance. You clearly see that the handshake proceeds while the
Fragment_offsetandfragment_lengthare invalid.capture.zip
The text was updated successfully, but these errors were encountered: