-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version Downgrade during the Handshake #209
Labels
available on develop
Mark PRs (pre-)available only on develop
bug
Something isn't working
please retest
Please retest the related PR or commit, if that works for you
Comments
Thanks for reporting. |
boaks
added a commit
to boaks/tinydtls
that referenced
this issue
Sep 29, 2023
Fixes issue eclipse#209. Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
If possible, please test, if PR #210 works for you. |
boaks
added
bug
Something isn't working
please retest
Please retest the related PR or commit, if that works for you
labels
Sep 29, 2023
boaks
added a commit
to boaks/tinydtls
that referenced
this issue
Dec 22, 2023
Fixes issue eclipse#209. Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
boaks
added a commit
that referenced
this issue
May 12, 2024
Fixes issue #209. Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
The fix is merged. |
Thanks for the fix. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
available on develop
Mark PRs (pre-)available only on develop
bug
Something isn't working
please retest
Please retest the related PR or commit, if that works for you
During our tests, we noticed that the handshake could continue if the server chooses to use a lower version of the protocol compared to the version used in earlier records through the handshake. I will try to clarify this through an example:
During the handshake, when the server sends the
ServerHello
message, it usesDTLS 1.2
as the record version. Now if in the following record containing theServerHelloDone
message, the server chooses to useDTLS 1.0
as the record version, the handshake continues without interruption. Although the security implications of this are unknown (or none in the case of TinyDTLS), I believe it is still good practice to abort when a version downgrade occurs. For example, OpenSSL aborts the handshake in such a scenario. An example of such a downgrade can be found in the attached PCAP file.tinydtls-0.zip
The text was updated successfully, but these errors were encountered: