Add handling of fragmented TLS records to the TLS library #194

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
1 participant

jgajek commented Jul 30, 2015

Implement handling of messages fragmented across multiple TLSPlaintext records. As described in RFC 2246 (Section 6.2.1), client message boundaries are not preserved across TLSPlaintext records, which have a size limit of 16KB. As a result, handshake messages can straddle multiple TLSPlaintext records, for example, when a server sends a Certificate message with a long certificate chain. Currently, the TLS library's behavior in this case is to ignore the incomplete message fragment in the first TLSPlaintext record, and causes a crash when trying to parse the incomplete message fragment at the beginning of the second TLSPlaintext record.

This patch implements support for message fragmentation by adding a 'fragment' parameter to the record_read() function in the TLS library. This parameter is used to pass a fragment from a previously read TLSPlaintext record and prepend it to the next TLSPlaintext record to be read.

When a TLSPlaintext record that ends with an incomplete message fragment is read by record_read(), the fragment will be returned in the 'fragment' member of the record table, and can be passed to the next invocation of the record_read() function. This usage is illustrated in the get_record_iter() function of the modified ssl-enum-ciphers script included in this patch.

Scripts that have not been modified to take advantage of this fragmentation support (i.e. they ignore the 'fragment' parameter when invoking the record_read() function in tls.lua) will continue to function exactly the same as before.

nmap-bot closed this in bbee119 Oct 29, 2015

@qha qha added a commit to qha/nmap that referenced this pull request Dec 16, 2015

@bonsaiviking @qha bonsaiviking + qha Support fragmented TLS records. Closes #194 d87295b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment