Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Add handling of fragmented TLS records to the TLS library #194
Implement handling of messages fragmented across multiple TLSPlaintext records. As described in RFC 2246 (Section 6.2.1), client message boundaries are not preserved across TLSPlaintext records, which have a size limit of 16KB. As a result, handshake messages can straddle multiple TLSPlaintext records, for example, when a server sends a Certificate message with a long certificate chain. Currently, the TLS library's behavior in this case is to ignore the incomplete message fragment in the first TLSPlaintext record, and causes a crash when trying to parse the incomplete message fragment at the beginning of the second TLSPlaintext record.
This patch implements support for message fragmentation by adding a 'fragment' parameter to the record_read() function in the TLS library. This parameter is used to pass a fragment from a previously read TLSPlaintext record and prepend it to the next TLSPlaintext record to be read.
When a TLSPlaintext record that ends with an incomplete message fragment is read by record_read(), the fragment will be returned in the 'fragment' member of the record table, and can be passed to the next invocation of the record_read() function. This usage is illustrated in the get_record_iter() function of the modified ssl-enum-ciphers script included in this patch.
Scripts that have not been modified to take advantage of this fragmentation support (i.e. they ignore the 'fragment' parameter when invoking the record_read() function in tls.lua) will continue to function exactly the same as before.