Join GitHub today
GitHub is where the world builds software
Add handling of fragmented TLS records to the TLS library #194
Implement handling of messages fragmented across multiple TLSPlaintext records. As described in RFC 2246 (Section 6.2.1), client message boundaries are not preserved across TLSPlaintext records, which have a size limit of 16KB. As a result, handshake messages can straddle multiple TLSPlaintext records, for example, when a server sends a Certificate message with a long certificate chain. Currently, the TLS library's behavior in this case is to ignore the incomplete message fragment in the first TLSPlaintext record, and causes a crash when trying to parse the incomplete message fragment at the beginning of the second TLSPlaintext record.
This patch implements support for message fragmentation by adding a 'fragment' parameter to the record_read() function in the TLS library. This parameter is used to pass a fragment from a previously read TLSPlaintext record and prepend it to the next TLSPlaintext record to be read.
When a TLSPlaintext record that ends with an incomplete message fragment is read by record_read(), the fragment will be returned in the 'fragment' member of the record table, and can be passed to the next invocation of the record_read() function. This usage is illustrated in the get_record_iter() function of the modified ssl-enum-ciphers script included in this patch.
Scripts that have not been modified to take advantage of this fragmentation support (i.e. they ignore the 'fragment' parameter when invoking the record_read() function in tls.lua) will continue to function exactly the same as before.