Problem with ServerNameIndication in the limit length permitted

[luisespla]

Hello
In the RFC(6066), the maximum length permitted for ServerNameIdication is 2^16-1, but when I try to assign a value with this length (capture[3][TLSServerName].data="a" * 65535) and then save this capture, I get this error:
Traceback (most recent call last):
File "change_packet.py", line 475, in
main()
File "change_packet.py", line 467, in main
capture_obj.extra_repair_capture()
File "change_packet.py", line 256, in extra_repair_capture
execfile("./extra_funcionality.py",variables)
File "./extra_funcionality.py", line 335, in
change_sni(capture[3],"b" * 65535)
File "./extra_funcionality.py", line 174, in change_sni
extensions_length += len(tls_extension)
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 297, in len
return len(self.str())
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 268, in str
return self.build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 330, in build
p = self.do_build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 319, in do_build
pkt = self.self_build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 310, in self_build
p = f.addfield(self, p, val)
File "/usr/local/lib/python2.7/dist-packages/scapy/fields.py", line 70, in addfield
return s+struct.pack(self.fmt, self.i2m(pkt,val))
File "/usr/local/lib/python2.7/dist-packages/scapy/fields.py", line 613, in i2m
x = len(pkt.payload)
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 297, in len
return len(self.str())
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 268, in str
return self.build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 330, in build
p = self.do_build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 319, in do_build
pkt = self.self_build()
File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 310, in self_build
p = f.addfield(self, p, val)
File "/usr/local/lib/python2.7/dist-packages/scapy/fields.py", line 70, in addfield
return s+struct.pack(self.fmt, self.i2m(pkt,val))
struct.error: 'H' format requires 0 <= number <= 65535

[alexmgr]

Hi lespla,

Thanks for the report.
We currently don't have any logic to fragment TLS Records. For now, you'll have to perform fragmentation manually. Will be a little bit of work, but shouldn't be too bad for the scenario you're trying to cover.
This feature is on my todo list, since it's code I'd like to exercise in implementations also.

[alexmgr]

Added basic fragmentation support in the fragmentation branch, commit 6ad9dce. Will not yet solve the case your after, since your error is raised at packet build time. Will try and add that in a later commit, by building on top of this.

[alexmgr]

I added fragmentation support in PR #46. Could you check out the fragmentation branch and check out if it fits your needs?
The flow should go somewhat like this:

# Something larger than 2**16 -1
data = TLSHandshake()/("A"(2**17))
tls = TLSRecord()/data
fragments = []
try:
    tls_sock.sendall(tls)
except TLSFragmentationError:
    fragments = tls_fragment_payload(data, TLSRecord()/TLSHandshake())
# Send fragments now

Thanks!

[alexmgr]

I've done some testing on this, and consider it complete with #46. Let me know if you have any issues with it.
Closing.