[PATCH] Fix DTLS problems with reordered incoming packets - Openssl

This is a discussion on [PATCH] Fix DTLS problems with reordered incoming packets - Openssl ; This patch to the 0.9.8 branch fixes two bugs with misordered incoming packets in DTLS, which are reported as RT #1752. Firstly, the bitmap we use for replay protection was ending up with zero length, so a _single_ pair of ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [PATCH] Fix DTLS problems with reordered incoming packets

  1. [PATCH] Fix DTLS problems with reordered incoming packets

    This patch to the 0.9.8 branch fixes two bugs with misordered incoming
    packets in DTLS, which are reported as RT #1752.

    Firstly, the bitmap we use for replay protection was ending up with zero
    length, so a _single_ pair of packets getting switched around would
    cause one of them to be 'dropped'.

    Secondly, it wasn't even _dropping_ the offending packets, in the
    non-blocking case. It was just returning garbage instead.

    --- ssl/d1_lib.c~ 2008-10-02 06:43:47.000000000 +0100
    +++ ssl/d1_lib.c 2008-10-05 21:31:38.000000000 +0100
    @@ -106,6 +106,7 @@ int dtls1_new(SSL *s)
    pq_64bit_init(&(d1->bitmap.map));
    pq_64bit_init(&(d1->bitmap.max_seq_num));

    + d1->next_bitmap.length = d1->bitmap.length;
    pq_64bit_init(&(d1->next_bitmap.map));
    pq_64bit_init(&(d1->next_bitmap.max_seq_num));

    --- ssl/d1_pkt.c~ 2008-10-02 06:43:47.000000000 +0100
    +++ ssl/d1_pkt.c 2008-10-05 21:44:54.000000000 +0100
    @@ -597,6 +597,7 @@ again:
    /* check whether this is a repeat, or aged record */
    if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
    {
    + rr->length = 0;
    s->packet_length=0; /* dump this record */
    goto again; /* get another record */
    }

    --
    dwmw2

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    Development Mailing List openssl-dev@openssl.org
    Automated List Manager majordomo@openssl.org


  2. [openssl.org #1752] DTLS drops incoming packets when they are reordered.

    > [openssl-dev@openssl.org - Tue Oct 07 10:57:04 2008]:
    >
    > This patch to the 0.9.8 branch fixes two bugs with misordered incoming
    > packets in DTLS, which are reported as RT #1752.


    Could you comment on the 0.9.9-dev branch as well?
    The patch to d1_pkt.c applies fine. The "length" object is gone from the
    code so it should not be needed any longer.

    Best regards,
    Lutz

    >
    > Firstly, the bitmap we use for replay protection was ending up with zero
    > length, so a _single_ pair of packets getting switched around would
    > cause one of them to be 'dropped'.
    >
    > Secondly, it wasn't even _dropping_ the offending packets, in the
    > non-blocking case. It was just returning garbage instead.
    >
    > --- ssl/d1_lib.c~ 2008-10-02 06:43:47.000000000 +0100
    > +++ ssl/d1_lib.c 2008-10-05 21:31:38.000000000 +0100
    > @@ -106,6 +106,7 @@ int dtls1_new(SSL *s)
    > pq_64bit_init(&(d1->bitmap.map));
    > pq_64bit_init(&(d1->bitmap.max_seq_num));
    >
    > + d1->next_bitmap.length = d1->bitmap.length;
    > pq_64bit_init(&(d1->next_bitmap.map));
    > pq_64bit_init(&(d1->next_bitmap.max_seq_num));
    >
    > --- ssl/d1_pkt.c~ 2008-10-02 06:43:47.000000000 +0100
    > +++ ssl/d1_pkt.c 2008-10-05 21:44:54.000000000 +0100
    > @@ -597,6 +597,7 @@ again:
    > /* check whether this is a repeat, or aged record */
    > if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
    > {
    > + rr->length = 0;
    > s->packet_length=0; /* dump this record */
    > goto again; /* get another record */
    > }
    >
    >
    >


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    Development Mailing List openssl-dev@openssl.org
    Automated List Manager majordomo@openssl.org


  3. Re: [openssl.org #1752] DTLS drops incoming packets when they arereordered.

    On Fri, 2008-10-10 at 12:51 +0200, Lutz Jaenicke via RT wrote:
    > Could you comment on the 0.9.9-dev branch as well?
    > The patch to d1_pkt.c applies fine. The "length" object is gone from the
    > code so it should not be needed any longer.


    Yeah, it looks right. I haven't yet got it working with my test case,
    because I need to use DTLS1_BAD_VER and there are other parts missing
    from HEAD for that, on top of my patch in #1751 -- but I agree with your
    assessment that it shouldn't be needed any longer.

    --
    dwmw2

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    Development Mailing List openssl-dev@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread