Corrupt application data in the beginning instead of the end in UDP proxy
The UDP proxy corrupts application data at the end of the datagram. If there are multiple DTLS records within the same datagram, this leads to the wrong message being corrupted. This commit always corrupts the beginning of the message to prevent this. Overall, the UDP proxy needs reworking if it is supposed to reliably support multiple records within a single datagram, because it determines its actions from the type of the first record in the current datagram only.
This commit is contained in:
parent
1dd62ea811
commit
fbb0b701e4
1 changed files with 10 additions and 2 deletions
|
@ -418,9 +418,17 @@ int send_packet( const packet *p, const char *why )
|
||||||
{
|
{
|
||||||
unsigned char buf[MAX_MSG_SIZE];
|
unsigned char buf[MAX_MSG_SIZE];
|
||||||
memcpy( buf, p->buf, p->len );
|
memcpy( buf, p->buf, p->len );
|
||||||
++buf[p->len - 1];
|
|
||||||
|
|
||||||
print_packet( p, "corrupted" );
|
if( p->len <= 13 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " ! can't corrupt empty AD record" );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
++buf[13];
|
||||||
|
print_packet( p, "corrupted" );
|
||||||
|
}
|
||||||
|
|
||||||
if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
|
if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " ! dispatch returned %d\n", ret );
|
mbedtls_printf( " ! dispatch returned %d\n", ret );
|
||||||
|
|
Loading…
Reference in a new issue