token handling is not compliant with RFC 7252

Tanganelli / CoAPthon

CoAPthon is a python library to the CoAP protocol aligned with the RFC

MIT License

221 stars 130 forks source link

token handling is not compliant with RFC 7252 #146

Open reichemn opened 5 years ago

reichemn commented 5 years ago

From RFC 7252, section 5.3.1:

An endpoint receiving a token it did not generate MUST treat the token as opaque and make no assumptions about its content or structure.

But CoAPthon assumes that a received token is an utf-8 encoded string. This behavior causes the server to crash if the received token does not contain a valid utf-8 byte sequence.