search

obgm / libcoap

A CoAP (RFC 7252) implementation in C
Other
786 stars 422 forks source link

[Non-conformance] Handling CoAP Invalid Versions #1376

Closed bathooman closed 3 months ago

bathooman commented 3 months ago

Environment

libcoap Configuration Summary

libcoap configuration summary:
      libcoap package version  : "4.3.1"
      libcoap library version  : "3.0.0"
      libcoap API version      : "3"
      libcoap DTLS lib extn    : "-notls"
      host system              : "x86_64-pc-linux-gnu"
      build with server support: "yes"
      build with client support: "yes"
      build with TCP support   : "yes"
      build DTLS support       : "no"
      add default names        : "yes"
      build using epoll        : "yes"
      enable small stack size  : "no"
      enable separate responses: "yes"
      build doxygen pages      : "yes"
          --> Doxygen around   : "yes" (/usr/bin/doxygen 1.9.1)
             -->  dot around   : "yes" (/usr/bin/dot 2.43.0)
      build man pages          : "no"
      build unit test binary   : "no"
      build examples           : "yes"
      install examples source  : "yes"
      build with gcov support  : "no"
      build shared library     : "no"
      build static library     : "yes"

Problem Description

Upon receiving a CoAP message with an invalid version, the server responds with a RST message.

Expected Behavior

According to RFC7252:

'''Implementations of this specification MUST set this field to 1 (01 binary). Other values are reserved for future versions. Messages with unknown version numbers MUST be silently ignored. '''

Actual Behavior

Instead of silently ignoring the CoAP message with an invalid version, the peer responds with a RST message.

Steps to reproduce

A CoAp message with the version 3 can be used to reproduce the non-conformance. You can find the wireshark interaction in the following. invalid-version-handling.zip

Debug Logs

/libcoap/build/bin$ ./coap-server -v 8

May 08 17:34:31.800 DEBG created UDP  endpoint [::]:5683
May 08 17:34:31.800 DEBG created TCP  endpoint [::]:5683
May 08 17:34:34.241 DEBG ***[::ffff:127.0.0.1]:5683 <-> [::ffff:127.0.0.1]:4040 (if1) UDP : session 0x612b50: new incoming session
May 08 17:34:34.241 DEBG ***EVENT: 0x4001
May 08 17:34:34.241 DEBG *  [::ffff:127.0.0.1]:5683 <-> [::ffff:127.0.0.1]:4040 (if1) UDP : received 32 bytes
May 08 17:34:34.241 DEBG coap_pdu_parse: UDP version not supported
May 08 17:34:34.241 WARN discard malformed PDU
May 08 17:34:34.241 DEBG *  [::ffff:127.0.0.1]:5683 <-> [::ffff:127.0.0.1]:4040 (if1) UDP : sent 4 bytes
v:1 t:RST c:0.00 i:0000 {} [ ]
mrdeep1 commented 3 months ago

@bathooman It is good that you are testing all these things - thanks.

Please see #1377 for a fix. Please test and confirm that the fix does as expected.

bathooman commented 3 months ago

1377 fixes the issue. Thanks for the quick fix.