[kea-dev] Ticket 3618 and processing of corrupt options and sub-options
Francis Dupont
fdupont at isc.org
Tue Jun 9 16:36:20 UTC 2015
Shawn Routhier writes:
> As part of the review of ticket 3618 I thought it might be interesting
> to see if the community had any feedback on how best to handle
> a corrupt option or sub-option in a packet.
>
> Some of the options are:
> 1) drop the packet if it has a corrupt option or sub-option
> 2) drop the packet if it has a corrupt sub-option but continue processing the
> packet if an option is corrupt
> (ignoring that option).
> 3) attempt to continue processing the packet if either the option or sub-optio
> n is corrupt.
=> when I addressed the ticket 3618 I tried to create a consistent policy
which is:
- stop parsing (so not drop) of a packet which has a corrupt option
- raise an exception (so drop) when a packet has a corrupt sub-option
This was based on:
- a comment at the parsing caller saying partial parsing is accepted
- the fact that any corrupt known option with a not matching expected
internal structure (e.g., 6 bytes for an IPv4 address array) raises
an exception
I extended the second point to sub-options have to parse.
Now the ticket is no merged, there are still some arguable points
(including this one), and IMHO the policy should be to drop any corrupt
packets, including packets which don't parse up to their end.
Regards
Francis Dupont <fdupont at isc.org>
More information about the kea-dev
mailing list