lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 4 Nov 2019 14:24:12 +0100
From:   Levente <leventelist@...il.com>
To:     netdev@...r.kernel.org
Subject: No unrecognized Next Header type encountered message sent

Dear all,


I am trying to validate the Linux kernel's IPv6 stack against the
specification. So far we encountered the following issue:

The tester sends a packet with unassigned next header (143):


Frame 365: 71 bytes on wire (568 bits), 71 bytes captured (568 bits)
on interface 0
Ethernet II, Src: HewlettP_6c:9d:88 (00:23:7d:6c:9d:88), Dst:
RohdeSch_1d:9c:46 (00:90:b8:1d:9c:46)
    Destination: RohdeSch_1d:9c:46 (00:90:b8:1d:9c:46)
    Source: HewlettP_6c:9d:88 (00:23:7d:6c:9d:88)
    Type: IPv6 (0x86dd)
Internet Protocol Version 6, Src: fcb1:cafe::2, Dst: fcb1:cafe::1
    0110 .... = Version: 6
    .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00
(DSCP: CS0, ECN: Not-ECT)
    .... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
    Payload Length: 17
    Next Header: Destination Options for IPv6 (60)
    Hop Limit: 255
    Source: fcb1:cafe::2
    Destination: fcb1:cafe::1
    Destination Options for IPv6
        Next Header: Unassigned (143)
        Length: 0
        [Length: 8 bytes]
        PadN
Data (9 bytes)
    Data: 800070e80000000000
    [Length: 9]


The pass criteria is to receive the 'Parameter Problem Message'  ICMP
message with Code 1 as described in RFC2463 section 3.4 as follows:

3.4 Parameter Problem Message

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |     Code      |          Checksum             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            Pointer                            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    As much of invoking packet                 |
      +               as will fit without the ICMPv6 packet           +
      |               exceeding the minimum IPv6 MTU [IPv6]           |

   IPv6 Fields:

   Destination Address

                  Copied from the Source Address field of the invoking
                  packet.

   ICMPv6 Fields:

   Type           4

   Code           0 - erroneous header field encountered

                  1 - unrecognized Next Header type encountered


According the RFC it shall send the "unrecognized Next Header type
encountered" code.


Is there any way to turn this error message on? I'm using Linux
4.19.0-6-amd64, on an up to date Debian stable.


Thank you very much for your help.


Levente

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ