"Malformed Packet" when enabling unsolicited messages in master/slave handshake

Christopher Verges

unread,

Aug 6, 2012, 5:48:02 PM8/6/12

to open...@googlegroups.com

I was performing a Wireshark capture of a DNP session and noticed an odd packet (attached). In the DNP handshake between a Master and a Slave, it goes through a dance where the Master first disables unsolicited messages on the Slave, then re-enables them once time sync and other activities are done. For the Master, I'm using testset. For the Slave, I'm using a custom app written on top of OpenDNP3.

The testset config specifies the "Unsol" tag to have "ClassX" attributes set to "false.:

<Unsol DoTask="true" Enabled="true" Class1="false" Class2="false" Class3="false" />

This combination seems to result in a packet being generated from the Master to the Slave requesting the spontaneous messages be enabled, yet no message types are (appropriately) specified. Wireshark parses this as a malformed packet.

Either this is a Wireshark parser problem or an interoperability bug with OpenDNP3. Anyone have an idea?

Thanks,

Chris

enable-unsol-malformed-packet.pcap

Sam Hendley

unread,

Aug 7, 2012, 6:30:20 PM8/7/12

to open...@googlegroups.com

Chris, I think this is a bug in OpenDNP3.

https://github.com/gec/dnp3/blob/master/DNP3/StartupTasks.cpp#L62

When we don't set any of the flags we send a partial packet. Its a non-sensical packet to send anyways and we should just not run that task if all three classes are disabled. (Or fail the configuration during load).

Good catch, we'll get it into the next revision.

Sam

Chris Verges

unread,

Aug 7, 2012, 6:38:55 PM8/7/12

to open...@googlegroups.com, open...@googlegroups.com

Thanks, Sam! Whatever solution is chosen definitely needs to handle the case where the slave had unsol turned on by default, but we want to disable them for the session. I could see this happening in several of the suggestions you mention, though, so we will probably be ok.

Chris

Christopher Verges

unread,

Aug 7, 2012, 6:44:27 PM8/7/12

to open...@googlegroups.com

Hi Sam,

I took a stab at an easy fix that might give the semantic behavior desired. What do you think?

https://github.com/cverges/dnp3/commit/322be8e34639e9421204c465e869b8c0aeb54ef0

Thanks,

Chris

Christopher Verges

unread,

Aug 7, 2012, 6:57:25 PM8/7/12

to open...@googlegroups.com

Actually, use this one instead:

https://github.com/cverges/dnp3/commit/462628897f02d7549065e729a90e06a35c4fbfa8

I've verified that it works using Wireshark. There were a few other corner cases that the other one didn't hit.

Chris

Reply all

Reply to author

Forward