Tested Build
v2025.02.10.00
Observation
We observed that the server implementation cannot handle two Initial packets within a single datagram.
We send a TLS ClientHello split into two CRYPTO frames, each placed into its own Initial packet, and coalesce both packets into one datagram. Upon receiving the datagram, the server does not send any response.
This issue appears to be specific to Initial packets: for Handshake packets, we could not observe the same behavior.
This is not a security issue, but it deviates from RFC 9000, which allows coalescing multiple Initial packets into a single datagram:
https://datatracker.ietf.org/doc/html/rfc9000#section-12.2
Is there any reason why the implementation handles coalesced Initial packets this way?
Tested Build
v2025.02.10.00
Observation
We observed that the server implementation cannot handle two Initial packets within a single datagram.
We send a TLS ClientHello split into two CRYPTO frames, each placed into its own Initial packet, and coalesce both packets into one datagram. Upon receiving the datagram, the server does not send any response.
This issue appears to be specific to Initial packets: for Handshake packets, we could not observe the same behavior.
This is not a security issue, but it deviates from RFC 9000, which allows coalescing multiple Initial packets into a single datagram:
https://datatracker.ietf.org/doc/html/rfc9000#section-12.2
Is there any reason why the implementation handles coalesced Initial packets this way?