From b47368a00a84649051b8778b0838dfa76148c6b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 24 Sep 2014 13:29:58 +0200
Subject: [PATCH] Add replay detection

---
 library/ssl_tls.c | 36 ++++++++++++++++++++++++++++++------
 tests/ssl-opt.sh  | 17 ++++++-----------
 2 files changed, 36 insertions(+), 17 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index d48ccf5b1..76a751534 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2104,6 +2104,10 @@ static void ssl_flight_free( ssl_flight_item *flight )
     }
 }
 
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+static void ssl_dtls_replay_reset( ssl_context *ssl );
+#endif
+
 /*
  * Swap transform_out and out_ctr with the alternative ones
  */
@@ -2830,7 +2834,7 @@ static int ssl_parse_record_header( ssl_context *ssl )
         return( POLARSSL_ERR_SSL_INVALID_RECORD );
     }
 
-    /* Check epoch with DTLS */
+    /* Check epoch (and sequence number) with DTLS */
 #if defined(POLARSSL_SSL_PROTO_DTLS)
     if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
     {
@@ -2839,13 +2843,21 @@ static int ssl_parse_record_header( ssl_context *ssl )
 
         if( exp_epoch != rec_epoch )
         {
-            SSL_DEBUG_MSG( 1, ( "discarding record from another epoch: "
+            SSL_DEBUG_MSG( 1, ( "record from another epoch: "
                                 "expected %d, received %d",
                                  exp_epoch,   rec_epoch ) );
-            return( POLARSSL_ERR_NET_WANT_READ );
+            return( POLARSSL_ERR_SSL_INVALID_RECORD );
+        }
+
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+        if( ssl_dtls_replay_check( ssl ) != 0 )
+        {
+            SSL_DEBUG_MSG( 1, ( "replayed record" ) );
+            return( POLARSSL_ERR_SSL_INVALID_RECORD );
         }
-    }
 #endif
+    }
+#endif /* POLARSSL_SSL_PROTO_DTLS */
 
     /* Check length against the size of our buffer */
     if( ssl->in_msglen > SSL_BUFFER_LEN
@@ -2959,6 +2971,14 @@ static int ssl_prepare_record_content( ssl_context *ssl )
     }
 #endif /* POLARSSL_ZLIB_SUPPORT */
 
+#if defined(POLARSSL_SSL_PROTO_DTLS) && \
+    defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+    if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+    {
+        ssl_dtls_replay_update( ssl );
+    }
+#endif
+
     return( 0 );
 }
 
@@ -4197,8 +4217,9 @@ int ssl_parse_finished( ssl_context *ssl )
     {
         unsigned char i;
 
-        /* Set sequence_number to zero */
-        memset( ssl->in_ctr + 2, 0, 6 );
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+        ssl_dtls_replay_reset( ssl );
+#endif
 
         /* Increment epoch */
         for( i = 2; i > 0; i-- )
@@ -4547,6 +4568,9 @@ int ssl_session_reset( ssl_context *ssl )
 #if defined(POLARSSL_SSL_PROTO_DTLS)
     ssl->next_record_offset = 0;
 #endif
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+    ssl_dtls_replay_reset( ssl );
+#endif
 
     ssl->in_hslen = 0;
     ssl->nb_zero = 0;
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 79557c2e0..9a708f02e 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2115,19 +2115,13 @@ run_test    "DTLS proxy: reference" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-run_test    "DTLS proxy: some duplication" \
-            -p "$P_PXY duplicate=3" \
-            "$P_SRV dtls=1" \
-            "$P_CLI dtls=1" \
-            0 \
-            -s "Extra-header:" \
-            -c "HTTP/1.0 200 OK"
-
-run_test    "DTLS proxy: lots of duplication" \
+run_test    "DTLS proxy: duplicate every packet" \
             -p "$P_PXY duplicate=1" \
-            "$P_SRV dtls=1" \
-            "$P_CLI dtls=1" \
+            "$P_SRV dtls=1 debug_level=1" \
+            "$P_CLI dtls=1 debug_level=1" \
             0 \
+            -c "replayed record" \
+            -s "replayed record" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
@@ -2165,6 +2159,7 @@ run_test    "DTLS proxy: delay a bit more packets" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
+needs_more_time 2
 run_test    "DTLS proxy: delay more packets" \
             -p "$P_PXY delay=3" \
             "$P_SRV dtls=1" \