From f03c7aa4690b90a43a20fc35f6d2ed382fc2cab7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 24 Sep 2014 14:54:06 +0200
Subject: [PATCH] Add replay detection in parse_client_hello()

---
 library/ssl_srv.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index a0bb6538b..ba46f5a61 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1164,6 +1164,9 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
 
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+read_record_header:
+#endif
     /*
      * If renegotiating, then the input was read with ssl_read_record(),
      * otherwise read it ourselves manually in order to support SSLv2
@@ -1235,6 +1238,19 @@ static int ssl_parse_client_hello( ssl_context *ssl )
         }
 
         memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 );
+
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+        if( ssl_dtls_replay_check( ssl ) != 0 )
+        {
+            SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) );
+            ssl->next_record_offset = 0;
+            ssl->in_left = 0;
+            goto read_record_header;
+        }
+
+        /* No MAC to check yet, so we can update right now */
+        ssl_dtls_replay_update( ssl );
+#endif
     }
 #endif /* POLARSSL_SSL_PROTO_DTLS */