Bluetooth: Mesh: Fix message replay protection
The Mesh Profile Specification states that replay protection must be done for all control and access messages. Furthermore, the replay protection list must be updated with the sequence from the last segment of a segmented message (the code was only updating based on SeqZero). Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This commit is contained in:
parent
cad1f4ce7b
commit
8fe33607c6
1 changed files with 14 additions and 6 deletions
|
@ -567,12 +567,6 @@ static int sdu_recv(struct bt_mesh_net_rx *rx, u8_t hdr, u8_t mic_size,
|
|||
|
||||
rx->ctx.app_idx = key->app_idx;
|
||||
|
||||
if (is_replay(rx)) {
|
||||
BT_WARN("Replay: src 0x%04x dst 0x%04x seq 0x%06x",
|
||||
rx->ctx.addr, rx->dst, rx->seq);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
bt_mesh_model_recv(rx, sdu);
|
||||
return 0;
|
||||
}
|
||||
|
@ -788,6 +782,12 @@ static int trans_unseg(struct net_buf_simple *buf, struct bt_mesh_net_rx *rx,
|
|||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (rx->local_match && is_replay(rx)) {
|
||||
BT_WARN("Replay: src 0x%04x dst 0x%04x seq 0x%06x",
|
||||
rx->ctx.addr, rx->dst, rx->seq);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
hdr = net_buf_simple_pull_u8(buf);
|
||||
|
||||
if (rx->ctl) {
|
||||
|
@ -1176,6 +1176,14 @@ found_rx:
|
|||
|
||||
BT_DBG("Complete SDU");
|
||||
|
||||
if (net_rx->local_match && is_replay(net_rx)) {
|
||||
BT_WARN("Replay: src 0x%04x dst 0x%04x seq 0x%06x",
|
||||
net_rx->ctx.addr, net_rx->dst, net_rx->seq);
|
||||
/* Clear the segment's bit */
|
||||
rx->block &= ~BIT(seg_o);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
*pdu_type = BT_MESH_FRIEND_PDU_COMPLETE;
|
||||
|
||||
/* Set the correct sequence number to be used with the App Nonce */
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue