[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Feb 12 10:04:35 UTC 2018
The branch master has been updated
via 7e70213fe3c79461ad3d776a8de1a5beff4bea78 (commit)
from c684a2d34d0da6967734bea051843263c5a76f34 (commit)
- Log -----------------------------------------------------------------
commit 7e70213fe3c79461ad3d776a8de1a5beff4bea78
Author: Matt Caswell <matt at openssl.org>
Date: Fri Feb 9 16:39:27 2018 +0000
Don't overestimate the ticket age
On the client we calculate the age of the ticket in seconds but the server
may work in ms. Due to rounding errors we could overestimate the age by up
to 1s. It is better to underestimate it. Otherwise, if the RTT is very
short, when the server calculates the age reported by the client it could
be bigger than the age calculated on the server - which should never happen.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5306)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/extensions_clnt.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 6286242..477536c 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -998,6 +998,16 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
*/
now = (uint32_t)time(NULL);
agesec = now - (uint32_t)s->session->time;
+ /*
+ * We calculate the age in seconds but the server may work in ms. Due to
+ * rounding errors we could overestimate the age by up to 1s. It is
+ * better to underestimate it. Otherwise, if the RTT is very short, when
+ * the server calculates the age reported by the client it could be
+ * bigger than the age calculated on the server - which should never
+ * happen.
+ */
+ if (agesec > 0)
+ agesec--;
if (s->session->ext.tick_lifetime_hint < agesec) {
/* Ticket is too old. Ignore it. */
More information about the openssl-commits
mailing list