The branch master has been updated
       via  7e70213fe3c79461ad3d776a8de1a5beff4bea78 (commit)
      from  c684a2d34d0da6967734bea051843263c5a76f34 (commit)


- Log -----------------------------------------------------------------
commit 7e70213fe3c79461ad3d776a8de1a5beff4bea78
Author: Matt Caswell <m...@openssl.org>
Date:   Fri Feb 9 16:39:27 2018 +0000

    Don't overestimate the ticket age
    
    On the client we calculate the age of the ticket in seconds but the server
    may work in ms. Due to rounding errors we could overestimate the age by up
    to 1s. It is better to underestimate it. Otherwise, if the RTT is very
    short, when the server calculates the age reported by the client it could
    be bigger than the age calculated on the server - which should never happen.
    
    Reviewed-by: Rich Salz <rs...@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5306)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/extensions_clnt.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 6286242..477536c 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -998,6 +998,16 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, 
unsigned int context,
          */
         now = (uint32_t)time(NULL);
         agesec = now - (uint32_t)s->session->time;
+        /*
+         * We calculate the age in seconds but the server may work in ms. Due 
to
+         * rounding errors we could overestimate the age by up to 1s. It is
+         * better to underestimate it. Otherwise, if the RTT is very short, 
when
+         * the server calculates the age reported by the client it could be
+         * bigger than the age calculated on the server - which should never
+         * happen.
+         */
+        if (agesec > 0)
+            agesec--;
 
         if (s->session->ext.tick_lifetime_hint < agesec) {
             /* Ticket is too old. Ignore it. */
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

Reply via email to