ms vs. seconds error in ticket lifetime check?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hiya,

I had problems with some ECH tests doing early data part
of which seems to be an underlying bug. Happy to create a
PR to fix if this is right, but figured worth checking I
wasn't getting something wrong first.

The issue seems to be interpreting ticket lifetimes on the
server in seconds when those are in ms, but then comparing
that to a ms expiry, giving basically ~1s for using any
ticket.

The fix seems to be this change (top one working) in
ssl/statem/extensions_srvr.c:

   <             age = ossl_time_subtract(ossl_ms2time(ticket_agel),
< ossl_ms2time(sess->ext.tick_age_add));
   ---
   >             age = ossl_time_subtract(ossl_seconds2time(ticket_agel),
> ossl_seconds2time(sess->ext.tick_age_add)

As I say if that's right, happy to make a PR but it
seems a bit odd that that'd not have been caught in
tests. (Though maybe automated tests all run too
quickly to hit the problem?)

Cheers,
S.

Attachment: OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux