kris
/
boringssl
1
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
Explorar el Código

Treat sessions as expired on the boundary second. 

TLS 1.3 clarifies that a ticket lifetime of zero means the session is
unusable. We don't currently pay attention to that field (to be fixed in
later changes) but, in preparation for this, switch the >= to a >.

Change-Id: I0e67a0d97bc8def04914f121e84d3e7a2d640d2c
Reviewed-on: https://boringssl-review.googlesource.com/12102
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin hace 8 años
committed by Adam Langley
padre
5b7b09cfca
commit
8e816eb7b6
Se han modificado 2 ficheros con 2 adiciones y 2 borrados
Dividir vista
Opciones de diferencias
Mostrar estadísticas Descargar archivo de parche Descargar archivo de diferencias
  1. +1
    -1
      ssl/ssl_session.c
  2. +1
    -1
      ssl/ssl_test.cc

+ 1
- 1
ssl/ssl_session.c Ver fichero

@@ -605,7 +605,7 @@ int ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session) {
return 0;
}

return session->timeout >= (long)now.tv_sec - session->time;
return session->timeout > (long)now.tv_sec - session->time;
}

/* ssl_lookup_session looks up |session_id| in the session cache and sets


+ 1
- 1
ssl/ssl_test.cc Ver fichero

@@ -2142,7 +2142,7 @@ static bool TestSessionTimeout() {
}

// Advance the clock just behind the timeout.
g_current_time.tv_sec += SSL_DEFAULT_SESSION_TIMEOUT;
g_current_time.tv_sec += SSL_DEFAULT_SESSION_TIMEOUT - 1;

if (!ExpectSessionReused(client_ctx.get(), server_ctx.get(),
session.get(),


Escribir Vista previa
Cargando…
Cancelar
Guardar