crypto/tls: generate unique ticket_age_add for each ticket

#23 -- CLA ok -- re-author to me+google@tomthorogood.co.uk
This commit is contained in:
Tom Thorogood 2017-04-10 02:01:24 +09:30 зафіксовано Peter Wu
джерело ba45c1a5ca
коміт f4a6690edc

16
13.go

@ -556,15 +556,9 @@ func (hs *serverHandshakeState) sendSessionTicket13() error {
resumptionSecret := hkdfExpandLabel(hash, hs.masterSecret, handshakeCtx, "resumption master secret", hash.Size())
ageAddBuf := make([]byte, 4)
if _, err := io.ReadFull(c.config.rand(), ageAddBuf); err != nil {
c.sendAlert(alertInternalError)
return err
}
sessionState := &sessionState13{
vers: c.vers,
suite: hs.suite.id,
ageAdd: uint32(ageAddBuf[0])<<24 | uint32(ageAddBuf[1])<<16 |
uint32(ageAddBuf[2])<<8 | uint32(ageAddBuf[3]),
vers: c.vers,
suite: hs.suite.id,
createdAt: uint64(time.Now().Unix()),
resumptionSecret: resumptionSecret,
alpnProtocol: c.clientProtocol,
@ -573,6 +567,12 @@ func (hs *serverHandshakeState) sendSessionTicket13() error {
}
for i := 0; i < numSessionTickets; i++ {
if _, err := io.ReadFull(c.config.rand(), ageAddBuf); err != nil {
c.sendAlert(alertInternalError)
return err
}
sessionState.ageAdd = uint32(ageAddBuf[0])<<24 | uint32(ageAddBuf[1])<<16 |
uint32(ageAddBuf[2])<<8 | uint32(ageAddBuf[3])
ticket := sessionState.marshal()
var err error
if c.config.SessionTicketSealer != nil {