TLS 1.3: calculate ticket age based on higher precision time (!785) · Merge requests · gnutls / GnuTLS

Daiki Ueno requested to merge tmp-session-ticket-timestamp into master Oct 25, 2018

Previously, the client's view of ticket age was calculated from the time in seconds, something like:

time_t cur_time = gnutls_time(0); /* in seconds */
uint32_t ticket_age = (cur_time - ticket->timestamp) * 1000; /* in milliseconds, but in seconds precision */

while the RFC 8446 explicitly says that ticket ages are in milliseconds. This prevents implementing the freshness check correctly in !782 (closed).

This MR consists of 3 parts:

use struct timespec for ticket arrival time, which is the baseline of ticket age
add a means to replace gettime() function extensively used in the library for testing
other refactoring and fixes

Reviewer's checklist:

Any issues marked for closing are addressed
There is a test suite reasonably covering new functionality or modifications
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
This feature/change has adequate documentation added
No obvious mistakes in the code

Edited Oct 26, 2018 by Nikos Mavrogiannopoulos

Admin message

TLS 1.3: calculate ticket age based on higher precision time

Reviewer's checklist:

Merge request reports