Merge branch 'tmp-session-ticket-timestamp' into 'master'

TLS 1.3: calculate ticket age based on higher precision time

See merge request gnutls/gnutls!785

17 files changed, 158 insertions, 73 deletions

diff --git a/lib/buffers.c b/lib/buffers.c
index cee0d5fc59..78fe6e22cc 100644
--- a/lib/buffers.c
+++ b/lib/buffers.c
@@ -252,7 +252,7 @@ _gnutls_dgram_read(gnutls_session_t session, mbuffer_st ** bufel,
 		ret = _gnutls_io_check_recv(session, *ms);
 		if (ret < 0)
 			return gnutls_assert_val(ret);
-		gettime(&t1);
+		gnutls_gettime(&t1);
 	}
 
 	*bufel = _mbuffer_alloc_align16(max_size, get_total_headers(session));
@@ -287,7 +287,7 @@ _gnutls_dgram_read(gnutls_session_t session, mbuffer_st ** bufel,
 	}
 
 	if (ms && *ms > 0) {
-		gettime(&t2);
+		gnutls_gettime(&t2);
 		diff = timespec_sub_ms(&t2, &t1);
 		if (diff < *ms)
 			*ms -= diff;
@@ -338,7 +338,7 @@ _gnutls_stream_read(gnutls_session_t session, mbuffer_st ** bufel,
 				goto cleanup;
 			}
 
-			gettime(&t1);
+			gnutls_gettime(&t1);
 		}
 
 		reset_errno(session);
@@ -383,7 +383,7 @@ _gnutls_stream_read(gnutls_session_t session, mbuffer_st ** bufel,
 		(*bufel)->msg.size += i;
 
 		if (ms && *ms > 0 && *ms != GNUTLS_INDEFINITE_TIMEOUT) {
-			gettime(&t2);
+			gnutls_gettime(&t2);
 			diff = timespec_sub_ms(&t2, &t1);
 			if (diff < *ms)
 				*ms -= diff;
diff --git a/lib/dtls.c b/lib/dtls.c
index 07c3495a46..a22379ece1 100644
--- a/lib/dtls.c
+++ b/lib/dtls.c
@@ -234,7 +234,7 @@ int _dtls_transmit(gnutls_session_t session)
 	unsigned int diff;
 	struct timespec now;
 
-	gettime(&now);
+	gnutls_gettime(&now);
 
 	/* If we have already sent a flight and we are operating in a 
 	 * non blocking way, check if it is time to retransmit or just
@@ -321,7 +321,7 @@ int _dtls_transmit(gnutls_session_t session)
 
 				last_type = cur->htype;
 			}
-			gettime(&session->internals.dtls.last_retransmit);
+			gnutls_gettime(&session->internals.dtls.last_retransmit);
 
 			if (session->internals.dtls.flight_init == 0) {
 				session->internals.dtls.flight_init = 1;
@@ -391,7 +391,7 @@ int _dtls_transmit(gnutls_session_t session)
 		}
 
 	      keep_up:
-		gettime(&now);
+		gnutls_gettime(&now);
 	} while (ret == GNUTLS_E_TIMEDOUT);
 
 	if (ret < 0) {
@@ -789,7 +789,7 @@ unsigned int gnutls_dtls_get_timeout(gnutls_session_t session)
 	struct timespec now;
 	unsigned int diff;
 
-	gettime(&now);
+	gnutls_gettime(&now);
 
 	diff =
 	    timespec_sub_ms(&now,
diff --git a/lib/dtls.h b/lib/dtls.h
index c7e72cf9b7..717d3bdc6d 100644
--- a/lib/dtls.h
+++ b/lib/dtls.h
@@ -40,7 +40,7 @@ void _dtls_reset_window(struct record_parameters_st *rp);
 #define RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, r) { \
   struct timespec _now; \
   unsigned int _diff; \
-  gettime(&_now); \
+  gnutls_gettime(&_now); \
    \
   _diff = timespec_sub_ms(&_now, &session->internals.handshake_start_time); \
   if (_diff > session->internals.handshake_timeout_ms) \
diff --git a/lib/ext/heartbeat.c b/lib/ext/heartbeat.c
index 1b970fbc46..7ec26a9804 100644
--- a/lib/ext/heartbeat.c
+++ b/lib/ext/heartbeat.c
@@ -202,7 +202,7 @@ gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
 		if (ret < 0)
 			return gnutls_assert_val(ret);
 
-		gettime(&session->internals.hb_ping_start);
+		gnutls_gettime(&session->internals.hb_ping_start);
 		session->internals.hb_local_data.length = data_size;
 		session->internals.hb_state = SHB_SEND2;
 
@@ -220,7 +220,7 @@ gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
 		if (ret < 0)
 			return gnutls_assert_val(ret);
 
-		gettime(&session->internals.hb_ping_sent);
+		gnutls_gettime(&session->internals.hb_ping_sent);
 
 		if (!(flags & GNUTLS_HEARTBEAT_WAIT)) {
 			session->internals.hb_state = SHB_SEND1;
@@ -246,7 +246,7 @@ gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
 				return gnutls_assert_val(ret);
 			}
 
-			gettime(&now);
+			gnutls_gettime(&now);
 			diff =
 			    timespec_sub_ms(&now,
 					    &session->internals.
@@ -405,7 +405,7 @@ unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session)
 	struct timespec now;
 	unsigned int diff;
 
-	gettime(&now);
+	gnutls_gettime(&now);
 	diff = timespec_sub_ms(&now, &session->internals.hb_ping_sent);
 	if (diff >= session->internals.hb_actual_retrans_timeout_ms)
 		return 0;
diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index 7e61d45cb7..be18c264ff 100644
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -33,7 +33,7 @@
 #include <assert.h>
 
 static int
-compute_psk_from_ticket(const tls13_ticket_t *ticket, gnutls_datum_t *key)
+compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key)
 {
 	int ret;
 	char label[] = "resumption";
@@ -201,7 +201,7 @@ client_send_params(gnutls_session_t session,
 	unsigned next_idx;
 	const mac_entry_st *prf_res = NULL;
 	const mac_entry_st *prf_psk = NULL;
-	time_t cur_time;
+	struct timespec cur_time;
 	uint32_t ticket_age, ob_ticket_age;
 	int free_username = 0;
 	psk_auth_info_t info = NULL;
@@ -235,16 +235,21 @@ client_send_params(gnutls_session_t session,
 
 		prf_res = session->internals.tls13_ticket.prf;
 
-		cur_time = gnutls_time(0);
-		if (unlikely(cur_time < session->internals.tls13_ticket.timestamp)) {
+		gnutls_gettime(&cur_time);
+		if (unlikely(_gnutls_timespec_cmp(&cur_time,
+						  &session->internals.
+						  tls13_ticket.
+						  arrival_time) < 0)) {
 			gnutls_assert();
 			_gnutls13_session_ticket_unset(session);
 			goto ignore_ticket;
 		}
 
 		/* Check whether the ticket is stale */
-		ticket_age = cur_time - session->internals.tls13_ticket.timestamp;
-		if (ticket_age > session->internals.tls13_ticket.lifetime) {
+		ticket_age = timespec_sub_ms(&cur_time,
+					     &session->internals.tls13_ticket.
+					     arrival_time);
+		if (ticket_age / 1000 > session->internals.tls13_ticket.lifetime) {
 			_gnutls13_session_ticket_unset(session);
 			goto ignore_ticket;
 		}
@@ -256,7 +261,7 @@ client_send_params(gnutls_session_t session,
 		}
 
 		/* Calculate obfuscated ticket age, in milliseconds, mod 2^32 */
-		ob_ticket_age = ticket_age * 1000 + session->internals.tls13_ticket.age_add;
+		ob_ticket_age = ticket_age + session->internals.tls13_ticket.age_add;
 
 		if ((ret = _gnutls_buffer_append_data_prefix(extdata, 16,
 							     session->internals.tls13_ticket.ticket.data,
@@ -476,7 +481,7 @@ static int server_recv_params(gnutls_session_t session,
 	psk_ext_iter_st psk_iter;
 	struct psk_st psk;
 	psk_auth_info_t info;
-	tls13_ticket_t ticket_data;
+	tls13_ticket_st ticket_data;
 	uint32_t ticket_age;
 	bool resuming;
 
@@ -507,12 +512,6 @@ static int server_recv_params(gnutls_session_t session,
 			session->internals.resumption_requested = 1;
 
 			/* Check whether ticket is stale or not */
-			if (psk.ob_ticket_age < ticket_data.age_add) {
-				gnutls_assert();
-				tls13_ticket_deinit(&ticket_data);
-				continue;
-			}
-
 			ticket_age = psk.ob_ticket_age - ticket_data.age_add;
 			if (ticket_age / 1000 > ticket_data.lifetime) {
 				gnutls_assert();
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index f32eba181d..2eff31caff 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -1016,8 +1016,8 @@ typedef struct gnutls_dh_params_int {
 
 /* TLS 1.3 session ticket
  */
-typedef struct tls13_ticket {
-	time_t timestamp;
+typedef struct {
+	struct timespec arrival_time;
 	uint32_t lifetime;
 	uint32_t age_add;
 	uint8_t nonce[255];
@@ -1025,7 +1025,7 @@ typedef struct tls13_ticket {
 	const mac_entry_st *prf;
 	uint8_t resumption_master_secret[MAX_HASH_SIZE];
 	gnutls_datum_t ticket;
-} tls13_ticket_t;
+} tls13_ticket_st;
 
 /* DTLS session state
  */
@@ -1447,7 +1447,7 @@ typedef struct {
 	/* this is only used under TLS1.2 or earlier */
 	int session_ticket_renew;
 
-	tls13_ticket_t tls13_ticket;
+	tls13_ticket_st tls13_ticket;
 
 	/* the amount of early data received so far */
 	uint32_t early_data_received;
@@ -1512,6 +1512,18 @@ unsigned int
 /* returns a-b in ms */
  timespec_sub_ms(struct timespec *a, struct timespec *b);
 
+inline static int _gnutls_timespec_cmp(struct timespec *a, struct timespec *b) {
+	if (a->tv_sec < b->tv_sec)
+		return -1;
+	if (a->tv_sec > b->tv_sec)
+		return 1;
+	if (a->tv_nsec < b->tv_nsec)
+		return -1;
+	if (a->tv_nsec > b->tv_nsec)
+		return 1;
+	return 0;
+}
+
 #include <algorithms.h>
 inline static int _gnutls_set_current_version(gnutls_session_t s, unsigned v)
 {
diff --git a/lib/handshake.c b/lib/handshake.c
index 841c88385d..a20c7a302a 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -2679,7 +2679,7 @@ int gnutls_handshake(gnutls_session_t session)
 		session->internals.hsk_flags = 0;
 		session->internals.handshake_in_progress = 1;
 		session->internals.vc_status = -1;
-		gettime(&session->internals.handshake_start_time);
+		gnutls_gettime(&session->internals.handshake_start_time);
 		if (session->internals.handshake_timeout_ms &&
 		    session->internals.handshake_endtime == 0)
 			    session->internals.handshake_endtime = session->internals.handshake_start_time.tv_sec +
diff --git a/lib/handshake.h b/lib/handshake.h
index 38ef848784..ee5ee7a437 100644
--- a/lib/handshake.h
+++ b/lib/handshake.h
@@ -116,7 +116,7 @@ inline static int handshake_remaining_time(gnutls_session_t session)
 {
 	if (session->internals.handshake_endtime) {
 		struct timespec now;
-		gettime(&now);
+		gnutls_gettime(&now);
 
 		if (now.tv_sec < session->internals.handshake_endtime)
 			return (session->internals.handshake_endtime -
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 041fda7b80..ad6613b907 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1326,4 +1326,6 @@ GNUTLS_PRIVATE_3_4 {
 	_gnutls_server_name_set_raw;
 	# Internal symbols needed by tests/suite/resume-with-stek-expiration
 	_gnutls_set_session_ticket_key_rotation_callback;
+	# Internal symbols needed by tests/virt-time.h
+	_gnutls_global_set_gettime_function;
 } GNUTLS_3_4;
diff --git a/lib/nettle/rnd.c b/lib/nettle/rnd.c
index 9d8b250012..3f816d43ae 100644
--- a/lib/nettle/rnd.c
+++ b/lib/nettle/rnd.c
@@ -106,7 +106,7 @@ static int single_prng_init(struct prng_ctx_st *ctx,
 
 		ctx->forkid = _gnutls_get_forkid();
 
-		gettime(&now);
+		gnutls_gettime(&now);
 		memcpy(nonce, &now, MIN(sizeof(nonce), sizeof(now)));
 		ctx->last_reseed = now.tv_sec;
 	}
diff --git a/lib/session_pack.c b/lib/session_pack.c
index 8d8abd9f3a..b83c9c7440 100644
--- a/lib/session_pack.c
+++ b/lib/session_pack.c
@@ -310,6 +310,7 @@ _gnutls_session_unpack(gnutls_session_t session,
  *      x bytes the ticket
  *      1 bytes the resumption master secret length
  *      x bytes the resumption master secret
+ *     12 bytes the ticket arrival time
  *
  * WE DON'T STORE NewSessionTicket EXTENSIONS, as we don't support them yet.
  *
@@ -323,14 +324,12 @@ tls13_pack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
 	int ret = 0;
 	uint32_t length = 0;
 	size_t length_pos;
-	tls13_ticket_t *ticket = &session->internals.tls13_ticket;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
 
 	length_pos = ps->length;
 	BUFFER_APPEND_NUM(ps, 0);
 
 	if (ticket->ticket.data != NULL) {
-		BUFFER_APPEND_NUM(ps, ticket->timestamp);
-		length += 4;
 		BUFFER_APPEND_NUM(ps, ticket->lifetime);
 		length += 4;
 		BUFFER_APPEND_NUM(ps, ticket->age_add);
@@ -347,6 +346,8 @@ tls13_pack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
 				   ticket->resumption_master_secret,
 				   ticket->prf->output_size);
 		length += (1 + ticket->prf->output_size);
+		BUFFER_APPEND_TS(ps, ticket->arrival_time);
+		length += 12;
 
 		/* Overwrite the length field */
 		_gnutls_write_uint32(length, ps->data + length_pos);
@@ -359,14 +360,13 @@ static int
 tls13_unpack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
 {
 	uint32_t ttl_len;
-	tls13_ticket_t *ticket = &session->internals.tls13_ticket;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
 	gnutls_datum_t t;
 	int ret = 0;
 
 	BUFFER_POP_NUM(ps, ttl_len);
 
 	if (ttl_len > 0) {
-		BUFFER_POP_NUM(ps, ticket->timestamp);
 		BUFFER_POP_NUM(ps, ticket->lifetime);
 		BUFFER_POP_NUM(ps, ticket->age_add);
 
@@ -394,6 +394,8 @@ tls13_unpack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
 			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
 		ticket->prf = session->internals.resumed_security_parameters.prf;
+
+		BUFFER_POP_TS(ps, ticket->arrival_time);
 	}
 
 error:
diff --git a/lib/str.h b/lib/str.h
index da472eb4f7..c8be6c9913 100644
--- a/lib/str.h
+++ b/lib/str.h
@@ -233,6 +233,24 @@ int _gnutls_hostname_compare(const char *certname, size_t certnamesize,
 	} \
     }
 
+#define BUFFER_APPEND_TS(b, s) { \
+	ret = _gnutls_buffer_append_prefix(b, 32, s.tv_sec >> 32); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+	ret = _gnutls_buffer_append_prefix(b, 32, s.tv_sec & 0xFFFFFFFF); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+	ret = _gnutls_buffer_append_prefix(b, 32, s.tv_nsec); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
 #define BUFFER_POP(b, x, s) { \
 	ret = _gnutls_buffer_pop_data(b, x, s); \
 	if (ret < 0) { \
@@ -273,4 +291,28 @@ int _gnutls_hostname_compare(const char *certname, size_t certnamesize,
 	o = (void *) (intptr_t)(s); \
     }
 
+#define BUFFER_POP_TS(b, o) { \
+	size_t s; \
+	uint64_t v; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	v = s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	v = (v << 32) | s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	o.tv_sec = v; \
+	o.tv_nsec = s; \
+    }
+
 #endif
diff --git a/lib/system.c b/lib/system.c
index 1a17974d58..1bbbf79c84 100644
--- a/lib/system.c
+++ b/lib/system.c
@@ -44,6 +44,26 @@ static HMODULE Crypt32_dll;
 /* System specific function wrappers for certificate stores.
  */
 gnutls_time_func gnutls_time;
+gnutls_gettime_func gnutls_gettime;
+
+/* emulate gnulib's gettime using gettimeofday to avoid linking to
+ * librt */
+static void _gnutls_gettime(struct timespec *t)
+{
+#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_REALTIME)
+	clock_gettime(CLOCK_REALTIME, t);
+#else
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+	t->tv_sec = tv.tv_sec;
+	t->tv_nsec = tv.tv_usec * 1000;
+#endif
+}
+
+void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func)
+{
+	gnutls_gettime = gettime_func;
+}
 
 int gnutls_system_global_init(void)
 {
@@ -66,6 +86,7 @@ int gnutls_system_global_init(void)
 	Crypt32_dll = crypto;
 #endif
 	gnutls_time = time;
+	gnutls_gettime = _gnutls_gettime;
 	return 0;
 }
 
@@ -75,6 +96,7 @@ void gnutls_system_global_deinit(void)
 	FreeLibrary(Crypt32_dll);
 #endif
 	gnutls_time = time;
+	gnutls_gettime = _gnutls_gettime;
 }
 
 
diff --git a/lib/system.h b/lib/system.h
index 0ae3c63b17..6a948f858d 100644
--- a/lib/system.h
+++ b/lib/system.h
@@ -77,7 +77,10 @@ ssize_t system_read(gnutls_transport_ptr_t ptr, void *data,
 # define HAVE_NO_LOCKS
 #endif
 
+typedef void (*gnutls_gettime_func) (struct timespec *);
+
 extern gnutls_time_func gnutls_time;
+extern gnutls_gettime_func gnutls_gettime;
 
 static inline void millisleep(unsigned int ms)
 {
@@ -93,26 +96,14 @@ static inline void millisleep(unsigned int ms)
 #endif
 }
 
-/* emulate gnulib's gettime using gettimeofday to avoid linking to
- * librt */
-inline static void gettime(struct timespec *t)
-{
-#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_REALTIME)
-	clock_gettime(CLOCK_REALTIME, t);
-#else
-	struct timeval tv;
-	gettimeofday(&tv, NULL);
-	t->tv_sec = tv.tv_sec;
-	t->tv_nsec = tv.tv_usec * 1000;
-#endif
-}
-
 int _gnutls_find_config_path(char *path, size_t max_size);
 int _gnutls_ucs2_to_utf8(const void *data, size_t size,
 			 gnutls_datum_t * output, unsigned bigendian);
 int _gnutls_utf8_to_ucs2(const void *data, size_t size,
 			 gnutls_datum_t * output);
 
+void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func);
+
 int gnutls_system_global_init(void);
 void gnutls_system_global_deinit(void);
 
diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c
index 36d5dc5260..ad04a60919 100644
--- a/lib/tls13/session_ticket.c
+++ b/lib/tls13/session_ticket.c
@@ -34,7 +34,7 @@
 #include "db.h"
 
 static int
-pack_ticket(gnutls_session_t session, tls13_ticket_t *ticket, gnutls_datum_t *packed)
+pack_ticket(gnutls_session_t session, tls13_ticket_st *ticket, gnutls_datum_t *packed)
 {
 	uint8_t *p;
 	gnutls_datum_t state;
@@ -85,7 +85,7 @@ pack_ticket(gnutls_session_t session, tls13_ticket_t *ticket, gnutls_datum_t *pa
 }
 
 static int
-unpack_ticket(gnutls_session_t session, gnutls_datum_t *packed, tls13_ticket_t *data)
+unpack_ticket(gnutls_session_t session, gnutls_datum_t *packed, tls13_ticket_st *data)
 {
 	uint32_t age_add, lifetime;
 	uint8_t resumption_master_secret[MAX_HASH_SIZE];
@@ -174,11 +174,11 @@ unpack_ticket(gnutls_session_t session, gnutls_datum_t *packed, tls13_ticket_t *
 }
 
 static int
-generate_session_ticket(gnutls_session_t session, tls13_ticket_t *ticket)
+generate_session_ticket(gnutls_session_t session, tls13_ticket_st *ticket)
 {
 	int ret;
 	gnutls_datum_t packed = { NULL, 0 };
-	tls13_ticket_t ticket_data;
+	tls13_ticket_st ticket_data;
 	time_t now = gnutls_time(0);
 
 	if (session->internals.resumed != RESUME_FALSE) {
@@ -234,7 +234,7 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned nr, unsigne
 	int ret = 0;
 	mbuffer_st *bufel = NULL;
 	gnutls_buffer_st buf;
-	tls13_ticket_t ticket;
+	tls13_ticket_st ticket;
 	unsigned i;
 
 	/* Client does not send a NewSessionTicket */
@@ -253,7 +253,7 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned nr, unsigne
 
 	if (again == 0) {
 		for (i=0;i<nr;i++) {
-			memset(&ticket, 0, sizeof(tls13_ticket_t));
+			memset(&ticket, 0, sizeof(tls13_ticket_st));
 			bufel = NULL;
 
 			ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
@@ -346,7 +346,7 @@ int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *bu
 {
 	int ret;
 	uint8_t value;
-	tls13_ticket_t *ticket = &session->internals.tls13_ticket;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
 	gnutls_datum_t t;
 	size_t val;
 
@@ -354,7 +354,7 @@ int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *bu
 		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
 	_gnutls_free_datum(&ticket->ticket);
-	memset(ticket, 0, sizeof(tls13_ticket_t));
+	memset(ticket, 0, sizeof(tls13_ticket_st));
 
 	_gnutls_handshake_log("HSK[%p]: parsing session ticket message\n", session);
 
@@ -395,8 +395,8 @@ int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *bu
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
-	/* Set the ticket timestamp */
-	ticket->timestamp = gnutls_time(0);
+	/* Record the ticket arrival time */
+	gnutls_gettime(&ticket->arrival_time);
 
 	return 0;
 }
@@ -407,7 +407,7 @@ int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *bu
  */
 int _gnutls13_unpack_session_ticket(gnutls_session_t session,
 		gnutls_datum_t *data,
-		tls13_ticket_t *ticket_data)
+		tls13_ticket_st *ticket_data)
 {
 	int ret;
 	gnutls_datum_t decrypted = { NULL, 0 };
diff --git a/lib/tls13/session_ticket.h b/lib/tls13/session_ticket.h
index d2f637c209..feab3e2379 100644
--- a/lib/tls13/session_ticket.h
+++ b/lib/tls13/session_ticket.h
@@ -27,17 +27,17 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned nr, unsigne
 
 int _gnutls13_unpack_session_ticket(gnutls_session_t session,
 				    gnutls_datum_t *data,
-				    tls13_ticket_t *ticket_data);
+				    tls13_ticket_st *ticket_data);
 
 inline static
-void tls13_ticket_deinit(tls13_ticket_t *ticket)
+void tls13_ticket_deinit(tls13_ticket_st *ticket)
 {
 	if (ticket) {
 		zeroize_temp_key(&ticket->resumption_master_secret,
 				 sizeof(ticket->resumption_master_secret));
 
 		_gnutls_free_datum(&ticket->ticket);
-		memset(ticket, 0, sizeof(tls13_ticket_t));
+		memset(ticket, 0, sizeof(tls13_ticket_st));
 	}
 }
 
diff --git a/tests/virt-time.h b/tests/virt-time.h
index 02c8cdb147..0dd35df299 100644
--- a/tests/virt-time.h
+++ b/tests/virt-time.h
@@ -29,19 +29,28 @@
 #include <time.h>
 #include <gnutls/gnutls.h>
 
+/* copied from ../lib/system.h so not to include that header from
+ * every test program */
+typedef void (*gnutls_gettime_func) (struct timespec *);
+extern void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func);
+
 /* virtualize time in a test. This freezes the time in the test, except for
  * the advances due to calls to virt_sleep_sec(). This makes the test
- * independent of the test system load, and avoids any long delays.
- *
- * This only affects the parts of the library that utilize gnutls_time(),
- * not the higher precision gettime */
-static time_t _now = 0;
+ * independent of the test system load, and avoids any long delays. */
+static time_t _now;
+static struct timespec _now_ts;
 
-#define virt_sec_sleep(s) _now += s
+#define virt_sec_sleep(s) { \
+		_now += s; \
+		_now_ts.tv_sec += s; \
+	}
 
 #define virt_time_init() { \
 		_now = time(0); \
 		gnutls_global_set_time_function(mytime); \
+		_now_ts.tv_sec = _now; \
+		_now_ts.tv_nsec = 0; \
+		_gnutls_global_set_gettime_function(mygettime); \
 	}
 
 
@@ -53,4 +62,10 @@ static time_t mytime(time_t * t)
 	return _now;
 }
 
+static void mygettime(struct timespec * t)
+{
+	if (t)
+		*t = _now_ts;
+}
+
 #endif