diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-02 16:28:28 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-11 15:20:28 +0000 |
| commit | bd87a9ffbf286f802c171f92b87b5f4edfcdfeb7 (patch) | |
| tree | 86d13235baba49f274ab66219dc2a7f12a449257 /lib | |
| parent | 6d6d9c1ba8d1f73e82ddb2b1698b0c67d45174d3 (diff) | |
| download | gnutls-bd87a9ffbf286f802c171f92b87b5f4edfcdfeb7.tar.gz | |
generate_session_ticket: tickets cannot extend the original session time
That is, on a resumed session the server would not issue new tickets
that would have extended the lifetime of the originally issued ticket.
Resolves #476
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/constate.c | 2 | ||||
| -rw-r--r-- | lib/tls13/session_ticket.c | 27 |
2 files changed, 23 insertions, 6 deletions
diff --git a/lib/constate.c b/lib/constate.c index b1086fd838..8f15990ad6 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -669,8 +669,8 @@ int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch, hs_stage_t dst->pversion = src->pversion; \ memcpy( dst->session_id, src->session_id, GNUTLS_MAX_SESSION_ID_SIZE); \ dst->session_id_size = src->session_id_size; \ - dst->timestamp = src->timestamp; \ } \ + dst->timestamp = src->timestamp; \ dst->cert_type = src->cert_type; \ dst->client_auth_type = src->client_auth_type; \ dst->server_auth_type = src->server_auth_type diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c index ca11fd78a6..77edbcda91 100644 --- a/lib/tls13/session_ticket.c +++ b/lib/tls13/session_ticket.c @@ -177,6 +177,20 @@ generate_session_ticket(gnutls_session_t session, tls13_ticket_t *ticket) int ret; gnutls_datum_t packed = { NULL, 0 }; tls13_ticket_t ticket_data; + time_t now = gnutls_time(0); + + if (session->internals.resumed != RESUME_FALSE) { + /* If we are resuming ensure that we don't extend the lifetime + * of the ticket past the original session expiration time */ + if (now >= session->security_parameters.timestamp + session->internals.expire_time) + return GNUTLS_E_INT_RET_0; /* don't send ticket */ + else + ticket->lifetime = session->security_parameters.timestamp + + session->internals.expire_time - now; + } else { + /* Set ticket lifetime to the default expiration time */ + ticket->lifetime = session->internals.expire_time; + } /* Generate a random 32-bit ticket nonce */ ticket->nonce_size = 4; @@ -188,8 +202,6 @@ generate_session_ticket(gnutls_session_t session, tls13_ticket_t *ticket) if ((ret = gnutls_rnd(GNUTLS_RND_NONCE, &ticket->age_add, sizeof(uint32_t))) < 0) return gnutls_assert_val(ret); - /* Set ticket lifetime to the default expiration time */ - ticket->lifetime = session->internals.expire_time; ticket->prf = session->security_parameters.prf; @@ -239,11 +251,16 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned again) if (again == 0) { memset(&ticket, 0, sizeof(tls13_ticket_t)); - ret = _gnutls_buffer_init_handshake_mbuffer(&buf); - if (ret < 0) + ret = generate_session_ticket(session, &ticket); + if (ret < 0) { + if (ret == GNUTLS_E_INT_RET_0) { + return gnutls_assert_val(0); + } + return gnutls_assert_val(ret); + } - ret = generate_session_ticket(session, &ticket); + ret = _gnutls_buffer_init_handshake_mbuffer(&buf); if (ret < 0) { gnutls_assert(); goto cleanup; |