diff options
author | Todd Short <todd.short@me.com> | 2022-03-23 18:55:10 -0400 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2022-03-25 12:46:15 -0400 |
commit | 0089cc7f9d42f6e39872161199fb8b6a99da2492 (patch) | |
tree | 7bb4e2d785cf687ca07ed65796750543549e7268 /ssl | |
parent | 37816ef5757e458be9648481e56bf698ee3bfbb1 (diff) | |
download | openssl-new-0089cc7f9d42f6e39872161199fb8b6a99da2492.tar.gz |
ticket_lifetime_hint may exceed 1 week in TLSv1.3
For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446
Fixes #17948
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17952)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_srvr.c | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index cc65ee2d0e..0f05ccbad9 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3621,15 +3621,24 @@ int tls_construct_server_certificate(SSL *s, WPACKET *pkt) static int create_ticket_prequel(SSL *s, WPACKET *pkt, uint32_t age_add, unsigned char *tick_nonce) { + uint32_t timeout = (uint32_t)s->session->timeout; + /* - * Ticket lifetime hint: For TLSv1.2 this is advisory only and we leave this - * unspecified for resumed session (for simplicity). + * Ticket lifetime hint: * In TLSv1.3 we reset the "time" field above, and always specify the - * timeout. + * timeout, limited to a 1 week period per RFC8446. + * For TLSv1.2 this is advisory only and we leave this unspecified for + * resumed session (for simplicity). */ - if (!WPACKET_put_bytes_u32(pkt, - (s->hit && !SSL_IS_TLS13(s)) - ? 0 : (uint32_t)s->session->timeout)) { +#define ONE_WEEK_SEC (7 * 24 * 60 * 60) + + if (SSL_IS_TLS13(s)) { + if (s->session->timeout > ONE_WEEK_SEC) + timeout = ONE_WEEK_SEC; + } else if (s->hit) + timeout = 0; + + if (!WPACKET_put_bytes_u32(pkt, timeout)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } |