Reject tickets from the future. This shouldn't happen, but it is good to check to avoid the potential underflow in ssl_session_is_time_valid. This required tweaking the mock clock in bssl_shim to stop going back in time. Change-Id: Id3ab8755139e989190d0b53d4bf90fe1ac203022 Reviewed-on: https://boringssl-review.googlesource.com/11841 Reviewed-by: David Benjamin <davidben@google.com>

commit: 1b22f85a5673ed5078737481231b4daa58a2b6f0 [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Oct 27 16:36:32 2016 -0400
committer: David Benjamin <davidben@google.com> Thu Oct 27 22:32:19 2016 +0000
tree: 25747ad39096ad7d0f64f84ecc9e03210ae4f5b4
parent: b6b6ff3bef673afaa4d05400564f8f4f4d31ad9c [diff] [blame]
diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c
index c2396b1..2c20bc3 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.c

@@ -599,6 +599,12 @@
 
   struct timeval now;
   ssl_get_current_time(ssl, &now);
+
+  /* Reject tickets from the future to avoid underflow. */
+  if ((long)now.tv_sec < session->time) {
+    return 0;
+  }
+
   return session->timeout >= (long)now.tv_sec - session->time;
 }
commit	1b22f85a5673ed5078737481231b4daa58a2b6f0	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Oct 27 16:36:32 2016 -0400
committer	David Benjamin <davidben@google.com>	Thu Oct 27 22:32:19 2016 +0000
tree	25747ad39096ad7d0f64f84ecc9e03210ae4f5b4
parent	b6b6ff3bef673afaa4d05400564f8f4f4d31ad9c [diff] [blame]