Don't use long for timestamps.
This is the first part to fixing the SSL stack to be 2038-clean.
Internal structures and functions are switched to use OPENSSL_timeval
which, unlike timeval and long, are suitable for timestamps on all
platforms.
It is generally accepted that the year is now sometime after 1970, so
use uint64_t for the timestamps to avoid worrying about serializing
negative numbers in SSL_SESSION.
A follow-up change will fix SSL_CTX_set_current_time_cb to use
OPENSSL_timeval. This will require some coordinating with WebRTC.
DTLSv1_get_timeout is left alone for compatibility and because it stores
time remaining rather than an absolute time.
BUG=155
Change-Id: I1a5054813300874b6f29e348f9cd8ca80f6b9729
Reviewed-on: https://boringssl-review.googlesource.com/13944
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/tls13_client.c b/ssl/tls13_client.c
index e178666..254c363 100644
--- a/ssl/tls13_client.c
+++ b/ssl/tls13_client.c
@@ -650,18 +650,9 @@
}
/* Cap the renewable lifetime by the server advertised value. This avoids
- * wasting bandwidth on 0-RTT when we know the server will reject it.
- *
- * TODO(davidben): This dance where we're not sure if long or uint32_t is
- * bigger is silly. session->timeout should not be a long to begin with.
- * https://crbug.com/boringssl/155. */
-#if LONG_MAX < 0xffffffff
- if (server_timeout > LONG_MAX) {
- server_timeout = LONG_MAX;
- }
-#endif
- if (session->timeout > (long)server_timeout) {
- session->timeout = (long)server_timeout;
+ * wasting bandwidth on 0-RTT when we know the server will reject it. */
+ if (session->timeout > server_timeout) {
+ session->timeout = server_timeout;
}
/* Parse out the extensions. */
