Bug 1499732 - add expiration time to tokenInfo, r=mt

Differential Revision: https://phabricator.services.mozilla.com/D9510 --HG-- extra : rebase_source : 4244ea77e29197840ea4043a124d1a74a93c3d1e extra : amend_source : 19fd8871c714bb8f49ae7a73f0e7e6fa0f96a877
sailfishos-mirror · Oct 23, 2018 · 0ebb2aa · 0ebb2aa
1 parent 3de11df
commit 0ebb2aa
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 0 deletions.
diff --git a/gtests/ssl_gtest/ssl_resumption_unittest.cc b/gtests/ssl_gtest/ssl_resumption_unittest.cc
@@ -1124,6 +1124,8 @@ void CheckGetInfoResult(uint32_t alpnSize, uint32_t earlyDataSize,
   EXPECT_EQ(0, memcmp("a", token->alpnSelection, token->alpnSelectionLen));
 
   ASSERT_EQ(earlyDataSize, token->maxEarlyDataSize);
+
+  ASSERT_LT(ssl_TimeUsec(), token->expirationTime);
 }
 
 // The client should generate a new, randomized session_id

diff --git a/lib/ssl/sslexp.h b/lib/ssl/sslexp.h
@@ -367,6 +367,7 @@ typedef struct SSLResumptionTokenInfoStr {
     PRUint8 *alpnSelection;
     PRUint32 alpnSelectionLen;
     PRUint32 maxEarlyDataSize;
+    PRTime expirationTime; /* added in NSS 3.41 */
 } SSLResumptionTokenInfo;
 
 /*

diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
@@ -4222,6 +4222,7 @@ SSLExp_GetResumptionTokenInfo(const PRUint8 *tokenData, unsigned int tokenLen,
     } else {
         token.maxEarlyDataSize = 0;
     }
+    token.expirationTime = sid.expirationTime;
 
     token.length = PR_MIN(sizeof(SSLResumptionTokenInfo), len);
     PORT_Memcpy(tokenOut, &token, token.length);