[gnutls-devel] GnuTLS | Missing/wrong checks in lib/ext/pre_shared_key.c (server_recv_params) (#523)
Daiki Ueno
gitlab at mg.gitlab.com
Thu Jul 19 14:17:20 CEST 2018
@tomato42 I would say it's unrelated; it's failing in checking ticket lifetime.
Currently, tlsfuzzer calculates the ticket age as the seconds from the Unix epoch. This is not correct, you need to use the difference from the time when NST is received. So:
```
ticket_time = int(nst.time + nst.ticket_age_add) % 2**32
```
should be:
```
ticket_time = int((time.time() - nst.time) * 1000 + nst.ticket_age_add) % 2**32
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/523#note_89082531
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180719/da070c6f/attachment.html>
More information about the Gnutls-devel
mailing list