File 0983-Use-monotonic-time-for-measuring-ticket-ag... of Package erlang

Overview Repositories Revisions Requests Users Attributes Meta

File 0983-Use-monotonic-time-for-measuring-ticket-age-in-TLS-c.patch of Package erlang

From 282ba0347a873993f87ab79afed42bb9bef01f47 Mon Sep 17 00:00:00 2001
From: Anders Kiel Hovgaard <anders.hovgaard@motorolasolutions.com>
Date: Mon, 9 May 2022 12:10:14 +0200
Subject: [PATCH 3/3] Use monotonic time for measuring ticket age in TLS client
 ticket store

The time stamps are used for measuring elapsed time, to compute the TLS
1.3 ticket age and determine if a stored ticket is expired, so
`erlang:monotonic_time/1` is more appropriate.
---
 lib/ssl/src/tls_client_ticket_store.erl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/ssl/src/tls_client_ticket_store.erl b/lib/ssl/src/tls_client_ticket_store.erl
index 29d4b345a7..5108aca375 100644
--- a/lib/ssl/src/tls_client_ticket_store.erl
+++ b/lib/ssl/src/tls_client_ticket_store.erl
@@ -202,7 +202,7 @@ iterate_tickets(Iter0, Pid, Ciphers, Hash, SNI, Lifetime, EarlyDataSize, Acc) ->
                     lock = Lock}, Iter} when Lock =:= undefined orelse
                                              Lock =:= Pid ->
             MaxEarlyData = tls_handshake_1_3:get_max_early_data(Extensions),
-            Age = erlang:system_time(millisecond) - Timestamp,
+            Age = erlang:monotonic_time(millisecond) - Timestamp,
             if Age < Lifetime * 1000 ->
                     case verify_ticket_sni(SNI, TicketSNI) of
                         match ->
@@ -274,7 +274,7 @@ get_tickets(#state{db = Db} = State, Pid, [Key|T], Acc) ->
                ticket = Ticket,
                extensions = Extensions
               } = NewSessionTicket,
-            TicketAge =  erlang:system_time(millisecond) - Timestamp,
+            TicketAge =  erlang:monotonic_time(millisecond) - Timestamp,
             ObfuscatedTicketAge = obfuscate_ticket_age(TicketAge, AgeAdd),
             Identity = #psk_identity{
                           identity = Ticket,
@@ -329,7 +329,7 @@ collect_invalid_tickets(Iter0, Lifetime, Acc) ->
     case gb_trees:next(Iter0) of
         {Key, #data{timestamp = Timestamp,
                     lock = undefined}, Iter} ->
-            Age = erlang:system_time(millisecond) - Timestamp,
+            Age = erlang:monotonic_time(millisecond) - Timestamp,
             if Age < Lifetime * 1000 ->
                     collect_invalid_tickets(Iter, Lifetime, Acc);
                true ->
@@ -343,7 +343,7 @@ collect_invalid_tickets(Iter0, Lifetime, Acc) ->
 
 
 store_ticket(#state{db = Db0, max = Max} = State, Ticket, CipherSuite, SNI, PSK) ->
-    Timestamp = erlang:system_time(millisecond),
+    Timestamp = erlang:monotonic_time(millisecond),
     Size = gb_trees:size(Db0),
     Db1 = if Size =:= Max ->
                   delete_oldest(Db0);
-- 
2.35.3

Places

File 0983-Use-monotonic-time-for-measuring-ticket-age-in-TLS-c.patch of Package erlang

Places