Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 35ac5b7500f4beb3061e6da48adb112e3067501b^! / . / ssl / test / test_config.cc
commit35ac5b7500f4beb3061e6da48adb112e3067501b[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Mar 03 15:05:56 2017 -0500
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Wed Mar 08 14:59:01 2017 +0000
tree44cf6f31b5d5aa0ccad69656368ed6f8eaa5ca17
parentfe36672bf5baa3d407be2a6fb61ed9d9c1cc6dc4 [diff] [blame]
Export server-side ticket_age skew.

We'll measure this value to guide what tolerance to use in the 0-RTT
anti-replay mechanism. This also fixes a bug where we were previously
minting ticket_age_add-less tickets on the server. Add a check to reject
all those tickets.

BUG=113

Change-Id: I68e690c0794234234e0d0500b4b9a7f79aea641e
Reviewed-on: https://boringssl-review.googlesource.com/14068
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc
index fefe376..e581581 100644
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc

@@ -180,6 +180,7 @@
   { "-resumption-delay", &TestConfig::resumption_delay },
   { "-max-send-fragment", &TestConfig::max_send_fragment },
   { "-read-size", &TestConfig::read_size },
+  { "-expect-ticket-age-skew", &TestConfig::expect_ticket_age_skew },
 };
 
 const Flag<std::vector<int>> kIntVectorFlags[] = {