Commit c8b0b028 authored by Vladimír Čunát's avatar Vladimír Čunát

daemon/tls session tickets: avoid bad scheduling cycles

This should fix #385: possible floods with
> scheduling rotation check in 0 ms
parent 5914bc61
Pipeline #38067 passed with stages
in 8 minutes and 25 seconds
Bugfixes
--------
- TLS session resumption: avoid bad scheduling of rotation (#385)
Knot Resolver 2.4.0 (2018-07-03)
================================
......
......@@ -207,7 +207,8 @@ static void tst_key_check(uv_timer_t *timer, bool force_update)
const time_t tv_sec_next = (epoch + 1) * TST_KEY_LIFETIME;
const uint64_t ms_until_second = 1000 - (now.tv_usec + 501) / 1000;
const uint64_t remain_ms = (tv_sec_next - now.tv_sec - 1) * (uint64_t)1000
+ ms_until_second;
+ ms_until_second + 1;
/* ^ +1 because we don't want to wake up half a millisecond before the epoch! */
assert(remain_ms < (TST_KEY_LIFETIME + 1 /*rounding tolerance*/) * 1000);
kr_log_verbose("[tls] session ticket: epoch %"PRIu64
", scheduling rotation check in %"PRIu64" ms\n",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment