[TLS 1.3] Callback for deterministic timestamps#2975
[TLS 1.3] Callback for deterministic timestamps#2975reneme wants to merge 1 commit intodev/tls-13from
Conversation
randombit
left a comment
There was a problem hiding this comment.
One minor comment but otherwise lgtm
| return std::chrono::duration_cast<std::chrono::seconds>( | ||
| std::chrono::system_clock::now() - m_start_time); | ||
| } | ||
| std::chrono::seconds age() const; |
There was a problem hiding this comment.
I think it would be better to pass the Callback& to age rather than have it be a member variable.
There was a problem hiding this comment.
Or perhaps instead of having an age function at all, just expose start_time and in the code that needs the age, have it invoke the Callback& directly, eg auto age = cb.tls_current_timestamp() - record.start_time()
There was a problem hiding this comment.
In fact this method doesn't seem to be used at all anymore in the TLS 1.2 code base.
|
Can we merge this directly to master instead of into the 1.3 branch? |
Sure. I'll need to disentangle the RFC 8448 test though. Will look into it tomorrow. |
|
@reneme I was deleting old branches of closed PRs but possibly some of the logic here is still needed? |
|
Not that I'm aware of. I think the important bits found their way into master already. |
The new
TLS::Callbacks::tls_current_timestamp()provides a tap to influence the timestamps required in the TLS stack. This is particularly useful when deterministic timestamps are required for testing purposes.Examples are the BoGo
-resumption-delayshim flag and also the 0-RTT test in RFC 8448. Both depend on this callback to hit timestamps with millisecond precision and no grace period. Relevant tests that depend on this machinery are coming with the TLS 1.3 session resumption but the test facilities in the BoGo shim and RFC 8448 test case are already introduced here.In its default implementation the callback returns
std::chrono::system_clock::now().