Rewrite timeout computation in a way that is less prone to overflow.

(Problem reported by Peter Sylvester.)
This commit is contained in:
Bodo Möller 2005-12-30 23:52:20 +00:00
parent 21a0819274
commit d9ba7079b8

View file

@ -377,7 +377,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
#endif
if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
{
s->ctx->stats.sess_timeout++;
/* remove it from the cache */