lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Define ticket creation time in TLS 1.2 case as well

Browse Source 
The purpose of this change is to eventually base
the calculation in ssl_ticket.c of the ticket age
when parsing a ticket on the ticket creation time
both in TLS 1.2 and TLS 1.3 case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2023-11-22 09:14:02 +01:00
parent feb577a949
commit d1c106c787
2 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
programs/ssl/ssl_server2.c
View File

@ -1420,7 +1420,6 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
return MBEDTLS_ERR_SSL_INVALID_MAC;
case 2:
return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 3:
/* Creation time in the future. */
session->ticket_creation_time = mbedtls_ms_time() + 1000;
@ -1430,6 +1429,7 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
session->ticket_creation_time = mbedtls_ms_time() -
(7 * 24 * 3600 * 1000 + 1000);
break;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 5:
/* Ticket is valid, but client age is below the lower bound of the tolerance window. */
session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000;