eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add maximum ticket lifetime check

Browse source 
Also add comments for age cast

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2023-11-10 13:58:16 +08:00
parent 034a8b77d1
commit 46c7926f74
3 changed files with 15 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
library/ssl_tls13_server.c
View file

@ -3025,8 +3025,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl,
* MAY treat a ticket as valid for a shorter period of time than what
* is stated in the ticket_lifetime.
*/
if (ticket_lifetime > 604800) {
ticket_lifetime = 604800;
if (ticket_lifetime > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) {
ticket_lifetime = MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME;
}
MBEDTLS_PUT_UINT32_BE(ticket_lifetime, p, 0);
MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u",