limit session ticket number when resumption Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

commit: 359e65f78467962af579d25f869c632df3048eb4 [log] [tgz]
author: Jerry Yu <jerry.h.yu@arm.com> Thu Sep 22 23:47:43 2022 +0800
committer: Jerry Yu <jerry.h.yu@arm.com> Thu Sep 22 23:47:43 2022 +0800
tree: d848d2fef1f6281e2f2d5e13e33a1a48ea5a6202
parent: f3bdf9dd5125113d490fbcb3795d530f6979d08e [diff] [blame]
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index e1e52cb..667e596 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c

@@ -2866,7 +2866,14 @@
         MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg(
                                   ssl, buf_len, msg_len ) );
 
-        ssl->handshake->new_session_tickets_count--;
+        /* Limit session tickets count to one when resumption connection.
+         *
+         * See document of mbedtls_ssl_conf_new_session_tickets.
+         */
+        if( ssl->handshake->resume == 1 )
+            ssl->handshake->new_session_tickets_count = 0;
+        else
+            ssl->handshake->new_session_tickets_count--;
 
         mbedtls_ssl_handshake_set_state( ssl,
                                          MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH );
commit	359e65f78467962af579d25f869c632df3048eb4	[log] [tgz]
author	Jerry Yu <jerry.h.yu@arm.com>	Thu Sep 22 23:47:43 2022 +0800
committer	Jerry Yu <jerry.h.yu@arm.com>	Thu Sep 22 23:47:43 2022 +0800
tree	d848d2fef1f6281e2f2d5e13e33a1a48ea5a6202
parent	f3bdf9dd5125113d490fbcb3795d530f6979d08e [diff] [blame]