Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

commit: 46c7926f747f3980c0dbdef4a2b23b52540b6c9a [log] [tgz]
author: Jerry Yu <jerry.h.yu@arm.com> Fri Nov 10 13:58:16 2023 +0800
committer: Jerry Yu <jerry.h.yu@arm.com> Tue Nov 21 09:58:19 2023 +0800
tree: b24ee7d3c71f1cbcdf771c7b2766d00567f05838
parent: 034a8b77d1f4fcf00196be559178e65e93cdaeab [diff] [blame]
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index e7800f1..5c606e4 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c

@@ -3025,8 +3025,8 @@
      *      MAY treat a ticket as valid for a shorter period of time than what
      *      is stated in the ticket_lifetime.
      */
-    if (ticket_lifetime > 604800) {
-        ticket_lifetime = 604800;
+    if (ticket_lifetime > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) {
+        ticket_lifetime = MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME;
     }
     MBEDTLS_PUT_UINT32_BE(ticket_lifetime, p, 0);
     MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u",
commit	46c7926f747f3980c0dbdef4a2b23b52540b6c9a	[log] [tgz]
author	Jerry Yu <jerry.h.yu@arm.com>	Fri Nov 10 13:58:16 2023 +0800
committer	Jerry Yu <jerry.h.yu@arm.com>	Tue Nov 21 09:58:19 2023 +0800
tree	b24ee7d3c71f1cbcdf771c7b2766d00567f05838
parent	034a8b77d1f4fcf00196be559178e65e93cdaeab [diff] [blame]