Change the bottom of tolerance window

The unit of ticket time has been changed to milliseconds. And age difference might be negative Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-10 12:05:56 +08:00 · 2023-11-10 12:05:56 +08:00 · 28e7c554f4
commit 28e7c554f4
parent 3ff0b1fda3
1 changed files with 1 additions and 1 deletions
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -234,7 +234,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
     */
    client_age = obfuscated_ticket_age - session->ticket_age_add;
    age_diff = server_age - client_age;
-    if (age_diff < -1000 ||
+    if (age_diff < -MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE ||
        age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) {
        MBEDTLS_SSL_DEBUG_MSG(
            3, ("Ticket age outside tolerance window ( diff = %"