From f0e39acb58990d7fe659770674261cd6829bdc02 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Thu, 15 Aug 2013 11:40:48 +0200
Subject: [PATCH 1/2] Fixed unitialized n when resuming a session

---
 library/ssl_srv.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 0dbcdb5ed..9ae25f5f7 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1484,7 +1484,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
         }
         else
         {
-            ssl->session_negotiate->length = 0;
+            ssl->session_negotiate->length = n = 0;
             memset( ssl->session_negotiate->id, 0, 32 );
         }
 #else
@@ -1499,6 +1499,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
         /*
          * Resuming a session
          */
+        n = ssl->session_negotiate->length;
         ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC;
 
         if( ( ret = ssl_derive_keys( ssl ) ) != 0 )

From 606b4ba20f0d95d4fd3d0965601b3aaa380c744d Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Wed, 14 Aug 2013 16:52:14 +0200
Subject: [PATCH 2/2] Session ticket expiration checked on server

---
 include/polarssl/config.h |  1 +
 include/polarssl/error.h  |  2 +-
 include/polarssl/ssl.h    | 17 +++++++++++++++++
 library/error.c           |  2 ++
 library/ssl_srv.c         | 10 ++++++++++
 library/ssl_tls.c         | 11 +++++++++++
 6 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 6fa95c433..22faf0438 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -1332,6 +1332,7 @@
 // SSL options
 //
 #define SSL_MAX_CONTENT_LEN             16384 /**< Size of the input / output buffer */
+#define SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
 
 #endif /* POLARSSL_CONFIG_OPTIONS */
 
diff --git a/include/polarssl/error.h b/include/polarssl/error.h
index 48de009ee..45a66401a 100644
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h
@@ -84,7 +84,7 @@
  * ECP      4   4 (Started from top)
  * MD       5   4
  * CIPHER   6   5
- * SSL      6   4 (Started from top)
+ * SSL      6   5 (Started from top)
  * SSL      7   31
  *
  * Module dependent error code (5 bits 0x.08.-0x.F8.)
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index f45d00e55..ed11e1e4a 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -109,6 +109,7 @@
 #define POLARSSL_ERR_SSL_COMPRESSION_FAILED                -0x6F00  /**< Processing of the compression / decompression failed */
 #define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION           -0x6E80  /**< Handshake protocol not within min/max boundaries */
 #define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET         -0x6E00  /**< Processing of the NewSessionTicket handshake message failed. */
+#define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED            -0x6D80  /**< Session ticket has expired. */
 
 
 /*
@@ -158,6 +159,10 @@
 #define SSL_SESSION_TICKETS_DISABLED     0
 #define SSL_SESSION_TICKETS_ENABLED      1
 
+#if !defined(POLARSSL_CONFIG_OPTIONS)
+#define SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
+#endif /* !POLARSSL_CONFIG_OPTIONS */
+
 /*
  * Size of the input / output buffer.
  * Note: the RFC defines the default size of SSL / TLS messages. If you
@@ -592,7 +597,10 @@ struct _ssl_context
     int allow_legacy_renegotiation;     /*!<  allow legacy renegotiation     */
     const int *ciphersuite_list[4];     /*!<  allowed ciphersuites / version */
     int trunc_hmac;                     /*!<  negotiate truncated hmac?      */
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
     int session_tickets;                /*!<  use session tickets?    */
+    int ticket_lifetime;                /*!<  session ticket lifetime */
+#endif
 
 #if defined(POLARSSL_DHM_C)
     mpi dhm_P;                          /*!<  prime modulus for DHM   */
@@ -1065,6 +1073,15 @@ int ssl_set_truncated_hmac( ssl_context *ssl, int truncate );
  *                 or a specific error code (server only).
  */
 int ssl_set_session_tickets( ssl_context *ssl, int use_tickets );
+
+/**
+ * \brief          Set session ticket lifetime (server only)
+ *                 (Default: SSL_DEFAULT_TICKET_LIFETIME (86400 secs / 1 day))
+ *
+ * \param ssl      SSL context
+ * \param lifetime session ticket lifetime
+ */
+void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime );
 #endif /* POLARSSL_SSL_SESSION_TICKETS */
 
 /**
diff --git a/library/error.c b/library/error.c
index 94d8dc11d..23f4a85d7 100644
--- a/library/error.c
+++ b/library/error.c
@@ -371,6 +371,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
             snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" );
         if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) )
             snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" );
+        if( use_ret == -(POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED) )
+            snprintf( buf, buflen, "SSL - Session ticket has expired" );
 #endif /* POLARSSL_SSL_TLS_C */
 
 #if defined(POLARSSL_X509_PARSE_C)
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 9ae25f5f7..7de15779a 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -288,6 +288,16 @@ static int ssl_parse_ticket( ssl_context *ssl,
         return( ret );
     }
 
+#if defined(POLARSSL_HAVE_TIME)
+    /* Check if still valid */
+    if( (int) ( time( NULL) - session.start ) > ssl->ticket_lifetime )
+    {
+        SSL_DEBUG_MSG( 1, ( "session ticket expired" ) );
+        memset( &session, 0, sizeof( ssl_session ) );
+        return( POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED );
+    }
+#endif
+
     /*
      * Keep the session ID sent by the client, since we MUST send it back to
      * inform him we're accepting the ticket  (RFC 5077 section 3.4)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2585d6e23..bb605b91a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2898,6 +2898,10 @@ int ssl_init( ssl_context *ssl )
     ssl->hostname = NULL;
     ssl->hostname_len = 0;
 
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
+    ssl->ticket_lifetime = SSL_DEFAULT_TICKET_LIFETIME;
+#endif
+
     if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
         return( ret );
 
@@ -3016,8 +3020,10 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint )
 {
     ssl->endpoint   = endpoint;
 
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
     if( endpoint == SSL_IS_CLIENT )
         ssl->session_tickets = SSL_SESSION_TICKETS_ENABLED;
+#endif
 }
 
 void ssl_set_authmode( ssl_context *ssl, int authmode )
@@ -3278,6 +3284,11 @@ int ssl_set_session_tickets( ssl_context *ssl, int use_tickets )
 
     return( ssl_ticket_keys_init( ssl ) );
 }
+
+void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime )
+{
+    ssl->ticket_lifetime = lifetime;
+}
 #endif /* POLARSSL_SSL_SESSION_TICKETS */
 
 /*