From bdb936b7a5da71a6bcaab605852cfb433536a366 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sat, 7 Jan 2023 16:07:46 +0800
Subject: [PATCH] Workaround anti replay fail of GnuTLS

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_tls13_client.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 08d492487..b8ca482b8 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -947,6 +947,16 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext(
         uint32_t obfuscated_ticket_age =
                                 (uint32_t)( now - session->ticket_received );
 
+        /* Workaround for anti replay fail of GnuTLS server.
+         *
+         * The time unit of ticket age is milliseconds, but current unit is
+         * seconds. If the ticket was received at the end of first second and
+         * sent in next second, GnuTLS think it is replay attack.
+         *
+         */
+        if( obfuscated_ticket_age > 0 )
+            obfuscated_ticket_age -= 1;
+
         obfuscated_ticket_age *= 1000;
         obfuscated_ticket_age += session->ticket_age_add;