From 1b8bacff8cbab3d3bf4d2566be240a35c2f65b88 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 27 Jan 2017 15:18:51 +0000 Subject: [PATCH 1/1] Add a TODO around validating the ticket age Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2259) --- ssl/statem/extensions_srvr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 41dd5b6fbb..df1e6c252e 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -711,6 +711,8 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, X509 *x, size_t chainidx, int *al) return 0; } + /* TODO(TLS1.3): Should we validate the ticket age? */ + ret = tls_decrypt_ticket(s, PACKET_data(&identity), PACKET_remaining(&identity), NULL, 0, &sess); if (ret == TICKET_FATAL_ERR_MALLOC || ret == TICKET_FATAL_ERR_OTHER) { -- 2.34.1