commit 08aed4def9ae0fb2f03c5c5fa7a822f4ba065ea0
author Jerry Yu <jerry.h.yu@arm.com> Wed Jul 20 10:36:12 2022 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Wed Jul 20 11:07:29 2022 +0800
tree f4fb3f4f291b37d894c3bbbe4997d5356694b0f6
parent a0446a03448d2d1cbeba7b3d2f5eaa6e919155a0

fix comments and time_t type issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

include/mbedtls/check_config.h

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 5fe9849..b7ad7e9 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -843,6 +843,11 @@
 #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_SSL_TICKET_NONCE_LENGTH) && \
+    MBEDTLS_SSL_TICKET_NONCE_LENGTH >= 256
+#error "MBEDTLS_SSL_TICKET_NONCE_LENGTH must be less than 256"
+#endif
+
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
         !defined(MBEDTLS_X509_CRT_PARSE_C)
 #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"

include/mbedtls/mbedtls_config.h

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index ed673e7..6d50c8d 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1546,7 +1546,7 @@
  *
  * Size in bytes of a ticket nonce. This is not used in TLS 1.2.
  *
- * This must be smaller or equal to 255.
+ * This must be less than 256.
  */
 #define MBEDTLS_SSL_TICKET_NONCE_LENGTH 32
 

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 9703fcb..ca727f9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1185,7 +1185,7 @@
 #endif /* MBEDTLS_SHA256_C  */
 
 #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C)
-    time_t MBEDTLS_PRIVATE(ticket_received);                /*!< time ticket was received */
+    mbedtls_time_t MBEDTLS_PRIVATE(ticket_received);        /*!< time ticket was received */
 #endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */
 
 #endif /*  MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */

library/ssl_tls13_client.c

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 985c9af..93f58e0 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1915,6 +1915,8 @@
 }
 
 /*
+ * From RFC8446, page 74
+ *
  * struct {
  *    uint32 ticket_lifetime;
  *    uint32 ticket_age_add;
@@ -1943,7 +1945,7 @@
     /*
      *    ticket_lifetime   4 bytes
      *    ticket_age_add    4 bytes
-     *    ticket_nonce      >=1 byte
+     *    ticket_nonce_len  1 byte
      */
     MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 9 );
 
@@ -2022,7 +2024,7 @@
 
 #if defined(MBEDTLS_HAVE_TIME)
     /* Store ticket creation time */
-    session->ticket_received = time( NULL );
+    session->ticket_received = mbedtls_time( NULL );
 #endif
 
     ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( session->ciphersuite );