commit cf9135100eb57d4e0d5f2861418eafd97da3f877
author Jerry Yu <jerry.h.yu@arm.com> Tue Nov 14 11:06:52 2023 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Tue Nov 21 09:58:19 2023 +0800
tree 96dcca655b0e3b6decc149b7e588915efb4bc141
parent 342a555eefd27dc20c44489de597477c5839879a

fix various issues

- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

programs/ssl/ssl_server2.c

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 1bfa529..f85bc1a 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1422,18 +1422,15 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
         case 3:
             /* Creation time in the future. */
-            session->ticket_creation_time = mbedtls_ms_time() +
-                                            MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE +
-                                            4 * 1000;
+            session->ticket_creation_time = mbedtls_ms_time() + 1000;
             break;
         case 4:
-            /* Ticket reaches the end of lifetime. */
-            session->ticket_creation_time = mbedtls_ms_time() - session->ticket_lifetime -
-                                            MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000;
+            /* Ticket has reached the end of lifetime. */
+            session->ticket_creation_time = mbedtls_ms_time() -
+                                            (7 * 24 * 3600 * 1000 + 1000);
             break;
         case 5:
-            /* Ticket is valid, but client age is beyond the upper bound of tolerance window. */
-
+            /* Ticket is valid, but client age is below the upper bound of tolerance window. */
             session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000;
             /* Make sure the execution time does not affect the result */
             session->ticket_creation_time = mbedtls_ms_time();