commit e34f124ff107783c31c18308af8fd9febc2b74eb
author Ronald Cron <ronald.cron@arm.com> Wed Nov 22 08:14:07 2023 +0100
committer Ronald Cron <ronald.cron@arm.com> Mon Jan 15 08:56:40 2024 +0100
tree b44cc585a92d2a74008240d4b13f3761050989b7
parent 3c3e2e62f699c285931f80229307db4c6753adcb

ssl_ticket.c: Remove pedantic server endpoint check

When calculating the ticket age, remove the check
that the endpoint is a server. The module is
supposed to be used only server side. Furthermore,
if such check was necessary, it should be at the
beginning of all ssl_ticket.c APIs. As there is no
such protection in any API, just remove the check.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/ssl_ticket.c

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index b47af86..e47cf42 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -498,10 +498,8 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
     if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
         /* Check for expiration */
-        mbedtls_ms_time_t ticket_age = -1;
-        if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
-            ticket_age = mbedtls_ms_time() - session->ticket_creation_time;
-        }
+        mbedtls_ms_time_t ticket_age = mbedtls_ms_time() -
+                                       session->ticket_creation_time;
         mbedtls_ms_time_t ticket_lifetime =
             (mbedtls_ms_time_t) ctx->ticket_lifetime * 1000;