Fix bug in SSL ticket implementation removing keys of age < 1s

Fixes #1968.
2018-08-21 13:55:31 +01:00 · 2018-08-21 13:55:31 +01:00 · aa71500173
commit aa71500173
parent 1d7399351e
1 changed files with 1 additions and 1 deletions
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@ -97,7 +97,7 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
        uint32_t current_time = (uint32_t) mbedtls_time( NULL );
        uint32_t key_time = ctx->keys[ctx->active].generation_time;

-        if( current_time > key_time &&
+        if( current_time >= key_time &&
            current_time - key_time < ctx->ticket_lifetime )
        {
            return( 0 );