Fix bug in SSL ticket implementation removing keys of age < 1s

Fixes Mbed-TLS#1968.
hanno-becker · Aug 21, 2018 · aa71500 · aa71500
1 parent 1d73993
commit aa71500
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
@@ -97,7 +97,7 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
         uint32_t current_time = (uint32_t) mbedtls_time( NULL );
         uint32_t key_time = ctx->keys[ctx->active].generation_time;
 
-        if( current_time > key_time &&
+        if( current_time >= key_time &&
             current_time - key_time < ctx->ticket_lifetime )
         {
             return( 0 );