Merge pull request #8302 from cconlon/sessTickLenCheck

Loosen MAX_PSK_ID_LEN check in TLSX_PopulateExtensions() to only server side
2024-12-20 08:44:10 +10:00
parent 8fa238e554 1101841b95
commit 00f83facb2
1 changed files with 1 additions and 1 deletions
--- a/src/tls.c
+++ b/src/tls.c
@ -13781,7 +13781,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
                word64 now, milli;
            #endif

-                if (sess->ticketLen > MAX_PSK_ID_LEN) {
+                if (isServer && (sess->ticketLen > MAX_PSK_ID_LEN)) {
                    WOLFSSL_MSG("Session ticket length for PSK ext is too large");
                    return BUFFER_ERROR;
                }