From 3e0d4785436b50b3924d8e10ce086cc7bfe21dc4 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 29 Sep 2020 11:11:32 -0700
Subject: [PATCH] Fix for sniffer with TLS v1.2 session ticket. Logic broken in
 PR #3044. ZD 10926.

---
 src/sniffer.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/sniffer.c b/src/sniffer.c
index dfaec0538..73b41059a 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2607,8 +2607,8 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
     else
 #endif /* WOLFSSL_TLS13 */
     {
-        /* make sure ticket id isn't too long */
-        if (len > ID_LEN) {
+        /* capture last part of sessionID as macID (32 bytes) */
+        if (len < ID_LEN) {
             SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
             return -1;
         }