adjust type for max tickets variable and number sent with WOLFSSL_TLS13_TICKET_BEFORE_FINISHED macro

src/ssl.c

@@ -3038,7 +3038,7 @@ int wolfSSL_CTX_set_num_tickets(WOLFSSL_CTX* ctx, size_t mxTickets)
     if (ctx == NULL)
         return WOLFSSL_FAILURE;
 
-    ctx->maxTicketTls13 = mxTickets;
+    ctx->maxTicketTls13 = (unsigned int)mxTickets;
     return WOLFSSL_SUCCESS;
 }
 
@@ -3050,7 +3050,7 @@ size_t wolfSSL_CTX_get_num_tickets(WOLFSSL_CTX* ctx)
     if (ctx == NULL)
         return 0;
 
-    return ctx->maxTicketTls13;
+    return (size_t)ctx->maxTicketTls13;
 }
 #endif /* !NO_WOLFSSL_SERVER */
 

src/tls13.c

@@ -9168,9 +9168,6 @@ const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, const char* hash)
  */
 int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
 {
-#ifdef HAVE_SESSION_TICKET
-    byte ticketsSent; /* count for number of tickets sent */
-#endif
 #if !defined(NO_CERTS) && (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK))
     word16 havePSK = 0;
 #endif
@@ -9432,6 +9429,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
                     return WOLFSSL_FATAL_ERROR;
                 }
             }
+            ssl->options.ticketsSent = 1;
     #endif
 #endif /* HAVE_SESSION_TICKET */
             ssl->options.acceptState = TLS13_PRE_TICKET_SENT;
@@ -9451,13 +9449,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
 
         case TLS13_ACCEPT_FINISHED_DONE :
 #ifdef HAVE_SESSION_TICKET
-            for (ticketsSent = 0; ticketsSent < ssl->options.maxTicketTls13;
+            while (ssl->options.ticketsSent < ssl->options.maxTicketTls13) {
-                    ticketsSent++) {
-        #ifdef WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
-                if (!ssl->options.verifyPeer) {
-                }
-                else
-        #endif
                 if (!ssl->options.noTicketTls13 && ssl->ctx->ticketEncCb
                         != NULL) {
                     if ((ssl->error = SendTls13NewSessionTicket(ssl)) != 0) {
@@ -9465,6 +9457,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
                         return WOLFSSL_FATAL_ERROR;
                     }
                 }
+                ssl->options.ticketsSent++;
 
                 /* only one session ticket is sent on session resumption */
                 if (ssl->options.resuming) {

wolfssl/internal.h

@@ -2841,7 +2841,9 @@ struct WOLFSSL_CTX {
     byte        noTicketTls12:1;  /* TLS 1.2 server won't send ticket */
 #endif
 #ifdef WOLFSSL_TLS13
-    byte        maxTicketTls13;   /* maximum number of tickets to send */
+    #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
+    unsigned int maxTicketTls13;  /* maximum number of tickets to send */
+    #endif
     byte        noTicketTls13:1;  /* TLS 1.3 Server won't create new Ticket */
     byte        noPskDheKe:1;     /* Don't use (EC)DHE with PSK */
 #endif
@@ -3568,6 +3570,10 @@ typedef struct Options {
 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)
     unsigned long     mask; /* store SSL_OP_ flags */
 #endif
+#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
+    unsigned int      maxTicketTls13;  /* maximum number of tickets to send */
+    unsigned int      ticketsSent;     /* keep track of the total sent */
+#endif
 
     /* on/off or small bit flags, optimize layout */
 #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
@@ -3627,7 +3633,6 @@ typedef struct Options {
     word16            rejectTicket:1;     /* Callback rejected ticket */
     word16            noTicketTls12:1;    /* TLS 1.2 server won't send ticket */
 #ifdef WOLFSSL_TLS13
-    byte              maxTicketTls13;     /* maximum number of tickets to send */
     word16            noTicketTls13:1;    /* Server won't create new Ticket */
 #endif
 #endif