mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:10:48 +02:00
3234f66cf3
DoTls13NewSessionTicket rejects a ticket lifetime greater than MAX_LIFETIME (RFC 8446 Section 4.6.1, 7 days), but no test exercised the rejection: every server in the suite stays well within the limit, so a mutation deleting that bound check would go unnoticed. Add a manual memio test that pokes ctx_s->ticketHint to MAX_LIFETIME + 1 (the public setter clamps to 604800), runs a full TLS 1.3 handshake, and reads the post-handshake NewSessionTicket on the client. The test confirms the over-limit lifetime surfaces from wolfSSL_read as SERVER_HINT_ERROR. F-2121
Before creating any new configure files (.conf) read the CONF_FILES_README.md