From: Abel Tom <abeltom.kernel@gmail.com>
Date: Wed, 17 Jun 2026 07:56:46 +0000 (+0200)
Subject: Enforce RFC 8446 ticket lifetime limit for TLS 1.3 client
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5a85e4152d817749400b0e30ebbbcce738fbfbb5;p=thirdparty%2Fopenssl.git

Enforce RFC 8446 ticket lifetime limit for TLS 1.3 client

Add client-side validation to check if session ticket lifetime
hints exceeds 7 days in TLS1.3 connections and caps it to the
maximum value of 7 days(604800 seconds).

Modified `CHANGES.md` with the description of updated change.

Resolves: #30808

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Thu Jun 18 12:25:33 2026
(Merged from https://github.com/openssl/openssl/pull/31174)
---

diff --git a/CHANGES.md b/CHANGES.md
index 37aec14608e..450d5defdce 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -201,6 +201,18 @@ OpenSSL Releases
 
    *Dimitri John Ledkov*
 
+ * Add client-side validation for TLS 1.3 session ticket lifetimes.
+
+   In accordance with [RFC 8446 Section 4.6.1](https://datatracker.ietf.org/doc/html/rfc8446#section-4.6.1),
+   TLS 1.3 clients must not cache session tickets
+   for longer than 7 days (604800 seconds).
+   When processing a new session ticket message with a
+   `ticket_lifetime_hint` value greater than 7 days,
+   the client now caps the lifetime to the
+   maximum permitted value of 7 days (604800 seconds).
+
+   *Abel Thomas*
+
 ### Changes between 3.6 and 4.0.0 [14 Apr 2026]
 
  * Added `-expected-rpks` option to the `openssl s_client`
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 00ca50a3e62..6c77296c312 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -3172,6 +3172,14 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL_CONNECTION *s,
     if (SSL_CONNECTION_IS_TLS13(s)) {
         PACKET extpkt;
 
+        /*
+         * Fulfilling RFC8446:4.6.1 requirement: Clients MUST NOT cache
+         * tickets for longer than 7 days.
+         */
+        if (ticket_lifetime_hint > 604800) {
+            ticket_lifetime_hint = 604800;
+        }
+
         if (!PACKET_as_length_prefixed_2(pkt, &extpkt)
             || PACKET_remaining(pkt) != 0) {
             SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);