From 6c794faa46c7577228794c44c71b0fed3c42842a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 21 Aug 2018 13:55:31 +0100
Subject: [PATCH] Fix bug in SSL ticket implementation removing keys of age <
 1s

Fixes #1968.
---
 library/ssl_ticket.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 4d9116d21..ad2d52645 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -101,7 +101,7 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
         uint32_t current_time = (uint32_t) mbedtls_time( NULL );
         uint32_t key_time = ctx->keys[ctx->active].generation_time;
 
-        if( current_time > key_time &&
+        if( current_time >= key_time &&
             current_time - key_time < ctx->ticket_lifetime )
         {
             return( 0 );