[TLS] init STEK even if time is 1970 (fixes #3075)

(thx DamienT) x-ref: "TLS 1.3 with SessionTicket fail for the first 8 hours of 1970" https://redmine.lighttpd.net/issues/3075
author: Glenn Strauss <gstrauss@gluelogic.com> 2021-03-17 06:11:00 -0400
committer: Glenn Strauss <gstrauss@gluelogic.com> 2021-03-26 07:33:42 -0400
commit: d50d4dc0e557d582a0da4f3116ef1c4ab7a0bd78 (patch)
tree: a95ce2aa75f47e8129f479933cab8a683c6cd32f /src/mod_gnutls.c
parent: dde9df431088697b0a29b71b1f4b68023118468f (diff)
download: lighttpd-git-d50d4dc0e557d582a0da4f3116ef1c4ab7a0bd78.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
index 480ce739..68189575 100644
--- a/src/mod_gnutls.c
+++ b/src/mod_gnutls.c
@@ -407,7 +407,8 @@ mod_gnutls_session_ticket_key_check (server *srv, const plugin_data *p, const ti
         if (stek->expire_ts < cur_ts)
             mod_gnutls_session_ticket_key_free();
     }
-    else if (cur_ts - 86400 >= stek_rotate_ts) {  /*(24 hours)*/
+    else if (cur_ts - 86400 >= stek_rotate_ts     /*(24 hours)*/
+             || 0 == stek_rotate_ts) {
         mod_gnutls_session_ticket_key_rotate(srv);
         stek_rotate_ts = cur_ts;
     }
author	Glenn Strauss <gstrauss@gluelogic.com>	2021-03-17 06:11:00 -0400
committer	Glenn Strauss <gstrauss@gluelogic.com>	2021-03-26 07:33:42 -0400
commit	d50d4dc0e557d582a0da4f3116ef1c4ab7a0bd78 (patch)
tree	a95ce2aa75f47e8129f479933cab8a683c6cd32f /src/mod_gnutls.c
parent	dde9df431088697b0a29b71b1f4b68023118468f (diff)
download	lighttpd-git-d50d4dc0e557d582a0da4f3116ef1c4ab7a0bd78.tar.gz