From 1101841b9538bc3dd41472e591627017119942c9 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Thu, 19 Dec 2024 14:26:22 -0700
Subject: [PATCH] Loosen MAX_PSK_ID_LEN check in TLSX_PopulateExtensions() to
 only server side

---
 src/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls.c b/src/tls.c
index 2bc19532b7..1f1bbc3fe4 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -13781,7 +13781,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
                 word64 now, milli;
             #endif
 
-                if (sess->ticketLen > MAX_PSK_ID_LEN) {
+                if (isServer && (sess->ticketLen > MAX_PSK_ID_LEN)) {
                     WOLFSSL_MSG("Session ticket length for PSK ext is too large");
                     return BUFFER_ERROR;
                 }