From 935f995954aa9b536129c4c01a4e79e9a756813c Mon Sep 17 00:00:00 2001
From: Qian Wang <cbeuw.andy@gmail.com>
Date: Sat, 19 Jan 2019 13:18:13 +0000
Subject: [PATCH] Fix a user input validation

---
 internal/server/auth.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/server/auth.go b/internal/server/auth.go
index 1c2b82c..17a3225 100644
--- a/internal/server/auth.go
+++ b/internal/server/auth.go
@@ -47,7 +47,7 @@ func TouchStone(ch *ClientHello, sta *State) (isSS bool, UID []byte, sessionID u
 	sta.putUsedRandom(random)
 
 	ticket := ch.extensions[[2]byte{0x00, 0x23}]
-	if len(ticket) < 64 {
+	if len(ticket) < 68 {
 		return false, nil, 0
 	}
 	UID, sessionID, err := decryptSessionTicket(sta.staticPv, ticket)