Add support for the age_add field

    long verify_result;

    ASN1_OCTET_STRING *tlsext_hostname;

    long tlsext_tick_lifetime_hint;

    long tlsext_tick_age_add;

    ASN1_OCTET_STRING *tlsext_tick;

#ifndef OPENSSL_NO_PSK

    ASN1_OCTET_STRING *psk_identity_hint;

#ifndef OPENSSL_NO_SRP

    ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12),

#endif

    ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13)

    ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13),

    ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_age_add, ZLONG, 14)

} static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1)

IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1)

    }

    if (in->ext.tick_lifetime_hint > 0)

        as.tlsext_tick_lifetime_hint = in->ext.tick_lifetime_hint;

    as.tlsext_tick_age_add = in->ext.tick_age_add;

#ifndef OPENSSL_NO_PSK

    ssl_session_sinit(&as.psk_identity_hint, &psk_identity_hint,

                      in->psk_identity_hint);

#endif

    ret->ext.tick_lifetime_hint = as->tlsext_tick_lifetime_hint;

    ret->ext.tick_age_add = as->tlsext_tick_age_add;

    if (as->tlsext_tick) {

        ret->ext.tick = as->tlsext_tick->data;

        ret->ext.ticklen = as->tlsext_tick->length;

        size_t ticklen;      /* Session ticket length */

        /* Session lifetime hint in seconds */

        unsigned long tick_lifetime_hint;

        uint32_t tick_age_add;

        int tick_identity;

    } ext;

# ifndef OPENSSL_NO_SRP

    now = (uint32_t)time(NULL);

    ages = now - (uint32_t)s->session->time;

    if (s->session->ext.tick_lifetime_hint < ages) {

        /* Ticket is too old. Ignore it. */

        return 1;

    }

    /*

     * Calculate age in ms. We're just doing it to nearest second. Should be

     * good enough.

        return 1;

    }

    /* TODO(TLS1.3): Obfuscate the age here */

    /*

     * Obfuscate the age. Overflow here is fine, this addition is supposed to

     * be mod 2^32.

     */

    agems += s->session->ext.tick_age_add;

    cipher = ssl3_get_cipher_by_id(s->session->cipher_id);

    if (cipher == NULL) {

 */

#include <stdio.h>

#include <time.h>

#include "../ssl_locl.h"

#include "statem_locl.h"

#include <openssl/buffer.h>

{

    int al;

    unsigned int ticklen;

    unsigned long ticket_lifetime_hint, add_age;

    unsigned long ticket_lifetime_hint, age_add;

    unsigned int sess_len;

    RAW_EXTENSION *exts = NULL;

    if (!PACKET_get_net_4(pkt, &ticket_lifetime_hint)

        || (SSL_IS_TLS13(s) && !PACKET_get_net_4(pkt, &add_age))

        || (SSL_IS_TLS13(s) && !PACKET_get_net_4(pkt, &age_add))

        || !PACKET_get_net_2(pkt, &ticklen)

        || (!SSL_IS_TLS13(s) && PACKET_remaining(pkt) != ticklen)

        || (SSL_IS_TLS13(s) && (ticklen == 0

        s->session = new_sess;

    }

    /*

     * Technically the cast to long here is not guaranteed by the C standard -

     * but we use it elsewhere, so this should be ok.

     */

    s->session->time = (long)time(NULL);

    OPENSSL_free(s->session->ext.tick);

    s->session->ext.tick = NULL;

    s->session->ext.ticklen = 0;

    }

    s->session->ext.tick_lifetime_hint = ticket_lifetime_hint;

    s->session->ext.tick_age_add = age_add;

    s->session->ext.ticklen = ticklen;

    if (SSL_IS_TLS13(s)) {

        uint32_t age_add;

    } age_add_u;

    if (SSL_IS_TLS13(s)) {

        if (RAND_bytes(age_add_u.age_add_c, sizeof(age_add_u)) <= 0)

            goto err;

        s->session->ext.tick_age_add = age_add_u.age_add;

    }

    /* get session encoding length */

    slen_full = i2d_SSL_SESSION(s->session, NULL);

    /*

               sizeof(tctx->ext.tick_key_name));

    }

    if (SSL_IS_TLS13(s) && RAND_bytes(age_add_u.age_add_c,

                                      sizeof(age_add_u)) <= 0)

        goto err;

    /*

     * Ticket lifetime hint (advisory only): We leave this unspecified

     * for resumed session (for simplicity), and guess that tickets for