fix various issues
- disable reuse of max_early_data_size.
- make conf_early_data available for server.
- various comment issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index edc1a98..7ed735e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1524,14 +1524,12 @@
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_SSL_EARLY_DATA)
-#if defined(MBEDTLS_SSL_CLI_C)
int MBEDTLS_PRIVATE(early_data_enabled); /*!< Early data enablement:
* - MBEDTLS_SSL_EARLY_DATA_DISABLED,
* - MBEDTLS_SSL_EARLY_DATA_ENABLED */
-#endif /* MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_SRV_C)
- /* The maximium amount of 0-RTT data. RFC 8446 section 4.6.1 */
+ /* The maximum amount of 0-RTT data. RFC 8446 section 4.6.1 */
uint32_t MBEDTLS_PRIVATE(max_early_data_size);
#endif /* MBEDTLS_SSL_SRV_C */
@@ -1951,7 +1949,6 @@
void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA)
-#if defined(MBEDTLS_SSL_CLI_C)
/**
* \brief Set the early data mode
* Default: disabled on server and client
@@ -1973,19 +1970,27 @@
*/
void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf,
int early_data_enabled );
-#endif /* MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_SRV_C)
/**
- * \brief Set the max_early_data_size parameter.
+ * \brief Set the maximum amount of 0-RTT data in bytes
+ * Default: #MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
+ *
+ * This function sets the value of the max_early_data_size
+ * field of the early data indication extension included in
+ * the NewSessionTicket messages that the server may send.
+ *
+ * The value defines the maximum amount of 0-RTT data
+ * in bytes that a client will be allowed to send when using
+ * one of the tickets defined by the NewSessionTicket messages.
+ *
+ * \note When resuming a session using a ticket, if the server receives more
+ * early data than allowed for the ticket, it terminates the connection.
+ * The maximum amount of 0-RTT data should thus be large enough
+ * to allow a minimum of early data to be exchanged.
*
* \param[in] conf The SSL configuration to use.
* \param[in] max_early_data_size The maximum amount of 0-RTT data.
- * - 0 Disable 0-RTT feature.
- *
- * \note max_early_data_size MUST be smaller than
- * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. Otherwise,
- * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE will be used.
*
* \warning This interface is experimental and may change without notice.
*