Fix various issues cause rebase to latest code
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index f932901..3918639 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -842,9 +842,6 @@
"but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
#endif
-/* Early data requires MBEDTLS_SSL_SESSION_TICKETS and SOME_PSK related
- * mode defined
- */
#if defined(MBEDTLS_SSL_EARLY_DATA) && \
( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \
( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 12d503e..3f869b9 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1648,7 +1648,7 @@
* production.
*
*/
-//#define MBEDTLS_SSL_EARLY_DATA
+#define MBEDTLS_SSL_EARLY_DATA
/**
* \def MBEDTLS_SSL_PROTO_DTLS
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5294ec2..6829fd7 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -816,9 +816,12 @@
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION \
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
-#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA \
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION << 1
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ( 1U << 3 )
+#define MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK \
+ ( MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA )
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
/**
* \brief Callback type: server-side session cache getter
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 405cce0..d276a95 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2542,7 +2542,6 @@
switch( extension_type )
{
case MBEDTLS_TLS_EXT_EARLY_DATA:
- MBEDTLS_SSL_DEBUG_MSG( 4, ( "early_data extension received" ) );
if( extension_data_len != 4 )
{
MBEDTLS_SSL_PEND_FATAL_ALERT(
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 0479038..761c00e 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1395,13 +1395,14 @@
((void) ssl);
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
- MBEDTLS_SSL_DEBUG_MSG(
- 3, ( "client hello, adding early_data extension" ) );
MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EARLY_DATA, p, 0 );
MBEDTLS_PUT_UINT16_BE( 0, p, 2 );
*out_len = 4;
+
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_EARLY_DATA );
+
return( 0 );
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 186ac18..6aa295d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2504,12 +2504,6 @@
}
}
-#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
- /* TODO: We can log the actual early data status after we define
- * the API mbedtls_ssl_get_early_data_status.
- */
-#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* 5. Verify the server certificate
@@ -3220,12 +3214,6 @@
mbedtls_printf( " ok\n" );
-#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
- /* TODO: We can log the actual early data status when reconnect
- * after we define the API mbedtls_ssl_get_early_data_status.
- */
-#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */
-
goto send_request;
}