commit 71c6e65d83844da1bc15451743bc44a6db75eca4
author Ronald Cron <ronald.cron@arm.com> Mon Feb 05 16:48:10 2024 +0100
committer Ronald Cron <ronald.cron@arm.com> Mon Feb 05 16:54:37 2024 +0100
tree 84644bcf20afd1a6d811fd83037807b93af5615a
parent 31e2d83eeef6a4dc564b1791a5ab31ecc5a3c593

tls13: ssl_msg.c: Improve/add comments

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 2fe084c..7af9fd2 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -4005,7 +4005,7 @@
                  MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD)) {
                 MBEDTLS_SSL_DEBUG_MSG(
                     3, ("EarlyData: deprotect and discard app data records."));
-                /* TODO: Add max_early_data_size check here. */
+                /* TODO: Add max_early_data_size check here, see issue 6347 */
                 ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
             }
 #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */
@@ -4019,6 +4019,10 @@
             }
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 
+            /*
+             * The decryption of the record failed, no reason to ignore it,
+             * return in error with the decryption error code.
+             */
             return ret;
         }
 
@@ -4127,7 +4131,7 @@
         if (rec->type == MBEDTLS_SSL_MSG_APPLICATION_DATA) {
             MBEDTLS_SSL_DEBUG_MSG(
                 3, ("EarlyData: Ignore application message before 2nd ClientHello"));
-            /* TODO: Add max_early_data_size check here. */
+            /* TODO: Add max_early_data_size check here, see issue 6347 */
             return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
         } else if (rec->type == MBEDTLS_SSL_MSG_HANDSHAKE) {
             ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD;