diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 8e4572619..9480de006 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1635,8 +1635,11 @@ /** * \def MBEDTLS_SSL_EARLY_DATA * -* Allows to add functionality for TLS/DTLS 1.3 early data. +* Enable support for RFC 8446 TLS 1.3 early data. * +* Requires: MBEDTLS_SSL_PROTO_TLS1_3 +* +* Comment this to disable support for early data. */ //#define MBEDTLS_SSL_EARLY_DATA diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 57c07b4d0..b8e12ecba 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -332,9 +332,6 @@ #define MBEDTLS_SSL_EARLY_DATA_DISABLED 0 #define MBEDTLS_SSL_EARLY_DATA_ENABLED 1 -#define MBEDTLS_SSL_EARLY_DATA_OFF 0 -#define MBEDTLS_SSL_EARLY_DATA_ON 1 - #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1 @@ -1921,8 +1918,8 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * \brief Set the early_data mode * Default: disabled on server and client * -* \param ssl SSL context -* \param early_data can be: +* \param conf The SSL configuration to use. +* \param early_data_enabled can be: * * MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality will not be used * (default on server) @@ -1934,9 +1931,6 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * lack of replay protection of the early data application * payloads. * -* \param max_early_data Max number of bytes allowed for early data (server only). -* \param early_data_callback Callback function when early data is received (server -* only). */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, diff --git a/library/ssl_misc.h b/library/ssl_misc.h index c02ff58b5..41bb9c514 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -243,9 +243,6 @@ /* Maximum size in bytes of list in supported elliptic curve ext., RFC 4492 */ #define MBEDTLS_SSL_MAX_CURVE_LIST_LEN 65535 -/* Maximum amount of early data to buffer on the server. */ -#define MBEDTLS_SSL_MAX_EARLY_DATA 1024 - #define MBEDTLS_RECEIVED_SIG_ALGS_SIZE 20 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 5f895932a..976a13471 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1084,7 +1084,7 @@ cleanup: void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf, int early_data_enabled ) { - conf->early_data_enabled = early_data; + conf->early_data_enabled = early_data_enabled; } #endif /* MBEDTLS_SSL_EARLY_DATA */