Merge pull request #8212 from tom-cosgrove-arm/mbedtls_ssl_max_early_data_size-default-value
MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config
This commit is contained in:
Gilles Peskine
GitHub
commit
865730ec67
3 changed files with 28 additions and 21 deletions
|
|
@ -830,10 +830,10 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
|
||||
( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \
|
||||
( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 ) || \
|
||||
( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
|
||||
#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)"
|
||||
defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) && \
|
||||
((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) || \
|
||||
(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX))
|
||||
#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
|
||||
|
|
|
|||
|
|
@ -1830,26 +1830,12 @@
|
|||
* This feature is experimental, not completed and thus not ready for
|
||||
* production.
|
||||
*
|
||||
* \note The maximum amount of early data can be set with
|
||||
* MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_SSL_EARLY_DATA
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
|
||||
*
|
||||
* The default maximum amount of 0-RTT data. See the documentation of
|
||||
* \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
|
||||
*
|
||||
* It must be positive and smaller than UINT32_MAX.
|
||||
*
|
||||
* If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
|
||||
* have any impact on the build.
|
||||
*
|
||||
* This feature is experimental, not completed and thus not ready for
|
||||
* production.
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_PROTO_DTLS
|
||||
*
|
||||
|
|
@ -4040,6 +4026,23 @@
|
|||
*/
|
||||
//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
|
||||
*
|
||||
* The default maximum amount of 0-RTT data. See the documentation of
|
||||
* \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
|
||||
*
|
||||
* It must be positive and smaller than UINT32_MAX.
|
||||
*
|
||||
* If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
|
||||
* have any impact on the build.
|
||||
*
|
||||
* This feature is experimental, not completed and thus not ready for
|
||||
* production.
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
|
||||
*
|
||||
|
|
|
|||
|
|
@ -405,6 +405,10 @@
|
|||
#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)
|
||||
#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE)
|
||||
#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue