commit d146a37d564f2ff72499d42453f7a77a7f50d236
author Jerry Yu <jerry.h.yu@arm.com> Tue Dec 06 12:33:48 2022 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Tue Dec 06 14:56:54 2022 +0800
tree e6b4c29916de85267660c5936c2f6b4262cc55a6
parent 2c93fc15449545bfce5aad483af0b4b335717e48

Change the definition of max_early_data_size argument.

`conf_max_early_data_size` does not reuse as en/disable. When
call it, we should call `conf_early_data()` also.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

programs/ssl/ssl_server2.c

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 00f0c92..29a140a 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -427,10 +427,9 @@
 
 #if defined(MBEDTLS_SSL_EARLY_DATA)
 #define USAGE_EARLY_DATA \
-    "    max_early_data_size=%%d default: 0 (disabled)\n"             \
-    "                            options: 0     (disabled), "           \
-    "                                     -1    (enabled, builtin max size), " \
-    "                                     n > 0 (enabled, max amount of early data )\n"
+    "    max_early_data_size=%%d default: -1 (disabled)\n"             \
+    "                            options: -1 (disabled), "           \
+    "                                     >= 0 (enabled, max amount of early data )\n"
 #else
 #define USAGE_EARLY_DATA ""
 #endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -1547,6 +1546,9 @@
      };
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
 
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+    int tls13_early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED;
+#endif
 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
     mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
 #if defined(MBEDTLS_MEMORY_DEBUG)
@@ -1897,7 +1899,14 @@
 #if defined(MBEDTLS_SSL_EARLY_DATA)
         else if( strcmp( p, "max_early_data_size" ) == 0 )
         {
-            opt.max_early_data_size = atoi( q );
+            long long value = atoll( q );
+            tls13_early_data_enabled =
+                value >= 0 ? MBEDTLS_SSL_EARLY_DATA_ENABLED :
+                             MBEDTLS_SSL_EARLY_DATA_DISABLED;
+            if( tls13_early_data_enabled )
+            {
+                opt.max_early_data_size = atoi( q );
+            }
         }
 #endif /* MBEDTLS_SSL_EARLY_DATA */
         else if( strcmp( p, "renegotiation" ) == 0 )
@@ -2896,7 +2905,12 @@
         mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list );
 
 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    mbedtls_ssl_tls13_conf_max_early_data_size( &conf, opt.max_early_data_size );
+    mbedtls_ssl_tls13_conf_early_data( &conf, tls13_early_data_enabled );
+    if( tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED )
+    {
+        mbedtls_ssl_tls13_conf_max_early_data_size(
+            &conf, opt.max_early_data_size );
+    }
 #endif /* MBEDTLS_SSL_EARLY_DATA */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)