From 2cd5ce0c6b41dbe69c39c3cda2bd491a04d9effb Mon Sep 17 00:00:00 2001
From: Xiaokang Qian <xiaokang.qian@arm.com>
Date: Tue, 15 Nov 2022 10:33:53 +0000
Subject: [PATCH] Fix various issues cause rebase to latest code

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
---
 include/mbedtls/check_config.h   |  3 ---
 include/mbedtls/mbedtls_config.h |  2 +-
 include/mbedtls/ssl.h            |  7 +++++--
 library/ssl_tls13_client.c       |  1 -
 library/ssl_tls13_generic.c      |  5 +++--
 programs/ssl/ssl_client2.c       | 12 ------------
 6 files changed, 9 insertions(+), 21 deletions(-)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index f932901ec6..3918639719 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -842,9 +842,6 @@
         "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
 #endif
 
-/* Early data requires MBEDTLS_SSL_SESSION_TICKETS and SOME_PSK related
- * mode defined
- */
 #if defined(MBEDTLS_SSL_EARLY_DATA) && \
     ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \
       ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 12d503e389..3f869b9ffc 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1648,7 +1648,7 @@
 * production.
 *
 */
-//#define MBEDTLS_SSL_EARLY_DATA
+#define MBEDTLS_SSL_EARLY_DATA
 
 /**
  * \def MBEDTLS_SSL_PROTO_DTLS
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5294ec28bc..6829fd7b67 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -816,9 +816,12 @@ typedef uint8_t mbedtls_ssl_tls13_ticket_flags;
     MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
 #define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION \
     MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
-#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA \
-    MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION << 1
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ( 1U << 3 )
 
+#define MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK                               \
+            ( MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION             | \
+              MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION   | \
+              MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA )
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
 /**
  * \brief          Callback type: server-side session cache getter
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 405cce031f..d276a95660 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2542,7 +2542,6 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
         switch( extension_type )
         {
             case MBEDTLS_TLS_EXT_EARLY_DATA:
-                MBEDTLS_SSL_DEBUG_MSG( 4, ( "early_data extension received" ) );
                 if( extension_data_len != 4 )
                 {
                     MBEDTLS_SSL_PEND_FATAL_ALERT(
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 04790387a6..761c00ec52 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1395,13 +1395,14 @@ int mbedtls_ssl_tls13_write_early_data_ext( mbedtls_ssl_context *ssl,
     ((void) ssl);
 
     MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-    MBEDTLS_SSL_DEBUG_MSG(
-            3, ( "client hello, adding early_data extension" ) );
 
     MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EARLY_DATA, p, 0 );
     MBEDTLS_PUT_UINT16_BE( 0, p, 2 );
 
     *out_len = 4;
+
+    mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_EARLY_DATA );
+
     return( 0 );
 }
 #endif /* MBEDTLS_SSL_EARLY_DATA */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 186ac18ded..6aa295d662 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2504,12 +2504,6 @@ int main( int argc, char *argv[] )
         }
     }
 
-#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
-    /* TODO: We can log the actual early data status after we define
-     * the API mbedtls_ssl_get_early_data_status.
-     */
-#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */
-
 #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
     /*
      * 5. Verify the server certificate
@@ -3220,12 +3214,6 @@ reconnect:
 
         mbedtls_printf( " ok\n" );
 
-#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
-        /* TODO: We can log the actual early data status when reconnect
-         * after we define the API mbedtls_ssl_get_early_data_status.
-         */
-#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */
-
         goto send_request;
     }