From 3b4471ef87d756838735e0c3ed59f833eee14d2d Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Thu, 14 Sep 2023 12:59:50 +0100
Subject: [PATCH 1/2] MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be
 commented out in config

Numeric options should be commented out with their default values in the config
file, and a separate header file should set the default value if necessary.
This was done for most other options in #8161; do it here for
MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 include/mbedtls/check_config.h   | 8 ++++----
 include/mbedtls/mbedtls_config.h | 2 +-
 include/mbedtls/ssl.h            | 4 ++++
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 5ea7b9470d..17eb0340cf 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -830,10 +830,10 @@
 #endif
 
 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
-    ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)     || \
-      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 )       || \
-      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
-#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)"
+    defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) &&                      \
+        ((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) ||                    \
+         (MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX))
+#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)"
 #endif
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)     && \
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 2f5c672fb9..77644a1335 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1848,7 +1848,7 @@
  * production.
  *
  */
-#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
+//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
 
 /**
  * \def MBEDTLS_SSL_PROTO_DTLS
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index a3ecbfbf67..d6083daf19 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -405,6 +405,10 @@
 #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
 #endif
 
+#if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)
+#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
+#endif
+
 #if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE)
 #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
 #endif

From a63775b16855b3d28fb3763ec1fded877961aab7 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Thu, 14 Sep 2023 13:31:19 +0100
Subject: [PATCH 2/2] Move MBEDTLS_SSL_MAX_EARLY_DATA_SIZE to the correct
 section

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 include/mbedtls/mbedtls_config.h | 37 +++++++++++++++++---------------
 1 file changed, 20 insertions(+), 17 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 77644a1335..314dac639a 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1830,26 +1830,12 @@
  * This feature is experimental, not completed and thus not ready for
  * production.
  *
+ * \note The maximum amount of early data can be set with
+ *       MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.
+ *
  */
 //#define MBEDTLS_SSL_EARLY_DATA
 
-/**
- * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
- *
- * The default maximum amount of 0-RTT data. See the documentation of
- * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
- *
- * It must be positive and smaller than UINT32_MAX.
- *
- * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
- * have any impact on the build.
- *
- * This feature is experimental, not completed and thus not ready for
- * production.
- *
- */
-//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
-
 /**
  * \def MBEDTLS_SSL_PROTO_DTLS
  *
@@ -4040,6 +4026,23 @@
  */
 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 
+/**
+ * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
+ *
+ * The default maximum amount of 0-RTT data. See the documentation of
+ * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
+ *
+ * It must be positive and smaller than UINT32_MAX.
+ *
+ * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
+ * have any impact on the build.
+ *
+ * This feature is experimental, not completed and thus not ready for
+ * production.
+ *
+ */
+//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
+
 /**
  * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
  *