Merge pull request #8212 from tom-cosgrove-arm/mbedtls_ssl_max_early_data_size-default-value

MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config
2025-04-18 23:42:32 +00:00 · 2023-09-15 05:51:59 +00:00 · 2023-09-15 05:51:59 +00:00 · 865730ec67
commit 865730ec67
parent 6fda82cdc7 a63775b168
3 changed files with 28 additions and 21 deletions
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -830,10 +830,10 @@
 #endif
 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
-    ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)     || \
+    defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) &&                      \
-      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 )       || \
+        ((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) ||                    \
-      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
+         (MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX))
-#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)"
+#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)"
 #endif
 #if defined(MBEDTLS_SSL_PROTO_DTLS)     && \
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@ -1830,26 +1830,12 @@
 * This feature is experimental, not completed and thus not ready for
 * production.
 *
 * \note The maximum amount of early data can be set with
 *       MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.
 *
 */
 //#define MBEDTLS_SSL_EARLY_DATA
 /**
 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
 *
 * The default maximum amount of 0-RTT data. See the documentation of
 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
 *
 * It must be positive and smaller than UINT32_MAX.
 *
 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
 * have any impact on the build.
 *
 * This feature is experimental, not completed and thus not ready for
 * production.
 *
 */
 #define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
 /**
 * \def MBEDTLS_SSL_PROTO_DTLS
 *
@ -4040,6 +4026,23 @@
 */
 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 /**
 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
 *
 * The default maximum amount of 0-RTT data. See the documentation of
 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
 *
 * It must be positive and smaller than UINT32_MAX.
 *
 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
 * have any impact on the build.
 *
 * This feature is experimental, not completed and thus not ready for
 * production.
 *
 */
 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
 /**
 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
 *
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -405,6 +405,10 @@
 #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
 #endif
 #if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)
 #define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
 #endif
 #if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE)
 #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
 #endif