diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8c3da4902c..b9801a06c3 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2113,10 +2113,10 @@ int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, + int in_new_session_ticket, unsigned char *buf, const unsigned char *end, - size_t *out_len, - const mbedtls_ssl_session *session); + size_t *out_len); #if defined(MBEDTLS_SSL_SRV_C) #define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fa6c4c6936..ae1136431e 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1176,7 +1176,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &ext_len, NULL); + ssl, 0, p, end, &ext_len); if (ret != 0) { return ret; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index f711e97474..fe2a2eba78 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1410,18 +1410,18 @@ cleanup: */ #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, + int in_new_session_ticket, unsigned char *buf, const unsigned char *end, - size_t *out_len, - const mbedtls_ssl_session *session) + size_t *out_len) { unsigned char *p = buf; #if defined(MBEDTLS_SSL_SRV_C) - const size_t needed = session != NULL ? 8 : 4; + const size_t needed = in_new_session_ticket ? 8 : 4; #else const size_t needed = 4; - ((void) session); + ((void) in_new_session_ticket); #endif *out_len = 0; @@ -1432,11 +1432,11 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE(needed - 4, p, 2); #if defined(MBEDTLS_SSL_SRV_C) - if (session != NULL) { - MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 4); + if (in_new_session_ticket) { + MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); MBEDTLS_SSL_DEBUG_MSG( 4, ("Sent max_early_data_size=%u", - (unsigned int) session->max_early_data_size)); + (unsigned int) ssl->conf->max_early_data_size)); } #endif diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6c49f8d524..39caa9baaf 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2525,7 +2525,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &output_len, NULL); + ssl, 0, p, end, &output_len); if (ret != 0) { return ret; } @@ -3326,7 +3326,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && ssl->conf->max_early_data_size > 0) { if ((ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &output_len, session)) != 0) { + ssl, 1, p, end, &output_len)) != 0) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_write_early_data_ext", ret); return ret;