addressed pre-review comments

2025-07-30 02:37:28 +02:00 · 2021-01-22 15:14:31 +09:00
parent e39477c531
commit 141d07e21b
3 changed files with 16 additions and 11 deletions
--- a/examples/client/client.c
+++ b/examples/client/client.c
@ -340,7 +340,7 @@ static void EarlyDataStatus(WOLFSSL* ssl)
    
    switch(earlyData_status) {
        case WOLFSSL_EARLY_DATA_NOT_SENT:
-                printf("not setn.\n");
+                printf("not sent.\n");
                break;
        case WOLFSSL_EARLY_DATA_REJECTED:
                printf("rejected.\n");
--- a/src/tls.c
+++ b/src/tls.c
@ -9107,12 +9107,17 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length,
        if (length != 0)
            return BUFFER_E;

-        if (ssl->earlyData == expecting_early_data)
+        if (ssl->earlyData == expecting_early_data) {
+            
+            if (ssl->options.maxEarlyDataSz != 0)
+                ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;
+            else
+                ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
+            
            return TLSX_EarlyData_Use(ssl, 0);
+        }
        ssl->earlyData = early_data_ext;
-        /* client wants to send early data. set this to rejected here.      */
-        /* Later, it is set to accepted if the server accepts the data.     */
-        ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
+        
        return 0;
    }
    if (msgType == encrypted_extensions) {
@ -9125,9 +9130,10 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length,
        if (ssl->options.pskIdIndex != 1)
            return PSK_KEY_ERROR;

-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-	    /* server could accept early data. */
+        if (ssl->options.side == WOLFSSL_CLIENT_END) {
+            /* the extension from server comes in */
            ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;
+        }

        return TLSX_EarlyData_Use(ssl, 1);
    }
--- a/src/tls13.c
+++ b/src/tls13.c
@ -6497,7 +6497,6 @@ static int DoTls13EndOfEarlyData(WOLFSSL* ssl, const byte* input,
    }

    ssl->earlyData = done_early_data;
-    ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;

    /* Always encrypted. */
    *inOutIdx += ssl->keys.padSz;
@ -8657,13 +8656,13 @@ int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
        ret = wolfSSL_connect_TLSv13(ssl);
        if (ret != WOLFSSL_SUCCESS)
            return WOLFSSL_FATAL_ERROR;
-	/* on client side, status is set to rejected  */
-	/* until sever accepts early data             */
+        /* on client side, status is set to rejected        */
+        /* until sever accepts the early data extension.    */
        ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
    }
    if (ssl->options.handShakeState == CLIENT_HELLO_COMPLETE) {
 #ifdef OPENSSL_EXTRA
-	/* when processed early data exceeds max size */
+        /* when processed early data exceeds max size */
        if (ssl->earlyDataSz + sz > ssl->session.maxEarlyDataSz) {
            ssl->error = TOO_MUCH_EARLY_DATA;
            return WOLFSSL_FATAL_ERROR;