return SSL_READ_EARLY_ERROR;
}
- /*
- * TODO(TLS1.3): Somehow we need to check that we're not receiving too much
- * data
- */
-
switch (s->early_data_state) {
case SSL_EARLY_DATA_NONE:
if (!SSL_in_before(s)) {
{
if (s->early_data_state == SSL_EARLY_DATA_READING) {
s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
+ ossl_statem_finish_early_data(s);
return 1;
}
return 0;
}
- /*
- * TODO(TLS1.3): Somehow we need to check that we're not sending too much
- * data
- */
-
switch (s->early_data_state) {
case SSL_EARLY_DATA_NONE:
if (!SSL_in_before(s)) {
ret->ext.status_type = TLSEXT_STATUSTYPE_nothing;
+ /*
+ * Default max early data is a fully loaded single record. Could be split
+ * across multiple records in practice
+ */
+ ret->max_early_data = SSL3_RT_MAX_PLAIN_LENGTH;
+
return ret;
err:
SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);