From 84dfbf488acca39c08e9e74ee029b47678800646 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Wed, 14 Feb 2024 10:38:09 +0100
Subject: [PATCH] tls13: client: Add comment about early data in 2nd
 ClientHello

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/ssl_tls13_client.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index a055d4d0b2..215c6474c7 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1180,6 +1180,14 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl,
 #endif
 
 #if defined(MBEDTLS_SSL_EARLY_DATA)
+    /* In the first ClientHello, write the early data indication extension if
+     * necessary and update the early data status.
+     * If an HRR has been received and thus we are currently writing the
+     * second ClientHello, the second ClientHello must not contain an early
+     * data extension and the early data status must stay as it is:
+     * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or
+     * MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED.
+     */
     if (!ssl->handshake->hello_retry_request_flag) {
         if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) &&
             ssl_tls13_early_data_has_valid_ticket(ssl) &&