From dc2819e02899b22dbc9b9f4b2cd1ba2ae2f609c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pascal=20Eng=C3=A9libert?= <tuxmain@zettascript.org>
Date: Thu, 8 Jan 2026 11:03:16 +0100
Subject: [PATCH] Early data option

---
 src/client.rs | 13 ++++++++++++-
 src/server.rs | 13 +++++++------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/client.rs b/src/client.rs
index 8c37ada..8d80ac6 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -105,7 +105,18 @@ pub async fn play(
 				.dangerous()
 				.with_custom_certificate_verifier(Arc::new(DummyCertVerifier))
 				.with_no_client_auth();
-			config.resumption = Resumption::disabled();
+			let mut enable_early_data = false;
+			for (var, val) in std::env::vars() {
+				match var.as_str() {
+					"EARLYDATA" => enable_early_data = val == "1",
+					_ => {}
+				}
+			}
+			if enable_early_data {
+				config.enable_early_data = true;
+			} else {
+				config.resumption = Resumption::disabled();
+			}
 			let config = Arc::new(config);
 			for (id, (server_name, records)) in records.iter() {
 				let connector = TlsConnector::from(config.clone());
diff --git a/src/server.rs b/src/server.rs
index 81a2b9c..2df46b1 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -59,9 +59,10 @@ pub async fn play(
 	match tls_mode {
 		TlsMode::Both | TlsMode::Server => {
 			let mut resolver = ResolvesServerCertUsingSni::new();
-			let config = tokio_rustls::rustls::ServerConfig::builder()
+			let mut config = tokio_rustls::rustls::ServerConfig::builder()
 				.with_no_client_auth()
 				.with_cert_resolver(Arc::new(ResolvesServerCertUsingSni::new()));
+			config.max_early_data_size = 8192;
 			for file in std::fs::read_dir(cert_path).unwrap_or_else(|e| {
 				panic!("Cannot read certificate directory `{cert_path}`: {e:?}")
 			}) {
@@ -126,11 +127,11 @@ pub async fn play(
 
 			// Config requires resolver, keys can be added to resolver, creating a key requires config. WTF!?
 			// So we have to re-create config.
-			let config = Arc::new(
-				tokio_rustls::rustls::ServerConfig::builder()
-					.with_no_client_auth()
-					.with_cert_resolver(Arc::new(resolver)),
-			);
+			let mut config = tokio_rustls::rustls::ServerConfig::builder()
+				.with_no_client_auth()
+				.with_cert_resolver(Arc::new(resolver));
+			config.max_early_data_size = 8192;
+			let config = Arc::new(config);
 
 			let listener = TcpListener::bind(listen_addr).await.unwrap();
 			sync_sender.send(()).unwrap();