update tls13 to handle an OCSP_WANT_READ, update

async client test to retry connect on OCSP_WANT_READ instead of timing out
2023-07-21 16:24:59 -04:00 · 2023-07-21 16:24:59 -04:00 · 2e4b651b87
parent 9ea681030f
commit 2e4b651b87
3 changed files with 9 additions and 5 deletions
--- a/.github/workflows/async.yml
+++ b/.github/workflows/async.yml
@ -10,7 +10,8 @@ jobs:
        config: [
          # Add new configs here
          '--enable-asynccrypt --enable-all --enable-dtls13',
-          '--enable-asynccrypt-sw',
+          '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2',
+          '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
        ]
    name: make check
    runs-on: ubuntu-latest
--- a/examples/client/client.c
+++ b/examples/client/client.c
@ -223,6 +223,9 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
        #ifdef WOLFSSL_ASYNC_CRYPT
            || error == WC_PENDING_E
        #endif
+        #ifdef WOLFSSL_NONBLOCK_OCSP
+            || error == OCSP_WANT_READ
+        #endif
        ) {
        #ifndef WOLFSSL_CALLBACKS
            ret = wolfSSL_connect(ssl);
--- a/src/tls13.c
+++ b/src/tls13.c
@ -11479,12 +11479,12 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         * == 0) */
        *inOutIdx -= HANDSHAKE_HEADER_SZ;
    }
-#endif

-    /* reset error */
-    if (ret == 0 && ssl->error == WC_PENDING_E)
+    /* make sure async error is cleared */
+    if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
        ssl->error = 0;
-
+    }
+#endif
    if (ret == 0 && type != client_hello && type != session_ticket &&
                                                           type != key_update) {
        ret = HashInput(ssl, input + inIdx, size);