From dd8fb41f664fb7ed5ee1d3f685f3735206c2f973 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 11 Mar 2022 09:46:42 -0800
Subject: [PATCH] Fixes for TLS v1.3 early data with async.

---
 configure.ac             | 6 +-----
 examples/client/client.c | 1 +
 examples/server/server.c | 4 +++-
 src/tls13.c              | 6 ++++--
 4 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/configure.ac b/configure.ac
index b930c50ec..c9b460395 100644
--- a/configure.ac
+++ b/configure.ac
@@ -583,11 +583,7 @@ then
     test "$enable_truncatedhmac" = "" && enable_truncatedhmac=yes
     test "$enable_trusted_ca" = "" && enable_trusted_ca=yes
     test "$enable_session_ticket" = "" && enable_session_ticket=yes
-
-    # don't add earlydata when assynccrypt, pending fix:
-    if test "$enable_asynccrypt" != "yes"; then
-        test "$enable_earlydata" = "" && enable_earlydata=yes
-    fi
+    test "$enable_earlydata" = "" && enable_earlydata=yes
 
     if test "$ENABLED_32BIT" != "yes"
     then
diff --git a/examples/client/client.c b/examples/client/client.c
index f0a653167..3825c3f17 100644
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -639,6 +639,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
                     err = wolfSSL_get_error(ssl, 0);
                 #ifdef WOLFSSL_ASYNC_CRYPT
                     if (err == WC_PENDING_E) {
+                        /* returns the number of polled items or <0 for error */
                         ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
                         if (ret < 0) break;
                     }
diff --git a/examples/server/server.c b/examples/server/server.c
index e42f89311..17d07fa31 100644
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -3017,13 +3017,15 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                         err = SSL_get_error(ssl, 0);
                     #ifdef WOLFSSL_ASYNC_CRYPT
                         if (err == WC_PENDING_E) {
+                            /* returns the number of polled items or <0 for
+                             * error */
                             ret = wolfSSL_AsyncPoll(ssl,
                                                     WOLF_POLL_FLAG_CHECK_HW);
                             if (ret < 0) break;
                         }
                     #endif
                     }
-                    if (ret > 0) {
+                    else if (ret > 0) {
                         input[ret] = 0; /* null terminate message */
                         printf("Early Data Client message: %s\n", input);
                     }
diff --git a/src/tls13.c b/src/tls13.c
index 5fd0ac1e5..dc4de4a13 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -9933,7 +9933,8 @@ int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
         return SIDE_ERROR;
 
     if (ssl->options.handShakeState == NULL_STATE) {
-        ssl->earlyData = expecting_early_data;
+        if (ssl->error != WC_PENDING_E)
+            ssl->earlyData = expecting_early_data;
         ret = wolfSSL_connect_TLSv13(ssl);
         if (ret != WOLFSSL_SUCCESS)
             return WOLFSSL_FATAL_ERROR;
@@ -9995,7 +9996,8 @@ int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz)
         return SIDE_ERROR;
 
     if (ssl->options.handShakeState == NULL_STATE) {
-        ssl->earlyData = expecting_early_data;
+        if (ssl->error != WC_PENDING_E)
+            ssl->earlyData = expecting_early_data;
         ret = wolfSSL_accept_TLSv13(ssl);
         if (ret <= 0)
             return WOLFSSL_FATAL_ERROR;