diff --git a/.github/workflows/async.yml b/.github/workflows/async.yml index 8ded769506..71b35a4003 100644 --- a/.github/workflows/async.yml +++ b/.github/workflows/async.yml @@ -10,7 +10,8 @@ jobs: config: [ # Add new configs here '--enable-asynccrypt --enable-all --enable-dtls13', - '--enable-asynccrypt-sw', + '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2', + '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"', ] name: make check runs-on: ubuntu-latest diff --git a/examples/client/client.c b/examples/client/client.c index 2a105497ff..cf93e497e4 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -223,6 +223,9 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl) #ifdef WOLFSSL_ASYNC_CRYPT || error == WC_PENDING_E #endif + #ifdef WOLFSSL_NONBLOCK_OCSP + || error == OCSP_WANT_READ + #endif ) { #ifndef WOLFSSL_CALLBACKS ret = wolfSSL_connect(ssl); diff --git a/src/internal.c b/src/internal.c index bb7b66ddfe..afc08ea235 100644 --- a/src/internal.c +++ b/src/internal.c @@ -16501,6 +16501,9 @@ int SendFatalAlertOnly(WOLFSSL *ssl, int error) case WANT_WRITE: case WANT_READ: case ZERO_RETURN: +#ifdef WOLFSSL_NONBLOCK_OCSP + case OCSP_WANT_READ: +#endif #ifdef WOLFSSL_ASYNC_CRYPT case WC_PENDING_E: #endif diff --git a/src/tls13.c b/src/tls13.c index 397147790e..f393abc062 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -11479,12 +11479,12 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, * == 0) */ *inOutIdx -= HANDSHAKE_HEADER_SZ; } -#endif - /* reset error */ - if (ret == 0 && ssl->error == WC_PENDING_E) + /* make sure async error is cleared */ + if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) { ssl->error = 0; - + } +#endif if (ret == 0 && type != client_hello && type != session_ticket && type != key_update) { ret = HashInput(ssl, input + inIdx, size);