From 93bb12ce86f7b81e07703fda0177439496215c90 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Thu, 3 Sep 2020 09:21:52 +1000
Subject: [PATCH] TLS 1.3: allow wolfSSL_peek() to return WANT_READ

When handshake message is processed in wolfSSL_peek() then return
WANT_READ from peek instead of blocking waiting for application data.

Server may send an alert if the client certificate is invalid.
The server also may send NewSesionTicket after client has sent finished
message.
To detect alert before handling application data, then the socket needs
to be checked for data. If the data is an alert then wolfSSL_peek() will
handle the alert, but if it is a NewSessionTicket then wolfSSL_peek()
will process it and block waiting for application data - so return
WANT_READ if no application data seen after processing handshake
message.
---
 src/internal.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 357ca4aed..d9082e0af 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -17876,6 +17876,16 @@ startScr:
                 goto startScr;
             }
         #endif
+    #ifdef WOLFSSL_TLS13
+        if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.handShakeDone &&
+                                         ssl->curRL.type == handshake && peek) {
+            WOLFSSL_MSG("Got Handshake Messge in APP data");
+            if (ssl->buffers.inputBuffer.length == 0) {
+                ssl->error = WOLFSSL_ERROR_WANT_READ;
+                return 0;
+            }
+        }
+    #endif
     }
 
     if (sz < (int)ssl->buffers.clearOutputBuffer.length)