From 163acb89afb23a95e15c27277c25dc8a2cd31585 Mon Sep 17 00:00:00 2001
From: Marco Oliverio <marco@wolfssl.com>
Date: Wed, 20 Jul 2022 19:57:00 +0200
Subject: [PATCH] dtls13: consider certificate_request processed on
 WC_PENDING_E

The error is due to the message triggered by the processing of the
message (Connect()->SendTls13Certificate/SendTls13CertificateVerify/SendTls13Verify). Consider
the message processed to avoid double processing.
---
 src/dtls13.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/dtls13.c b/src/dtls13.c
index 7cb32fa64..824bcc622 100644
--- a/src/dtls13.c
+++ b/src/dtls13.c
@@ -372,15 +372,21 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
 
         ret = DoTls13HandShakeMsgType(ssl, msg->msg, &idx, msg->type, msg->sz,
             msg->sz);
+
+        /* processing certificate_request triggers a connect. The error came
+         * from there, the message can be considered processed successfully */
+        if (ret == 0 || (msg->type == certificate_request &&
+                         ssl->options.handShakeDone && ret == WC_PENDING_E)) {
+            Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
+
+            ssl->dtls_rx_msg_list = msg->next;
+            DtlsMsgDelete(msg, ssl->heap);
+            msg = ssl->dtls_rx_msg_list;
+            ssl->dtls_rx_msg_list_sz--;
+        }
+
         if (ret != 0)
             break;
-
-        Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
-
-        ssl->dtls_rx_msg_list = msg->next;
-        DtlsMsgDelete(msg, ssl->heap);
-        msg = ssl->dtls_rx_msg_list;
-        ssl->dtls_rx_msg_list_sz--;
     }
 
     WOLFSSL_LEAVE("dtls13_process_buffered_messages()", ret);