From ef64cd300ce350e24d9e340a20ac385bbefb990f Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 21 Jun 2019 08:37:07 -0700
Subject: [PATCH] Fixes to improve read error handling. * Improved
 `GetInputData` handling of non -1 return codes. * Adds support for handling
 `WOLFSSL_CBIO_ERR_TIMEOUT` return code in non-DTLS case.

---
 src/internal.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 668767b66..8545d3c9d 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -6900,17 +6900,18 @@ retry:
                 ssl->options.isClosed = 1;
                 return -1;
 
-            #ifdef WOLFSSL_DTLS
             case WOLFSSL_CBIO_ERR_TIMEOUT:
+            #ifdef WOLFSSL_DTLS
                 if (IsDtlsNotSctpMode(ssl) &&
                     !ssl->options.handShakeDone &&
                     DtlsMsgPoolTimeout(ssl) == 0 &&
                     DtlsMsgPoolSend(ssl, 0) == 0) {
 
+                    /* retry read for DTLS during handshake only */
                     goto retry;
                 }
-                return -1;
             #endif
+                return -1;
 
             default:
                 return recvd;
@@ -12864,12 +12865,12 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
                      ssl->buffers.inputBuffer.buffer +
                      ssl->buffers.inputBuffer.length,
                      inSz);
-        if (in == -1)
-            return SOCKET_ERROR_E;
-
         if (in == WANT_READ)
             return WANT_READ;
 
+        if (in < 0)
+            return SOCKET_ERROR_E;
+
         if (in > inSz)
             return RECV_OVERFLOW_E;