From cbedae2f55126a5b8d67bfcbec98c16e5aff0c19 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Tue, 21 Feb 2023 14:17:44 +0100
Subject: [PATCH] This path in TLSX_KeyShare_Choose should not be taken
 normally

---
 src/tls.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index 399890938..9a68fe13d 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -9110,13 +9110,14 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
         list = (KeyShareEntry*)extension->data;
 
     if (extension && extension->resp == 1) {
-        int ret = 0;
+        /* Outside of the async case this path should not be taken. */
+        int ret = INCOMPLETE_DATA;
     #ifdef WOLFSSL_ASYNC_CRYPT
         /* in async case make sure key generation is finalized */
         serverKSE = (KeyShareEntry*)extension->data;
-        if (serverKSE->lastRet == WC_PENDING_E) {
+        if (serverKSE && serverKSE->lastRet == WC_PENDING_E) {
             if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
-                *doHelloRetry = 1;
+                *searched = 1;
             ret = TLSX_KeyShare_GenKey((WOLFSSL*)ssl, serverKSE);
         }
     #endif