From 736a5e1f89bbccdf190bef260eca6341b91b7491 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Thu, 5 Jun 2025 22:34:38 +0200
Subject: [PATCH] dtlsProcessPendingPeer: correctly set the current peer

---
 src/internal.c        |  2 +-
 tests/api.c           |  1 +
 tests/api/test_dtls.c | 49 +++++++++++++++++++++++++++++++++++++++++++
 tests/api/test_dtls.h |  1 +
 4 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index a7779b423..7dbee42c3 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -21858,7 +21858,7 @@ static void dtlsProcessPendingPeer(WOLFSSL* ssl, int deprotected)
         else {
             /* Pending peer present and record deprotected. Update the peer. */
             (void)wolfSSL_dtls_set_peer(ssl,
-                    &ssl->buffers.dtlsCtx.pendingPeer.sa,
+                    ssl->buffers.dtlsCtx.pendingPeer.sa,
                     ssl->buffers.dtlsCtx.pendingPeer.sz);
             ssl->buffers.dtlsCtx.processingPendingRecord = 0;
             dtlsClearPeer(&ssl->buffers.dtlsCtx.pendingPeer);
diff --git a/tests/api.c b/tests/api.c
index d84bb863f..dfe33a617 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -68246,6 +68246,7 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_dtls12_missing_finished),
     TEST_DECL(test_dtls13_missing_finished_client),
     TEST_DECL(test_dtls13_missing_finished_server),
+    TEST_DECL(test_wolfSSL_dtls_set_pending_peer),
     TEST_DECL(test_tls13_pq_groups),
     TEST_DECL(test_tls13_early_data),
     TEST_DECL(test_tls_multi_handshakes_one_record),
diff --git a/tests/api/test_dtls.c b/tests/api/test_dtls.c
index 503e66c31..d5d589649 100644
--- a/tests/api/test_dtls.c
+++ b/tests/api/test_dtls.c
@@ -598,6 +598,55 @@ int test_wolfSSL_dtls_cid_parse(void)
     return EXPECT_RESULT();
 }
 
+int test_wolfSSL_dtls_set_pending_peer(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
+    defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS_CID)
+    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    unsigned char peer[10];
+    unsigned int peerSz;
+    unsigned char readBuf[10];
+    unsigned char client_cid[] = { 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 };
+    unsigned char server_cid[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    /* Setup DTLS contexts */
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfDTLS_client_method, wolfDTLS_server_method), 0);
+
+    ExpectIntEQ(wolfSSL_dtls_cid_use(ssl_c), 1);
+    ExpectIntEQ(wolfSSL_dtls_cid_set(ssl_c, server_cid,
+            sizeof(server_cid)), 1);
+    ExpectIntEQ(wolfSSL_dtls_cid_use(ssl_s), 1);
+    ExpectIntEQ(wolfSSL_dtls_cid_set(ssl_s, client_cid,
+            sizeof(client_cid)), 1);
+
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+    peerSz = sizeof(peer);
+    /* Fail since no peer set */
+    ExpectIntEQ(wolfSSL_dtls_get_peer(ssl_s, peer, &peerSz), 0);
+    ExpectIntEQ(wolfSSL_dtls_set_pending_peer(ssl_s, (void*)"123", 4), 1);
+    ExpectIntEQ(wolfSSL_write(ssl_c, "test", 5), 5);
+    ExpectIntEQ(wolfSSL_read(ssl_s, readBuf, sizeof(readBuf)), 5);
+    ExpectStrEQ(readBuf, "test");
+    peerSz = sizeof(peer);
+    ExpectIntEQ(wolfSSL_dtls_get_peer(ssl_s, peer, &peerSz), 1);
+    ExpectIntEQ(peerSz, 4);
+    ExpectStrEQ(peer, "123");
+
+    wolfSSL_free(ssl_s);
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_s);
+    wolfSSL_CTX_free(ctx_c);
+#endif
+    return EXPECT_RESULT();
+}
+
 int test_dtls13_epochs(void) {
     EXPECT_DECLS;
 #if defined(WOLFSSL_DTLS13) && !defined(NO_WOLFSSL_CLIENT)
diff --git a/tests/api/test_dtls.h b/tests/api/test_dtls.h
index 7f8f0457f..7896a9510 100644
--- a/tests/api/test_dtls.h
+++ b/tests/api/test_dtls.h
@@ -25,6 +25,7 @@
 int test_dtls12_basic_connection_id(void);
 int test_dtls13_basic_connection_id(void);
 int test_wolfSSL_dtls_cid_parse(void);
+int test_wolfSSL_dtls_set_pending_peer(void);
 int test_dtls13_epochs(void);
 int test_dtls13_ack_order(void);
 int test_dtls_version_checking(void);