From 7ee38350c0753c711616f5dcf4278b755b9eebf4 Mon Sep 17 00:00:00 2001
From: John Bland <john.bland@wolfssl.com>
Date: Tue, 18 Jul 2023 14:05:16 -0400
Subject: [PATCH] undo supressing the OCSP_WANT_READ error, instead

add it to the list of non-fatal errors so that a socket close alert wont be sent out but the caller still won't block and will instead get OCSP_WANT_READ as an error back from wolfSSL_connect
---
 src/internal.c | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index ce8f2b909..87f8427d9 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -16332,11 +16332,6 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     }
 
 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
-    /* make sure async error is cleared */
-    if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
-        ssl->error = 0;
-    }
-
     /* if async, offset index so this msg will be processed again */
     if ((ret == WC_PENDING_E || ret == OCSP_WANT_READ) && *inOutIdx > 0) {
         *inOutIdx -= HANDSHAKE_HEADER_SZ;
@@ -16345,10 +16340,11 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             *inOutIdx -= DTLS_HANDSHAKE_EXTRA;
         }
     #endif
+    }
 
-        /* set the async error so the re-run will work and won't send alert */
-        ssl->error = ret;
-        ret = 0;
+    /* make sure async error is cleared */
+    if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
+        ssl->error = 0;
     }
 #endif /* WOLFSSL_ASYNC_CRYPT || WOLFSSL_NONBLOCK_OCSP */
 
@@ -16505,6 +16501,7 @@ int SendFatalAlertOnly(WOLFSSL *ssl, int error)
     case WANT_WRITE:
     case WANT_READ:
     case ZERO_RETURN:
+    case OCSP_WANT_READ:
 #ifdef WOLFSSL_ASYNC_CRYPT
     case WC_PENDING_E:
 #endif