Fix resumption failure and use range in connect state logic

examples/client/client.c

@@ -4104,6 +4104,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error in setting fd");
         }
+        if (simulateWantWrite) {
+            wolfSSL_SetIOWriteCtx(ssl, (void*)&sockfd);
+        }
 #ifdef HAVE_ALPN
         if (alpnList != NULL) {
             printf("ALPN accepted protocols list : %s\n", alpnList);

examples/server/server.c

@@ -2962,6 +2962,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                 wolfSSL_dtls_set_peer(ssl, &client_addr, client_len);
             }
             if (simulateWantWrite) {
+#ifdef USE_WOLFSSL_IO
                 /* connect on a udp to associate peer with this fd to make it
                  * simpler for SimulateWantWriteIOSendCb */
                 if (connect(clientfd, (struct sockaddr*)&client_addr,
@@ -2969,6 +2970,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                     err_sys_ex(catastrophic, "error in connecting to peer");
                 }
                 wolfSSL_SetIOWriteCtx(ssl, (void*)&sockfd);
+#endif
             }
         }
 #endif

src/ssl.c

@@ -11838,11 +11838,8 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                 if (ssl->fragOffset == 0) {
                     if (ssl->options.connectState == CONNECT_BEGIN ||
                         ssl->options.connectState == HELLO_AGAIN ||
-                        ssl->options.connectState == FIRST_REPLY_DONE ||
+                       (ssl->options.connectState >= FIRST_REPLY_DONE &&
-                        ssl->options.connectState == FIRST_REPLY_FIRST ||
+                        ssl->options.connectState <= FIRST_REPLY_FOURTH)) {
-                        ssl->options.connectState == FIRST_REPLY_SECOND ||
-                        ssl->options.connectState == FIRST_REPLY_THIRD ||
-                        ssl->options.connectState == FIRST_REPLY_FOURTH) {
                         ssl->options.connectState++;
                         WOLFSSL_MSG("connect state: "
                                     "Advanced from last buffered fragment send");

src/tls13.c

@@ -8640,11 +8640,8 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
                 /* Only increment from states in which we send data */
                 if (ssl->options.connectState == CONNECT_BEGIN ||
                     ssl->options.connectState == HELLO_AGAIN ||
-                    ssl->options.connectState == FIRST_REPLY_DONE ||
+                   (ssl->options.connectState >= FIRST_REPLY_DONE &&
-                    ssl->options.connectState == FIRST_REPLY_FIRST ||
+                    ssl->options.connectState <= FIRST_REPLY_FOURTH)) {
-                    ssl->options.connectState == FIRST_REPLY_SECOND ||
-                    ssl->options.connectState == FIRST_REPLY_THIRD ||
-                    ssl->options.connectState == FIRST_REPLY_FOURTH) {
                     ssl->options.connectState++;
                     WOLFSSL_MSG("connect state: "
                                 "Advanced from last buffered fragment send");

wolfssl/test.h

@@ -2050,7 +2050,7 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
     if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
         err_sys_with_errno("tcp bind failed");
 
-    #if (defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)) && !defined(WOLFSSL_TIRTOS)
+    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
         if (port == 0) {
             socklen_t len = sizeof(addr);
             if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
@@ -2063,7 +2063,7 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
         }
     #endif
 
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
     /* signal ready to accept data */
     {
     tcp_ready* ready = args->signal;