diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 26110d800d..37d7e13e04 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -947,7 +947,7 @@ struct _ssl_context
     unsigned char mfl_code;     /*!< MaxFragmentLength chosen by us   */
 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
 #if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
-    char split_done;            /*!< flag for record splitting:
+    signed char split_done;     /*!< flag for record splitting:
                                      -1 disabled, 0 todo, 1 done      */
 #endif
 
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 12ee22e914..413582a3b0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6430,17 +6430,14 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len )
 
     if( ssl->split_done == 0 )
     {
-        ssl->split_done = 1;
-        if( ( ret = ssl_write_real( ssl, buf, 1 ) ) < 0 )
+        if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 )
             return( ret );
+        ssl->split_done = 1;
     }
 
-    if( ssl->split_done == 1 )
-    {
-        ssl->split_done = 0;
-        if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) < 0 )
-            return( ret );
-    }
+    if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 )
+        return( ret );
+    ssl->split_done = 0;
 
     return( ret + 1 );
 }
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f2beaf1b9d..fb2327a9b7 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2070,7 +2070,7 @@ data_exchange:
 
     buf[written] = '\0';
     printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf );
-
+    ret = 0;
 
     /*
      * 7b. Continue doing data exchanges?
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 3099adcf14..3aeef96c0a 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -847,6 +847,15 @@ run_test    "CBC Record splitting: TLS 1.0, splitting disabled" \
             -S "Read from client: 1 bytes read" \
             -S "122 bytes read"
 
+run_test    "CBC Record splitting: TLS 1.0, splitting, nbio" \
+            "$P_SRV nbio=2" \
+            "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
+             request_size=123 force_version=tls1" \
+            0 \
+            -S "Read from client: 123 bytes read" \
+            -s "Read from client: 1 bytes read" \
+            -s "122 bytes read"
+
 # Tests for Session Tickets
 
 run_test    "Session resume using tickets: basic" \
@@ -1241,9 +1250,10 @@ run_test    "Renegotiation: periodic, just below period" \
             -S "SSL - An unexpected message was received from our peer" \
             -S "failed"
 
+# one extra exchange to be able to complete renego
 run_test    "Renegotiation: periodic, just above period" \
             "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3" \
-            "$P_CLI debug_level=3 exchanges=3 renegotiation=1" \
+            "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
             0 \
             -c "client hello, adding renegotiation extension" \
             -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@@ -1259,7 +1269,7 @@ run_test    "Renegotiation: periodic, just above period" \
 
 run_test    "Renegotiation: periodic, two times period" \
             "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3" \
-            "$P_CLI debug_level=3 exchanges=6 renegotiation=1" \
+            "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \
             0 \
             -c "client hello, adding renegotiation extension" \
             -s "received TLS_EMPTY_RENEGOTIATION_INFO" \