Allow delay on renego on client

Currently unbounded: will be fixed later
2025-07-28 00:21:48 +03:00 · 2014-08-19 12:50:30 +02:00
parent f26a1e8602
commit 6591962f06
6 changed files with 36 additions and 12 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -902,6 +902,12 @@ static int ssl_parse_server_hello( ssl_context *ssl )

    if( ssl->in_msgtype != SSL_MSG_HANDSHAKE )
    {
+        if( ssl->renegotiation == SSL_RENEGOTIATION )
+        {
+            SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) );
+            return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
+        }
+
        SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
        return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
    }