commit 23b7b703aa3cbbbcc87eda7aa7bc09892a00bc2a
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Sep 25 13:50:12 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:32:38 2014 +0200
tree c7472c24e6437dc558c362cf58f5e38862b59b05
parent 8cc7e03ae0528d9485e78ad82da3e6c62c44ca37

Fix issue with renego & resend

include/polarssl/ssl.h

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index f0b1ec1..de517d6 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -248,6 +248,13 @@
 
 /*
  * DTLS retransmission states, see RFC 6347 4.2.4
+ *
+ * Warning: the state is sometimes explicit sometimes implicit!
+ * - PREPARING is explicit (but could be implicit from ssl->state)
+ * - SENDING is merged in PREPARING for initial sends, explicit for resends
+ * - WAITING is usually implicit from ssl->state, except after resend
+ * - FINISHED is explicit (but could be implicit from state)
+ * TODO-DTLS: clean that up
  */
 #define SSL_RETRANS_PREPARING       0
 #define SSL_RETRANS_SENDING         1

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 04c199e..333e58e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2206,7 +2206,10 @@
         }
     }
 
-    ssl->handshake->retransmit_state = SSL_RETRANS_WAITING;
+    if( ssl->state == SSL_HANDSHAKE_OVER )
+        ssl->handshake->retransmit_state = SSL_RETRANS_FINISHED;
+    else
+        ssl->handshake->retransmit_state = SSL_RETRANS_WAITING;
 
     SSL_DEBUG_MSG( 2, ( "<= ssl_resend" ) );