commit 30d16eb4291d10f0870c3315cff63d295fdc33ed
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Aug 19 17:43:50 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:30:20 2014 +0200
tree 1f1b4c8b99ea39a2550ca1feeadd699f24f96133
parent b35fe5638a60437422c78b36162fa5f6e61fed22

Fix client-initiated renegotiation with DTLS

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index fbdf984..e97bd2a 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1253,6 +1253,14 @@
             SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
             return( ret );
         }
+
+    /* Done reading this record, get ready for the next one */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+        if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+            ssl->next_record_offset = msg_len + ssl_hdr_len( ssl );
+        else
+#endif
+            ssl->in_left = 0;
     }
     else
     {
@@ -1441,7 +1449,8 @@
                        buf + cookie_offset + 1, cookie_len );
 
 #if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
-        if( ssl->f_cookie_check != NULL )
+        if( ssl->f_cookie_check != NULL &&
+            ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
         {
             if( ssl->f_cookie_check( ssl->p_cookie,
                                      buf + cookie_offset + 1, cookie_len,
@@ -1784,8 +1793,6 @@
     ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
     ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info );
 
-    /* ClientHello can't be bundled with another record in same datagram */
-    ssl->in_left = 0;
     ssl->state++;
 
     SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) );