commit 0557bd5fa4bee08f06487300cf99c426daed1773
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Aug 19 19:18:39 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:30:21 2014 +0200
tree 4d834d20f48a6874b62b3928f0c2dd81197a1de7
parent c392b240c49a8d29ab1d195177f39ae1383aa791

Fix message_seq with server-initiated renego

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 9ae336a..af5e390 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4550,6 +4550,17 @@
     if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
         return( ret );
 
+    /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and
+     * the ServerHello will have message_seq = 1" */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+    if( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
+        ssl->endpoint == SSL_IS_SERVER &&
+        ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
+    {
+        ssl->handshake->msg_seq = 1;
+    }
+#endif
+
     ssl->state = SSL_HELLO_REQUEST;
     ssl->renegotiation = SSL_RENEGOTIATION;