From 1a03473576f150468c6b2e4ff206db5bb14b1c88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 4 Nov 2014 17:36:18 +0100
Subject: [PATCH] Keep EtM state across renegotiations

---
 library/ssl_tls.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8c981cf36..b608e5c98 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3248,6 +3248,12 @@ void ssl_handshake_wrapup( ssl_context *ssl )
 
     if( ssl->session )
     {
+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+        /* RFC 7366 3.1: keep the EtM state */
+        ssl->session_negotiate->encrypt_then_mac =
+                  ssl->session->encrypt_then_mac;
+#endif
+
         ssl_session_free( ssl->session );
         polarssl_free( ssl->session );
     }