Request renego before write in ssl_server2

Will be useful for: - detecting termination of messages by other means than connection close - DTLS (can be seen as a special case of the above: datagram-oriented)
2024-10-18 16:21:05 +00:00 · 2014-08-19 12:59:03 +02:00 · 2014-08-19 12:59:03 +02:00 · 296e3b1174
parent 6591962f06
commit 296e3b1174
1 changed files with 16 additions and 16 deletions
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -1589,6 +1589,22 @@ reset:
    /*
     * 7. Write the 200 Response
     */
+    if( opt.renegotiate )
+    {
+        /* Request renegotiation while the client is waiting for input */
+        printf( "  . Requestion renegotiation..." );
+        fflush( stdout );
+        while( ( ret = ssl_renegotiate( &ssl ) ) != 0 )
+        {
+            if( ret != POLARSSL_ERR_NET_WANT_READ &&
+                ret != POLARSSL_ERR_NET_WANT_WRITE )
+            {
+                printf( " failed\n  ! ssl_renegotiate returned %d\n\n", ret );
+                goto reset;
+            }
+        }
+    }
+
    printf( "  > Write to client:" );
    fflush( stdout );

@ -1618,22 +1634,6 @@ reset:

    if( opt.renegotiate )
    {
-        /*
-         * Request renegotiation (this must be done when the client is still
-         * waiting for input from our side).
-         */
-        printf( "  . Requestion renegotiation..." );
-        fflush( stdout );
-        while( ( ret = ssl_renegotiate( &ssl ) ) != 0 )
-        {
-            if( ret != POLARSSL_ERR_NET_WANT_READ &&
-                ret != POLARSSL_ERR_NET_WANT_WRITE )
-            {
-                printf( " failed\n  ! ssl_renegotiate returned %d\n\n", ret );
-                goto reset;
-            }
-        }
-
        /*
         * Should be a while loop, not an if, but here we're not actually
         * expecting data from the client, and since we're running tests