Request renego before write in ssl_server2
Will be useful for:
- detecting termination of messages by other means than connection close
- DTLS (can be seen as a special case of the above: datagram-oriented)
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 20df781..ae512c0 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1589,6 +1589,22 @@
/*
* 7. Write the 200 Response
*/
+ if( opt.renegotiate )
+ {
+ /* Request renegotiation while the client is waiting for input */
+ printf( " . Requestion renegotiation..." );
+ fflush( stdout );
+ while( ( ret = ssl_renegotiate( &ssl ) ) != 0 )
+ {
+ if( ret != POLARSSL_ERR_NET_WANT_READ &&
+ ret != POLARSSL_ERR_NET_WANT_WRITE )
+ {
+ printf( " failed\n ! ssl_renegotiate returned %d\n\n", ret );
+ goto reset;
+ }
+ }
+ }
+
printf( " > Write to client:" );
fflush( stdout );
@@ -1619,22 +1635,6 @@
if( opt.renegotiate )
{
/*
- * Request renegotiation (this must be done when the client is still
- * waiting for input from our side).
- */
- printf( " . Requestion renegotiation..." );
- fflush( stdout );
- while( ( ret = ssl_renegotiate( &ssl ) ) != 0 )
- {
- if( ret != POLARSSL_ERR_NET_WANT_READ &&
- ret != POLARSSL_ERR_NET_WANT_WRITE )
- {
- printf( " failed\n ! ssl_renegotiate returned %d\n\n", ret );
- goto reset;
- }
- }
-
- /*
* Should be a while loop, not an if, but here we're not actually
* expecting data from the client, and since we're running tests
* locally, we can just hope the handshake will finish the during the