From 24525a35386d184e56f27ff29740eb8a60022c52 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 3 Mar 2017 15:58:19 +0100
Subject: gnutls_record_recv: do not accept a client hello while handshake is
 in progress

That is, do not return GNUTLS_E_REHANDSHAKE, while we are within
a handshake process.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/record.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/record.c b/lib/record.c
index 59b5ee114c..161db622bb 100644
--- a/lib/record.c
+++ b/lib/record.c
@@ -894,6 +894,7 @@ record_add_to_buffers(gnutls_session_t session,
 			 */
 			if (session->security_parameters.entity ==
 			    GNUTLS_SERVER
+			    && session->internals.handshake_in_progress == 0
 			    && bufel->htype ==
 			    GNUTLS_HANDSHAKE_CLIENT_HELLO) {
 				gnutls_assert();
-- 
cgit v1.2.1