Drop renego state from context if no renego support

2025-12-24 00:06:32 +01:00 · 2015-03-10 11:54:02 +00:00 · 2015-03-10 11:54:02 +00:00 · 69849f8595
commit 69849f8595
parent d2b35ec3d3
3 changed files with 26 additions and 15 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3205,9 +3205,12 @@ static int ssl_parse_record_header( ssl_context *ssl )
        /* Drop unexpected ApplicationData records,
         * except at the beginning of renegotiations */
        if( ssl->in_msgtype == SSL_MSG_APPLICATION_DATA &&
-            ssl->state != SSL_HANDSHAKE_OVER &&
-            ! ( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
-                ssl->state == SSL_SERVER_HELLO ) )
+            ssl->state != SSL_HANDSHAKE_OVER
+#if defined(POLARSSL_SSL_RENEGOTIATION)
+            && ! ( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
+                   ssl->state == SSL_SERVER_HELLO )
+#endif
+            )
        {
            SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) );
            return( POLARSSL_ERR_SSL_INVALID_RECORD );