X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_client.t0;h=ea9f5b515dc3fed0b577babdae7f5b298df8391b;hp=b941a8ec6df81ba9007e1df5ae474741781ce52d;hb=d16eee962a72a600c370f18f2ae25b36b4f532df;hpb=60126cafc85572a53d38752b8830e91c7ab18f88

diff --git a/src/ssl/ssl_hs_client.t0 b/src/ssl/ssl_hs_client.t0
index b941a8e..ea9f5b5 100644
--- a/src/ssl/ssl_hs_client.t0
+++ b/src/ssl/ssl_hs_client.t0
@@ -999,12 +999,9 @@ cc: do-ecdh ( echde prf_id -- ulen ) {
 				0 addr-application_data set8
 				read-HelloRequest
 				\ Reject renegotiations if the peer does not
-				\ support secure renegotiation. Theoretically
-				\ we could just ignore that, however if the
-				\ server sent an HelloRequest then it is
-				\ expecting a handshake and will wait for our
-				\ ClientHello.
-				addr-reneg get8 1 = if
+				\ support secure renegotiation, or if the
+				\ "no renegotiation" flag is set.
+				addr-reneg get8 1 = 1 flag? or if
 					flush-record
 					begin can-output? not while
 						wait-co drop