From 4832ccccbd1a52fe120b5ece57931005e2578dc4 Mon Sep 17 00:00:00 2001
From: Franz Auernigg <f.auernigg@commend.com>
Date: Tue, 28 Feb 2023 14:29:48 +0100
Subject: [PATCH] tls: handle server done state during tls 1.2 renegotiation

---
 src/tls/openssl/tls_tcp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/tls/openssl/tls_tcp.c b/src/tls/openssl/tls_tcp.c
index 221569350..d7b27eb07 100644
--- a/src/tls/openssl/tls_tcp.c
+++ b/src/tls/openssl/tls_tcp.c
@@ -231,7 +231,8 @@ static bool recv_handler(int *err, struct mbuf *mb, bool *estab, void *arg)
 	if (SSL_state(tc->ssl) != SSL_ST_OK) {
 #if !defined(LIBRESSL_VERSION_NUMBER)
 		reneg = SSL_state(tc->ssl) == TLS_ST_CW_CLNT_HELLO
-		     || SSL_state(tc->ssl) == TLS_ST_CW_FINISHED;
+		     || SSL_state(tc->ssl) == TLS_ST_CW_FINISHED
+		     || SSL_state(tc->ssl) == TLS_ST_SW_SRVR_DONE;
 #endif
 
 		if (tc->up && !reneg) {