Initial fix for reneg issue

- see https://github.com/bcgit/bc-java/issues/990

2 files changed, 20 insertions, 2 deletions

diff --git a/crypto/src/tls/AbstractTlsContext.cs b/crypto/src/tls/AbstractTlsContext.cs

index c70312721..75e46d993 100644
--- a/crypto/src/tls/AbstractTlsContext.cs
+++ b/crypto/src/tls/AbstractTlsContext.cs
@@ -94,6 +94,11 @@ namespace Org.BouncyCastle.Tls
             get { lock (this) return m_connected; }
         }
 
+        internal bool IsHandshaking
+        {
+            get { lock (this) return !m_connected && null != m_securityParameters; }
+        }
+
         public TlsCrypto Crypto
         {
             get { return m_crypto; }
diff --git a/crypto/src/tls/TlsProtocol.cs b/crypto/src/tls/TlsProtocol.cs

index 317b6b193..044fca42d 100644
--- a/crypto/src/tls/TlsProtocol.cs
+++ b/crypto/src/tls/TlsProtocol.cs
@@ -401,7 +401,7 @@ namespace Org.BouncyCastle.Tls
                 AbstractTlsContext context = ContextAdmin;
                 SecurityParameters securityParameters = context.SecurityParameters;
 
-                if (m_appDataReady ||
+                if (!context.IsHandshaking ||
                     null == securityParameters.LocalVerifyData ||
                     null == securityParameters.PeerVerifyData)
                 {
@@ -1557,6 +1557,19 @@ namespace Org.BouncyCastle.Tls
             get { return m_closed; }
         }
 
+        public virtual bool IsConnected
+        {
+            get
+            {
+                if (m_closed)
+                    return false;
+
+                AbstractTlsContext context = ContextAdmin;
+
+                return null != context && context.IsConnected;
+            }
+        }
+
         public virtual bool IsHandshaking
         {
             get
@@ -1566,7 +1579,7 @@ namespace Org.BouncyCastle.Tls
 
                 AbstractTlsContext context = ContextAdmin;
 
-                return null != context && !context.IsConnected;
+                return null != context && context.IsHandshaking;
             }
         }