From 257d10a69fa2782c35f485200081b45ae4e9702d Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Wed, 3 Oct 2012 16:44:08 -0700
Subject: [PATCH] sanity check for out of order handshake messages

---
 src/internal.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 78d111e04..9da5d74f1 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -2473,6 +2473,11 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx,
     }
 #endif
 
+    if (ssl->options.handShakeState == HANDSHAKE_DONE && type != hello_request){
+        CYASSL_MSG("HandShake message after handshake complete");
+        return OUT_OF_ORDER_E;
+    }
+
     switch (type) {
 
     case hello_request: