From ada25730092bcb271b6e87ecdca8567a03f8b73d Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Thu, 3 Nov 2016 14:49:21 -0700
Subject: [PATCH] Increment the expected handshake number if the call to the
 handhsake message processing function is successful, but not if the handshake
 message is the client_hello. Process client hello clears that counter and
 incrementing it breaks the handshake. Fixes issue #612.

---
 src/internal.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index f64b56dd4..eefafce52 100755
--- a/src/internal.c
+++ b/src/internal.c
@@ -8061,7 +8061,8 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         /* This branch is in order next, and a complete message. */
         ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
         if (ret == 0) {
-            ssl->keys.dtls_expected_peer_handshake_number++;
+            if (type != client_hello)
+                ssl->keys.dtls_expected_peer_handshake_number++;
             if (ssl->dtls_rx_msg_list != NULL) {
                 ret = DtlsMsgDrain(ssl);
             }