From 8f3c56c03fff4f5c6f8fec1ee696f2c7860433c1 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Wed, 15 Jun 2016 18:44:25 -0700
Subject: [PATCH] Fix where the last flight was getting retransmit on timeout
 notification.

---
 src/internal.c | 3 +--
 src/ssl.c      | 4 +++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 746182a6e..5f732ad9b 100755
--- a/src/internal.c
+++ b/src/internal.c
@@ -4752,8 +4752,7 @@ retry:
             case WOLFSSL_CBIO_ERR_TIMEOUT:
                 if (ssl->options.dtls) {
 #ifdef WOLFSSL_DTLS
-                    if ((!ssl->options.handShakeDone ||
-                               ssl->options.dtlsHsRetain) &&
+                    if (!ssl->options.handShakeDone &&
                         DtlsPoolTimeout(ssl) == 0 &&
                         DtlsPoolSend(ssl) == 0) {
 
diff --git a/src/ssl.c b/src/ssl.c
index 4a45ba34e..20ffb0f30 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -6617,7 +6617,9 @@ int wolfSSL_dtls_got_timeout(WOLFSSL* ssl)
 {
     int result = SSL_SUCCESS;
 
-    if (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0) {
+    if (!ssl->options.handShakeDone &&
+        (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0)) {
+
         result = SSL_FATAL_ERROR;
     }
     return result;