diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index 7455928dbeba27..7c0bcdc62824d9 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -573,6 +573,9 @@ TLSSocket.prototype.renegotiate = function(options, callback) { this._requestCert = requestCert; this._rejectUnauthorized = rejectUnauthorized; } + // Ensure that we'll cycle through internal openssl's state + this.write(''); + if (!this._handle.renegotiate()) { if (callback) { process.nextTick(callback, new ERR_TLS_RENEGOTIATE()); diff --git a/test/parallel/test-tls-disable-renegotiation.js b/test/parallel/test-tls-disable-renegotiation.js index f43276460910f7..0fc98641a69800 100644 --- a/test/parallel/test-tls-disable-renegotiation.js +++ b/test/parallel/test-tls-disable-renegotiation.js @@ -46,7 +46,6 @@ server.listen(0, common.mustCall(() => { port }; const client = tls.connect(options, common.mustCall(() => { - client.write(''); // Negotiation is still permitted for this first // attempt. This should succeed. let ok = client.renegotiate(options, common.mustCall((err) => { @@ -56,7 +55,6 @@ server.listen(0, common.mustCall(() => { // data event on the server. After that data // is received, disableRenegotiation is called. client.write('data', common.mustCall(() => { - client.write(''); // This second renegotiation attempt should fail // and the callback should never be invoked. The // server will simply drop the connection after