don't let sniffer try to parse handshake messages after the handshake has completed, new error for secure renegotiation not supported

src/sniffer.c

@@ -239,7 +239,8 @@ static const char* const msgTable[] =
     "Decrypt Keys Not Set Up",
     "Late Key Load Error",
     "Got Certificate Status msg",
-    "RSA Key Missing Error"
+    "RSA Key Missing Error",
+    "Secure Renegotiation Not Supported"
 };
 
 
@@ -1817,6 +1818,14 @@ static int DoHandShake(const byte* input, int* sslBytes,
         return -1;
     }
 
+    /* A session's arrays are released when the handshake is completed. */
+    if (session->sslServer->arrays == NULL &&
+        session->sslClient->arrays == NULL) {
+
+        SetError(NO_SECURE_RENEGOTIATION, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    
     switch (type) {
         case hello_verify_request:
             Trace(GOT_HELLO_VERIFY_STR);

wolfssl/sniffer_error.h

@@ -107,6 +107,7 @@
 #define CLIENT_HELLO_LATE_KEY_STR 72
 #define GOT_CERT_STATUS_STR 73
 #define RSA_KEY_MISSING_STR 74
+#define NO_SECURE_RENEGOTIATION 75
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
 
 

wolfssl/sniffer_error.rc

@@ -89,5 +89,6 @@ STRINGTABLE
     72, "Late Key Load Error"
     73, "Got Certificate Status msg"
     74, "RSA Key Missing Error"
+    75, "Secure Renegotiation Not Supported"
 }