From 6952d38246d7ee0eeb746368d8394b658757c9a3 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 3 Mar 2021 18:21:09 +0700
Subject: [PATCH] client side needs to send Kex Dh on rekey

---
 src/internal.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 35d67ad..3148027 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -5246,6 +5246,16 @@ static int DoPacket(WOLFSSH* ssh)
         case MSGID_KEXINIT:
             WLOG(WS_LOG_DEBUG, "Decoding MSGID_KEXINIT");
             ret = DoKexInit(ssh, buf + idx, payloadSz, &payloadIdx);
+            if (ssh->isKeying == 1 &&
+                    ssh->connectState == CONNECT_SERVER_CHANNEL_REQUEST_DONE) {
+                if (ssh->handshake->kexId == ID_DH_GEX_SHA256) {
+        #ifndef WOLFSSH_NO_DH
+                    ssh->error = SendKexDhGexRequest(ssh);
+        #endif
+                }
+                else
+                    ssh->error = SendKexDhInit(ssh);
+            }
             break;
 
         case MSGID_NEWKEYS: