--- old/src/share/classes/sun/security/ssl/ServerHandshaker.java	Wed May 29 08:35:58 2013
+++ new/src/share/classes/sun/security/ssl/ServerHandshaker.java	Wed May 29 08:35:56 2013
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -279,6 +279,13 @@
             mesg.print(System.out);
         }
 
+        // reject client initialized renegotiation?
+        if (rejectClientInitializedRenego && !isInitialHandshake &&
+                state != HandshakeMessage.ht_hello_request) {
+            fatalSE(Alerts.alert_handshake_failure,
+                "Client initialized renegotiation is not allowed");
+        }
+
         // check the server name indication if required
         ServerNameExtension clientHelloSNIExt = (ServerNameExtension)
                     mesg.extensions.get(ExtensionType.EXT_SERVER_NAME);
@@ -369,7 +376,7 @@
             } else if (!allowUnsafeRenegotiation) {
                 // abort the handshake
                 if (activeProtocolVersion.v >= ProtocolVersion.TLS10.v) {
-                    // response with a no_renegotiation warning,
+                    // response with a no_renegotiation warning
                     warningSE(Alerts.alert_no_renegotiation);
 
                     // invalidate the handshake so that the caller can