diff --git a/ChangeLog b/ChangeLog
index f2e086297..6aab3d1d3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,8 @@ Bugfix
    * Remove non-existent file from VS projects (found by Peter Vaskovic).
    * ssl_read() could return non-application data records on server while
      renegotation was pending, and on client when a HelloRequest was received.
+   * Server-initiated renegotiation would fail with non-blocking I/O if the
+     write callback returned WANT_WRITE when requesting renegotiation.
 
 Changes
    * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e6c4efdfd..6e6f6dae5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4167,8 +4167,6 @@ static int ssl_write_hello_request( ssl_context *ssl )
         return( ret );
     }
 
-    ssl->renegotiation = SSL_RENEGOTIATION_PENDING;
-
     SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
 
     return( 0 );
@@ -4222,6 +4220,12 @@ int ssl_renegotiate( ssl_context *ssl )
         if( ssl->state != SSL_HANDSHAKE_OVER )
             return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
+        ssl->renegotiation = SSL_RENEGOTIATION_PENDING;
+
+        /* Did we already try/start sending HelloRequest? */
+        if( ssl->out_left != 0 )
+            return( ssl_flush_output( ssl ) );
+
         return( ssl_write_hello_request( ssl ) );
     }
 #endif /* POLARSSL_SSL_SRV_C */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index e05019fa6..ed0f19cb0 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -709,6 +709,32 @@ run_test    "Renegotiation #9 (server-initiated, client-accepted, delay 0)" \
             -S "SSL - An unexpected message was received from our peer" \
             -S "failed"
 
+run_test    "Renegotiation #10 (nbio, enabled, client-initiated)" \
+            "$P_SRV debug_level=4 nbio=2 exchanges=2 renegotiation=1" \
+            "$P_CLI debug_level=4 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
+            0 \
+            -c "client hello, adding renegotiation extension" \
+            -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+            -s "found renegotiation extension" \
+            -s "server hello, secure renegotiation extension" \
+            -c "found renegotiation extension" \
+            -c "=> renegotiate" \
+            -s "=> renegotiate" \
+            -S "write hello request"
+
+run_test    "Renegotiation #11 (nbio, enabled, server-initiated)" \
+            "$P_SRV debug_level=4 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
+            "$P_CLI debug_level=4 nbio=2 exchanges=2 renegotiation=1" \
+            0 \
+            -c "client hello, adding renegotiation extension" \
+            -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+            -s "found renegotiation extension" \
+            -s "server hello, secure renegotiation extension" \
+            -c "found renegotiation extension" \
+            -c "=> renegotiate" \
+            -s "=> renegotiate" \
+            -s "write hello request"
+
 # Tests for auth_mode
 
 run_test    "Authentication #1 (server badcert, client required)" \