--- a/lib/ssl/ssl3gthr.c
+++ b/lib/ssl/ssl3gthr.c
@@ -365,30 +365,29 @@ ssl3_GatherCompleteHandshake(sslSocket *
 		    cText.seq_num.high <<= 8; cText.seq_num.low <<= 8;
 		    cText.seq_num.high |= ss->gs.hdr[3 + i];
 		    cText.seq_num.low |= ss->gs.hdr[7 + i];
 		}
 	    }
 
 	    cText.buf     = &ss->gs.inbuf;
 	    rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
-
-	    if (rv == (int) SECSuccess && ss->gs.buf.len > 0) {
-		/* We have application data to return to the application. This
-		 * prioritizes returning application data to the application over
-		 * completing any renegotiation handshake we may be doing.
-		 */
-		PORT_Assert(ss->firstHsDone);
-		PORT_Assert(cText.type == content_application_data);
-		break;
-	    }
 	}
 	if (rv < 0) {
 	    return ss->recvdCloseNotify ? 0 : rv;
 	}
+	if (ss->gs.buf.len > 0) {
+	    /* We have application data to return to the application. This
+	     * prioritizes returning application data to the application over
+	     * completing any renegotiation handshake we may be doing.
+	     */
+	    PORT_Assert(ss->firstHsDone);
+	    PORT_Assert(cText.type == content_application_data);
+	    break;
+	}
 
 	PORT_Assert(keepGoing);
 	ssl_GetSSL3HandshakeLock(ss);
 	if (ss->ssl3.hs.ws == idle_handshake) {
 	    /* We are done with the current handshake so stop trying to
 	     * handshake. Note that it would be safe to test ss->firstHsDone
 	     * instead of ss->ssl3.hs.ws. By testing ss->ssl3.hs.ws instead,
 	     * we prioritize completing a renegotiation handshake over sending