Don't set need_record_splitting until aead_write_ctx is set.
setup_key_block is called when the first CCS resolves, but for resumptions this
is the incoming CCS (see ssl3_do_change_cipher_spec). Rather than set
need_record_splitting there, it should be set in the write case of
This fixes a crash from the new record layer code in resumption when
record-splitting is enabled. Tweak the record-splitting tests to cover this
This also fixes a bug where renego from a cipher which does require record
splitting to one which doesn't continues splitting. Since version switches are
not allowed, this can only happen after a renego from CBC to RC4.
Reviewed-by: Adam Langley <firstname.lastname@example.org>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 51ba563..6284ef6 100644
@@ -2161,7 +2161,8 @@
- messageLen: -1, // read until EOF
+ messageLen: -1, // read until EOF
+ resumeSession: true,