Don't set need_record_splitting until aead_write_ctx is set.

setup_key_block is called when the first CCS resolves, but for resumptions this
is the incoming CCS (see ssl3_do_change_cipher_spec). Rather than set
need_record_splitting there, it should be set in the write case of

This fixes a crash from the new record layer code in resumption when
record-splitting is enabled. Tweak the record-splitting tests to cover this

This also fixes a bug where renego from a cipher which does require record
splitting to one which doesn't continues splitting. Since version switches are
not allowed, this can only happen after a renego from CBC to RC4.

Change-Id: Ie4e1b91282b10f13887b51d1199f76be4fbf09ad
Reviewed-by: Adam Langley <>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 51ba563..6284ef6 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -2161,7 +2161,8 @@
 			MinVersion:   VersionTLS10,
 			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
-		messageLen: -1, // read until EOF
+		messageLen:    -1, // read until EOF
+		resumeSession: true,
 		flags: []string{