From dc4667333bf5b712aa3c17b9713a6dda32d5feb1 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 9 Jan 2017 17:29:44 +0000
Subject: [PATCH] Mark a HelloRequest record as read if we ignore it

Otherwise the client will try to process it again. The second time around
it will try and move the record data into handshake fragment storage and
realise that there is no data left. At that point it marks it as read
anyway. However, it is a bug that we go around the loop a second time, so
we prevent that.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2200)
(cherry picked from commit 290a0419f0c13a30fb3a1d1a279125c8aeafd17e)
---
 ssl/record/rec_layer_s3.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index da1999b660..fdc8190027 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1297,7 +1297,12 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
                         return (-1);
                     }
                 }
+            } else {
+                SSL3_RECORD_set_read(rr);
             }
+        } else {
+            /* Does this ever happen? */
+            SSL3_RECORD_set_read(rr);
         }
         /*
          * we either finished a handshake or ignored the request, now try
-- 
2.25.1