Fix error in BIO_get_ktls_send() and BIO_get_ktls_recv()

If we were using a different type of BIO than a socket BIO then
BIO_get_ktls_send() and BIO_get_ktls_recv() could return the wrong
result.

The above occurred even if KTLS was disabled at compile time - so we should
additionally ensure that those macros do nothing if KTLS is disabled.

Finally we make the logic in ssl3_get_record() a little more robust when
KTLS has been disabled.

[extended tests]

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8793)

1 files changed, 2 insertions, 2 deletions

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 24694b3ffa..f758f17dc2 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -211,9 +211,9 @@ int ssl3_get_record(SSL *s)
                                SSL3_BUFFER_get_len(rbuf), 0,
                                num_recs == 0 ? 1 : 0, &n);
             if (rret <= 0) {
+#ifndef OPENSSL_NO_KTLS
                 if (!BIO_get_ktls_recv(s->rbio))
                     return rret;     /* error or non-blocking */
-#ifndef OPENSSL_NO_KTLS
                 switch (errno) {
                 case EBADMSG:
                     SSLfatal(s, SSL_AD_BAD_RECORD_MAC,
@@ -233,8 +233,8 @@ int ssl3_get_record(SSL *s)
                 default:
                     break;
                 }
-                return rret;
 #endif
+                return rret;
             }
             RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_BODY);