From cc110a0aaebd627a9e61e2c8d68b02e3e0a4e76b Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 10 May 2022 18:50:00 +0100
Subject: Implement KTLS in the new read record layer code

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
---
 ssl/s3_enc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ssl/s3_enc.c')

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index bd66f300ef..fc9002b8e5 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -146,12 +146,12 @@ int ssl3_change_cipher_state(SSL_CONNECTION *s, int which)
     }
 
     if (which & SSL3_CC_READ) {
-        if (!ssl_set_new_record_layer(s, NULL, SSL3_VERSION,
+        if (!ssl_set_new_record_layer(s, SSL3_VERSION,
                                       OSSL_RECORD_DIRECTION_READ,
                                       OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
                                       key, key_len, iv, iv_len, mac_secret,
                                       md_len, ciph, 0, NID_undef, md, comp)) {
-            /* SSLfatal already called */
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_NO_SUITABLE_RECORD_LAYER);
             goto err;
         }
 
-- 
cgit v1.2.3