From 67dc83851bad62397619e2ff107cf44f09505dbd Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Sun, 5 Jul 2015 00:03:32 -0400
Subject: [PATCH] Fix ssl3_send_client_certificate state machine.

If ssl_do_write takes more than one iteration, ssl3_output_cert_chain
would be called an extra time. This is very unlikely in practice because
of the buffer BIO.

Change-Id: Ic1ae9752a8837bb404429fc60306c659208c6185
Reviewed-on: https://boringssl-review.googlesource.com/5340
Reviewed-by: Adam Langley <agl@google.com>
---
 ssl/s3_clnt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b5c35f03..1550f198 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2182,6 +2182,7 @@ int ssl3_send_client_certificate(SSL *s) {
     if (!ssl3_output_cert_chain(s, cert_pkey)) {
       return -1;
     }
+    s->state = SSL3_ST_CW_CERT_D;
   }
 
   /* SSL3_ST_CW_CERT_D */