From af21f3083ce150bf822574a4437be352a83ef45b Mon Sep 17 00:00:00 2001
From: Henry Case <henry.case@amongbytes.com>
Date: Wed, 13 Mar 2019 12:10:20 +0000
Subject: [PATCH] Fix: always store client hello in ConnectionState (#161)

always store CH in ConnectionState

Fixes a bug. On a server side, ConnectionState.ClientHello was filled
only in case server was handling TLSv1.3
---
 13.go                          | 2 --
 _dev/tris-testclient/client.go | 2 +-
 handshake_server.go            | 5 ++---
 3 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/13.go b/13.go
index da02bfb..28f1416 100644
--- a/13.go
+++ b/13.go
@@ -234,8 +234,6 @@ func (hs *serverHandshakeState) doTLS13Handshake() error {
 	c := hs.c
 
 	hs.c.cipherSuite, hs.hello.cipherSuite = hs.suite.id, hs.suite.id
-	hs.c.clientHello = hs.clientHello.marshal()
-
 	// When picking the group for the handshake, priority is given to groups
 	// that the client provided a keyShare for, so to avoid a round-trip.
 	// After that the order of CurvePreferences is respected.
diff --git a/_dev/tris-testclient/client.go b/_dev/tris-testclient/client.go
index a5efa76..71609b3 100644
--- a/_dev/tris-testclient/client.go
+++ b/_dev/tris-testclient/client.go
@@ -180,7 +180,7 @@ func main() {
 	for _, ng := range strings.Split(named_groups, ":") {
 		id, err := getIDByName(namedGroupsToName, ng)
 		if err != nil {
-			panic("Wrong TLS version provided")
+			panic("Wrong group name provided")
 		}
 		client.TLS.CurvePreferences = append(client.TLS.CurvePreferences, tls.CurveID(id))
 	}
diff --git a/handshake_server.go b/handshake_server.go
index e9ce3c2..4d4bff7 100644
--- a/handshake_server.go
+++ b/handshake_server.go
@@ -65,10 +65,9 @@ func (c *Conn) serverHandshake() error {
 	if err != nil {
 		return err
 	}
-
-	// For an overview of TLS handshaking, see https://tools.ietf.org/html/rfc5246#section-7.3
-	// and https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-2
+	c.clientHello = hs.clientHello.marshal()
 	c.buffering = true
+
 	if c.vers >= VersionTLS13 {
 		if err := hs.doTLS13Handshake(); err != nil {
 			return err