Fix: always store client hello in ConnectionState (#161)

always store CH in ConnectionState

Fixes a bug. On a server side, ConnectionState.ClientHello was filled
only in case server was handling TLSv1.3

13.go

@@ -234,8 +234,6 @@ func (hs *serverHandshakeState) doTLS13Handshake() error {
 	c := hs.c
 
 	hs.c.cipherSuite, hs.hello.cipherSuite = hs.suite.id, hs.suite.id
-	hs.c.clientHello = hs.clientHello.marshal()
-
 	// When picking the group for the handshake, priority is given to groups
 	// that the client provided a keyShare for, so to avoid a round-trip.
 	// After that the order of CurvePreferences is respected.

_dev/tris-testclient/client.go

@@ -180,7 +180,7 @@ func main() {
 	for _, ng := range strings.Split(named_groups, ":") {
 		id, err := getIDByName(namedGroupsToName, ng)
 		if err != nil {
-			panic("Wrong TLS version provided")
+			panic("Wrong group name provided")
 		}
 		client.TLS.CurvePreferences = append(client.TLS.CurvePreferences, tls.CurveID(id))
 	}

handshake_server.go

@@ -65,10 +65,9 @@ func (c *Conn) serverHandshake() error {
 	if err != nil {
 		return err
 	}
-
+	c.clientHello = hs.clientHello.marshal()
-	// For an overview of TLS handshaking, see https://tools.ietf.org/html/rfc5246#section-7.3
-	// and https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-2
 	c.buffering = true
+
 	if c.vers >= VersionTLS13 {
 		if err := hs.doTLS13Handshake(); err != nil {
 			return err