Add a comment to explain the use of |num_recs|

In the SSLV2ClientHello processing code in ssl3_get_record, the value of
|num_recs| will always be 0. This isn't obvious from the code so a comment
is added to explain it.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index beef2b3dfb81e1a47885df9ace183aa082f9d455..57fef4a6717ce0872ba408812cfdd598e1e8a5d4 100644 (file)
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -270,7 +270,15 @@ int ssl3_get_record(SSL *s)
             if (s->first_packet && s->server && !s->read_hash
                     && !s->enc_read_ctx
                     && (p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
-                /* SSLv2 style record */
+                /*
+                 *  SSLv2 style record
+                 *
+                 * |num_recs| here will actually always be 0 because
+                 * |num_recs > 0| only ever occurs when we are processing
+                 * multiple app data records - which we know isn't the case here
+                 * because it is an SSLv2ClientHello. We keep it using
+                 * |num_recs| for the sake of consistency
+                 */
                 rr[num_recs].type = SSL3_RT_HANDSHAKE;
                 rr[num_recs].rec_version = SSL2_VERSION;