generate key block when setting the master secret.

Network/TLS/Receiving.hs

@@ -39,7 +39,6 @@ processPacket (Record ProtocolType_Alert _ fragment) = return . Alert =<< return
 processPacket (Record ProtocolType_ChangeCipherSpec _ fragment) = do
 	returnEither $ decodeChangeCipherSpec $ fragmentGetBytes fragment
 	switchRxEncryption
-	isClientContext >>= \cc -> when (not cc) setKeyBlock
 	return ChangeCipherSpec
 
 processPacket (Record ProtocolType_Handshake ver fragment) = do

Network/TLS/Sending.hs

@@ -48,7 +48,7 @@ processRecord record@(Record ty _ fragment) = do
  -}
 postprocessRecord :: Record Ciphertext -> TLSSt (Record Ciphertext)
 postprocessRecord record@(Record ProtocolType_ChangeCipherSpec _ _) =
-	switchTxEncryption >> isClientContext >>= \cc -> when cc setKeyBlock >> return record
+	switchTxEncryption >> return record
 postprocessRecord record = return record
 
 {-

Network/TLS/State.hs

@@ -223,6 +223,7 @@ setMasterSecret masterSecret = do
 	hasValidHandshake "master secret"
 
 	updateHandshake "master secret" (\hst -> hst { hstMasterSecret = Just masterSecret } )
+	setKeyBlock
 	return ()
 
 setMasterSecretFromPre :: MonadState TLSState m => Bytes -> m ()