From 5726c23d81784f3f03f30124335b9e8daa289419 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Sat, 6 May 2017 14:00:24 -0700
Subject: [PATCH] Fix for scan-build warning with ret not being read in
 DoServerHello.

---
 src/internal.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index e1a10e895..a39c7c5f7 100755
--- a/src/internal.c
+++ b/src/internal.c
@@ -15428,20 +15428,20 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz
         if (ssl->options.resuming) {
             if (DSH_CheckSessionId(ssl)) {
                 if (SetCipherSpecs(ssl) == 0) {
-                    ret = -1;
 
                     XMEMCPY(ssl->arrays->masterSecret,
                             ssl->session.masterSecret, SECRET_LEN);
-                    #ifdef NO_OLD_TLS
+            #ifdef NO_OLD_TLS
+                    ret = DeriveTlsKeys(ssl);
+            #else
+                    ret = -1; /* default value */
+                #ifndef NO_TLS
+                    if (ssl->options.tls)
                         ret = DeriveTlsKeys(ssl);
-                    #else
-                        #ifndef NO_TLS
-                            if (ssl->options.tls)
-                                ret = DeriveTlsKeys(ssl);
-                        #endif
-                            if (!ssl->options.tls)
-                                ret = DeriveKeys(ssl);
-                    #endif
+                #endif
+                    if (!ssl->options.tls)
+                        ret = DeriveKeys(ssl);
+            #endif /* NO_OLD_TLS */
                     ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
 
                     return ret;