Add comments to test_ciphersuite_change()

Make it clear that we are pausing one of the connections and then restarting it again. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3623)
2017-06-15 13:44:24 +01:00 · 2017-06-15 13:44:24 +01:00 · 3b0e88d3bd
commit 3b0e88d3bd
parent 8acc27998b
1 changed files with 8 additions and 2 deletions
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@ -1891,6 +1891,11 @@ static int test_ciphersuite_change(void)
            || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
                                             NULL, NULL))
            || !TEST_true(SSL_set_session(clientssl, clntsess))
+               /*
+                * We use SSL_ERROR_WANT_READ below so that we can pause the
+                * connection after the initial ClientHello has been sent to
+                * enable us to make some session changes.
+                */
            || !TEST_false(create_ssl_connection(serverssl, clientssl,
                                                SSL_ERROR_WANT_READ)))
        goto end;
@ -1900,8 +1905,9 @@ static int test_ciphersuite_change(void)
    clntsess->cipher_id = clntsess->cipher->id;

    /*
-     * Server has selected a SHA-384 ciphersuite, but client thinks the session
-     * is for SHA-256, so it should bail out.
+     * Continue the previously started connection. Server has selected a SHA-384
+     * ciphersuite, but client thinks the session is for SHA-256, so it should
+     * bail out.
     */
    if (!TEST_false(create_ssl_connection(serverssl, clientssl,
                                                SSL_ERROR_SSL))