Add comments to test_ciphersuite_change()

Make it clear that we are pausing one of the connections and then
restarting it again.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3623)

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 13ba727c5daa74441a178c02372bb5404f966e0a..a161989a65c348522f33dfc0952f7b9dbc8e88c8 100644 (file)
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1891,6 +1891,11 @@ static int test_ciphersuite_change(void)
             || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
                                              NULL, NULL))
             || !TEST_true(SSL_set_session(clientssl, clntsess))
+               /*
+                * We use SSL_ERROR_WANT_READ below so that we can pause the
+                * connection after the initial ClientHello has been sent to
+                * enable us to make some session changes.
+                */
             || !TEST_false(create_ssl_connection(serverssl, clientssl,
                                                 SSL_ERROR_WANT_READ)))
         goto end;
@@ -1900,8 +1905,9 @@ static int test_ciphersuite_change(void)
     clntsess->cipher_id = clntsess->cipher->id;
 
     /*
-     * Server has selected a SHA-384 ciphersuite, but client thinks the session
-     * is for SHA-256, so it should bail out.
+     * Continue the previously started connection. Server has selected a SHA-384
+     * ciphersuite, but client thinks the session is for SHA-256, so it should
+     * bail out.
      */
     if (!TEST_false(create_ssl_connection(serverssl, clientssl,
                                                 SSL_ERROR_SSL))