Describe the "want" parameter in int create_bare_ssl_connection()

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11406)
author: Matt Caswell <matt@openssl.org> 2020-03-26 11:29:42 +0000
committer: Matt Caswell <matt@openssl.org> 2020-03-30 14:39:29 +0100
commit: 743d9c16deee09bdd336a96170eb3e117508db1b (patch)
tree: 7b8edb6b00a81d3f73246f277870f75e9be07e42
parent: e737adb42a641a33ee73031639c989dfb1283926 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 4ecfb4a14c..e579ceff92 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -915,11 +915,14 @@ int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl,
 }
 
 /*
- * Create an SSL connection, but does not ready any post-handshake
+ * Create an SSL connection, but does not read any post-handshake
  * NewSessionTicket messages.
  * If |read| is set and we're using DTLS then we will attempt to SSL_read on
  * the connection once we've completed one half of it, to ensure any retransmits
  * get triggered.
+ * We stop the connection attempt (and return a failure value) if either peer
+ * has SSL_get_error() return the value in the |want| parameter. The connection
+ * attempt could be restarted by a subsequent call to this function.
  */
 int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want,
                                int read)
author	Matt Caswell <matt@openssl.org>	2020-03-26 11:29:42 +0000
committer	Matt Caswell <matt@openssl.org>	2020-03-30 14:39:29 +0100
commit	743d9c16deee09bdd336a96170eb3e117508db1b (patch)
tree	7b8edb6b00a81d3f73246f277870f75e9be07e42
parent	e737adb42a641a33ee73031639c989dfb1283926 (diff)