X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=test%2Fsslapitest.c;h=a161989a65c348522f33dfc0952f7b9dbc8e88c8;hp=13ba727c5daa74441a178c02372bb5404f966e0a;hb=3b0e88d3bd79d01c2da519e405849b78646aab8f;hpb=8acc27998bf253f0fd7c59d0e6aa515e5793ad01

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 13ba727c5d..a161989a65 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1891,6 +1891,11 @@ static int test_ciphersuite_change(void)
             || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
                                              NULL, NULL))
             || !TEST_true(SSL_set_session(clientssl, clntsess))
+               /*
+                * We use SSL_ERROR_WANT_READ below so that we can pause the
+                * connection after the initial ClientHello has been sent to
+                * enable us to make some session changes.
+                */
             || !TEST_false(create_ssl_connection(serverssl, clientssl,
                                                 SSL_ERROR_WANT_READ)))
         goto end;
@@ -1900,8 +1905,9 @@ static int test_ciphersuite_change(void)
     clntsess->cipher_id = clntsess->cipher->id;
 
     /*
-     * Server has selected a SHA-384 ciphersuite, but client thinks the session
-     * is for SHA-256, so it should bail out.
+     * Continue the previously started connection. Server has selected a SHA-384
+     * ciphersuite, but client thinks the session is for SHA-256, so it should
+     * bail out.
      */
     if (!TEST_false(create_ssl_connection(serverssl, clientssl,
                                                 SSL_ERROR_SSL))