Add test for extensionless ClientHello
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e69091c..34c1565 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1480,8 +1480,6 @@
msg_len != ext_offset + 2 + ext_len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
- MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions",
- buf + ext_offset + 2, ext_len );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
}
@@ -1489,6 +1487,7 @@
ext_len = 0;
ext = buf + ext_offset + 2;
+ MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
while( ext_len != 0 )
{
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d3b7b3f..c07c8ca 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2488,6 +2488,14 @@
0 \
-c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
+# Test for ClientHello without extensions
+
+run_test "CLientHello without extensions" \
+ "$P_SRV debug_level=3" \
+ "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \
+ 0 \
+ -s "dumping 'client hello extensions' (0 bytes)"
+
# Tests for mbedtls_ssl_get_bytes_avail()
run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
