Use more specific name in debug message for testing
While 'session hash' is currently unique, so suitable to prove that the
intended code path has been taken, it's a generic enough phrase that in the
future we might add other debug messages containing it in completely unrelated
code paths. In order to future-proof the accuracy of the test, let's use a
more specific string.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b4e7960..f990e8c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1143,7 +1143,8 @@
handshake->calc_verify( ssl, session_hash, &hash_len );
- MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "session hash for extended master secret",
+ session_hash, hash_len );
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
"extended master secret",
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 92eb62c..977903e 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1210,8 +1210,8 @@
-s "found extended master secret extension" \
-s "server hello, adding extended master secret extension" \
-c "found extended_master_secret extension" \
- -c "session hash" \
- -s "session hash"
+ -c "session hash for extended master secret" \
+ -s "session hash for extended master secret"
run_test "Extended Master Secret: client enabled, server disabled" \
"$P_SRV debug_level=3 extended_ms=0" \
@@ -1221,8 +1221,8 @@
-s "found extended master secret extension" \
-S "server hello, adding extended master secret extension" \
-C "found extended_master_secret extension" \
- -C "session hash" \
- -S "session hash"
+ -C "session hash for extended master secret" \
+ -S "session hash for extended master secret"
run_test "Extended Master Secret: client disabled, server enabled" \
"$P_SRV debug_level=3 extended_ms=1" \
@@ -1232,8 +1232,8 @@
-S "found extended master secret extension" \
-S "server hello, adding extended master secret extension" \
-C "found extended_master_secret extension" \
- -C "session hash" \
- -S "session hash"
+ -C "session hash for extended master secret" \
+ -S "session hash for extended master secret"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
run_test "Extended Master Secret: client SSLv3, server enabled" \
@@ -1244,8 +1244,8 @@
-S "found extended master secret extension" \
-S "server hello, adding extended master secret extension" \
-C "found extended_master_secret extension" \
- -C "session hash" \
- -S "session hash"
+ -C "session hash for extended master secret" \
+ -S "session hash for extended master secret"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
run_test "Extended Master Secret: client enabled, server SSLv3" \
@@ -1256,8 +1256,8 @@
-S "found extended master secret extension" \
-S "server hello, adding extended master secret extension" \
-C "found extended_master_secret extension" \
- -C "session hash" \
- -S "session hash"
+ -C "session hash for extended master secret" \
+ -S "session hash for extended master secret"
# Tests for FALLBACK_SCSV