From 4cc8c632265414a97b5a4f5382702b0e849ef4de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 23 Jul 2015 12:24:03 +0200
Subject: [PATCH] Add test for extensionless ClientHello

---
 library/ssl_srv.c | 3 +--
 tests/ssl-opt.sh  | 8 ++++++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e69091c3c..34c1565c9 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1480,8 +1480,6 @@ read_record_header:
             msg_len != ext_offset + 2 + ext_len )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions",
-                              buf + ext_offset + 2, ext_len );
             return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
         }
     }
@@ -1489,6 +1487,7 @@ read_record_header:
         ext_len = 0;
 
     ext = buf + ext_offset + 2;
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
 
     while( ext_len != 0 )
     {
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d3b7b3fdc..c07c8cac9 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2488,6 +2488,14 @@ run_test    "Per-version suites: TLS 1.2" \
             0 \
             -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
 
+# Test for ClientHello without extensions
+
+run_test    "CLientHello without extensions" \
+            "$P_SRV debug_level=3" \
+            "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \
+            0 \
+            -s "dumping 'client hello extensions' (0 bytes)"
+
 # Tests for mbedtls_ssl_get_bytes_avail()
 
 run_test    "mbedtls_ssl_get_bytes_avail: no extra data" \