commit dd51826b4ecd725032987690f6ee79d3f5614aab
author Gilles Peskine <Gilles.Peskine@arm.com> Tue Aug 27 12:17:22 2024 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Sep 25 17:52:48 2024 +0200
tree 48076019597823b5d4676a674907f1d7af2e0185
parent 1dbfb4b8e2942b16f438e647f953cedc09d75a3d

ssl_client1: Exit with an error status if the TLS connection failed

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

programs/ssl/ssl_client1.c

diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index ee734b1..e51bbd4 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -240,6 +240,9 @@
         }
 
         if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
+            mbedtls_printf("The return value %d from mbedtls_ssl_read() means that the server\n"
+                           "closed the connection first. We're ok with that.\n",
+                           MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY);
             break;
         }
 
@@ -259,7 +262,9 @@
 
     mbedtls_ssl_close_notify(&ssl);
 
-    exit_code = MBEDTLS_EXIT_SUCCESS;
+    if (ret == 0 || ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
+        exit_code = MBEDTLS_EXIT_SUCCESS;
+    }
 
 exit: