From 3104685cc6840e05d68c184fff03beb339b20fbc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 4 Sep 2024 23:36:14 +0200
Subject: [PATCH] ssl_server: Allow the client to close the connection first

This is necessary when testing against OpenSSL 1.0.2g.

In the server, flush more often. Otherwise, when stdout is redirected to a
file, the server gets killed before it writes important information, such as
the logs that we expect in the test cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 programs/ssl/ssl_server.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index c3bd8fc610..aa06ad34be 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -312,16 +312,19 @@ reset:
     mbedtls_printf(" %d bytes written\n\n%s\n", len, (char *) buf);
 
     mbedtls_printf("  . Closing the connection...");
+    fflush(stdout);
 
     while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) {
         if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
-            ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+            ret != MBEDTLS_ERR_NET_CONN_RESET) {
             mbedtls_printf(" failed\n  ! mbedtls_ssl_close_notify returned %d\n\n", ret);
             goto reset;
         }
     }
 
     mbedtls_printf(" ok\n");
+    fflush(stdout);
 
     ret = 0;
     goto reset;