From a7c1df63216d0a6d38f416e066ed64a5e375d2c3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 5 Feb 2019 14:35:46 +0000
Subject: [PATCH] Don't progress TLS state machine on peer CRT chain parsing
 error

---
 library/ssl_tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e3663fc92..ff38eb046 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6453,7 +6453,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
     ssl_clear_peer_cert( ssl->session_negotiate );
 
     if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 )
-        goto exit;
+        return( ret );
 
 #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
     if( ssl->handshake->ecrs_enabled)