net: sockets: tls: Use better error code

Mbed TLS 3.0 removes the definition for MBED_ERR_SSL_PEER_VERIFY_FAILED, since non of its code ever returns that value. Since there isn't really a perfect response, instead return a somewhat generic response indicating this was unexpected. Signed-off-by: David Brown <[email protected]>
ucb-bar · Oct 7, 2021 · fc3f4a6 · fc3f4a6
1 parent 26a630b
commit fc3f4a6
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/subsys/net/lib/sockets/sockets_tls.c b/subsys/net/lib/sockets/sockets_tls.c
@@ -59,6 +59,10 @@ LOG_MODULE_REGISTER(net_sock_tls, CONFIG_NET_SOCKETS_LOG_LEVEL);
 
 static const struct socket_op_vtable tls_sock_fd_op_vtable;
 
+#ifndef MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED
+#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+#endif
+
 /** A list of secure tags that TLS context should use. */
 struct sec_tag_list {
 	/** An array of secure tags referencing TLS credentials. */