mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-03-20 19:21:09 +01:00
d589854611
Even though the TLS RFCs do not mandate libraries to expose *Error Alerts* (as defined in RFC8446 6.2 for TLS 1.3 and in RFC5246 7.2.2 for TLS 1.2) to the user, there are use cases when it is handy to get the actual last received fatal error instead of a generic one. For instance this enables the user to differ between received fatal errors in case `mbedtls_ssl_handshake()`, `mbedtls_ssl_handshake_step()` or `mbedtls_ssl_read()` returned `MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE`. This changesets stores the last incoming fatal alert in `mbedtls_ssl_context` and provides `mbedtls_ssl_get_alert()` as a getter for retrieving it. Another option would be to provide a callback mechanisms for all kinds of alerts (not only fatals) but for simplicity I discarded this option. Signed-off-by: Nico Geyso <ng@gsmk.de>