From 551acd2b198f85b99037a47576c0d808dcc7d4fa Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 12 Aug 2022 16:27:17 +0200
Subject: [PATCH] Translate verify callback error with compat layer

---
 src/internal.c     | 4 ++++
 src/x509_str.c     | 2 +-
 wolfssl/internal.h | 3 +++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index 16506ead2..5b182425b 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -11992,7 +11992,11 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int ret,
             }
         }
 
+#ifndef OPENSSL_COMPATIBLE_DEFAULTS
         store->error = ret;
+#else
+        store->error = GetX509Error(ret);
+#endif
         store->error_depth = args->certIdx;
         store->discardSessionCerts = 0;
         store->domain = domain;
diff --git a/src/x509_str.c b/src/x509_str.c
index 5cd9af652..4962c798d 100644
--- a/src/x509_str.c
+++ b/src/x509_str.c
@@ -161,7 +161,7 @@ void wolfSSL_X509_STORE_CTX_trusted_stack(WOLFSSL_X509_STORE_CTX *ctx, WOLF_STAC
 
 
 /* Returns corresponding X509 error from internal ASN error <e> */
-static int GetX509Error(int e)
+int GetX509Error(int e)
 {
     switch (e) {
         case ASN_BEFORE_DATE_E:
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 43c24583e..ca7c64789 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -5605,6 +5605,9 @@ WOLFSSL_LOCAL int wolfSSL_StaticEphemeralKeyLoad(WOLFSSL* ssl, int keyAlgo, void
 WOLFSSL_LOCAL int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out,
     const WOLFSSL_ASN1_STRING* asn_in);
 #endif
+#ifdef OPENSSL_EXTRA
+WOLFSSL_LOCAL int GetX509Error(int e);
+#endif
 #endif
 
 #if defined(HAVE_EX_DATA) && \