TLS client: Send decrypt_error on verify_data validation error

Previously, this was silently dropped which left the connection waiting
for timeout. decrypt_error alert can be used here to avoid that.

Signed-off-by: Jouni Malinen <j@w1.fi>

src/tls/tlsv1_client_read.c

@@ -931,6 +931,8 @@ static int tls_process_server_finished(struct tlsv1_client *conn, u8 ct,
 
 	if (os_memcmp(pos, verify_data, TLS_VERIFY_DATA_LEN) != 0) {
 		wpa_printf(MSG_INFO, "TLSv1: Mismatch in verify_data");
+		tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
+			  TLS_ALERT_DECRYPT_ERROR);
 		return -1;
 	}