Alert description strings for TLSv1 and documentation.

CHANGES

@@ -4,6 +4,9 @@
 
  Changes between 0.9.6b and 0.9.6c  [XX xxx XXXX]
 
+  *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
+     [Lutz Jaenicke]
+
   *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
      for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
      [Lutz Jaenicke]

doc/ssl/ssl.pod

@@ -675,6 +675,7 @@ L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
 L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
 L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
 L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
 L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
 L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
 L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,

ssl/ssl_stat.c

@@ -387,6 +387,18 @@ char *SSL_alert_desc_string(int value)
 	case SSL3_AD_CERTIFICATE_EXPIRED:	str="CE"; break;
 	case SSL3_AD_CERTIFICATE_UNKNOWN:	str="CU"; break;
 	case SSL3_AD_ILLEGAL_PARAMETER:		str="IP"; break;
+	case TLS1_AD_DECRYPTION_FAILED		str="DC"; break;
+	case TLS1_AD_RECORD_OVERFLOW		str="RO"; break;
+	case TLS1_AD_UNKNOWN_CA			str="CA"; break;
+	case TLS1_AD_ACCESS_DENIED		str="AD"; break;
+	case TLS1_AD_DECODE_ERROR		str="DE"; break;
+	case TLS1_AD_DECRYPT_ERROR		str="CY"; break;
+	case TLS1_AD_EXPORT_RESTRICTION		str="ER"; break;
+	case TLS1_AD_PROTOCOL_VERSION		str="PV"; break;
+	case TLS1_AD_INSUFFICIENT_SECURITY	str="IS"; break;
+	case TLS1_AD_INTERNAL_ERROR		str="IE"; break;
+	case TLS1_AD_USER_CANCELLED		str="US"; break;
+	case TLS1_AD_NO_RENEGOTIATION		str="NR"; break;
 	default:				str="UK"; break;
 		}
 	return(str);
@@ -434,6 +446,42 @@ char *SSL_alert_desc_string_long(int value)
 	case SSL3_AD_ILLEGAL_PARAMETER:
 		str="illegal parameter";
 		break;
+	case TLS1_AD_DECRYPTION_FAILED
+		str="decryption failed";
+		break;
+	case TLS1_AD_RECORD_OVERFLOW
+		str="record overflow";
+		break;
+	case TLS1_AD_UNKNOWN_CA
+		str="unknown CA";
+		break;
+	case TLS1_AD_ACCESS_DENIED
+		str="access denied";
+		break;
+	case TLS1_AD_DECODE_ERROR
+		str="decode error";
+		break;
+	case TLS1_AD_DECRYPT_ERROR
+		str="decrypt error";
+		break;
+	case TLS1_AD_EXPORT_RESTRICTION
+		str="export restriction";
+		break;
+	case TLS1_AD_PROTOCOL_VERSION
+		str="protocol version";
+		break;
+	case TLS1_AD_INSUFFICIENT_SECURITY
+		str="insufficient security";
+		break;
+	case TLS1_AD_INTERNAL_ERROR
+		str="internal error";
+		break;
+	case TLS1_AD_USER_CANCELLED
+		str="user canceled";
+		break;
+	case TLS1_AD_NO_RENEGOTIATION
+		str="no renegotiation";
+		break;
 	default: str="unknown"; break;
 		}
 	return(str);