From 653cc07b51f273a6537e5d0329731b4c45384446 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Lutz=20J=C3=A4nicke?= <jaenicke@openssl.org>
Date: Sun, 19 Aug 2001 16:23:57 +0000
Subject: [PATCH] Alert description strings for TLSv1 and documentation.

---
 CHANGES         |  3 +++
 doc/ssl/ssl.pod |  1 +
 ssl/ssl_stat.c  | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 52 insertions(+)

diff --git a/CHANGES b/CHANGES
index 835635980c..aed1082915 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.6b and 0.9.6c  [XX xxx XXXX]
 
+  *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
+     [Lutz Jaenicke]
+
   *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
      for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
      [Lutz Jaenicke]
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 2bb10ec8d0..03981b8577 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -675,6 +675,7 @@ L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
 L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
 L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
 L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
 L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
 L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
 L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index 17b2e5d721..acca1da94a 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -387,6 +387,18 @@ char *SSL_alert_desc_string(int value)
 	case SSL3_AD_CERTIFICATE_EXPIRED:	str="CE"; break;
 	case SSL3_AD_CERTIFICATE_UNKNOWN:	str="CU"; break;
 	case SSL3_AD_ILLEGAL_PARAMETER:		str="IP"; break;
+	case TLS1_AD_DECRYPTION_FAILED		str="DC"; break;
+	case TLS1_AD_RECORD_OVERFLOW		str="RO"; break;
+	case TLS1_AD_UNKNOWN_CA			str="CA"; break;
+	case TLS1_AD_ACCESS_DENIED		str="AD"; break;
+	case TLS1_AD_DECODE_ERROR		str="DE"; break;
+	case TLS1_AD_DECRYPT_ERROR		str="CY"; break;
+	case TLS1_AD_EXPORT_RESTRICTION		str="ER"; break;
+	case TLS1_AD_PROTOCOL_VERSION		str="PV"; break;
+	case TLS1_AD_INSUFFICIENT_SECURITY	str="IS"; break;
+	case TLS1_AD_INTERNAL_ERROR		str="IE"; break;
+	case TLS1_AD_USER_CANCELLED		str="US"; break;
+	case TLS1_AD_NO_RENEGOTIATION		str="NR"; break;
 	default:				str="UK"; break;
 		}
 	return(str);
@@ -434,6 +446,42 @@ char *SSL_alert_desc_string_long(int value)
 	case SSL3_AD_ILLEGAL_PARAMETER:
 		str="illegal parameter";
 		break;
+	case TLS1_AD_DECRYPTION_FAILED
+		str="decryption failed";
+		break;
+	case TLS1_AD_RECORD_OVERFLOW
+		str="record overflow";
+		break;
+	case TLS1_AD_UNKNOWN_CA
+		str="unknown CA";
+		break;
+	case TLS1_AD_ACCESS_DENIED
+		str="access denied";
+		break;
+	case TLS1_AD_DECODE_ERROR
+		str="decode error";
+		break;
+	case TLS1_AD_DECRYPT_ERROR
+		str="decrypt error";
+		break;
+	case TLS1_AD_EXPORT_RESTRICTION
+		str="export restriction";
+		break;
+	case TLS1_AD_PROTOCOL_VERSION
+		str="protocol version";
+		break;
+	case TLS1_AD_INSUFFICIENT_SECURITY
+		str="insufficient security";
+		break;
+	case TLS1_AD_INTERNAL_ERROR
+		str="internal error";
+		break;
+	case TLS1_AD_USER_CANCELLED
+		str="user canceled";
+		break;
+	case TLS1_AD_NO_RENEGOTIATION
+		str="no renegotiation";
+		break;
 	default: str="unknown"; break;
 		}
 	return(str);
-- 
2.25.1