Hello, enclosed please find a patch to documentand recognize the unknown_psk_identity alert:
- In the s_cb.c callback - in the documentation of SSL_alert_type_string In addition, it removes a pre-RFC 5054 string from ssl_stat.c regards Peter
diff -r -p -c openssl-SNAP-20111031/apps/s_cb.c openssl-SNAP-20111031PS/apps/s_cb.c *** openssl-SNAP-20111031/apps/s_cb.c 2011-04-30 01:00:04.000000000 +0200 --- openssl-SNAP-20111031PS/apps/s_cb.c 2011-10-31 12:12:45.411688996 +0100 *************** void MS_CALLBACK msg_cb(int write_p, int *** 552,557 **** --- 552,560 ---- case 114: str_details2 = " bad_certificate_hash_value"; break; + case 115: + str_details2 = " unknown_psk_identity"; + break; } } } diff -r -p -c openssl-SNAP-20111031/doc/ssl/SSL_alert_type_string.pod openssl-SNAP-20111031PS/doc/ssl/SSL_alert_type_string.pod *** openssl-SNAP-20111031/doc/ssl/SSL_alert_type_string.pod 2001-09-07 09:01:27.000000000 +0200 --- openssl-SNAP-20111031PS/doc/ssl/SSL_alert_type_string.pod 2011-10-31 12:12:45.411688996 +0100 *************** satisfy a request; the process might rec *** 214,219 **** --- 214,224 ---- difficult to communicate changes to these parameters after that point. This message is always a warning. + =item "UP"/"unknown PSK identity" + + Sent by the server to indicate that it does not recognize a PSK + identity or an SRP identity. + =item "UK"/"unknown" This indicates that no description is available for this alert type. diff -r -p -c openssl-SNAP-20111031/ssl/ssl_stat.c openssl-SNAP-20111031PS/ssl/ssl_stat.c *** openssl-SNAP-20111031/ssl/ssl_stat.c 2011-03-12 19:00:09.000000000 +0100 --- openssl-SNAP-20111031PS/ssl/ssl_stat.c 2011-10-31 12:12:45.419688996 +0100 *************** const char *SSL_alert_desc_string_long(i *** 550,560 **** case TLS1_AD_UNKNOWN_PSK_IDENTITY: str="unknown PSK identity"; break; - #ifndef OPENSSL_NO_SRP - case TLS1_AD_MISSING_SRP_USERNAME: - str="no srp username"; - break; - #endif default: str="unknown"; break; } return(str); --- 550,555 ----