Add reason codes with the correct offset for two alerts

Fixes #24300. The current values of SSL_R_NO_APPLICATION_PROTOCOL and
SSL_R_PSK_IDENTITY_NOT_FOUND don't allow for a correct lookup of the
corresponding reason strings.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24351)

crypto/err/openssl.ec

@@ -76,4 +76,6 @@ R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE          1111
 R SSL_R_TLSV1_UNRECOGNIZED_NAME                 1112
 R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE   1113
 R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE        1114
+R SSL_R_TLSV1_ALERT_UNKNOWN_PSK_IDENTITY        1115
 R SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED       1116
+R SSL_R_TLSV1_ALERT_NO_APPLICATION_PROTOCOL     1120

crypto/err/openssl.txt

@@ -1601,10 +1601,13 @@ SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION:1060:tlsv1 alert export restriction
 SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK:1086:tlsv1 alert inappropriate fallback
 SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY:1071:tlsv1 alert insufficient security
 SSL_R_TLSV1_ALERT_INTERNAL_ERROR:1080:tlsv1 alert internal error
+SSL_R_TLSV1_ALERT_NO_APPLICATION_PROTOCOL:1120:\
+	tlsv1 alert no application protocol
 SSL_R_TLSV1_ALERT_NO_RENEGOTIATION:1100:tlsv1 alert no renegotiation
 SSL_R_TLSV1_ALERT_PROTOCOL_VERSION:1070:tlsv1 alert protocol version
 SSL_R_TLSV1_ALERT_RECORD_OVERFLOW:1022:tlsv1 alert record overflow
 SSL_R_TLSV1_ALERT_UNKNOWN_CA:1048:tlsv1 alert unknown ca
+SSL_R_TLSV1_ALERT_UNKNOWN_PSK_IDENTITY:1115:tlsv1 alert unknown psk identity
 SSL_R_TLSV1_ALERT_USER_CANCELLED:1090:tlsv1 alert user cancelled
 SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE:1114:tlsv1 bad certificate hash value
 SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE:1113:\

include/openssl/sslerr.h

@@ -309,10 +309,12 @@
 # define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK         1086
 # define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
 # define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
+# define SSL_R_TLSV1_ALERT_NO_APPLICATION_PROTOCOL        1120
 # define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
 # define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
 # define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
 # define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
+# define SSL_R_TLSV1_ALERT_UNKNOWN_PSK_IDENTITY           1115
 # define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
 # define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE           1114
 # define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE      1113

ssl/ssl_err.c

@@ -500,6 +500,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
     "tlsv1 alert insufficient security"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
     "tlsv1 alert internal error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_NO_APPLICATION_PROTOCOL),
+    "tlsv1 alert no application protocol"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
     "tlsv1 alert no renegotiation"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
@@ -508,6 +510,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
     "tlsv1 alert record overflow"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_UNKNOWN_CA),
     "tlsv1 alert unknown ca"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_UNKNOWN_PSK_IDENTITY),
+    "tlsv1 alert unknown psk identity"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_USER_CANCELLED),
     "tlsv1 alert user cancelled"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),