Declare SSL_R_BLOCK_CIPHER_PAD_IS_WRONG and SSL_R_NO_CIPHERS_SPECIFIED.

nginx consumes these error codes without #ifdefs. Continue to define
them for compatibility, even though we never emit them.

BUG=95

Change-Id: I1e991987ce25fc4952cc85b98ffa050a8beab92e
Reviewed-on: https://boringssl-review.googlesource.com/10446
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

crypto/err/ssl.errordata

@@ -18,6 +18,7 @@ SSL,116,BAD_SRTP_PROTECTION_PROFILE_LIST
 SSL,117,BAD_SSL_FILETYPE
 SSL,118,BAD_WRITE_RETRY
 SSL,119,BIO_NOT_SET
+SSL,261,BLOCK_CIPHER_PAD_IS_WRONG
 SSL,120,BN_LIB
 SSL,255,BUFFERED_MESSAGES_ON_CIPHER_CHANGE
 SSL,121,BUFFER_TOO_SMALL
@@ -82,6 +83,7 @@ SSL,173,NO_CERTIFICATE_ASSIGNED
 SSL,174,NO_CERTIFICATE_SET
 SSL,175,NO_CIPHERS_AVAILABLE
 SSL,176,NO_CIPHERS_PASSED
+SSL,262,NO_CIPHERS_SPECIFIED
 SSL,177,NO_CIPHER_MATCH
 SSL,253,NO_COMMON_SIGNATURE_ALGORITHMS
 SSL,178,NO_COMPRESSION_SPECIFIED

include/openssl/ssl.h

@@ -4809,6 +4809,8 @@ OPENSSL_EXPORT int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
 #define SSL_R_MISSING_KEY_SHARE 258
 #define SSL_R_INVALID_ALPN_PROTOCOL 259
 #define SSL_R_TOO_MANY_KEY_UPDATES 260
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 261
+#define SSL_R_NO_CIPHERS_SPECIFIED 262
 #define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020

ssl/ssl_lib.c

@@ -168,6 +168,11 @@
  * to avoid downstream churn. */
 OPENSSL_DECLARE_ERROR_REASON(SSL, UNKNOWN_PROTOCOL)
 
+/* The following errors are no longer emitted, but are used in nginx without
+ * #ifdefs. */
+OPENSSL_DECLARE_ERROR_REASON(SSL, BLOCK_CIPHER_PAD_IS_WRONG)
+OPENSSL_DECLARE_ERROR_REASON(SSL, NO_CIPHERS_SPECIFIED)
+
 /* Some error codes are special. Ensure the make_errors.go script never
  * regresses this. */
 OPENSSL_COMPILE_ASSERT(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ==