{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
+{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
{SSL_R_HTTP_REQUEST ,"http request"},
+{SSL_R_ILLEGAL_PADDING ,"illegal padding"},
{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
{SSL_R_INVALID_COMMAND ,"invalid command"},
{SSL_R_INVALID_PURPOSE ,"invalid purpose"},
{SSL_R_INVALID_TRUST ,"invalid trust"},
-{SSL_R_KRB5_C_CC_PRINC ,"krb5 c cc princ"},
-{SSL_R_KRB5_C_GET_CRED ,"krb5 c get cred"},
-{SSL_R_KRB5_C_INIT ,"krb5 c init"},
-{SSL_R_KRB5_C_MK_REQ ,"krb5 c mk req"},
-{SSL_R_KRB5_S_BAD_TICKET ,"krb5 s bad ticket"},
-{SSL_R_KRB5_S_INIT ,"krb5 s init"},
-{SSL_R_KRB5_S_RD_REQ ,"krb5 s rd req"},
+{SSL_R_KRB5 ,"krb5"},
+{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},
+{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},
+{SSL_R_KRB5_C_INIT ,"krb5 client init"},
+{SSL_R_KRB5_C_MK_REQ ,"krb5 client mk_req (expired tkt?)"},
+{SSL_R_KRB5_S_BAD_TICKET ,"krb5 server bad ticket"},
+{SSL_R_KRB5_S_INIT ,"krb5 server init"},
+{SSL_R_KRB5_S_RD_REQ ,"krb5 server rd_req (keytab perms?)"},
+{SSL_R_KRB5_S_TKT_EXPIRED ,"krb5 server tkt expired"},
+{SSL_R_KRB5_S_TKT_NYV ,"krb5 server tkt not yet valid"},
+{SSL_R_KRB5_S_TKT_SKEW ,"krb5 server tkt skew"},
{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
{SSL_R_LIBRARY_BUG ,"library bug"},