BUG/MINOR: ssl/sample: x509_v_err_str converter output when not found

The x509_v_err_str converter now outputs the numerical value as a string
when the corresponding constant name was not found.

Must be backported as far as 2.7.

doc/configuration.txt

@@ -19105,6 +19105,9 @@ x509_v_err_str
   is useful in ACL in order to have a configuration which works with multiple
   version of OpenSSL since some codes might change when changing version.
 
+  When the corresponding constant name was not found, outputs the numerical
+  value as a string.
+
   The list of constant provided by OpenSSL can be found at
   https://www.openssl.org/docs/manmaster/man3/X509_STORE_CTX_get_error.html#ERROR-CODES
   Be careful to read the page for the right version of OpenSSL.
@@ -19121,6 +19124,9 @@ x509_v_err_str
     http-response add-header X-SSL Expired if cert_expired
     http-response add-header X-SSL Revoked if cert_revoked
 
+    http-response add-header X-SSL-verify %[ssl_c_verify,x509_v_err_str]
+
+
 7.3.2. Fetching samples from internal states
 --------------------------------------------
 

src/ssl_sample.c

@@ -410,6 +410,17 @@ static int sample_conv_x509_v_err(const struct arg *arg_p, struct sample *smp, v
 		smp->data.type = SMP_T_STR;
 		smp->flags |= SMP_F_CONST;
 
+		return 1;
+	} else {
+		struct buffer *smp_trash = get_trash_chunk();
+
+		/* if the conversion failed, output the numbers as string */
+		chunk_printf(smp_trash, "%llu", smp->data.u.sint);
+
+		smp->data.u.str = *smp_trash;
+		smp->data.type = SMP_T_STR;
+		smp->flags &= ~SMP_F_CONST;
+
 		return 1;
 	}