mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Set signature algorithm when choosing cipher

Browse Source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2339)
This commit is contained in:
Dr. Stephen Henson 2017-01-31 18:00:55 +00:00
parent 93a77f9e2c
commit 5672327522
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/statem/statem_srvr.c
View File

@ -1797,6 +1797,12 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
goto f_err;
}
s->s3->tmp.new_cipher = cipher;
if (!tls_choose_sigalg(s)) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
goto f_err;
}
/* check whether we should disable session resumption */
if (s->not_resumable_session_cb != NULL)
s->session->not_resumable =