From: jsing Date: Tue, 29 Jun 2021 19:29:16 +0000 (+0000) Subject: Change ssl_sigalg_from_value() to take SSL * instead of a TLS version. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=468bde535c47957d2ffd881f2cfb3818d12024d1;p=openbsd Change ssl_sigalg_from_value() to take SSL * instead of a TLS version. This simplifies callers, as only the negotiated TLS version needs to be used here. Requested by tb@ --- diff --git a/lib/libssl/ssl_sigalgs.c b/lib/libssl/ssl_sigalgs.c index f9788fb2636..b503503105f 100644 --- a/lib/libssl/ssl_sigalgs.c +++ b/lib/libssl/ssl_sigalgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sigalgs.c,v 1.34 2021/06/29 19:25:59 jsing Exp $ */ +/* $OpenBSD: ssl_sigalgs.c,v 1.35 2021/06/29 19:29:16 jsing Exp $ */ /* * Copyright (c) 2018-2020 Bob Beck * Copyright (c) 2021 Joel Sing @@ -203,13 +203,14 @@ ssl_sigalg_lookup(uint16_t value) } static const struct ssl_sigalg * -ssl_sigalg_from_value(uint16_t tls_version, uint16_t value) +ssl_sigalg_from_value(SSL *s, uint16_t value) { const uint16_t *values; size_t len; int i; - ssl_sigalgs_for_version(tls_version, &values, &len); + ssl_sigalgs_for_version(S3I(s)->hs.negotiated_tls_version, + &values, &len); for (i = 0; i < len; i++) { if (values[i] == value) @@ -325,8 +326,7 @@ ssl_sigalg_select(SSL *s, EVP_PKEY *pkey) if (!CBS_get_u16(&cbs, &sigalg_value)) return 0; - if ((sigalg = ssl_sigalg_from_value( - S3I(s)->hs.negotiated_tls_version, sigalg_value)) == NULL) + if ((sigalg = ssl_sigalg_from_value(s, sigalg_value)) == NULL) continue; if (ssl_sigalg_pkey_ok(s, sigalg, pkey)) return sigalg; @@ -344,8 +344,7 @@ ssl_sigalg_for_peer(SSL *s, EVP_PKEY *pkey, uint16_t sigalg_value) if (!SSL_USE_SIGALGS(s)) return ssl_sigalg_for_legacy(s, pkey); - if ((sigalg = ssl_sigalg_from_value(S3I(s)->hs.negotiated_tls_version, - sigalg_value)) == NULL) { + if ((sigalg = ssl_sigalg_from_value(s, sigalg_value)) == NULL) { SSLerror(s, SSL_R_UNKNOWN_DIGEST); return (NULL); }