From b38981f572fe97feae7bcd146b5ab22cbc180d7d Mon Sep 17 00:00:00 2001 From: jsing Date: Tue, 29 Jun 2021 19:31:16 +0000 Subject: [PATCH] Use appropriate TLS version when building client sigalg extensions. Only use the minimum TLS version to when building a signature algorithms extension for a ClientHello - in all other cases we should be using the negotiated TLS version. ok inoguchi@ tb@ --- lib/libssl/ssl_tlsext.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c index 22932f969dc..2eac4947e9a 100644 --- a/lib/libssl/ssl_tlsext.c +++ b/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.96 2021/06/27 17:59:17 jsing Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.97 2021/06/29 19:31:16 jsing Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -558,11 +558,15 @@ tlsext_sigalgs_client_needs(SSL *s, uint16_t msg_type) int tlsext_sigalgs_client_build(SSL *s, uint16_t msg_type, CBB *cbb) { + uint16_t tls_version = S3I(s)->hs.negotiated_tls_version; CBB sigalgs; + if (msg_type == SSL_TLSEXT_MSG_CH) + tls_version = S3I(s)->hs.our_min_tls_version; + if (!CBB_add_u16_length_prefixed(cbb, &sigalgs)) return 0; - if (!ssl_sigalgs_build(S3I(s)->hs.our_min_tls_version, &sigalgs)) + if (!ssl_sigalgs_build(tls_version, &sigalgs)) return 0; if (!CBB_flush(cbb)) return 0; -- 2.20.1