From ca31118f5d3948103b3eaf8207aecfae59150565 Mon Sep 17 00:00:00 2001 From: jsing Date: Tue, 29 Jun 2021 19:43:15 +0000 Subject: [PATCH] Track sigalg used by ourselves and our peer in the legacy stack. This is needed for upcoming API additions. --- lib/libssl/ssl_clnt.c | 4 +++- lib/libssl/ssl_srvr.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 6fe22e04e87..a7a7bf93a54 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.104 2021/06/29 19:23:36 jsing Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.105 2021/06/29 19:43:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1562,6 +1562,7 @@ ssl3_get_server_key_exchange(SSL *s) al = SSL_AD_DECODE_ERROR; goto fatal_err; } + S3I(s)->hs.peer_sigalg = sigalg; if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(), NULL, pkey)) @@ -2338,6 +2339,7 @@ ssl3_send_client_verify_sigalgs(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) SSLerror(s, SSL_R_UNKNOWN_DIGEST); goto err; } + S3I(s)->hs.our_sigalg = sigalg; if (!tls1_transcript_data(s, &hdata, &hdata_len)) { SSLerror(s, ERR_R_INTERNAL_ERROR); diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index e3eeddab0fe..2097ccdebfb 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.116 2021/06/29 19:24:07 jsing Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.117 2021/06/29 19:43:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1565,6 +1565,7 @@ ssl3_send_server_key_exchange(SSL *s) al = SSL_AD_DECODE_ERROR; goto fatal_err; } + S3I(s)->hs.our_sigalg = sigalg; /* Send signature algorithm. */ if (SSL_USE_SIGALGS(s)) { @@ -2194,6 +2195,7 @@ ssl3_get_cert_verify(SSL *s) al = SSL_AD_DECODE_ERROR; goto fatal_err; } + S3I(s)->hs.peer_sigalg = sigalg; if (SSL_USE_SIGALGS(s)) { EVP_PKEY_CTX *pctx; -- 2.20.1