diff options
| author | beck <> | 2018-11-17 11:22:43 +0000 |
|---|---|---|
| committer | beck <> | 2018-11-17 11:22:43 +0000 |
| commit | 041aeb91a95a5be54d73153ff1a3efac4df4bc99 (patch) | |
| tree | 2ae418d1b2a64cb42580ace73fd667e74bf203b0 | |
| parent | f6a3b032847502583b5bd50da540344191918c48 (diff) | |
| download | openbsd-041aeb91a95a5be54d73153ff1a3efac4df4bc99.tar.gz openbsd-041aeb91a95a5be54d73153ff1a3efac4df4bc99.tar.bz2 openbsd-041aeb91a95a5be54d73153ff1a3efac4df4bc99.zip | |
Fix DTLS, because DTLS still remains a special flower, allows regress to pass
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 7 |
2 files changed, 10 insertions, 4 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 57fdbcbced..00bccf0571 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.47 2018/11/16 21:20:15 beck Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.48 2018/11/17 11:22:43 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1533,7 +1533,10 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1533 | goto f_err; | 1533 | goto f_err; |
| 1534 | } | 1534 | } |
| 1535 | } else if (pkey->type == EVP_PKEY_RSA) { | 1535 | } else if (pkey->type == EVP_PKEY_RSA) { |
| 1536 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); | 1536 | if (SSL_IS_DTLS(s)) |
| 1537 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1); | ||
| 1538 | else | ||
| 1539 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); | ||
| 1537 | } else if (pkey->type == EVP_PKEY_EC) { | 1540 | } else if (pkey->type == EVP_PKEY_EC) { |
| 1538 | sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1); | 1541 | sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1); |
| 1539 | } else { | 1542 | } else { |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index b69b7cecfe..4ed6a95414 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.194 2018/11/14 17:24:14 mestre Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.195 2018/11/17 11:22:43 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2209,7 +2209,10 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd, | |||
| 2209 | sigalg = c->pkeys[idx].sigalg; | 2209 | sigalg = c->pkeys[idx].sigalg; |
| 2210 | if (!SSL_USE_SIGALGS(s)) { | 2210 | if (!SSL_USE_SIGALGS(s)) { |
| 2211 | if (pkey->type == EVP_PKEY_RSA) { | 2211 | if (pkey->type == EVP_PKEY_RSA) { |
| 2212 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1); | 2212 | if (SSL_IS_DTLS(s)) |
| 2213 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1); | ||
| 2214 | else | ||
| 2215 | sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); | ||
| 2213 | } else if (pkey->type == EVP_PKEY_EC) { | 2216 | } else if (pkey->type == EVP_PKEY_EC) { |
| 2214 | sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1); | 2217 | sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1); |
| 2215 | } else { | 2218 | } else { |