Don't push the error stack in ssl_sigalg_select()

Doing so breaks certificate selection if a TLS 1.3 client does not support EC certs, and needs to fall back to RSA. ok tb@
author: beck <> 2024-07-09 13:43:57 +0000
committer: beck <> 2024-07-09 13:43:57 +0000
commit: 8650699b1869f80bbf61c9ae64c0b11e1c531cac (patch)
tree: 7c91383273177fd0d54ec78d73017b9f65d2a7af
parent: 2d70393a18dc5114557488b463ae366b851b4e88 (diff)
download: openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.tar.gz
openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.tar.bz2
openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index 9876e82a6f..18d71f6b95 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.49 2024/02/03 15:58:34 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.50 2024/07/09 13:43:57 beck Exp $ */
 /*
 * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
@@ -337,7 +337,6 @@ ssl_sigalg_select(SSL *s, EVP_PKEY *pkey)
                        return sigalg;
        }
-        SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
        return NULL;
 }
author	beck <>	2024-07-09 13:43:57 +0000
committer	beck <>	2024-07-09 13:43:57 +0000
commit	8650699b1869f80bbf61c9ae64c0b11e1c531cac (patch)
tree	7c91383273177fd0d54ec78d73017b9f65d2a7af
parent	2d70393a18dc5114557488b463ae366b851b4e88 (diff)
download	openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.tar.gz openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.tar.bz2 openbsd-8650699b1869f80bbf61c9ae64c0b11e1c531cac.zip