summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_lib.c
diff options
context:
space:
mode:
authorjsing <>2019-03-25 17:21:18 +0000
committerjsing <>2019-03-25 17:21:18 +0000
commite54e43a6f31368338de68eeea77a87ad2be5b85f (patch)
treeeb5e58a5d9b8198b8475b96156e908c92c86e532 /src/lib/libssl/s3_lib.c
parentd6a095cfa3d05c1eea376148faa4717ae6179ef0 (diff)
downloadopenbsd-e54e43a6f31368338de68eeea77a87ad2be5b85f.tar.gz
openbsd-e54e43a6f31368338de68eeea77a87ad2be5b85f.tar.bz2
openbsd-e54e43a6f31368338de68eeea77a87ad2be5b85f.zip
Defer sigalgs selection until the certificate is known.
Previously the signature algorithm was selected when the TLS extension was parsed (or the client received a certificate request), however the actual certificate to be used is not known at this stage. This leads to various problems, including the selection of a signature algorithm that cannot be used with the certificate key size (as found by jeremy@ via ruby regress). Instead, store the signature algorithms list and only select a signature algorithm when we're ready to do signature generation. Joint work with beck@.
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
-rw-r--r--src/lib/libssl/s3_lib.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index de928bd70e..49f402d065 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.184 2019/02/09 15:26:15 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.185 2019/03/25 17:21:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1559,6 +1559,7 @@ ssl3_free(SSL *s)
1559 tls1_cleanup_key_block(s); 1559 tls1_cleanup_key_block(s);
1560 ssl3_release_read_buffer(s); 1560 ssl3_release_read_buffer(s);
1561 ssl3_release_write_buffer(s); 1561 ssl3_release_write_buffer(s);
1562 freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len);
1562 1563
1563 DH_free(S3I(s)->tmp.dh); 1564 DH_free(S3I(s)->tmp.dh);
1564 EC_KEY_free(S3I(s)->tmp.ecdh); 1565 EC_KEY_free(S3I(s)->tmp.ecdh);
@@ -1598,6 +1599,9 @@ ssl3_clear(SSL *s)
1598 S3I(s)->tmp.dh = NULL; 1599 S3I(s)->tmp.dh = NULL;
1599 EC_KEY_free(S3I(s)->tmp.ecdh); 1600 EC_KEY_free(S3I(s)->tmp.ecdh);
1600 S3I(s)->tmp.ecdh = NULL; 1601 S3I(s)->tmp.ecdh = NULL;
1602 freezero(S3I(s)->hs.sigalgs, S3I(s)->hs.sigalgs_len);
1603 S3I(s)->hs.sigalgs = NULL;
1604 S3I(s)->hs.sigalgs_len = 0;
1601 1605
1602 freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH); 1606 freezero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH);
1603 S3I(s)->tmp.x25519 = NULL; 1607 S3I(s)->tmp.x25519 = NULL;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-25 23:07:34 +0000