diff options
| author | jsing <> | 2021-06-29 19:43:15 +0000 |
|---|---|---|
| committer | jsing <> | 2021-06-29 19:43:15 +0000 |
| commit | 7946a3793c5e16cd6b152d6c21f53524e2b0d202 (patch) | |
| tree | 97b924700fa01d89f8905afed99916ae87449010 /src | |
| parent | 6232f801a4c72cd960dca5f1378d66fe713b6f0c (diff) | |
| download | openbsd-7946a3793c5e16cd6b152d6c21f53524e2b0d202.tar.gz openbsd-7946a3793c5e16cd6b152d6c21f53524e2b0d202.tar.bz2 openbsd-7946a3793c5e16cd6b152d6c21f53524e2b0d202.zip | |
Track sigalg used by ourselves and our peer in the legacy stack.
This is needed for upcoming API additions.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 6fe22e04e8..a7a7bf93a5 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.104 2021/06/29 19:23:36 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.105 2021/06/29 19:43:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1562,6 +1562,7 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1562 | al = SSL_AD_DECODE_ERROR; | 1562 | al = SSL_AD_DECODE_ERROR; |
| 1563 | goto fatal_err; | 1563 | goto fatal_err; |
| 1564 | } | 1564 | } |
| 1565 | S3I(s)->hs.peer_sigalg = sigalg; | ||
| 1565 | 1566 | ||
| 1566 | if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(), | 1567 | if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(), |
| 1567 | NULL, pkey)) | 1568 | NULL, pkey)) |
| @@ -2338,6 +2339,7 @@ ssl3_send_client_verify_sigalgs(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) | |||
| 2338 | SSLerror(s, SSL_R_UNKNOWN_DIGEST); | 2339 | SSLerror(s, SSL_R_UNKNOWN_DIGEST); |
| 2339 | goto err; | 2340 | goto err; |
| 2340 | } | 2341 | } |
| 2342 | S3I(s)->hs.our_sigalg = sigalg; | ||
| 2341 | 2343 | ||
| 2342 | if (!tls1_transcript_data(s, &hdata, &hdata_len)) { | 2344 | if (!tls1_transcript_data(s, &hdata, &hdata_len)) { |
| 2343 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 2345 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index e3eeddab0f..2097ccdebf 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.116 2021/06/29 19:24:07 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.117 2021/06/29 19:43:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1565,6 +1565,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1565 | al = SSL_AD_DECODE_ERROR; | 1565 | al = SSL_AD_DECODE_ERROR; |
| 1566 | goto fatal_err; | 1566 | goto fatal_err; |
| 1567 | } | 1567 | } |
| 1568 | S3I(s)->hs.our_sigalg = sigalg; | ||
| 1568 | 1569 | ||
| 1569 | /* Send signature algorithm. */ | 1570 | /* Send signature algorithm. */ |
| 1570 | if (SSL_USE_SIGALGS(s)) { | 1571 | if (SSL_USE_SIGALGS(s)) { |
| @@ -2194,6 +2195,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2194 | al = SSL_AD_DECODE_ERROR; | 2195 | al = SSL_AD_DECODE_ERROR; |
| 2195 | goto fatal_err; | 2196 | goto fatal_err; |
| 2196 | } | 2197 | } |
| 2198 | S3I(s)->hs.peer_sigalg = sigalg; | ||
| 2197 | 2199 | ||
| 2198 | if (SSL_USE_SIGALGS(s)) { | 2200 | if (SSL_USE_SIGALGS(s)) { |
| 2199 | EVP_PKEY_CTX *pctx; | 2201 | EVP_PKEY_CTX *pctx; |