diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index c3d4ca9bd8..ff410fbb34 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.82 2021/06/29 19:10:08 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.83 2021/06/29 19:20:39 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -970,10 +970,6 @@ tls13_client_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 970 | if (!CBS_get_u16_length_prefixed(cbs, &signature)) | 970 | if (!CBS_get_u16_length_prefixed(cbs, &signature)) |
| 971 | goto err; | 971 | goto err; |
| 972 | 972 | ||
| 973 | if ((sigalg = ssl_sigalg_from_value(ctx->hs->negotiated_tls_version, | ||
| 974 | signature_scheme)) == NULL) | ||
| 975 | goto err; | ||
| 976 | |||
| 977 | if (!CBB_init(&cbb, 0)) | 973 | if (!CBB_init(&cbb, 0)) |
| 978 | goto err; | 974 | goto err; |
| 979 | if (!CBB_add_bytes(&cbb, tls13_cert_verify_pad, | 975 | if (!CBB_add_bytes(&cbb, tls13_cert_verify_pad, |
| @@ -994,7 +990,8 @@ tls13_client_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 994 | goto err; | 990 | goto err; |
| 995 | if ((pkey = X509_get0_pubkey(cert)) == NULL) | 991 | if ((pkey = X509_get0_pubkey(cert)) == NULL) |
| 996 | goto err; | 992 | goto err; |
| 997 | if (!ssl_sigalg_pkey_ok(ctx->ssl, sigalg, pkey)) | 993 | if ((sigalg = ssl_sigalg_for_peer(ctx->ssl, pkey, |
| 994 | signature_scheme)) == NULL) | ||
| 998 | goto err; | 995 | goto err; |
| 999 | ctx->hs->peer_sigalg = sigalg; | 996 | ctx->hs->peer_sigalg = sigalg; |
| 1000 | 997 | ||