diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 5 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sigalgs.c | 21 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sigalgs.h | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 36 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 10 | ||||
| -rw-r--r-- | src/regress/lib/libssl/client/clienttest.c | 31 | ||||
| -rw-r--r-- | src/regress/lib/libssl/tlsext/tlsexttest.c | 22 |
8 files changed, 93 insertions, 40 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 26755d7c03..e9e900b643 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.54 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.55 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1680,7 +1680,8 @@ ssl3_get_certificate_request(SSL *s) | |||
| 1680 | SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG); | 1680 | SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG); |
| 1681 | goto err; | 1681 | goto err; |
| 1682 | } | 1682 | } |
| 1683 | if (!tls1_process_sigalgs(s, &sigalgs)) { | 1683 | if (!tls1_process_sigalgs(s, &sigalgs, tls12_sigalgs, |
| 1684 | tls12_sigalgs_len)) { | ||
| 1684 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); | 1685 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); |
| 1685 | SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR); | 1686 | SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR); |
| 1686 | goto err; | 1687 | goto err; |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 7fd155648c..8447484ec7 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.230 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.231 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1313,7 +1313,7 @@ int tls1_process_ticket(SSL *s, const unsigned char *session_id, | |||
| 1313 | int session_id_len, CBS *ext_block, SSL_SESSION **ret); | 1313 | int session_id_len, CBS *ext_block, SSL_SESSION **ret); |
| 1314 | 1314 | ||
| 1315 | long ssl_get_algorithm2(SSL *s); | 1315 | long ssl_get_algorithm2(SSL *s); |
| 1316 | int tls1_process_sigalgs(SSL *s, CBS *cbs); | 1316 | int tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *, size_t); |
| 1317 | 1317 | ||
| 1318 | int tls1_check_ec_server_key(SSL *s); | 1318 | int tls1_check_ec_server_key(SSL *s); |
| 1319 | 1319 | ||
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index 182ea1edaa..041e940d8e 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.13 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.14 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| 5 | * Permission to use, copy, modify, and/or distribute this software for any | 5 | * Permission to use, copy, modify, and/or distribute this software for any |
| 6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above |
| @@ -163,13 +163,30 @@ const struct ssl_sigalg sigalgs[] = { | |||
| 163 | }, | 163 | }, |
| 164 | }; | 164 | }; |
| 165 | 165 | ||
| 166 | /* Sigalgs for tls 1.3, in preference order, */ | ||
| 167 | uint16_t tls13_sigalgs[] = { | ||
| 168 | SIGALG_RSA_PSS_RSAE_SHA512, | ||
| 169 | SIGALG_RSA_PKCS1_SHA512, | ||
| 170 | SIGALG_ECDSA_SECP512R1_SHA512, | ||
| 171 | SIGALG_RSA_PSS_RSAE_SHA384, | ||
| 172 | SIGALG_RSA_PKCS1_SHA384, | ||
| 173 | SIGALG_ECDSA_SECP384R1_SHA384, | ||
| 174 | SIGALG_RSA_PSS_RSAE_SHA256, | ||
| 175 | SIGALG_RSA_PKCS1_SHA256, | ||
| 176 | SIGALG_ECDSA_SECP256R1_SHA256, | ||
| 177 | }; | ||
| 178 | size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0])); | ||
| 179 | |||
| 166 | /* Sigalgs for tls 1.2, in preference order, */ | 180 | /* Sigalgs for tls 1.2, in preference order, */ |
| 167 | uint16_t tls12_sigalgs[] = { | 181 | uint16_t tls12_sigalgs[] = { |
| 182 | SIGALG_RSA_PSS_RSAE_SHA512, | ||
| 168 | SIGALG_RSA_PKCS1_SHA512, | 183 | SIGALG_RSA_PKCS1_SHA512, |
| 169 | SIGALG_ECDSA_SECP512R1_SHA512, | 184 | SIGALG_ECDSA_SECP512R1_SHA512, |
| 170 | SIGALG_GOSTR12_512_STREEBOG_512, | 185 | SIGALG_GOSTR12_512_STREEBOG_512, |
| 186 | SIGALG_RSA_PSS_RSAE_SHA384, | ||
| 171 | SIGALG_RSA_PKCS1_SHA384, | 187 | SIGALG_RSA_PKCS1_SHA384, |
| 172 | SIGALG_ECDSA_SECP384R1_SHA384, | 188 | SIGALG_ECDSA_SECP384R1_SHA384, |
| 189 | SIGALG_RSA_PSS_RSAE_SHA256, | ||
| 173 | SIGALG_RSA_PKCS1_SHA256, | 190 | SIGALG_RSA_PKCS1_SHA256, |
| 174 | SIGALG_ECDSA_SECP256R1_SHA256, | 191 | SIGALG_ECDSA_SECP256R1_SHA256, |
| 175 | SIGALG_GOSTR12_256_STREEBOG_256, | 192 | SIGALG_GOSTR12_256_STREEBOG_256, |
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h index a45700389b..0bc7322e17 100644 --- a/src/lib/libssl/ssl_sigalgs.h +++ b/src/lib/libssl/ssl_sigalgs.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sigalgs.h,v 1.10 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_sigalgs.h,v 1.11 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| @@ -71,6 +71,8 @@ struct ssl_sigalg{ | |||
| 71 | 71 | ||
| 72 | extern uint16_t tls12_sigalgs[]; | 72 | extern uint16_t tls12_sigalgs[]; |
| 73 | extern size_t tls12_sigalgs_len; | 73 | extern size_t tls12_sigalgs_len; |
| 74 | extern uint16_t tls13_sigalgs[]; | ||
| 75 | extern size_t tls13_sigalgs_len; | ||
| 74 | 76 | ||
| 75 | const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg); | 77 | const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg); |
| 76 | const struct ssl_sigalg *ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len); | 78 | const struct ssl_sigalg *ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len); |
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index d5c30c4e73..2214a61ed3 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.33 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.34 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -536,8 +536,27 @@ tlsext_sigalgs_client_build(SSL *s, CBB *cbb) | |||
| 536 | if (!CBB_add_u16_length_prefixed(cbb, &sigalgs)) | 536 | if (!CBB_add_u16_length_prefixed(cbb, &sigalgs)) |
| 537 | return 0; | 537 | return 0; |
| 538 | 538 | ||
| 539 | if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len)) | 539 | switch (TLS1_get_client_version(s)) { |
| 540 | case TLS1_2_VERSION: | ||
| 541 | if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len)) | ||
| 542 | return 0; | ||
| 543 | break; | ||
| 544 | case TLS1_3_VERSION: | ||
| 545 | if (S3I(s)->hs_tls13.min_version < TLS1_3_VERSION) { | ||
| 546 | if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, | ||
| 547 | tls12_sigalgs_len)) | ||
| 548 | return 0; | ||
| 549 | } | ||
| 550 | else { | ||
| 551 | if (!ssl_sigalgs_build(&sigalgs, tls13_sigalgs, | ||
| 552 | tls13_sigalgs_len)) | ||
| 553 | return 0; | ||
| 554 | } | ||
| 555 | break; | ||
| 556 | default: | ||
| 557 | /* Should not happen */ | ||
| 540 | return 0; | 558 | return 0; |
| 559 | } | ||
| 541 | 560 | ||
| 542 | if (!CBB_flush(cbb)) | 561 | if (!CBB_flush(cbb)) |
| 543 | return 0; | 562 | return 0; |
| @@ -553,7 +572,18 @@ tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert) | |||
| 553 | if (!CBS_get_u16_length_prefixed(cbs, &sigalgs)) | 572 | if (!CBS_get_u16_length_prefixed(cbs, &sigalgs)) |
| 554 | return 0; | 573 | return 0; |
| 555 | 574 | ||
| 556 | return tls1_process_sigalgs(s, &sigalgs); | 575 | switch (s->version) { |
| 576 | case TLS1_3_VERSION: | ||
| 577 | return tls1_process_sigalgs(s, &sigalgs, tls13_sigalgs, | ||
| 578 | tls13_sigalgs_len); | ||
| 579 | case TLS1_2_VERSION: | ||
| 580 | return tls1_process_sigalgs(s, &sigalgs, tls12_sigalgs, | ||
| 581 | tls12_sigalgs_len); | ||
| 582 | default: | ||
| 583 | break; | ||
| 584 | } | ||
| 585 | |||
| 586 | return 0; | ||
| 557 | } | 587 | } |
| 558 | 588 | ||
| 559 | int | 589 | int |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index cde022939d..8986a0e755 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.152 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.153 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1002,11 +1002,12 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, | |||
| 1002 | 1002 | ||
| 1003 | /* Set preferred digest for each key type */ | 1003 | /* Set preferred digest for each key type */ |
| 1004 | int | 1004 | int |
| 1005 | tls1_process_sigalgs(SSL *s, CBS *cbs) | 1005 | tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *sigalgs, size_t sigalgs_len) |
| 1006 | { | 1006 | { |
| 1007 | CERT *c = s->cert; | 1007 | CERT *c = s->cert; |
| 1008 | 1008 | ||
| 1009 | /* Extension ignored for inappropriate versions */ | 1009 | /* Extension ignored for inappropriate versions */ |
| 1010 | /* XXX get rid of this? */ | ||
| 1010 | if (!SSL_USE_SIGALGS(s)) | 1011 | if (!SSL_USE_SIGALGS(s)) |
| 1011 | return 1; | 1012 | return 1; |
| 1012 | 1013 | ||
| @@ -1023,9 +1024,8 @@ tls1_process_sigalgs(SSL *s, CBS *cbs) | |||
| 1023 | if (!CBS_get_u16(cbs, &sig_alg)) | 1024 | if (!CBS_get_u16(cbs, &sig_alg)) |
| 1024 | return 0; | 1025 | return 0; |
| 1025 | 1026 | ||
| 1026 | if ((sigalg = ssl_sigalg(sig_alg, tls12_sigalgs, | 1027 | if ((sigalg = ssl_sigalg(sig_alg, sigalgs, sigalgs_len)) != |
| 1027 | tls12_sigalgs_len)) != NULL && | 1028 | NULL && c->pkeys[sigalg->pkey_idx].sigalg == NULL) { |
| 1028 | c->pkeys[sigalg->pkey_idx].sigalg == NULL) { | ||
| 1029 | c->pkeys[sigalg->pkey_idx].sigalg = sigalg; | 1029 | c->pkeys[sigalg->pkey_idx].sigalg = sigalg; |
| 1030 | if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN) | 1030 | if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN) |
| 1031 | c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg; | 1031 | c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg; |
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c index cb45dc583c..25a8790e61 100644 --- a/src/regress/lib/libssl/client/clienttest.c +++ b/src/regress/lib/libssl/client/clienttest.c | |||
| @@ -141,15 +141,15 @@ static unsigned char cipher_list_tls12_chacha[] = { | |||
| 141 | }; | 141 | }; |
| 142 | 142 | ||
| 143 | static unsigned char client_hello_tls12[] = { | 143 | static unsigned char client_hello_tls12[] = { |
| 144 | 0x16, 0x03, 0x01, 0x00, 0xbf, 0x01, 0x00, 0x00, | 144 | 0x16, 0x03, 0x01, 0x00, 0xc5, 0x01, 0x00, 0x00, |
| 145 | 0xbb, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, | 145 | 0xc1, 0x03, 0x03, 0xc9, 0xf9, 0x1f, 0x05, 0xaf, |
| 146 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 146 | 0x61, 0xd7, 0xe7, 0x84, 0xd1, 0x1c, 0x6f, 0x79, |
| 147 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 147 | 0x32, 0x04, 0x8e, 0x5c, 0xe3, 0x18, 0x5a, 0x85, |
| 148 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 148 | 0xee, 0x44, 0xe1, 0xca, 0x32, 0xce, 0x07, 0xd3, |
| 149 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0xcc, 0xa9, | 149 | 0xdb, 0x0f, 0x91, 0x00, 0x00, 0x5c, 0xc0, 0x30, |
| 150 | 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, | 150 | 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, |
| 151 | 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, | 151 | 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, |
| 152 | 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, | 152 | 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85, |
| 153 | 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, | 153 | 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, |
| 154 | 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, | 154 | 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, |
| 155 | 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, | 155 | 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, |
| @@ -158,14 +158,15 @@ static unsigned char client_hello_tls12[] = { | |||
| 158 | 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, | 158 | 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, |
| 159 | 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, | 159 | 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, |
| 160 | 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, | 160 | 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, |
| 161 | 0x00, 0xff, 0x01, 0x00, 0x00, 0x36, 0x00, 0x0b, | 161 | 0x00, 0xff, 0x01, 0x00, 0x00, 0x3c, 0x00, 0x0b, |
| 162 | 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, | 162 | 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, |
| 163 | 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, | 163 | 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, |
| 164 | 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x1c, | 164 | 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x22, |
| 165 | 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef, | 165 | 0x00, 0x20, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, |
| 166 | 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03, | 166 | 0xef, 0xef, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, |
| 167 | 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, | 167 | 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, |
| 168 | 0x02, 0x01, 0x02, 0x03, | 168 | 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, |
| 169 | 0x02, 0x03, | ||
| 169 | }; | 170 | }; |
| 170 | 171 | ||
| 171 | struct client_hello_test { | 172 | struct client_hello_test { |
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 5689a1c29e..32895a49ad 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlsexttest.c,v 1.24 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: tlsexttest.c,v 1.25 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1505,10 +1505,11 @@ test_tlsext_ri_server(void) | |||
| 1505 | */ | 1505 | */ |
| 1506 | 1506 | ||
| 1507 | static unsigned char tlsext_sigalgs_client[] = { | 1507 | static unsigned char tlsext_sigalgs_client[] = { |
| 1508 | 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef, | 1508 | 0x00, 0x20, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, |
| 1509 | 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03, | 1509 | 0xef, 0xef, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, |
| 1510 | 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, | 1510 | 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, |
| 1511 | 0x02, 0x01, 0x02, 0x03, | 1511 | 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, |
| 1512 | 0x02, 0x03, | ||
| 1512 | }; | 1513 | }; |
| 1513 | 1514 | ||
| 1514 | static int | 1515 | static int |
| @@ -2732,13 +2733,14 @@ test_tlsext_srtp_server(void) | |||
| 2732 | #endif /* OPENSSL_NO_SRTP */ | 2733 | #endif /* OPENSSL_NO_SRTP */ |
| 2733 | 2734 | ||
| 2734 | unsigned char tlsext_clienthello_default[] = { | 2735 | unsigned char tlsext_clienthello_default[] = { |
| 2735 | 0x00, 0x36, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, | 2736 | 0x00, 0x3c, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, |
| 2736 | 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, | 2737 | 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, |
| 2737 | 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00, | 2738 | 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00, |
| 2738 | 0x00, 0x0d, 0x00, 0x1c, 0x00, 0x1a, 0x06, 0x01, | 2739 | 0x00, 0x0d, 0x00, 0x22, 0x00, 0x20, 0x08, 0x06, |
| 2739 | 0x06, 0x03, 0xef, 0xef, 0x05, 0x01, 0x05, 0x03, | 2740 | 0x06, 0x01, 0x06, 0x03, 0xef, 0xef, 0x08, 0x05, |
| 2740 | 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, 0xed, 0xed, | 2741 | 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, |
| 2741 | 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03, | 2742 | 0x04, 0x03, 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, |
| 2743 | 0x03, 0x03, 0x02, 0x01, 0x02, 0x03, | ||
| 2742 | }; | 2744 | }; |
| 2743 | 2745 | ||
| 2744 | unsigned char tlsext_clienthello_disabled[] = {}; | 2746 | unsigned char tlsext_clienthello_disabled[] = {}; |