From 934b3985a409d7e0a88557dd4313222194a110bd Mon Sep 17 00:00:00 2001
From: beck <>
Date: Wed, 23 Jan 2019 18:39:28 +0000
Subject: Modify sigalgs extension processing to accomodate TLS 1.3. - Make a
 separate sigalgs list for TLS 1.3 including only modern algorithm choices
 which we use when the handshake will not negotiate TLS 1.2. - Modify the
 legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by
 RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3
 handshake. ok jsing@ tb@

---
 src/lib/libssl/ssl_sigalgs.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib/libssl/ssl_sigalgs.h')

diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h
index a45700389b..0bc7322e17 100644
--- a/src/lib/libssl/ssl_sigalgs.h
+++ b/src/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.h,v 1.10 2019/01/23 18:24:40 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.h,v 1.11 2019/01/23 18:39:28 beck Exp $ */
 /*
  * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
  *
@@ -71,6 +71,8 @@ struct ssl_sigalg{
 
 extern uint16_t tls12_sigalgs[];
 extern size_t tls12_sigalgs_len;
+extern uint16_t tls13_sigalgs[];
+extern size_t tls13_sigalgs_len;
 
 const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg);
 const struct ssl_sigalg *ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len);
-- 
cgit v1.2.3-55-g6feb