Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable
authorMatt Caswell <matt@openssl.org>
Fri, 19 Oct 2018 13:01:22 +0000 (14:01 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 12 Nov 2018 11:08:51 +0000 (11:08 +0000)
commitde4dc598024fd0a9c2b7a466fd5323755d369522
treeb8a5c1e2c789ef5acd9d63e552b34ced40a7e586
parent425036130dfb3cfbef5937772f7526ce60133264
Don't negotiate TLSv1.3 if our EC cert isn't TLSv1.3 capable

TLSv1.3 is more restrictive about the curve used. There must be a matching
sig alg defined for that curve. Therefore if we are using some other curve
in our certificate then we should not negotiate TLSv1.3.

Fixes #7435

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7442)
ssl/ssl_locl.h
ssl/statem/statem_lib.c
ssl/t1_lib.c