Set signature algorithm when choosing cipher
authorDr. Stephen Henson <steve@openssl.org>
Tue, 31 Jan 2017 18:00:55 +0000 (18:00 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 2 Feb 2017 14:45:10 +0000 (14:45 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2339)

ssl/statem/statem_srvr.c

index f965ae1..20ea684 100644 (file)
@@ -1797,6 +1797,12 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
                 goto f_err;
             }
             s->s3->tmp.new_cipher = cipher;
+            if (!tls_choose_sigalg(s)) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
+                       SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
+                goto f_err;
+            }
             /* check whether we should disable session resumption */
             if (s->not_resumable_session_cb != NULL)
                 s->session->not_resumable =