Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2644)
*/
int tls_choose_sigalg(SSL *s, int *al)
{
- int idx;
+ int idx = -1;
const SIGALG_LOOKUP *lu = NULL;
if (SSL_IS_TLS13(s)) {
}
}
}
+ if (idx == -1) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
s->s3->tmp.cert = &s->cert->pkeys[idx];
s->cert->key = s->s3->tmp.cert;
s->s3->tmp.sigalg = lu;