Set specific error is we have no valid signature algorithms set

author Dr. Stephen Henson <steve@openssl.org>

Fri, 3 Mar 2017 03:23:27 +0000 (03:23 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 3 Mar 2017 22:02:39 +0000 (22:02 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 3 Mar 2017 03:23:27 +0000 (03:23 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 3 Mar 2017 22:02:39 +0000 (22:02 +0000)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h

index 2b4464cb1bf999f88538ea3524461cc3bceb078b..64a312c5889001ca71a762450922db761c0e32e1 100644 (file)
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2317,6 +2317,7 @@ int ERR_load_SSL_strings(void);
  # define SSL_F_SSL_WRITE_INTERNAL                         524
  # define SSL_F_STATE_MACHINE                              353
  # define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
+# define SSL_F_TLS12_COPY_SIGALGS                         533
  # define SSL_F_TLS13_CHANGE_CIPHER_STATE                  440
  # define SSL_F_TLS13_SETUP_KEY_BLOCK                      441
  # define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c

index 6fe8e6e8a6748edbf668af0532b0d00f276920e7..0ace985cf25cacecdadbfc74cf11bd4c7d9858b0 100644 (file)
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -256,11 +256,12 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
      {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
      {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_DATA), "SSL_write_early_data"},
-    {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "SSL_write_early_finish"},
+    {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "ssl_write_early_finish"},
      {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"},
      {ERR_FUNC(SSL_F_SSL_WRITE_INTERNAL), "ssl_write_internal"},
      {ERR_FUNC(SSL_F_STATE_MACHINE), "state_machine"},
      {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"},
+    {ERR_FUNC(SSL_F_TLS12_COPY_SIGALGS), "tls12_copy_sigalgs"},
      {ERR_FUNC(SSL_F_TLS13_CHANGE_CIPHER_STATE), "tls13_change_cipher_state"},
      {ERR_FUNC(SSL_F_TLS13_SETUP_KEY_BLOCK), "tls13_setup_key_block"},
      {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c

index 00bbcd64b59735929cb9ee4e587812037335cbf4..5ab722347667db2ed02f6b384b431c42e9c2e795 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1476,6 +1476,8 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
              || (lu->sig != EVP_PKEY_RSA && lu->hash != NID_sha1)))
              rv = 1;
      }
+    if (rv == 0)
+        SSLerr(SSL_F_TLS12_COPY_SIGALGS, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
      return rv;
  }
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 3 Mar 2017 03:23:27 +0000 (03:23 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 3 Mar 2017 22:02:39 +0000 (22:02 +0000)
include/openssl/ssl.h		patch \| blob \| history
ssl/ssl_err.c		patch \| blob \| history
ssl/t1_lib.c		patch \| blob \| history