diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2017-03-03 03:23:27 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2017-03-03 22:02:39 +0000 |
| commit | 5528d68f6d716f3bd0b75d0fd223fb866a96346c (patch) | |
| tree | 8ee7e5c9484481eb24466f59454deb8a2fcba22d | |
| parent | b0e9ab95ddda78921545ee93a337e23ee99ea5ea (diff) | |
Set specific error is we have no valid signature algorithms set
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2840)
| -rw-r--r-- | include/openssl/ssl.h | 1 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 3 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 2 |
3 files changed, 5 insertions, 1 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 2b4464cb1b..64a312c588 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2317,6 +2317,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_SSL_WRITE_INTERNAL 524 # define SSL_F_STATE_MACHINE 353 # define SSL_F_TLS12_CHECK_PEER_SIGALG 333 +# define SSL_F_TLS12_COPY_SIGALGS 533 # define SSL_F_TLS13_CHANGE_CIPHER_STATE 440 # define SSL_F_TLS13_SETUP_KEY_BLOCK 441 # define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 6fe8e6e8a6..0ace985cf2 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -256,11 +256,12 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"}, {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"}, {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_DATA), "SSL_write_early_data"}, - {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "SSL_write_early_finish"}, + {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "ssl_write_early_finish"}, {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"}, {ERR_FUNC(SSL_F_SSL_WRITE_INTERNAL), "ssl_write_internal"}, {ERR_FUNC(SSL_F_STATE_MACHINE), "state_machine"}, {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"}, + {ERR_FUNC(SSL_F_TLS12_COPY_SIGALGS), "tls12_copy_sigalgs"}, {ERR_FUNC(SSL_F_TLS13_CHANGE_CIPHER_STATE), "tls13_change_cipher_state"}, {ERR_FUNC(SSL_F_TLS13_SETUP_KEY_BLOCK), "tls13_setup_key_block"}, {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"}, diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 00bbcd64b5..5ab7223476 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1476,6 +1476,8 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt, || (lu->sig != EVP_PKEY_RSA && lu->hash != NID_sha1))) rv = 1; } + if (rv == 0) + SSLerr(SSL_F_TLS12_COPY_SIGALGS, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); return rv; } |