Process signature algorithms in ClientHello late.

Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit c800c27a8c47c8e63254ec594682452c296f1e8e) Conflicts: ssl/ssl.h ssl/ssl_err.c ssl/ssl_locl.h
author: Dr. Stephen Henson <steve@openssl.org> 2014-10-09 20:37:27 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2014-10-24 13:57:23 +0100
commit: 51695b98f128f8e091256c601266b1dd4fb731bd (patch)
tree: 4a3cd6a2cba398af8086466a93b4f05d37cf26d4 /ssl/s3_clnt.c
parent: 82182413a417fabd35a0a8eb9b6a76606eeb3502 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 3e89e5204d..7d526ddac7 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2168,12 +2168,18 @@ int ssl3_get_certificate_request(SSL *s)
 			s->cert->pkeys[i].digest = NULL;
 			s->cert->pkeys[i].valid_flags = 0;
 			}
-		if ((llen & 1) || !tls1_process_sigalgs(s, p, llen))
+		if ((llen & 1) || !tls1_save_sigalgs(s, p, llen))
 			{
 			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_SIGNATURE_ALGORITHMS_ERROR);
 			goto err;
 			}
+		if (!tls1_process_sigalgs(s))
+			{
+			ssl3_send_alert(s,SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
 		p += llen;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2014-10-09 20:37:27 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2014-10-24 13:57:23 +0100
commit	51695b98f128f8e091256c601266b1dd4fb731bd (patch)
tree	4a3cd6a2cba398af8086466a93b4f05d37cf26d4 /ssl/s3_clnt.c
parent	82182413a417fabd35a0a8eb9b6a76606eeb3502 (diff)