diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-12-26 14:44:56 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-12-26 14:44:56 +0000 |
commit | 04c32cddaa5bfdc08a2f4253d90a53bedbcab8e6 (patch) | |
tree | 3a32d4133ade4f6ed4921ddce1e999f8c6632e37 /ssl/s3_lib.c | |
parent | 623a5e24cbec899d21a0cc90f74071e511072c30 (diff) |
Separate client and server permitted signature algorithm support: by default
the permitted signature algorithms for server and client authentication
are the same but it is now possible to set different algorithms for client
authentication only.
(backport from HEAD)
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index fd6fab3b85..516b697321 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3415,10 +3415,16 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; case SSL_CTRL_SET_SIGALGS: - return tls1_set_sigalgs(s->cert, parg, larg); + return tls1_set_sigalgs(s->cert, parg, larg, 0); case SSL_CTRL_SET_SIGALGS_LIST: - return tls1_set_sigalgs_list(s->cert, parg); + return tls1_set_sigalgs_list(s->cert, parg, 0); + + case SSL_CTRL_SET_CLIENT_SIGALGS: + return tls1_set_sigalgs(s->cert, parg, larg, 1); + + case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: + return tls1_set_sigalgs_list(s->cert, parg, 1); default: break; @@ -3698,10 +3704,16 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; case SSL_CTRL_SET_SIGALGS: - return tls1_set_sigalgs(ctx->cert, parg, larg); + return tls1_set_sigalgs(ctx->cert, parg, larg, 0); case SSL_CTRL_SET_SIGALGS_LIST: - return tls1_set_sigalgs_list(ctx->cert, parg); + return tls1_set_sigalgs_list(ctx->cert, parg, 0); + + case SSL_CTRL_SET_CLIENT_SIGALGS: + return tls1_set_sigalgs(ctx->cert, parg, larg, 1); + + case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: + return tls1_set_sigalgs_list(ctx->cert, parg, 1); case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG: ctx->tlsext_authz_server_audit_proof_cb_arg = parg; |