Add support for application defined signature algorithms for use with

TLS v1.2. These are sent as an extension for clients and during a certificate request for servers. TODO: add support for shared signature algorithms, respect shared algorithms when deciding which ciphersuites and certificates to permit. (backport from HEAD)
author: Dr. Stephen Henson <steve@openssl.org> 2012-12-26 14:25:29 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-12-26 14:25:29 +0000
commit: 0b362de5f57547b31eddef5f8a0d298c4b7e0fd3 (patch)
tree: d46bf3897439c4a2f0246c0be2f1ae89f1f1c5ea /ssl/s3_lib.c
parent: d312f7be37622aa478a323adc26f7e1ab30d86ec (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index d520a11939..5e7c590ca1 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3414,6 +3414,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		s->cert->ecdh_tmp_auto = larg;
 		break;
 
+	case SSL_CTRL_SET_SIGALGS:
+		return tls1_set_sigalgs(s->cert, parg, larg);
+
+	case SSL_CTRL_SET_SIGALGS_LIST:
+		return tls1_set_sigalgs_list(s->cert, parg);
+
 	default:
 		break;
 		}
@@ -3691,6 +3697,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		ctx->cert->ecdh_tmp_auto = larg;
 		break;
 
+	case SSL_CTRL_SET_SIGALGS:
+		return tls1_set_sigalgs(ctx->cert, parg, larg);
+
+	case SSL_CTRL_SET_SIGALGS_LIST:
+		return tls1_set_sigalgs_list(ctx->cert, parg);
+
 	case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
 		ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
 		break;
author	Dr. Stephen Henson <steve@openssl.org>	2012-12-26 14:25:29 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-12-26 14:25:29 +0000
commit	0b362de5f57547b31eddef5f8a0d298c4b7e0fd3 (patch)
tree	d46bf3897439c4a2f0246c0be2f1ae89f1f1c5ea /ssl/s3_lib.c
parent	d312f7be37622aa478a323adc26f7e1ab30d86ec (diff)