diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-12-26 14:25:29 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-12-26 14:25:29 +0000 |
commit | 0b362de5f57547b31eddef5f8a0d298c4b7e0fd3 (patch) | |
tree | d46bf3897439c4a2f0246c0be2f1ae89f1f1c5ea /ssl/s3_lib.c | |
parent | d312f7be37622aa478a323adc26f7e1ab30d86ec (diff) |
Add support for application defined signature algorithms for use with
TLS v1.2. These are sent as an extension for clients and during a certificate
request for servers.
TODO: add support for shared signature algorithms, respect shared algorithms
when deciding which ciphersuites and certificates to permit.
(backport from HEAD)
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index d520a11939..5e7c590ca1 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3414,6 +3414,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) s->cert->ecdh_tmp_auto = larg; break; + case SSL_CTRL_SET_SIGALGS: + return tls1_set_sigalgs(s->cert, parg, larg); + + case SSL_CTRL_SET_SIGALGS_LIST: + return tls1_set_sigalgs_list(s->cert, parg); + default: break; } @@ -3691,6 +3697,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) ctx->cert->ecdh_tmp_auto = larg; break; + case SSL_CTRL_SET_SIGALGS: + return tls1_set_sigalgs(ctx->cert, parg, larg); + + case SSL_CTRL_SET_SIGALGS_LIST: + return tls1_set_sigalgs_list(ctx->cert, parg); + case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG: ctx->tlsext_authz_server_audit_proof_cb_arg = parg; break; |