Process signature algorithms before deciding on certificate.

The supported signature algorithms extension needs to be processed before the certificate to use is decided and before a cipher is selected (as the set of shared signature algorithms supported may impact the choice). Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-11-17 16:52:59 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2014-11-19 14:44:42 +0000
commit: 56e8dc542bd693b2dccea8828b3d8e5fc6932d0c (patch)
tree: 510358647858bd3eaf9cbcb0badcd5ad5e0f1ff7 /ssl/ssl_locl.h
parent: 9ef1d283fea54f297e35327fdfdfc62e758dd884 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index afd144645b..3973fafdc7 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1312,6 +1312,7 @@ int tls1_shared_list(SSL *s,
 unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, int *al);
 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, int *al);
 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n);
+int tls1_set_server_sigalgs(SSL *s);
 int ssl_check_clienthello_tlsext_late(SSL *s);
 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n);
 int ssl_prepare_clienthello_tlsext(SSL *s);
author	Dr. Stephen Henson <steve@openssl.org>	2014-11-17 16:52:59 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2014-11-19 14:44:42 +0000
commit	56e8dc542bd693b2dccea8828b3d8e5fc6932d0c (patch)
tree	510358647858bd3eaf9cbcb0badcd5ad5e0f1ff7 /ssl/ssl_locl.h
parent	9ef1d283fea54f297e35327fdfdfc62e758dd884 (diff)