From 5528d68f6d716f3bd0b75d0fd223fb866a96346c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 3 Mar 2017 03:23:27 +0000 Subject: Set specific error is we have no valid signature algorithms set Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2840) --- ssl/ssl_err.c | 3 ++- ssl/t1_lib.c | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'ssl') diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 6fe8e6e8a6..0ace985cf2 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -256,11 +256,12 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"}, {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"}, {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_DATA), "SSL_write_early_data"}, - {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "SSL_write_early_finish"}, + {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "ssl_write_early_finish"}, {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"}, {ERR_FUNC(SSL_F_SSL_WRITE_INTERNAL), "ssl_write_internal"}, {ERR_FUNC(SSL_F_STATE_MACHINE), "state_machine"}, {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"}, + {ERR_FUNC(SSL_F_TLS12_COPY_SIGALGS), "tls12_copy_sigalgs"}, {ERR_FUNC(SSL_F_TLS13_CHANGE_CIPHER_STATE), "tls13_change_cipher_state"}, {ERR_FUNC(SSL_F_TLS13_SETUP_KEY_BLOCK), "tls13_setup_key_block"}, {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"}, diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 00bbcd64b5..5ab7223476 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1476,6 +1476,8 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt, || (lu->sig != EVP_PKEY_RSA && lu->hash != NID_sha1))) rv = 1; } + if (rv == 0) + SSLerr(SSL_F_TLS12_COPY_SIGALGS, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); return rv; } -- cgit v1.2.3