Don't send signature algorithms when client_version is below TLS 1.2.

Per RFC 5246, Note: this extension is not meaningful for TLS versions prior to 1.2. Clients MUST NOT offer it if they are offering prior versions. However, even if clients do offer it, the rules specified in [TLSEXT] require servers to ignore extensions they do not understand. Although second sentence would suggest that there would be no interop problems in always offering the extension, WebRTC has reported issues with Bouncy Castle on < TLS 1.2 ClientHellos that still include signature_algorithms. See also https://bugs.chromium.org/p/webrtc/issues/detail?id=4223 RT#4390 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
author: David Benjamin <davidben@google.com> 2016-03-05 19:49:20 -0500
committer: Dr. Stephen Henson <steve@openssl.org> 2016-05-09 17:46:23 +0100
commit: f7aa318552c4ef62d902c480b59bd7c4513c0009 (patch)
tree: db4a080face26bd5e55733fab0f1cf034397a624 /ssl/t1_lib.c
parent: 3105d695358d86c0f2a404b2b74a1870b941ce5e (diff)
download: openssl-f7aa318552c4ef62d902c480b59bd7c4513c0009.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 0a66c09cb2..6363348d54 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1331,7 +1331,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
     }
  skip_ext:
 
-    if (SSL_USE_SIGALGS(s)) {
+    if (SSL_CLIENT_USE_SIGALGS(s)) {
         size_t salglen;
         const unsigned char *salg;
         unsigned char *etmp;
author	David Benjamin <davidben@google.com>	2016-03-05 19:49:20 -0500
committer	Dr. Stephen Henson <steve@openssl.org>	2016-05-09 17:46:23 +0100
commit	f7aa318552c4ef62d902c480b59bd7c4513c0009 (patch)
tree	db4a080face26bd5e55733fab0f1cf034397a624 /ssl/t1_lib.c
parent	3105d695358d86c0f2a404b2b74a1870b941ce5e (diff)
download	openssl-f7aa318552c4ef62d902c480b59bd7c4513c0009.tar.gz