diff options
author | Matt Caswell <matt@openssl.org> | 2018-09-18 17:45:39 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-09-21 17:38:58 +0100 |
commit | 524006dd1b80c1a86a20119ad988666a80d8d8f5 (patch) | |
tree | 39263bf9455e5081d6d4d800786bf5932269a84d /ssl | |
parent | dda5396aaec315bdbcb080e42fb5cd0191f2ad72 (diff) | |
download | openssl-524006dd1b80c1a86a20119ad988666a80d8d8f5.tar.gz |
Delay setting the sig algs until after the cert_cb has been called
Otherwise the sig algs are reset if SSL_set_SSL_CTX() gets called.
Fixes #7244
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/7257)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_srvr.c | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 346b1e3989..95f83c8462 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2056,10 +2056,6 @@ static int tls_early_post_process_client_hello(SSL *s) #else s->session->compress_meth = (comp == NULL) ? 0 : comp->id; #endif - if (!tls1_set_server_sigalgs(s)) { - /* SSLfatal() already called */ - goto err; - } } sk_SSL_CIPHER_free(ciphers); @@ -2227,19 +2223,25 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) if (wst == WORK_MORE_B) { if (!s->hit || SSL_IS_TLS13(s)) { /* Let cert callback update server certificates if required */ - if (!s->hit && s->cert->cert_cb != NULL) { - int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg); - if (rv == 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, - SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, - SSL_R_CERT_CB_ERROR); - goto err; + if (!s->hit) { + if (s->cert->cert_cb != NULL) { + int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg); + if (rv == 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, + SSL_R_CERT_CB_ERROR); + goto err; + } + if (rv < 0) { + s->rwstate = SSL_X509_LOOKUP; + return WORK_MORE_B; + } + s->rwstate = SSL_NOTHING; } - if (rv < 0) { - s->rwstate = SSL_X509_LOOKUP; - return WORK_MORE_B; + if (!tls1_set_server_sigalgs(s)) { + /* SSLfatal already called */ + goto err; } - s->rwstate = SSL_NOTHING; } /* In TLSv1.3 we selected the ciphersuite before resumption */ |