From e469af8d05dd28b1e77de9d8045b2ddd6cb6ee5d Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 17 Nov 2014 16:52:59 +0000
Subject: Process signature algorithms before deciding on certificate.

The supported signature algorithms extension needs to be processed before
the certificate to use is decided and before a cipher is selected (as the
set of shared signature algorithms supported may impact the choice).
Reviewed-by: Matt Caswell <matt@openssl.org>

(cherry picked from commit 56e8dc542bd693b2dccea8828b3d8e5fc6932d0c)

Conflicts:
	ssl/ssl.h
	ssl/ssl_err.c
---
 ssl/ssl.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ssl/ssl.h')

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 343247ccf4..681dec9c67 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2682,7 +2682,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CERT_INSTANTIATE			 214
 #define SSL_F_SSL_CERT_NEW				 162
 #define SSL_F_SSL_CERT_SET0_CHAIN			 340
-#define SSL_F_SSL_CHECK_CLIENTHELLO_TLSEXT_LATE		 335
 #define SSL_F_SSL_CHECK_PRIVATE_KEY			 163
 #define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT		 280
 #define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG		 279
@@ -2782,6 +2781,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
 #define SSL_F_TLS1_PRF					 284
 #define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
+#define SSL_F_TLS1_SET_SERVER_SIGALGS			 335
 #define SSL_F_WRITE_PENDING				 212
 
 /* Reason codes. */
-- 
cgit v1.2.3