]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bf2944a) | patch
Allow provider sigalgs in SignatureAlgorithms conf
authorAlex Bozarth <ajbozart@us.ibm.com>
Mon, 20 Nov 2023 21:20:31 +0000 (15:20 -0600)
committerTomas Mraz <tomas@openssl.org>
Wed, 3 Apr 2024 14:44:05 +0000 (16:44 +0200)
commitf24ac74b7d4ec16992f652fa75cb0ff26a1624cb
tree70ba051a3903904debe84d6d7d3653c064725171tree
parentbf2944a6a71a29e664083ad7bfc3d2a1664c2586commit | diff
Allow provider sigalgs in SignatureAlgorithms conf

Though support for provider-based signature algorithms was added in
ee58915 this functionality did not work with the SignatureAlgorithms
configuration command. If SignatureAlgorithms is set then the provider
sigalgs are not used and instead it used the default value.

This PR adds a check against the provider-base sigalg list when parsing
the SignatureAlgorithms value.

Based-on-patch-by: Martin Schmatz <mrt@zurich.ibm.com>
Fixes #22761

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22779)

(cherry picked from commit 4169d58c855718d90424fd5da632cf2f2b46e691)
ssl/s3_lib.c diff | blob | blame | history
ssl/ssl_lib.c diff | blob | blame | history
ssl/ssl_local.h diff | blob | blame | history
ssl/t1_lib.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git