From: Matt Caswell <matt@openssl.org>
Date: Tue, 30 Apr 2024 13:31:26 +0000 (+0100)
Subject: Set the server sig algs before calling the session_secret_cb
X-Git-Tag: openssl-3.4.0-alpha1~594
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=91c7ab27cebe4e6f6a6376e0a691736a2534fdd0;p=thirdparty%2Fopenssl.git

Set the server sig algs before calling the session_secret_cb

Setting the server sig algs sets up the certificate "s3->tmp.valid_flags".
These are needed when calling ssl3_choose_cipher() which can happen
immediately after calling the session_secret_cb

Fixes #24213

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 47855da5bd1..1c38548fe04 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1959,6 +1959,11 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s)
         }
     }
 
+    if (!s->hit && !tls1_set_server_sigalgs(s)) {
+        /* SSLfatal() already called */
+        goto err;
+    }
+
     if (!s->hit
             && s->version >= TLS1_VERSION
             && !SSL_CONNECTION_IS_TLS13(s)
@@ -2110,10 +2115,6 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s)
 #else
         s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
 #endif
-        if (!tls1_set_server_sigalgs(s)) {
-            /* SSLfatal() already called */
-            goto err;
-        }
     }
 
     sk_SSL_CIPHER_free(ciphers);