Terminate handshake if only unknown or disabled signatures are advertized by the...

That is, do not attempt to proceed assuming that the peer supports SHA-1.

diff --git a/lib/alert.c b/lib/alert.c
index da41d2747b74d96cd4e6efb6caa22281095892b4..a4e30cf48c1b9f186f3826d80b7e5c4535069a27 100644 (file)
--- a/lib/alert.c
+++ b/lib/alert.c
@@ -242,6 +242,7 @@ int gnutls_error_to_alert(int err, int *level)
        case GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM:
        case GNUTLS_E_SAFE_RENEGOTIATION_FAILED:
        case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL:
+       case GNUTLS_E_UNKNOWN_PK_ALGORITHM:
                ret = GNUTLS_A_HANDSHAKE_FAILURE;
                _level = GNUTLS_AL_FATAL;
                break;

diff --git a/lib/ext/signature.c b/lib/ext/signature.c
index adb19845f9b2b0a4f0aad588dbb436a062a11f47..96b97cef946518a47d69a3e593e68b74c3f9ee7b 100644 (file)
--- a/lib/ext/signature.c
+++ b/lib/ext/signature.c
@@ -1,5 +1,6 @@
 /*
- * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2002-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
  *
  * Author: Nikos Mavrogiannopoulos
  *
@@ -150,12 +151,12 @@ _gnutls_sign_algorithm_parse_data(gnutls_session_t session,
                     gnutls_sign_get_name(sig));
 
                if (sig != GNUTLS_SIGN_UNKNOWN) {
-                       priv->sign_algorithms[priv->
-                                             sign_algorithms_size++] =
-                           sig;
                        if (priv->sign_algorithms_size ==
                            MAX_SIGNATURE_ALGORITHMS)
                                break;
+                       priv->sign_algorithms[priv->
+                                             sign_algorithms_size++] =
+                           sig;
                }
        }
 
@@ -195,7 +196,7 @@ _gnutls_signature_algorithm_recv_params(gnutls_session_t session,
        } else {
                /* SERVER SIDE - we must check if the sent cert type is the right one
                 */
-               if (data_size > 2) {
+               if (data_size >= 2) {
                        uint16_t len;
 
                        DECR_LEN(data_size, 2);
@@ -283,10 +284,8 @@ _gnutls_session_get_sign_algo(gnutls_session_t session,
                                         &epriv);
        priv = epriv;
 
-       if (ret < 0 || !_gnutls_version_has_selectable_sighash(ver)
-           || priv->sign_algorithms_size == 0)
+       if (ret < 0 || !_gnutls_version_has_selectable_sighash(ver)) {
                /* none set, allow SHA-1 only */
-       {
                ret = gnutls_pk_to_sign(cert_algo, GNUTLS_DIG_SHA1);
 
                if (!client_cert && _gnutls_session_sign_algo_enabled(session, ret) < 0)