Commit 6cbebb55 authored Jan 30, 2017 by Dr. Stephen Henson

Remove peer_md and use peer_sigalg instead.



Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2324)

parent 44b6318f

ssl/ssl_locl.h

+0 −2

Original line number	Diff line number	Diff line
		@@ -1300,8 +1300,6 @@ typedef struct ssl3_state_st {
		size_t peer_sigalgslen;
		/* Sigalg peer actualy uses */
		const SIGALG_LOOKUP *peer_sigalg;
		/* Digest peer uses for signing */
		const EVP_MD *peer_md;
		/* Array of digests used for signing */
		const EVP_MD *md[SSL_PKEY_NUM];
		/*

ssl/statem/statem_clnt.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1981,7 +1981,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL s, PACKET pkt)
		al = SSL_AD_DECODE_ERROR;
		goto err;
		}
		md = s->s3->tmp.peer_md;
		md = ssl_md(s->s3->tmp.peer_sigalg->hash_idx);
		#ifdef SSL_DEBUG
		fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
		#endif

ssl/statem/statem_lib.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -340,7 +340,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL s, PACKET pkt)
		al = SSL_AD_DECODE_ERROR;
		goto f_err;
		}
		md = s->s3->tmp.peer_md;
		md = ssl_md(s->s3->tmp.peer_sigalg->hash_idx);
		#ifdef SSL_DEBUG
		fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
		#endif

ssl/t1_lib.c

+1 −4

Original line number	Diff line number	Diff line
		@@ -937,10 +937,7 @@ int tls12_check_peer_sigalg(SSL s, uint16_t sig, EVP_PKEY pkey)
		SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
		return 0;
		}
		/*
		* Store the digest used so applications can retrieve it if they wish.
		*/
		s->s3->tmp.peer_md = md;
		/* Store the sigalg the peer uses */
		s->s3->tmp.peer_sigalg = lu;
		return 1;
		}