Commit ec6788fb authored by Matt Caswell's avatar Matt Caswell
Browse files

Delay setting the sig algs until after the cert_cb has been called 



Otherwise the sig algs are reset if SSL_set_SSL_CTX() gets called.

Fixes #7244

Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/7257)

(cherry picked from commit 524006dd1b80c1a86a20119ad988666a80d8d8f5)
parent 4ccd6c54

ssl/statem/statem_srvr.c

+17 −15
Original line number Diff line number Diff line
@@ -2056,10 +2056,6 @@ static int tls_early_post_process_client_hello(SSL *s) 
#else

        s->session->compress_meth = (comp == NULL) ? 0 : comp->id;

#endif

        if (!tls1_set_server_sigalgs(s)) {

            /* SSLfatal() already called */

            goto err;

        }

    }



    sk_SSL_CIPHER_free(ciphers);
@@ -2227,7 +2223,8 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) 
    if (wst == WORK_MORE_B) {

        if (!s->hit || SSL_IS_TLS13(s)) {

            /* Let cert callback update server certificates if required */

            if (!s->hit && s->cert->cert_cb != NULL) {

            if (!s->hit) {

                if (s->cert->cert_cb != NULL) {

                    int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);

                    if (rv == 0) {

                        SSLfatal(s, SSL_AD_INTERNAL_ERROR,
@@ -2241,6 +2238,11 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) 
                    }

                    s->rwstate = SSL_NOTHING;

                }

                if (!tls1_set_server_sigalgs(s)) {

                    /* SSLfatal already called */

                    goto err;

                }

            }



            /* In TLSv1.3 we selected the ciphersuite before resumption */

            if (!SSL_IS_TLS13(s)) {