[openssl/openssl] 73030d: Allow provider sigalgs in SignatureAlgorithms conf
Alex Bozarth
noreply at github.com
Wed Apr 3 14:48:58 UTC 2024
Branch: refs/heads/openssl-3.2
Home: https://github.com/openssl/openssl
Commit: 73030db670c80c399346d88d5f0f28d9a38f6613
https://github.com/openssl/openssl/commit/73030db670c80c399346d88d5f0f28d9a38f6613
Author: Alex Bozarth <ajbozart at us.ibm.com>
Date: 2024-04-03 (Wed, 03 Apr 2024)
Changed paths:
M ssl/s3_lib.c
M ssl/ssl_lib.c
M ssl/ssl_local.h
M ssl/t1_lib.c
Log Message:
-----------
Allow provider sigalgs in SignatureAlgorithms conf
Though support for provider-based signature algorithms was added in
ee58915 this functionality did not work with the SignatureAlgorithms
configuration command. If SignatureAlgorithms is set then the provider
sigalgs are not used and instead it used the default value.
This PR adds a check against the provider-base sigalg list when parsing
the SignatureAlgorithms value.
Based-on-patch-by: Martin Schmatz <mrt at zurich.ibm.com>
Fixes #22761
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22779)
(cherry picked from commit 4169d58c855718d90424fd5da632cf2f2b46e691)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list