The branch OpenSSL_1_1_1-stable has been updated via eed2c919fc9ae7e1b3e4cfb2da23655bca263dea (commit) from 1d7990451b4e69ac179a134c69551e557633c709 (commit)
- Log ----------------------------------------------------------------- commit eed2c919fc9ae7e1b3e4cfb2da23655bca263dea Author: Dmitry Belyavskiy <beld...@gmail.com> Date: Thu Nov 7 18:17:35 2019 +0300 Workaround for Windows-based GOST implementations Many Windows-based GOST TLS implementations are unable to extend the list of supported SignatureAlgorithms because of lack of the necessary callback in Windows. So for TLS 1.2 it makes sense to imply the support of GOST algorithms in case when the GOST ciphersuites are present. This is a backport of #10377 to 1.1.1 branch Reviewed-by: Paul Dale <paul.d...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10378) ----------------------------------------------------------------------- Summary of changes: ssl/t1_lib.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 9a6328449f..8498528b71 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2774,6 +2774,26 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) #endif break; } +#ifndef OPENSSL_NO_GOST + /* + * Some Windows-based implementations do not send GOST algorithms indication + * in supported_algorithms extension, so when we have GOST-based ciphersuite, + * we have to assume GOST support. + */ + if (i == s->shared_sigalgslen && s->s3->tmp.new_cipher->algorithm_auth & (SSL_aGOST01 | SSL_aGOST12)) { + if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { + if (!fatalerrs) + return 1; + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, + SSL_F_TLS_CHOOSE_SIGALG, + SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); + return 0; + } else { + i = 0; + sig_idx = lu->sig_idx; + } + } +#endif if (i == s->shared_sigalgslen) { if (!fatalerrs) return 1;