CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2018/11/19 07:42:01
Modified files: lib/libssl : ssl_cert.c Log message: Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}. In TLSv1.2, if the client does not send a signature algorithms extension then for RSA key exchange a signature algorithm of {sha1,rsa} is implied. The MD5+SHA1 hash only applies to older versions of TLS, which do not support sigalgs.