CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2018/11/19 07:42:01
Modified files:
lib/libssl : ssl_cert.c
Log message:
Revert previous - the default sigalg for RSA key exchange is {sha1,rsa}.
In TLSv1.2, if the client does not send a signature algorithms extension
then for RSA key exchange a signature algorithm of {sha1,rsa} is implied.
The MD5+SHA1 hash only applies to older versions of TLS, which do not
support sigalgs.
