CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2022/01/09 06:17:33
Modified files:
lib/libssl : ssl_clnt.c
Log message:
Clean up pkey handling in ssl3_get_server_key_exchange()
With TLSv1.2 and earlier, the authentication algorithm used to sign the
ServerKeyExchange message is dependent on the cipher suite in use and has
nothing to do with the key exchange algorithm. As such, check the
authentication algorithm based on the cipher suite in
ssl3_get_server_key_exchange() and handle things accordingly.
ok inoguchi@ tb@
