Parse Signature Algorithm ext when renegotiating

Signature algorithm extension was skipped when renegotiation was in progress, causing the signature algorithm not to be known when renegotiating, and failing the handshake. Fix removes the renegotiation step check before parsing the extension.
2024-11-22 12:05:36 +01:00 · 2017-10-03 15:58:26 +03:00 · 2017-10-03 15:58:26 +03:00 · 73a381772b
commit 73a381772b
parent 8ca0e8fdff
2 changed files with 5 additions and 5 deletions
--- a/3
+++ b/3
@ -11,6 +11,9 @@ Bugfix
   * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
     Found by projectgus and jethrogb, #836.
   * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.
+   * Parse signature algorithm extension when renegotiating. Previously,
+     renegotiated handshakes would only accept signatures using SHA-1
+     regardless of the peer's preferences, or fail if SHA-1 was disabled.

 = mbed TLS 2.6.0 branch released 2017-08-10

--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -1695,10 +1695,7 @@ read_record_header:
    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
            case MBEDTLS_TLS_EXT_SIG_ALG:
                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-                if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-                    break;
-#endif
+
                ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
                if( ret != 0 )
                    return( ret );