Process signature algorithms in ClientHello late. Reviewed-by: Tim Hudson <tjh@openssl.org>

commit: c800c27a8c47c8e63254ec594682452c296f1e8e [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Thu Oct 09 20:37:27 2014 +0100
committer: Dr. Stephen Henson <steve@openssl.org> Fri Oct 24 13:46:37 2014 +0100
tree: 854538aef6b7126eb7478481ef6b849fd3fa578a
parent: 3ff08e1dde56747011a702a9a5aae06cfa8ae5fc [diff] [blame]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index e8e374a..d3836bf 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -2191,12 +2191,18 @@
 			s->cert->pkeys[i].digest = NULL;
 			s->cert->pkeys[i].valid_flags = 0;
 			}
-		if ((llen & 1) || !tls1_process_sigalgs(s, p, llen))
+		if ((llen & 1) || !tls1_save_sigalgs(s, p, llen))
 			{
 			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
 			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_SIGNATURE_ALGORITHMS_ERROR);
 			goto err;
 			}
+		if (!tls1_process_sigalgs(s))
+			{
+			ssl3_send_alert(s,SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
 		p += llen;
 		}
commit	c800c27a8c47c8e63254ec594682452c296f1e8e	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Thu Oct 09 20:37:27 2014 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	Fri Oct 24 13:46:37 2014 +0100
tree	854538aef6b7126eb7478481ef6b849fd3fa578a
parent	3ff08e1dde56747011a702a9a5aae06cfa8ae5fc [diff] [blame]