Use MD5+SHA1 for default digest if appropriate. Reviewed-by: Tim Hudson <tjh@openssl.org>

commit: d18d31a16f91dc5042344e207390322170458025 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Sat Aug 29 22:11:05 2015 +0100
committer: Dr. Stephen Henson <steve@openssl.org> Tue Nov 24 19:18:44 2015 +0000
tree: 9f4d6667cd0e6b5f632b3588a29fd4c0c82d8861
parent: 2f142ada2c1f04c96c0c3db3ee3b6425934ad83b [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2ba76e3..3375494 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -2712,8 +2712,11 @@
     pmd[SSL_PKEY_DSA_SIGN] = EVP_sha1();
 #endif
 #ifndef OPENSSL_NO_RSA
-    pmd[SSL_PKEY_RSA_SIGN] = EVP_sha1();
-    pmd[SSL_PKEY_RSA_ENC] = EVP_sha1();
+    if (SSL_USE_SIGALGS(s))
+        pmd[SSL_PKEY_RSA_SIGN] = EVP_sha1();
+    else
+        pmd[SSL_PKEY_RSA_SIGN] = EVP_md5_sha1();
+    pmd[SSL_PKEY_RSA_ENC] = pmd[SSL_PKEY_RSA_SIGN];
 #endif
 #ifndef OPENSSL_NO_EC
     pmd[SSL_PKEY_ECC] = EVP_sha1();
commit	d18d31a16f91dc5042344e207390322170458025	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Sat Aug 29 22:11:05 2015 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	Tue Nov 24 19:18:44 2015 +0000
tree	9f4d6667cd0e6b5f632b3588a29fd4c0c82d8861
parent	2f142ada2c1f04c96c0c3db3ee3b6425934ad83b [diff] [blame]