diff options
author | Kenny Root <kroot@google.com> | 2013-06-24 12:03:19 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2013-06-26 08:48:28 -0700 |
commit | 9296b4bb0e04a10b561da2996d3c9575872f1fa4 (patch) | |
tree | 9bcb9d17db9ae249c3000b2bcec950e54c33a344 /include | |
parent | a417d05adc329e0cda1768aed67f207bc4168998 (diff) | |
download | replicant_openssl-9296b4bb0e04a10b561da2996d3c9575872f1fa4.zip replicant_openssl-9296b4bb0e04a10b561da2996d3c9575872f1fa4.tar.gz replicant_openssl-9296b4bb0e04a10b561da2996d3c9575872f1fa4.tar.bz2 |
Add TLS 1.2 digests patch
Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA
keys.
Patch from Adam Langley <agl@chromium.org>
Change-Id: I11b74472c0df16eca8de3aa36413686603814243
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/ssl3.h | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h index fee9671..215b985 100644 --- a/include/openssl/ssl3.h +++ b/include/openssl/ssl3.h @@ -550,6 +550,16 @@ typedef struct ssl3_state_st * verified Channel ID from the client: a P256 point, (x,y), where * each are big-endian values. */ unsigned char tlsext_channel_id[64]; + + /* These point to the digest function to use for signatures made with + * each type of public key. A NULL value indicates that the default + * digest should be used, which is SHA1 as of TLS 1.2. + * + * (These should be in the tmp member, but we have to put them here to + * ensure binary compatibility with earlier OpenSSL 1.0.* releases.) */ + const EVP_MD *digest_rsa; + const EVP_MD *digest_dsa; + const EVP_MD *digest_ecdsa; } SSL3_STATE; #endif @@ -699,4 +709,3 @@ typedef struct ssl3_state_st } #endif #endif - |