New function ssl_set_client_disabled to set masks for any ciphersuites

that are disabled for this session (as opposed to always disabled by configuration). (backport from HEAD)
2012-12-26 14:55:46 +00:00
parent a897502cd9
commit b28fbdfa7d
6 changed files with 124 additions and 41 deletions
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2077,9 +2077,11 @@ int ssl3_send_certificate_request(SSL *s)

 		if (TLS1_get_version(s) >= TLS1_2_VERSION)
 			{
-			nl = tls12_get_sig_algs(s, p + 2);
+			const unsigned char *psigs;
+			nl = tls12_get_psigalgs(s, &psigs);
 			s2n(nl, p);
-			p += nl + 2;
+			memcpy(p, psigs, nl);
+			p += nl;
 			n += nl + 2;
 			}