/* Set supported signature algorithms */ static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) { int rv; if (cctx->ssl) rv = SSL_set1_sigalgs_list(cctx->ssl, value); /* NB: ctx == NULL performs syntax checking only */ else rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value); return rv > 0; }
void SSLContext::setSignatureAlgorithms( const std::vector<std::string>& sigalgs) { if (sigalgs.size() == 0) { return; } #if OPENSSL_VERSION_NUMBER >= 0x1000200fL std::string opensslSigAlgsList; join(":", sigalgs, opensslSigAlgsList); int rc = SSL_CTX_set1_sigalgs_list(ctx_, opensslSigAlgsList.c_str()); if (rc == 0) { throw std::runtime_error("SSL_CTX_set1_sigalgs_list " + getErrors()); } #endif }
static int test_set_sigalgs(int idx) { SSL_CTX *cctx = NULL, *sctx = NULL; SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; const sigalgs_list *curr; int testctx; /* Should never happen */ if ((size_t)idx >= OSSL_NELEM(testsigalgs) * 2) return 0; testctx = ((size_t)idx < OSSL_NELEM(testsigalgs)); curr = testctx ? &testsigalgs[idx] : &testsigalgs[idx - OSSL_NELEM(testsigalgs)]; if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, &cctx, cert, privkey)) { printf("Unable to create SSL_CTX pair\n"); return 0; } if (testctx) { int ret; if (curr->list != NULL) ret = SSL_CTX_set1_sigalgs(cctx, curr->list, curr->listlen); else ret = SSL_CTX_set1_sigalgs_list(cctx, curr->liststr); if (!ret) { if (curr->valid) printf("Unexpected failure setting sigalgs in SSL_CTX (%d)\n", idx); else testresult = 1; goto end; } if (!curr->valid) { printf("Unexpected success setting sigalgs in SSL_CTX (%d)\n", idx); goto end; } } if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { printf("Unable to create SSL objects\n"); goto end; } if (!testctx) { int ret; if (curr->list != NULL) ret = SSL_set1_sigalgs(clientssl, curr->list, curr->listlen); else ret = SSL_set1_sigalgs_list(clientssl, curr->liststr); if (!ret) { if (curr->valid) printf("Unexpected failure setting sigalgs in SSL (%d)\n", idx); else testresult = 1; goto end; } if (!curr->valid) { printf("Unexpected success setting sigalgs in SSL (%d)\n", idx); goto end; } } if (curr->connsuccess != create_ssl_connection(serverssl, clientssl)) { printf("Unexpected return value creating SSL connection (%d)\n", idx); goto end; } testresult = 1; end: SSL_free(serverssl); SSL_free(clientssl); SSL_CTX_free(sctx); SSL_CTX_free(cctx); return testresult; }