From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 26 Dec 2012 14:45:27 +0000 (+0000)
Subject: no need to check s->server as default_nid is never used for TLS 1.2 client authentication
X-Git-Tag: OpenSSL_1_0_2-beta1~519
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7531dd18dc9ed1c5ab1c9ad95a01e60a963e6cde;p=oweals%2Fopenssl.git

no need to check s->server as default_nid is never used for TLS 1.2 client authentication
(backport from HEAD)
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index cb3673759f..65bd8c3f44 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3519,7 +3519,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
 		 * have set preferred signature algorithms check we support
 		 * sha1.
 		 */
-		if (s->server && default_nid > 0 && c->conf_sigalgs)
+		if (default_nid > 0 && c->conf_sigalgs)
 			{
 			size_t j;
 			const unsigned char *p = c->conf_sigalgs;