From a70535f84902b8d86c16ef3fe9d570b96fa5cfce Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 27 Mar 2020 17:16:59 +0000
Subject: [PATCH] Give a better error if we can't find a sig alg

Some scenarios where we could not find a suitable sig alg just
gave "internal error" as the reason - which isn't very helpful. A
more suitable reason code already exists - so we use that.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11425)
---
 ssl/t1_lib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4ab046b7b3..624add64a8 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2964,7 +2964,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
                     if (!fatalerrs)
                         return 1;
                     SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CHOOSE_SIGALG,
-                             ERR_R_INTERNAL_ERROR);
+                             SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
                     return 0;
                 }
 
@@ -2989,7 +2989,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
                 if (!fatalerrs)
                     return 1;
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CHOOSE_SIGALG,
-                         ERR_R_INTERNAL_ERROR);
+                         SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
                 return 0;
             }
         }
-- 
2.25.1