From db30f43242a216ebad0fd16fbef45fb7d3ab8de3 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Thu, 7 Nov 2019 17:58:15 +0300 Subject: [PATCH] Workaround for Windows-based GOST implementations Many Windows-based GOST TLS implementations are unable to extend the list of supported SignatureAlgorithms because of lack of the necessary callback in Windows. So for TLS 1.2 it makes sense to imply the support of GOST algorithms in case when the GOST ciphersuites are present. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10377) --- ssl/t1_lib.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index f13183a046..afb72857e5 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2864,6 +2864,26 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) #endif break; } +#ifndef OPENSSL_NO_GOST + /* + * Some Windows-based implementations do not send GOST algorithms indication + * in supported_algorithms extension, so when we have GOST-based ciphersuite, + * we have to assume GOST support. + */ + if (i == s->shared_sigalgslen && s->s3.tmp.new_cipher->algorithm_auth & (SSL_aGOST01 | SSL_aGOST12)) { + if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { + if (!fatalerrs) + return 1; + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, + SSL_F_TLS_CHOOSE_SIGALG, + SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); + return 0; + } else { + i = 0; + sig_idx = lu->sig_idx; + } + } +#endif if (i == s->shared_sigalgslen) { if (!fatalerrs) return 1; -- 2.25.1