openssl/ssl
Matt Caswell b8fef8ee92 Don't use an RSA-PSS cert for RSA key exchange
If we have selected a ciphersuite using RSA key exchange then we must
not attempt to use an RSA-PSS cert for that.

Fixes #7059

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7099)
2018-09-04 11:28:01 +01:00
..
record Tolerate encrypted or plaintext alerts 2018-08-08 10:16:58 +01:00
statem Send a NewSessionTicket after using an external PSK 2018-09-04 11:22:26 +01:00
bio_ssl.c Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
build.info Move ssl/t1_ext.c to ssl/statem/extensions_cust.c 2017-04-07 13:41:04 +01:00
d1_lib.c More record layer conversions to use SSLfatal() 2017-12-08 16:42:02 +00:00
d1_msg.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
d1_srtp.c Move client parsing of ServerHello extensions into new framework 2016-12-08 17:18:25 +00:00
methods.c Drop support for OPENSSL_NO_TLS1_3_METHOD 2017-06-30 09:41:46 +01:00
packet.c Update copyright year 2018-04-17 15:18:40 +02:00
packet_locl.h Remove __cplusplus preamble from internal headers 2018-06-22 12:24:59 +02:00
pqueue.c Use void in all function definitions that do not take any arguments 2018-05-11 14:37:48 +02:00
s3_cbc.c Move ossl_assert 2017-08-03 10:48:00 +01:00
s3_enc.c Ensure that we write out alerts correctly after early_data 2018-08-08 10:16:58 +01:00
s3_lib.c Fix a mem leak on error in the PSK code 2018-08-30 09:50:29 +08:00
s3_msg.c Update copyright year 2018-02-13 13:59:25 +00:00
ssl_asn1.c Don't use OPENSSL_strdup() for copying alpn_selected 2018-06-21 11:07:45 +01:00
ssl_cert.c Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_list 2018-09-03 13:10:17 +02:00
ssl_cert_table.h Update copyright year 2018-03-20 13:08:46 +00:00
ssl_ciph.c Harmonize use of sk_TYPE_find's return value. 2018-08-07 08:56:54 +02:00
ssl_conf.c Add the ability to configure anti-replay via SSL_CONF 2018-07-02 15:06:12 +01:00
ssl_err.c Fix some TLSv1.3 alert issues 2018-07-31 09:31:50 +01:00
ssl_init.c Fix setting of ssl_strings_inited. 2018-08-07 15:08:03 -04:00
ssl_lib.c Add support for SSL_CTX_set_post_handshake_auth() 2018-08-20 15:14:01 +01:00
ssl_locl.h Use the same min-max version range on the client consistently 2018-08-22 15:15:19 +01:00
ssl_mcnf.c Move the loading of the ssl_conf module to libcrypto 2018-04-05 15:30:12 +01:00
ssl_rsa.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_sess.c ssl/*: switch to switch to Thread-Sanitizer-friendly primitives. 2018-08-07 09:08:23 +02:00
ssl_stat.c Merge HRR into ServerHello 2017-12-14 15:06:37 +00:00
ssl_txt.c Address coverity-reported NULL dereference in SSL_SESSION_print() 2018-07-01 18:20:11 -05:00
ssl_utst.c Remove heartbeat support 2016-11-13 16:24:02 -05:00
t1_enc.c Ensure that we write out alerts correctly after early_data 2018-08-08 10:16:58 +01:00
t1_lib.c Don't use an RSA-PSS cert for RSA key exchange 2018-09-04 11:28:01 +01:00
t1_trce.c Fix ssl/t1_trce.c to parse certificate chains 2018-09-01 08:58:42 +08:00
tls13_enc.c Ensure that we write out alerts correctly after early_data 2018-08-08 10:16:58 +01:00
tls_srp.c Use the private RNG for data that is not public 2018-04-02 22:22:43 +02:00