aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_server.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-01-06 19:36:07 -0500
committerJack Lloyd <[email protected]>2016-03-06 05:43:56 -0500
commit2f7225c5f56feab172978a0182ac27c20b02c080 (patch)
tree58c9d5d45f3772cd759cd0a52f9ccaa7891b7667 /src/lib/tls/tls_server.cpp
parent027733a7d7ae44e8eb0c96cef371ba592f4cd386 (diff)
Check that TLS signature type is accepted by the policy.
Previously the signature hashes and algos info was used to set the v1.2 signature_algorithms extension, but if the counterparty ignored the extension and sent something else, we wouldn't notice.
Diffstat (limited to 'src/lib/tls/tls_server.cpp')
-rw-r--r--src/lib/tls/tls_server.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp
index 5ababe621..41b14ae08 100644
--- a/src/lib/tls/tls_server.cpp
+++ b/src/lib/tls/tls_server.cpp
@@ -618,7 +618,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state,
state.client_certs()->cert_chain();
const bool sig_valid =
- state.client_verify()->verify(client_certs[0], state);
+ state.client_verify()->verify(client_certs[0], state, policy());
state.hash().update(state.handshake_io().format(contents, type));