diff options
author | David Benjamin <davidben@google.com> | 2020-01-15 20:15:36 -0500 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2020-01-16 23:39:20 +0000 |
commit | f249840c94dfbb8095ed5b148f1ef579b5fcdcc1 (patch) | |
tree | 18aa265a3968b1a0f871815f0357a3e412e88cc4 /ssl/handshake_server.cc | |
parent | 986afedaa71174f122d7bde17bba3aeb40eed69f (diff) | |
download | boringssl-f249840c94dfbb8095ed5b148f1ef579b5fcdcc1.zip boringssl-f249840c94dfbb8095ed5b148f1ef579b5fcdcc1.tar.gz boringssl-f249840c94dfbb8095ed5b148f1ef579b5fcdcc1.tar.bz2 |
Remove SSL_CTX_set_rsa_pss_rsae_certs_enabled.
We never ended up using this, and it'll only become less relevant over
time.
Change-Id: I44c750aee24df8e9eecc28b46540d8b3139004ff
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/39608
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/handshake_server.cc')
-rw-r--r-- | ssl/handshake_server.cc | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc index c7d7fb6..dfe14bf 100644 --- a/ssl/handshake_server.cc +++ b/ssl/handshake_server.cc @@ -1092,12 +1092,9 @@ static enum ssl_hs_wait_t do_send_server_hello_done(SSL_HANDSHAKE *hs) { !CBB_add_u8_length_prefixed(&body, &cert_types) || !CBB_add_u8(&cert_types, SSL3_CT_RSA_SIGN) || !CBB_add_u8(&cert_types, TLS_CT_ECDSA_SIGN) || - // TLS 1.2 has no way to specify different signature algorithms for - // certificates and the online signature, so emit the more restrictive - // certificate list. (ssl_protocol_version(ssl) >= TLS1_2_VERSION && (!CBB_add_u16_length_prefixed(&body, &sigalgs_cbb) || - !tls12_add_verify_sigalgs(ssl, &sigalgs_cbb, true /* certs */))) || + !tls12_add_verify_sigalgs(ssl, &sigalgs_cbb))) || !ssl_add_client_CA_list(hs, &body) || !ssl_add_message_cbb(ssl, cbb.get())) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); |