Parse Signature Algorithm ext when renegotiating

Signature algorithm extension was skipped when renegotiation was in progress, causing the signature algorithm not to be known when renegotiating, and failing the handshake. Fix removes the renegotiation step check before parsing the extension.
2017-10-03 15:58:26 +03:00 · 2017-10-03 15:58:26 +03:00 · 8dd73e62d2
commit 8dd73e62d2
parent ae98d4aa39
2 changed files with 5 additions and 5 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -1694,11 +1694,8 @@ read_record_header:
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
            case MBEDTLS_TLS_EXT_SIG_ALG:
-                    MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-                if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-                    break;
-#endif
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
+
                ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
                if( ret != 0 )
                    return( ret );