Refine SHA-1 default in signature algorithm negotiation. Rather than blindly select SHA-1 if we can't find a matching one, act as if the peer advertised rsa_pkcs1_sha1 and ecdsa_sha1. This means that we will fail the handshake if no common algorithm may be found. This is done in preparation for removing the SHA-1 default in TLS 1.3. Change-Id: I3584947909d3d6988b940f9404044cace265b20d Reviewed-on: https://boringssl-review.googlesource.com/8695 Reviewed-by: David Benjamin <davidben@google.com>

commit: ea9a0d5313f4244f2765e02d762788c1cb9be72a [log] [tgz]
author: David Benjamin <davidben@google.com> Fri Jul 08 15:52:59 2016 -0700
committer: David Benjamin <davidben@google.com> Tue Jul 12 16:32:31 2016 +0000
tree: d5100ecccf1f97805c7755ae95dcc057725fb2b9
parent: d246b817515b52b77ccc4876f25ddf4f41e67477 [diff] [blame]
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 2ae5ab1..7c27266 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -4660,6 +4660,7 @@
 #define SSL_R_SHUTDOWN_WHILE_IN_INIT 250
 #define SSL_R_INVALID_OUTER_RECORD_TYPE 251
 #define SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY 252
+#define SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS 253
 #define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
commit	ea9a0d5313f4244f2765e02d762788c1cb9be72a	[log] [tgz]
author	David Benjamin <davidben@google.com>	Fri Jul 08 15:52:59 2016 -0700
committer	David Benjamin <davidben@google.com>	Tue Jul 12 16:32:31 2016 +0000
tree	d5100ecccf1f97805c7755ae95dcc057725fb2b9
parent	d246b817515b52b77ccc4876f25ddf4f41e67477 [diff] [blame]