commit bac9d4d90fbbe1eedd28e82194131c6494878289
author Ron Eldor <Ron.Eldor@arm.com> Tue Oct 03 15:58:26 2017 +0300
committer Simon Butcher <simon.butcher@arm.com> Wed Oct 11 13:58:08 2017 +0100
tree 91492571bb43f8151b448a7992df4b534c3c1c0b
parent 5d39aceb04577f7238a29137a178c4fdbd090aed

Parse Signature Algorithm ext when renegotiating

Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 01b4ada..1002adf 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1603,11 +1603,8 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
     defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
             case MBEDTLS_TLS_EXT_SIG_ALG:
-                    MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-                if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-                    break;
-#endif
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
+
                 ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
                 if( ret != 0 )
                     return( ret );