Parse Signature Algorithm ext when renegotiating Signature algorithm extension was skipped when renegotiation was in progress, causing the signature algorithm not to be known when renegotiating, and failing the handshake. Fix removes the renegotiation step check before parsing the extension.

commit: 73a381772b3290487c9d010dce0a6c8dc13f66b7 [log] [tgz]
author: Ron Eldor <Ron.Eldor@arm.com> Tue Oct 03 15:58:26 2017 +0300
committer: Simon Butcher <simon.butcher@arm.com> Thu Oct 12 23:21:37 2017 +0100
tree: 40cde3f68431a9d875f029ee3fefe9736122eea2
parent: 8ca0e8fdff8c946f27d65c73e9751b414fc7bf95 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index b932145..7a81383 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -11,6 +11,9 @@
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
      Found by projectgus and jethrogb, #836.
    * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.
+   * Parse signature algorithm extension when renegotiating. Previously,
+     renegotiated handshakes would only accept signatures using SHA-1
+     regardless of the peer's preferences, or fail if SHA-1 was disabled.
 
 = mbed TLS 2.6.0 branch released 2017-08-10
commit	73a381772b3290487c9d010dce0a6c8dc13f66b7	[log] [tgz]
author	Ron Eldor <Ron.Eldor@arm.com>	Tue Oct 03 15:58:26 2017 +0300
committer	Simon Butcher <simon.butcher@arm.com>	Thu Oct 12 23:21:37 2017 +0100
tree	40cde3f68431a9d875f029ee3fefe9736122eea2
parent	8ca0e8fdff8c946f27d65c73e9751b414fc7bf95 [diff] [blame]