Internal change PiperOrigin-RevId: 386283667

commit: b2a913450e7d05bc5b5e4f972e046e7b216bb1c3 [log] [tgz]
author: wub <wub@google.com> Thu Jul 22 11:26:01 2021 -0700
committer: Copybara-Service <copybara-worker@google.com> Thu Jul 22 11:28:19 2021 -0700
tree: 54682b15a242028b578089faaec6d9dce2fdef2a
parent: 3460166b2d9bad6833bfbf0be213ba4dc07c9915 [diff]
diff --git a/quic/core/crypto/tls_connection.cc b/quic/core/crypto/tls_connection.cc
index 3a1e652..beb81fc 100644
--- a/quic/core/crypto/tls_connection.cc
+++ b/quic/core/crypto/tls_connection.cc

@@ -100,6 +100,11 @@
     const int early_data_enabled = *ssl_config_.early_data_enabled ? 1 : 0;
     SSL_set_early_data_enabled(ssl(), early_data_enabled);
   }
+  if (ssl_config_.signing_algorithm_prefs.has_value()) {
+    SSL_set_signing_algorithm_prefs(
+        ssl(), ssl_config_.signing_algorithm_prefs->data(),
+        ssl_config_.signing_algorithm_prefs->size());
+  }
 }
 
 // static

diff --git a/quic/core/quic_types.h b/quic/core/quic_types.h
index 253ffcb..1b8fc47 100644
--- a/quic/core/quic_types.h
+++ b/quic/core/quic_types.h

@@ -838,6 +838,9 @@
 struct QUIC_NO_EXPORT QuicSSLConfig {
   // Whether TLS early data should be enabled. If not set, default to enabled.
   absl::optional<bool> early_data_enabled;
+  // If set, used to configure the SSL object with
+  // SSL_set_signing_algorithm_prefs.
+  absl::optional<absl::InlinedVector<uint16_t, 4>> signing_algorithm_prefs;
 };
 
 }  // namespace quic
commit	b2a913450e7d05bc5b5e4f972e046e7b216bb1c3	[log] [tgz]
author	wub <wub@google.com>	Thu Jul 22 11:26:01 2021 -0700
committer	Copybara-Service <copybara-worker@google.com>	Thu Jul 22 11:28:19 2021 -0700
tree	54682b15a242028b578089faaec6d9dce2fdef2a
parent	3460166b2d9bad6833bfbf0be213ba4dc07c9915 [diff]