Move SSL_DEBUG md fprintf after assignment

To avoid crash (same as openssl#5138 fixed in 44f23cd) CLA: trivial Reviewed-by: Tim Hudson <[email protected]> Reviewed-by: Rich Salz <[email protected]> (Merged from openssl#6937)
Paxxi · Aug 14, 2018 · 572fa02 · 572fa02
1 parent 80162ad
commit 572fa02
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
@@ -381,9 +381,6 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
             /* SSLfatal() already called */
             goto err;
         }
-#ifdef SSL_DEBUG
-        fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
-#endif
     } else if (!tls1_set_peer_legacy_sigalg(s, pkey)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
                      ERR_R_INTERNAL_ERROR);
@@ -396,6 +393,11 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
         goto err;
     }
 
+#ifdef SSL_DEBUG
+    if (SSL_USE_SIGALGS(s))
+        fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+
     /* Check for broken implementations of GOST ciphersuites */
     /*
      * If key is GOST and len is exactly 64 or 128, it is signature without