Add binding for SSL_CTX_set1_sigalgs_list

[Jean-Daniel]

OpenSSL.Context should expose a function to let client set signature algorithms (using SSL_CTX_set1_sigalgs_list which is already exposed by cryptography and available in pyOpenSSL).

This is required to force the server certificate choice (to RSA or ECDSA) when using TLS 1.3 as certificate type is no longer specified in the cipher name.

While forcing the certificate type is not useful for simple connection, this is a critical feature to be able to write tools to check the server SSL configuration.

My own use case is to be able to verify that an automatic certificate deployment script properly configure both RSA and ECDSA certificate on the server. As the server returns only the preferred certificate, having a way to force it is a requirement.

[reaperhulk]

SSL_CTX_set1_sigalgs_list is already bound (in cryptography, which pyOpenSSL uses), so you can submit a PR that adds a function calling it in pyOpenSSL without any additional work.

[Jean-Daniel]

PR #851

[Jean-Daniel]

Unfortunately, the binding was remove from cryptography…

pyca/cryptography#6473