@@ -26122,8 +26122,6 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
2612226122 #endif
2612326123 #ifdef OPENSSL_EXTRA
2612426124 if (callInitSuites) {
26125- byte tmp[WOLFSSL_MAX_SUITE_SZ];
26126- XMEMCPY(tmp, suites->suites, idx); /* Store copy */
2612726125 suites->setSuites = 0; /* Force InitSuites */
2612826126 suites->hashSigAlgoSz = 0; /* Force InitSuitesHashSigAlgo call
2612926127 * inside InitSuites */
@@ -26148,6 +26146,19 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
2614826146 InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
2614926147 &suites->hashSigAlgoSz);
2615026148 }
26149+
26150+ #ifdef HAVE_RENEGOTIATION_INDICATION
26151+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
26152+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26153+ WOLFSSL_MSG("Too many ciphersuites");
26154+ return 0;
26155+ }
26156+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
26157+ suites->suites[suites->suiteSz+1] =
26158+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26159+ suites->suiteSz += 2;
26160+ }
26161+ #endif
2615126162 suites->setSuites = 1;
2615226163 }
2615326164
@@ -26283,6 +26294,18 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
2628326294 haveSig |= haveAnon ? SIG_ANON : 0;
2628426295 InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
2628526296 &suites->hashSigAlgoSz);
26297+ #ifdef HAVE_RENEGOTIATION_INDICATION
26298+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
26299+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26300+ WOLFSSL_MSG("Too many ciphersuites");
26301+ return 0;
26302+ }
26303+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
26304+ suites->suites[suites->suiteSz+1] =
26305+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26306+ suites->suiteSz += 2;
26307+ }
26308+ #endif
2628626309 suites->setSuites = 1;
2628726310 }
2628826311
0 commit comments