@@ -26130,13 +26130,16 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
2613026130 }
2613126131
2613226132#ifdef HAVE_RENEGOTIATION_INDICATION
26133- if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26134- WOLFSSL_MSG("Too many ciphersuites");
26135- return 0;
26133+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
26134+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26135+ WOLFSSL_MSG("Too many ciphersuites");
26136+ return 0;
26137+ }
26138+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
26139+ suites->suites[suites->suiteSz+1] =
26140+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26141+ suites->suiteSz += 2;
2613626142 }
26137- suites->suites[suites->suiteSz] = CIPHER_BYTE;
26138- suites->suites[suites->suiteSz+1] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26139- suites->suiteSz += 2;
2614026143#endif
2614126144 suites->setSuites = 1;
2614226145 }
@@ -26274,13 +26277,16 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
2627426277 InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
2627526278 &suites->hashSigAlgoSz);
2627626279#ifdef HAVE_RENEGOTIATION_INDICATION
26277- if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26278- WOLFSSL_MSG("Too many ciphersuites");
26279- return 0;
26280+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
26281+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
26282+ WOLFSSL_MSG("Too many ciphersuites");
26283+ return 0;
26284+ }
26285+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
26286+ suites->suites[suites->suiteSz+1] =
26287+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26288+ suites->suiteSz += 2;
2628026289 }
26281- suites->suites[suites->suiteSz] = CIPHER_BYTE;
26282- suites->suites[suites->suiteSz+1] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
26283- suites->suiteSz += 2;
2628426290#endif
2628526291 suites->setSuites = 1;
2628626292 }
0 commit comments