From 0a1332c4dfcbd2a1fee765c336548f9640fee414 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 9 Sep 2022 12:36:16 +0200
Subject: [PATCH] Additional checks for secure renegotiation

---
 src/ssl.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/ssl.c b/src/ssl.c
index fb969ead0..7810c02d5 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -3168,6 +3168,11 @@ static int _Rehandshake(WOLFSSL* ssl)
     if (ssl == NULL)
         return BAD_FUNC_ARG;
 
+    if (IsAtLeastTLSv1_3(ssl->version)) {
+        WOLFSSL_MSG("Secure Renegotiation not supported in TLS 1.3");
+        return SECURE_RENEGOTIATION_E;
+    }
+
     if (ssl->secure_renegotiation == NULL) {
         WOLFSSL_MSG("Secure Renegotiation not forced on by user");
         return SECURE_RENEGOTIATION_E;
@@ -3178,6 +3183,11 @@ static int _Rehandshake(WOLFSSL* ssl)
         return SECURE_RENEGOTIATION_E;
     }
 
+    if (ssl->keys.dtls_epoch == 0xFFFF) {
+        WOLFSSL_MSG("Secure Renegotiation not allowed. Epoch would wrap");
+        return SECURE_RENEGOTIATION_E;
+    }
+
     /* If the client started the renegotiation, the server will already
      * have processed the client's hello. */
     if (ssl->options.side != WOLFSSL_SERVER_END ||