From f3061359d848b1283728a0b23c8f2245841749df Mon Sep 17 00:00:00 2001
From: Lealem Amedie <lealemta47@gmail.com>
Date: Thu, 6 Jun 2024 12:22:50 -0600
Subject: [PATCH] Improved fix for TLS1.3 to TLS1.2 client downgrade

---
 src/tls13.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/tls13.c b/src/tls13.c
index 56de461f7..ec41cf9b3 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -5023,6 +5023,7 @@ typedef struct Dsh13Args {
 int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                        word32 helloSz, byte* extMsgType)
 {
+    word32 inOutIdxCopy;
     int ret;
     byte suite[2];
     byte tls12minor;
@@ -5298,13 +5299,6 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                     return ret;
             }
 #endif /* WOLFSSL_DTLS13 */
-
-#ifndef WOLFSSL_NO_TLS12
-            return DoServerHello(ssl, input, inOutIdx, helloSz);
-#else
-            SendAlert(ssl, alert_fatal, wolfssl_alert_protocol_version);
-            return VERSION_ERROR;
-#endif
         }
     }
 
@@ -5359,6 +5353,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         DtlsCIDOnExtensionsParsed(ssl);
 #endif /* WOLFSSL_DTLS_CID */
 
+    inOutIdxCopy = *inOutIdx;
     *inOutIdx = args->idx;
 
     ssl->options.serverState = SERVER_HELLO_COMPLETE;
@@ -5403,8 +5398,9 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         else
             ssl->chVersion.minor = TLSv1_2_MINOR;
         /* Complete TLS v1.2 processing of ServerHello. */
-        ret = CompleteServerHello(ssl);
+        ret = DoServerHello(ssl, input, &inOutIdxCopy, helloSz);
 #else
+        (void)inOutIdxCopy;
         WOLFSSL_MSG("Client using higher version, fatal error");
         WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
         ret = VERSION_ERROR;