From 147c8085626544ba285ac201215f83d499616fac Mon Sep 17 00:00:00 2001 From: Kareem Date: Thu, 4 Jun 2026 17:15:06 -0700 Subject: [PATCH] Change no_renegotiation alert to warning level to match RFC 5246 7.2.2. Fixes F-4113. --- src/internal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/internal.c b/src/internal.c index a3be7ee448..7b989d5da4 100644 --- a/src/internal.c +++ b/src/internal.c @@ -18819,7 +18819,7 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (ssl->options.handShakeState == HANDSHAKE_DONE && type == client_hello && ssl->options.side == WOLFSSL_SERVER_END) { WOLFSSL_MSG("Renegotiation request rejected"); - SendAlert(ssl, alert_fatal, no_renegotiation); + SendAlert(ssl, alert_warning, no_renegotiation); WOLFSSL_ERROR_VERBOSE(SECURE_RENEGOTIATION_E); return SECURE_RENEGOTIATION_E; }