From ab33788cdb2e5ff66653ca0cf3f3ae797f958739 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Thu, 5 Jan 2023 13:48:34 -0800
Subject: [PATCH] treat ECDHE,RSA cipher suite list as mixed TLS 1.3 and pre
 TLS 1.3

---
 src/ssl.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/ssl.c b/src/ssl.c
index 33d70b4160..4227cb859f 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -11765,6 +11765,28 @@ static int CheckcipherList(const char* list)
                 break;
             }
         }
+
+    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
+        /* check if mixed due to names like RSA:ECDHE+AESGCM etc. */
+        if (ret != 0) {
+            char* subStr = name;
+            char* subStrNext;
+
+            do {
+                subStrNext = XSTRSTR(subStr, "+");
+
+                if ((XSTRCMP(subStr, "ECDHE") == 0) ||
+                        (XSTRCMP(subStr, "RSA") == 0)) {
+                    return 0;
+                }
+
+                if (subStrNext && (XSTRLEN(subStrNext) > 0)) {
+                    subStr = subStrNext + 1; /* +1 to skip past '+' */
+                }
+            } while (subStrNext != NULL);
+        }
+    #endif
+
         if (findTLSv13Suites == 1 && findbeforeSuites == 1) {
             /* list has mixed suites */
             return 0;