wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix sniffer bug with detecting old client hello

Browse Source
This commit is contained in:
John Safranek
2014-11-07 15:35:36 -08:00
parent a45a8f2cd8
commit 00965d44dc
1 changed files with 2 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/sniffer.c
View File

@ -2536,16 +2536,10 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) {
/* Sanity check the packet for an old style client hello. */
int rhSize =
((ssl->buffers.inputBuffer.buffer[
ssl->buffers.inputBuffer.idx] & 0x7f) << 8) |
ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 1];
int rhSize = ((*sslFrame)[0] & 0x7f) | ((*sslFrame)[1]);
if ((rhSize <= (*sslBytes - 2)) &&
(ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 2]
== OLD_HELLO_ID) &&
(ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 3]
== SSLv3_MAJOR)) {
(*sslFrame)[2] == OLD_HELLO_ID && (*sslFrame)[3] == SSLv3_MAJOR) {
#ifdef OLD_HELLO_ALLOWED
int ret = DoOldHello(*session, *sslFrame, &rhSize, sslBytes, error);
if (ret < 0)