wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix sniffer bug with detecting old client hello

Browse Source
This commit is contained in:
John Safranek
2014-11-07 15:35:36 -08:00
parent a45a8f2cd8
commit 00965d44dc
1 changed files with 2 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/sniffer.c
View File

@@ -2536,16 +2536,10 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) { if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) {
/* Sanity check the packet for an old style client hello. */ /* Sanity check the packet for an old style client hello. */
int rhSize = int rhSize = ((*sslFrame)[0] & 0x7f) | ((*sslFrame)[1]);
((ssl->buffers.inputBuffer.buffer[
ssl->buffers.inputBuffer.idx] & 0x7f) << 8) |
ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 1];
if ((rhSize <= (*sslBytes - 2)) && if ((rhSize <= (*sslBytes - 2)) &&
(ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 2] (*sslFrame)[2] == OLD_HELLO_ID && (*sslFrame)[3] == SSLv3_MAJOR) {
== OLD_HELLO_ID) &&
(ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx + 3]
== SSLv3_MAJOR)) {
#ifdef OLD_HELLO_ALLOWED #ifdef OLD_HELLO_ALLOWED
int ret = DoOldHello(*session, *sslFrame, &rhSize, sslBytes, error); int ret = DoOldHello(*session, *sslFrame, &rhSize, sslBytes, error);
if (ret < 0) if (ret < 0)