From 426070b0ef94dedd63a7d048c79c01bc7a500d10 Mon Sep 17 00:00:00 2001 From: Daniel Roethlisberger Date: Sun, 19 Jan 2025 17:16:37 +0100 Subject: [PATCH] Fix SSL 2 version constant to 0x0002 SSL 2 uses a version field of 0x0002, not 0x0200. This is confirmed not only in the original Netscape spec [1] and RFC draft of the time [2], but also in major implementations such as OpenSSL [3] and Wireshark [4]. [1] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html [2] https://datatracker.ietf.org/doc/html/draft-hickman-netscape-ssl-00 [3] https://github.com/openssl/openssl/blob/OpenSSL_0_9_6m/ssl/ssl2.h#L66-L71 [4] https://github.com/wireshark/wireshark/blob/release-4.4/epan/dissectors/packet-tls-utils.h#L266-L277 --- Packet++/header/SSLCommon.h | 2 +- Packet++/src/SSLCommon.cpp | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/Packet++/header/SSLCommon.h b/Packet++/header/SSLCommon.h index 5f499f9ec9..409aedafc0 100644 --- a/Packet++/header/SSLCommon.h +++ b/Packet++/header/SSLCommon.h @@ -117,7 +117,7 @@ namespace pcpp enum SSLVersionEnum { /** SSL 2.0 */ - SSL2 = 0x0200, + SSL2 = 0x0002, /** SSL 3.0 */ SSL3 = 0x0300, /** TLS 1.0 */ diff --git a/Packet++/src/SSLCommon.cpp b/Packet++/src/SSLCommon.cpp index 31207d8866..f1eb097e6b 100644 --- a/Packet++/src/SSLCommon.cpp +++ b/Packet++/src/SSLCommon.cpp @@ -11,7 +11,7 @@ namespace pcpp SSLVersion::SSLVersionEnum SSLVersion::asEnum(bool countTlsDraftsAs1_3) { - if (m_SSLVersionValue >= 0x0300 && m_SSLVersionValue <= 0x0304) + if ((m_SSLVersionValue >= 0x0300 && m_SSLVersionValue <= 0x0304) || m_SSLVersionValue == 0x0002) return static_cast(m_SSLVersionValue); if ((m_SSLVersionValue >= 0x7f0e && m_SSLVersionValue <= 0x7f1c) || m_SSLVersionValue == 0xfb17 || @@ -23,9 +23,6 @@ namespace pcpp return static_cast(m_SSLVersionValue); } - if (m_SSLVersionValue == 0x200) - return SSLVersion::SSL2; - return SSLVersion::Unknown; }