Add SSLv2 ClientHello version field tests for SSLv2 and TLSv1

Tests/Packet++Test/PacketExamples/ssl2rec-ssl2clienthello.dat

@@ -0,0 +1 @@
+000000000000000000000000080045000058b183400040068b1a7f0000017f0000019136115101fe87084a5a8ace80180156fe4c00000101080a27f4368827f4368680220100020009000000100500800300800700c07a16c3dc4a8bcc5b161d1d10883e225e

Tests/Packet++Test/PacketExamples/ssl2rec-tls1clienthello.dat

@@ -0,0 +1 @@
+00005e0001670010a49159eb0800450000914a4d40008006344b0a9662910a9d040b067c01bb0440cd534be5ea345018ffff677b00008067010301004e000000100100800300800700c006004002008004008000003900003800003500003300003200000400000500002f00001600001300feff00000a00001500001200fefe0000090000640000620000030000063143c465d52771e466a42be1701787fd

Tests/Packet++Test/TestDefinition.h

@@ -132,6 +132,8 @@ PTF_TEST_CASE(TLS1_3ParsingTest);
 PTF_TEST_CASE(TLSCipherSuiteTest);
 PTF_TEST_CASE(ClientHelloTLSFingerprintTest);
 PTF_TEST_CASE(ServerHelloTLSFingerprintTest);
+PTF_TEST_CASE(SSL2RecordSSL2ClientHelloTest);
+PTF_TEST_CASE(SSL2RecordTLS1ClientHelloTest);
 
 // Implemented in IgmpTests.cpp
 PTF_TEST_CASE(IgmpParsingTest);

Tests/Packet++Test/Tests/SSLTests.cpp

@@ -2,6 +2,7 @@
 #include "../Utils/TestUtils.h"
 #include "EndianPortable.h"
 #include "Packet.h"
+#include "PayloadLayer.h"
 #include "SSLLayer.h"
 #include "SystemUtils.h"
 #include <fstream>
@@ -753,3 +754,66 @@ PTF_TEST_CASE(ServerHelloTLSFingerprintTest)
 	PTF_ASSERT_EQUAL(tlsFingerprint.toString(), "771,49195,23-65281-11-35-16");
 	PTF_ASSERT_EQUAL(tlsFingerprint.toMD5(), "eca9b8f0f3eae50309eaf901cb822d9b");
 }  // ServerHelloTLSFingerprintTest
+
+static uint16_t
+getSSL2ClientHelloVersion(uint8_t *data, size_t size)
+{
+	if (size < 2) {
+		return 0;
+	}
+
+	if ((data[0] & 0x80) == 0) {
+		// Record has padding, three-byte record header.
+		// Either data record or security escape.
+		return 0;
+	}
+	// Record has no padding, two-byte record header.
+	// Neither data record nor security escape.
+
+	size_t const rec_header_length = 2;
+	size_t const clienthello_header_length = 9;
+	size_t reclen = ((data[0] & 0x7f) << 8) | data[1];
+	if (size != rec_header_length + reclen || reclen < clienthello_header_length) {
+		return 0;
+	}
+
+	size_t pos = rec_header_length;
+	uint8_t const SSL_MT_CLIENT_HELLO = 1;
+	if (data[pos] != SSL_MT_CLIENT_HELLO) {
+		return 0;
+	}
+	pos++;
+	return be16toh(*(uint16_t *)&data[pos]);
+}
+
+PTF_TEST_CASE(SSL2RecordSSL2ClientHelloTest)
+{
+	timeval time;
+	gettimeofday(&time, nullptr);
+
+	READ_FILE_AND_CREATE_PACKET(1, "PacketExamples/ssl2rec-ssl2clienthello.dat");
+
+	pcpp::Packet clientHelloPacket(&rawPacket1);
+
+	// PCPP does not know how to parse SSLv2 yet, so we find the version field manually.
+	pcpp::PayloadLayer *payloadLayer = clientHelloPacket.getLayerOfType<pcpp::PayloadLayer>();
+	PTF_ASSERT_NOT_NULL(payloadLayer);
+	uint16_t version = getSSL2ClientHelloVersion(payloadLayer->getPayload(), payloadLayer->getPayloadLen());
+	PTF_ASSERT_EQUAL(version, pcpp::SSLVersion::SSL2)
+}  // SSL2RecordSSL2ClientHelloTest
+
+PTF_TEST_CASE(SSL2RecordTLS1ClientHelloTest)
+{
+	timeval time;
+	gettimeofday(&time, nullptr);
+
+	READ_FILE_AND_CREATE_PACKET(1, "PacketExamples/ssl2rec-tls1clienthello.dat");
+
+	pcpp::Packet clientHelloPacket(&rawPacket1);
+
+	// PCPP does not know how to parse SSLv2 yet, so we find the version field manually.
+	pcpp::PayloadLayer *payloadLayer = clientHelloPacket.getLayerOfType<pcpp::PayloadLayer>();
+	PTF_ASSERT_NOT_NULL(payloadLayer);
+	uint16_t version = getSSL2ClientHelloVersion(payloadLayer->getPayload(), payloadLayer->getPayloadLen());
+	PTF_ASSERT_EQUAL(version, pcpp::SSLVersion::TLS1_0)
+}  // SSL2RecordTLS1ClientHelloTest

Tests/Packet++Test/main.cpp

@@ -210,6 +210,8 @@ int main(int argc, char* argv[])
 	PTF_RUN_TEST(TLSCipherSuiteTest, "ssl");
 	PTF_RUN_TEST(ClientHelloTLSFingerprintTest, "ssl");
 	PTF_RUN_TEST(ServerHelloTLSFingerprintTest, "ssl");
+	PTF_RUN_TEST(SSL2RecordSSL2ClientHelloTest, "ssl;ssl2");
+	PTF_RUN_TEST(SSL2RecordTLS1ClientHelloTest, "ssl;ssl2");
 
 	PTF_RUN_TEST(SllPacketParsingTest, "sll");
 	PTF_RUN_TEST(SllPacketCreationTest, "sll");