The message header for fake SSL 3.0/TLS 1.0 client hellos created from
authorBodo Möller <bodo@openssl.org>
Tue, 16 Oct 2001 00:56:04 +0000 (00:56 +0000)
committerBodo Möller <bodo@openssl.org>
Tue, 16 Oct 2001 00:56:04 +0000 (00:56 +0000)
SSL 2.0 client hellos added with the previous commit was totally wrong --
it must start with the message type, not the protocol version.
(Not that this particular header is actually used anywhere ...)

ssl/s23_srvr.c

index 342d145..563531f 100644 (file)
@@ -365,12 +365,11 @@ int ssl23_get_client_hello(SSL *s)
                        goto err;
                        }
 
-               /* record header: version ... */
-               *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
-               *(d++) = v[1];
+               /* record header: msg_type ... */
+               *(d++) = SSL3_MT_CLIENT_HELLO;
                /* ... and length (actual value will be written later) */
-               d_len = d++;
-               d++;
+               d_len = d;
+               d += 3;
 
                /* client_version */
                *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
@@ -404,7 +403,7 @@ int ssl23_get_client_hello(SSL *s)
                *(d++)=0;
                
                i=(d-(unsigned char *)s->init_buf->data);
-               s2n(i, d_len);
+               l2n3((long)i, d_len);
 
                /* get the data reused from the init_buf */
                s->s3->tmp.reuse_message=1;