Fix SSL 2 version constant to 0x0002

SSL 2 uses a version field of 0x0002, not 0x0200. This is confirmed not only in the original Netscape spec [1] and RFC draft of the time [2], but also in major implementations such as OpenSSL [3] and Wireshark [4]. [1] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html [2] https://datatracker.ietf.org/doc/html/draft-hickman-netscape-ssl-00 [3] https://github.com/openssl/openssl/blob/OpenSSL_0_9_6m/ssl/ssl2.h#L66-L71 [4] https://github.com/wireshark/wireshark/blob/release-4.4/epan/dissectors/packet-tls-utils.h#L266-L277
seladb · Jan 19, 2025 · 426070b · 426070b
1 parent bc5c08d
commit 426070b
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 5 deletions.
diff --git a/Packet++/header/SSLCommon.h b/Packet++/header/SSLCommon.h
@@ -117,7 +117,7 @@ namespace pcpp
 		enum SSLVersionEnum
 		{
 			/** SSL 2.0 */
-			SSL2 = 0x0200,
+			SSL2 = 0x0002,
 			/** SSL 3.0 */
 			SSL3 = 0x0300,
 			/** TLS 1.0 */

diff --git a/Packet++/src/SSLCommon.cpp b/Packet++/src/SSLCommon.cpp
@@ -11,7 +11,7 @@ namespace pcpp
 
 	SSLVersion::SSLVersionEnum SSLVersion::asEnum(bool countTlsDraftsAs1_3)
 	{
-		if (m_SSLVersionValue >= 0x0300 && m_SSLVersionValue <= 0x0304)
+		if ((m_SSLVersionValue >= 0x0300 && m_SSLVersionValue <= 0x0304) || m_SSLVersionValue == 0x0002)
 			return static_cast<SSLVersion::SSLVersionEnum>(m_SSLVersionValue);
 
 		if ((m_SSLVersionValue >= 0x7f0e && m_SSLVersionValue <= 0x7f1c) || m_SSLVersionValue == 0xfb17 ||
@@ -23,9 +23,6 @@ namespace pcpp
 				return static_cast<SSLVersion::SSLVersionEnum>(m_SSLVersionValue);
 		}
 
-		if (m_SSLVersionValue == 0x200)
-			return SSLVersion::SSL2;
-
 		return SSLVersion::Unknown;
 	}