Cryptography Reference
In-Depth Information
}
if ( !parameters->handshake_finished )
{
switch ( buffer[ 0 ] )
{
case SSL_MT_ERROR:
status = parse_server_error( parameters, buffer + 1 );
return -1;
case SSL_MT_SERVER_HELLO:
status = parse_server_hello( parameters, buffer + 1 );
if ( status == -1 )
{
send_error( connection,
SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE,
parameters );
}
break;
default:
printf( “Skipping unrecognized handshake message %d\n”,
buffer[ 0 ] );
break;
}
}
free( buffer );
return status;
}
First, read the length of the message. Remember that the fi rst two or three
bytes of every SSLv2 message must be the length of the following payload:
if ( recv( connection, &message_len, 2, 0 ) <= 0 )
{
return -1;
}
message_len = ntohs( message_len );
if ( message_len & 0x8000 )
{
// two-byte length
message_len &= 0x7FFF;
}
Because you know this is an SSLv2 connection, you know that at least two
bytes should be available. Check the MSB of the fi rst byte and, if it's 1, mask it
out to get the actual length (you'll deal with the three-byte case below).
Search WWH ::
Custom Search