{
Parser::BinaryTokenizer tk(raw);
while (!tk.atEnd()) {
- // The v2 hello messages cipher has 3 bytes. The v2 cipher has the
- // first byte not null. In an v23 SSL Hello message both v2 and
- // v3/tls ciphers can coexist.
- // The supported ciphers list needed for Peek and Stare bumping
- // modes where only SSLv3 and TLS protocols are supported so
- // we are ignoring the v2 ciphers.
+ // RFC 6101 Appendix E, RFC 5246 Appendix E2
+ // Unlike TLS, ciphers in SSLv23 Hellos are 3 bytes long and come in
+ // two versions: v2 and v3. The two versions may co-exist in a single
+ // SSLv23 Hello. Only v3 ciphers have a first byte value of zero.
+ // The ciphers are needed for our peeking/staring code that
+ // does not support SSLv2, so we ignore v2 ciphers.
const uint8_t prefix = tk.uint8("prefix");
const uint16_t cipher = tk.uint16("cipher");
if (prefix == 0)