Greg, I was in the book store for a while deciding to go for the Rescorla's or Thomas. I got the Thomas book, damn. Any info regarding the protocol would be helpful as I am getting nowhere with this Netscape LDAP stuff, even the messages from it are completely screwed. Tat. Greg Stark wrote: > > Tat, > > This is an SSLv2 backward compatible hello message carried in an SSLv2 > record layer. The first byte 0x80 has the high bit set to1, which signals > that the length of the record should be computed from the remaining 7 bits > of the byte and the next byte, thus the length of the record is 0x5b bytes. > The rest of the message should follow section 4.19 of Rescorla's book, or > section E.1 of RFC2246. > > This kind of client hello message is produced by the > SSLv23_client_method() of OpenSSL > (http://www.openssl.org/docs/ssl/SSL_CTX_new.html#). > > I can't seem to find a description of the SSLv2 record protocol in any > of the TLS or SSLv3 rfc's or draft RFC's. I do have an HTML document that I > scrounged from somewhere (probably sun) describing SSLv2. I'd be glad to > e-mail to anyone or post it to the list. > > _____________________________________ > Greg Stark > Ethentica, Inc. > [EMAIL PROTECTED] > _____________________________________ > > ----- Original Message ----- > From: "Tat Sing Kong" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, February 23, 2001 11:59 AM > Subject: Protocol messages > > > According to my SSL book, a clientHello looks like this: > > > > (decimal values) > > > > 22 3 0 <len> <len> 1 <len> <len> <len> 3 0 <random 32 bytes> <id> > > <session id> <ciphers> <compress> > > > > But what I get from my SSL client is this: > > > > (in hex) > > > > 80 5b 01 03 01 00 42 <random 32 bytes> ... > > > > Which looks nothing like the book says, but it works anyway. > > > > Then with my Netscape LDAP client, the cipher and compress fields are > > completely missing. What gives? > > > > It should be noted that I can't get Netscape LDAP over SSL to work at > > all... > > Tat. > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- +----------------------------------- | Tat Sing Kong Bsc(Hons) | Senior Technical Architect | Consegna Advanced Technologies Ltd | 1st Floor, 30-32 Thomas Street | Manchester, M4 1ER, United Kingdom | http://www.consegna.co.uk | Tel : +44 (0)161 833 3777 (x30) | Fax : +44 (0)161 833 3636 | Email : [EMAIL PROTECTED]
begin:vcard n:Kong;Tat Sing tel;fax:+44 (0)161 833 3636 tel;work:+44 (0)161 833 3777 x-mozilla-html:FALSE url:www.consegna.co.uk org:Consegna Advanced Technlogies Ltd version:2.1 email;internet:[EMAIL PROTECTED] title:Senior Technical Architect adr;quoted-printable:;;1st Floor=0D=0A30-32 Thomas Street=0D=0A;Manchester;;M4 1ER; fn:Tat Sing Kong end:vcard
