From cbb4f2d731c13e3d267acd25b3a9f17cc1a79fe6 Mon Sep 17 00:00:00 2001
From: longqiang <lqking7735@163.com>
Date: Thu, 15 Jun 2023 22:09:52 +0800
Subject: [PATCH 1/2] If Handshake does not appear in the first, TLS cannot be
 recognized

---
 sslscan.c | 43 ++++++++++++++++++++++++++++++-------------
 1 file changed, 30 insertions(+), 13 deletions(-)

diff --git a/sslscan.c b/sslscan.c
index 625d396..0ef7858 100644
--- a/sslscan.c
+++ b/sslscan.c
@@ -4779,6 +4779,16 @@ void bs_append_bs(bs *dst, bs *src) {
   bs_append_bytes(dst, src->buf, src->len);
 }
 
+/* Returns the number of bytes in this byte string. */
+size_t bs_reset(bs *b) {
+  if (b == NULL)
+    return 0;
+
+  b->len = 0;
+
+  return 0;
+}
+
 /* Returns the number of bytes in this byte string. */
 size_t bs_get_len(bs *b) {
   if (b == NULL)
@@ -5285,24 +5295,31 @@ void tlsExtensionAddDefaultKeyShare(bs *tls_extensions) {
 /* Retrieves a TLS Handshake record, or returns NULL on error. */
 bs *getTLSHandshakeRecord(int s) {
   bs *tls_record = NULL;
+  unsigned char type;
   bs_new_size(&tls_record, 512);
 
-  /* Read in the first 5 bytes to get the length of the rest of the record. */
-  int err = bs_read_socket(tls_record, s, 5);
-  if (err != 0)
-    goto err;
+  while (1) {
+      /* Read in the first 5 bytes to get the length of the rest of the record. */
+      int err = bs_read_socket(tls_record, s, 5);
+      if (err != 0)
+        goto err;
 
-  /* Ensure that the Content Type is Handshake (22). */
-  if (bs_get_byte(tls_record, 0) != 0x16)
-    goto err;
+      type = bs_get_byte(tls_record, 0);
 
-  /* Get the length of the record. */
-  unsigned short packet_len = (bs_get_byte(tls_record, 3) << 8) | bs_get_byte(tls_record, 4);
+      /* Get the length of the record. */
+      unsigned short packet_len = (bs_get_byte(tls_record, 3) << 8) | bs_get_byte(tls_record, 4);
 
-  /* Read in the rest of the record. */
-  err = bs_read_socket(tls_record, s, packet_len);
-  if (err != 0)
-    goto err;
+      /* Read in the rest of the record. */
+      err = bs_read_socket(tls_record, s, packet_len);
+      if (err != 0)
+        goto err;
+
+      /* Find that the Content Type is Handshake (22). */
+      if (type == 0x16)
+        break;
+
+      bs_reset(tls_record);
+  }
 
   return tls_record;
 

From 8cdbcf685dd0a78cf441334d0766a81b738975c2 Mon Sep 17 00:00:00 2001
From: longqiang <lqking7735@163.com>
Date: Fri, 16 Jun 2023 06:20:59 +0800
Subject: [PATCH 2/2] code style

---
 sslscan.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/sslscan.c b/sslscan.c
index 0ef7858..2075e55 100644
--- a/sslscan.c
+++ b/sslscan.c
@@ -5295,7 +5295,6 @@ void tlsExtensionAddDefaultKeyShare(bs *tls_extensions) {
 /* Retrieves a TLS Handshake record, or returns NULL on error. */
 bs *getTLSHandshakeRecord(int s) {
   bs *tls_record = NULL;
-  unsigned char type;
   bs_new_size(&tls_record, 512);
 
   while (1) {
@@ -5304,8 +5303,6 @@ bs *getTLSHandshakeRecord(int s) {
       if (err != 0)
         goto err;
 
-      type = bs_get_byte(tls_record, 0);
-
       /* Get the length of the record. */
       unsigned short packet_len = (bs_get_byte(tls_record, 3) << 8) | bs_get_byte(tls_record, 4);
 
@@ -5315,7 +5312,7 @@ bs *getTLSHandshakeRecord(int s) {
         goto err;
 
       /* Find that the Content Type is Handshake (22). */
-      if (type == 0x16)
+      if (bs_get_byte(tls_record, 0) == 0x16)
         break;
 
       bs_reset(tls_record);