From 14d5133b229e78c7281d0069289a87495041bb70 Mon Sep 17 00:00:00 2001
From: Trustin Lee <trustin@gmail.com>
Date: Thu, 1 Mar 2012 11:41:28 -0800
Subject: [PATCH] Fix #160 - Even more strict majorVersion check in SslHandler

---
 src/main/java/org/jboss/netty/handler/ssl/SslHandler.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/jboss/netty/handler/ssl/SslHandler.java b/src/main/java/org/jboss/netty/handler/ssl/SslHandler.java
index a87d7d2f6e..8d7098b4d3 100644
--- a/src/main/java/org/jboss/netty/handler/ssl/SslHandler.java
+++ b/src/main/java/org/jboss/netty/handler/ssl/SslHandler.java
@@ -588,15 +588,15 @@ public class SslHandler extends FrameDecoder
         if (tls) {
             // SSLv3 or TLS - Check ProtocolVersion
             int majorVersion = buffer.getUnsignedByte(buffer.readerIndex() + 1);
-            if (majorVersion >= 3 && majorVersion < 10) {
+            if (majorVersion == 3) {
                 // SSLv3 or TLS
                 packetLength = (getShort(buffer, buffer.readerIndex() + 3) & 0xFFFF) + 5;
                 if (packetLength <= 5) {
-                    // Neither SSLv2 or TLSv1 (i.e. SSLv2 or bad data)
+                    // Neither SSLv3 or TLSv1 (i.e. SSLv2 or bad data)
                     tls = false;
                 }
             } else {
-                // Neither SSLv2 or TLSv1 (i.e. SSLv2 or bad data)
+                // Neither SSLv3 or TLSv1 (i.e. SSLv2 or bad data)
                 tls = false;
             }
         }