stream: improve first FIN next_seq update

For accepted FIN packets, always update next_seq. This helps track the
FIN sequence.

Bug: #5877.
(cherry picked from commit 551fb80150c6b07183771e455a30f38953298fff)

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index 4949673928da6536d32cebed9a6643e83493d315..2755aec6f57006a5b95c104b5218909fc8bf16fd 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -2824,8 +2824,8 @@ static int StreamTcpHandleFin(ThreadVars *tv, StreamTcpThread *stt,
         StreamTcpPacketSetState(p, ssn, TCP_CLOSE_WAIT);
         SCLogDebug("ssn %p: state changed to TCP_CLOSE_WAIT", ssn);
 
-        if (SEQ_EQ(TCP_GET_SEQ(p), ssn->client.next_seq))
-            ssn->client.next_seq = TCP_GET_SEQ(p) + p->payload_len;
+        /* if we accept the FIN, next_seq needs to reflect the FIN */
+        ssn->client.next_seq = TCP_GET_SEQ(p) + p->payload_len;
 
         SCLogDebug("ssn %p: ssn->client.next_seq %" PRIu32 "", ssn,
                     ssn->client.next_seq);
@@ -2872,11 +2872,10 @@ static int StreamTcpHandleFin(ThreadVars *tv, StreamTcpThread *stt,
         StreamTcpPacketSetState(p, ssn, TCP_FIN_WAIT1);
         SCLogDebug("ssn %p: state changed to TCP_FIN_WAIT1", ssn);
 
-        if (SEQ_EQ(TCP_GET_SEQ(p), ssn->server.next_seq))
-            ssn->server.next_seq = TCP_GET_SEQ(p) + p->payload_len + 1;
+        /* if we accept the FIN, next_seq needs to reflect the FIN */
+        ssn->server.next_seq = TCP_GET_SEQ(p) + p->payload_len + 1;
+        SCLogDebug("ssn %p: ssn->server.next_seq %" PRIu32 " updated", ssn, ssn->server.next_seq);
 
-        SCLogDebug("ssn %p: ssn->server.next_seq %" PRIu32 "", ssn,
-                    ssn->server.next_seq);
         ssn->client.window = TCP_GET_WINDOW(p) << ssn->client.wscale;
 
         if (ssn->flags & STREAMTCP_FLAG_TIMESTAMP) {