app-layer: fix protocol detection bail conditions for TCP fastopen

author Victor Julien <victor@inliniac.net>

Tue, 21 Apr 2020 08:52:04 +0000 (10:52 +0200)

committer Victor Julien <victor@inliniac.net>

Thu, 23 Apr 2020 18:54:55 +0000 (20:54 +0200)
author Victor Julien <victor@inliniac.net>
Tue, 21 Apr 2020 08:52:04 +0000 (10:52 +0200)
committer Victor Julien <victor@inliniac.net>
Thu, 23 Apr 2020 18:54:55 +0000 (20:54 +0200)
diff --git a/src/app-layer.c b/src/app-layer.c

index e69db23cf9f9b6599dd7025d035cf1dfe3988950..0be5acf6119c438a3f6d653cecf8b5ae0ec7c361 100644 (file)
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -198,6 +198,11 @@ static void DisableAppLayer(ThreadVars *tv, Flow *f, Packet *p)
  static void TCPProtoDetectCheckBailConditions(ThreadVars *tv,
          Flow *f, TcpSession *ssn, Packet *p)
  {
+    if (ssn->state < TCP_ESTABLISHED) {
+        SCLogDebug("skip as long as TCP is not ESTABLISHED (TCP fast open)");
+        return;
+    }
+
      uint32_t size_ts = ssn->client.last_ack - ssn->client.isn - 1;
      uint32_t size_tc = ssn->server.last_ack - ssn->server.isn - 1;
      SCLogDebug("size_ts %u, size_tc %u", size_ts, size_tc);
author	Victor Julien <victor@inliniac.net>
	Tue, 21 Apr 2020 08:52:04 +0000 (10:52 +0200)
committer	Victor Julien <victor@inliniac.net>
	Thu, 23 Apr 2020 18:54:55 +0000 (20:54 +0200)