decode/tcp: accept TCP fast open cookie request

author Victor Julien <victor@inliniac.net>

Thu, 12 Dec 2019 14:57:29 +0000 (15:57 +0100)

committer Victor Julien <victor@inliniac.net>

Fri, 13 Dec 2019 10:19:42 +0000 (11:19 +0100)
author Victor Julien <victor@inliniac.net>
Thu, 12 Dec 2019 14:57:29 +0000 (15:57 +0100)
committer Victor Julien <victor@inliniac.net>
Fri, 13 Dec 2019 10:19:42 +0000 (11:19 +0100)
diff --git a/src/decode-tcp.c b/src/decode-tcp.c

index 0d464bbe7b08cbfb78b31647bf7315a1b44a4a3c..e3824d33515892bbc27fda4ef1904410a09ee14e 100644 (file)
--- a/src/decode-tcp.c
+++ b/src/decode-tcp.c
@@ -154,9 +154,10 @@ static void DecodeTCPOptions(Packet *p, const uint8_t *pkt, uint16_t pktlen)
                      break;
                  case TCP_OPT_TFO:
                      SCLogDebug("TFO option, len %u", olen);
-                    if (olen < TCP_OPT_TFO_MIN_LEN ||
+                    if ((olen != 2) &&
+                           (olen < TCP_OPT_TFO_MIN_LEN ||
                              olen > TCP_OPT_TFO_MAX_LEN ||
-                            !((olen - 2) % 8 == 0))
+                            !((olen - 2) % 8 == 0)))
                      {
                          ENGINE_SET_EVENT(p,TCP_OPT_INVALID_LEN);
                      } else {
author	Victor Julien <victor@inliniac.net>
	Thu, 12 Dec 2019 14:57:29 +0000 (15:57 +0100)
committer	Victor Julien <victor@inliniac.net>
	Fri, 13 Dec 2019 10:19:42 +0000 (11:19 +0100)