From: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Fri, 4 Nov 2016 19:39:53 +0000 (-0400)
Subject: Merge pull request #697 in SNORT/snort3 from tcp_sm_fix to master
X-Git-Tag: 3.0.0-233~200
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3ca4b2b32b82e251ca7acb682cdfdc7455bdabe5;p=thirdparty%2Fsnort3.git

Merge pull request #697 in SNORT/snort3 from tcp_sm_fix to master

Squashed commit of the following:

commit 529f3a9783c2f504b3be340b00b8ed35161adc85
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Oct 12 16:56:13 2016 -0400

    Tcp State Machine fixes
---

diff --git a/src/stream/tcp/tcp_state_fin_wait1.cc b/src/stream/tcp/tcp_state_fin_wait1.cc
index 65b3a2fd7..36eb424f2 100644
--- a/src/stream/tcp/tcp_state_fin_wait1.cc
+++ b/src/stream/tcp/tcp_state_fin_wait1.cc
@@ -119,7 +119,8 @@ bool TcpStateFinWait1::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk
     trk.update_tracker_ack_recv(tsd);
     if ( trk.update_on_fin_recv(tsd) )
     {
-        if ( check_for_window_slam(tsd, trk) )
+        bool is_ack_valid = false;
+        if ( check_for_window_slam(tsd, trk, &is_ack_valid) )
         {
             if ( tsd.get_seg_len() > 0 )
                 trk.session->handle_data_segment(tsd);
@@ -127,7 +128,10 @@ bool TcpStateFinWait1::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk
             if ( !flow->two_way_traffic() )
                 trk.set_tf_flags(TF_FORCE_FLUSH);
 
-            trk.set_tcp_state(TcpStreamTracker::TCP_TIME_WAIT);
+            if ( is_ack_valid )
+                trk.set_tcp_state(TcpStreamTracker::TCP_TIME_WAIT);
+            else
+                trk.set_tcp_state(TcpStreamTracker::TCP_CLOSING);
         }
     }
 
@@ -160,7 +164,7 @@ bool TcpStateFinWait1::rst_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk
     return default_state_action(tsd, trk);
 }
 
-bool TcpStateFinWait1::check_for_window_slam(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
+bool TcpStateFinWait1::check_for_window_slam(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk, bool* is_ack_valid)
 {
     DebugFormat(DEBUG_STREAM_STATE, "tsd.ack %X >= listener->snd_nxt %X\n",
         tsd.get_seg_ack(), trk.get_snd_nxt());
@@ -181,7 +185,11 @@ bool TcpStateFinWait1::check_for_window_slam(TcpSegmentDescriptor& tsd, TcpStrea
         }
 
         trk.set_tcp_state(TcpStreamTracker::TCP_FIN_WAIT2);
+        if ( is_ack_valid )
+            *is_ack_valid = true;
     }
+    else if ( is_ack_valid )
+        *is_ack_valid = false;
 
     return true;
 }
diff --git a/src/stream/tcp/tcp_state_fin_wait1.h b/src/stream/tcp/tcp_state_fin_wait1.h
index 3a08e19c0..f7cbe268b 100644
--- a/src/stream/tcp/tcp_state_fin_wait1.h
+++ b/src/stream/tcp/tcp_state_fin_wait1.h
@@ -49,7 +49,7 @@ public:
     bool do_post_sm_packet_actions(TcpSegmentDescriptor&, TcpStreamTracker&) override;
 
 private:
-    bool check_for_window_slam(TcpSegmentDescriptor&, TcpStreamTracker&);
+    bool check_for_window_slam(TcpSegmentDescriptor&, TcpStreamTracker&, bool* is_ack_valid = nullptr);
 };
 
 #endif