From: Victor Julien Date: Wed, 27 Mar 2024 08:31:06 +0000 (+0100) Subject: decode/tcp: reduce space needed for tracking TFO X-Git-Tag: suricata-8.0.0-beta1~1398 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6cab2480e570b900e841e4ce68c35132bbd0ce5f;p=thirdparty%2Fsuricata.git decode/tcp: reduce space needed for tracking TFO Part of effort to make Packet more compact. Ticket: #6938. --- diff --git a/src/decode-tcp.c b/src/decode-tcp.c index 9d2193836b..8ad96748c4 100644 --- a/src/decode-tcp.c +++ b/src/decode-tcp.c @@ -156,10 +156,10 @@ static void DecodeTCPOptions(Packet *p, const uint8_t *pkt, uint16_t pktlen) !(((olen - 2) & 0x1) == 0))) { ENGINE_SET_EVENT(p,TCP_OPT_INVALID_LEN); } else { - if (p->tcpvars.tfo.type != 0) { + if (p->tcpvars.tfo_set) { ENGINE_SET_EVENT(p,TCP_OPT_DUPLICATE); } else { - SET_OPTS(p->tcpvars.tfo, tcp_opts[tcp_opt_cnt]); + p->tcpvars.tfo_set = true; } } break; @@ -170,11 +170,10 @@ static void DecodeTCPOptions(Packet *p, const uint8_t *pkt, uint16_t pktlen) if (olen == 4 || olen == 12) { uint16_t magic = SCNtohs(*(uint16_t *)tcp_opts[tcp_opt_cnt].data); if (magic == 0xf989) { - if (p->tcpvars.tfo.type != 0) { + if (p->tcpvars.tfo_set) { ENGINE_SET_EVENT(p,TCP_OPT_DUPLICATE); } else { - SET_OPTS(p->tcpvars.tfo, tcp_opts[tcp_opt_cnt]); - p->tcpvars.tfo.type = TCP_OPT_TFO; // treat as regular TFO + p->tcpvars.tfo_set = true; } } } else { diff --git a/src/decode-tcp.h b/src/decode-tcp.h index cb3fb73734..93d482bedd 100644 --- a/src/decode-tcp.h +++ b/src/decode-tcp.h @@ -94,7 +94,7 @@ #define TCP_HAS_SACK(p) ((p)->tcpvars.sack.type == TCP_OPT_SACK) #define TCP_HAS_TS(p) ((p)->tcpvars.ts_set) #define TCP_HAS_MSS(p) ((p)->tcpvars.mss_set) -#define TCP_HAS_TFO(p) ((p)->tcpvars.tfo.type == TCP_OPT_TFO) +#define TCP_HAS_TFO(p) ((p)->tcpvars.tfo_set) /** macro for getting the wscale from the packet. */ #define TCP_GET_WSCALE(p) (TCP_HAS_WSCALE((p)) ? \ @@ -159,13 +159,13 @@ typedef struct TCPVars_ bool ts_set; bool sack_ok; bool mss_set; + bool tfo_set; uint16_t mss; /**< MSS value in host byte order */ uint32_t ts_val; /* host-order */ uint32_t ts_ecr; /* host-order */ uint16_t stream_pkt_flags; TCPOpt sack; TCPOpt ws; - TCPOpt tfo; /* tcp fast open */ } TCPVars; #define CLEAR_TCP_PACKET(p) \ diff --git a/src/stream-tcp.c b/src/stream-tcp.c index 316f47ef83..d42d990a89 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -1366,8 +1366,9 @@ static int StreamTcpPacketStateNone( ssn->flags |= STREAMTCP_FLAG_TCP_FAST_OPEN; if (p->payload_len) { StreamTcpUpdateNextSeq(ssn, &ssn->client, (ssn->client.next_seq + p->payload_len)); - SCLogDebug("ssn: %p (TFO) [len: %d] isn %u base_seq %u next_seq %u payload len %u", - ssn, p->tcpvars.tfo.len, ssn->client.isn, ssn->client.base_seq, ssn->client.next_seq, p->payload_len); + SCLogDebug("ssn: %p (TFO) isn %u base_seq %u next_seq %u payload len %u", ssn, + ssn->client.isn, ssn->client.base_seq, ssn->client.next_seq, + p->payload_len); StreamTcpReassembleHandleSegment(tv, stt->ra_ctx, ssn, &ssn->client, p); } }