From b2e80a0f661942dc2ee1899417039954c1856187 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Sun, 26 Oct 2014 10:07:15 +0100
Subject: [PATCH] stream: improve tracking with pkt loss in async

If 3whs SYN/ACK and ACK are missing we can still pick up the session if
in async-oneside mode.

-> syn
<- syn/ack <= missing
-> ack     <= missing
-> data

Bug 1190.
---
 src/stream-tcp.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index dcde855a5f..844d8e1763 100644
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -1501,8 +1501,11 @@ static int StreamTcpPacketStateSynSent(ThreadVars *tv, Packet *p,
                 ,ssn, TCP_GET_SEQ(p), p->payload_len, TCP_GET_SEQ(p)
                 + p->payload_len, ssn->client.next_seq);
 
-        ssn->client.wscale = TCP_WSCALE_MAX;
-        ssn->server.wscale = TCP_WSCALE_MAX;
+        /* if SYN had wscale, assume it to be supported. Otherwise
+         * we know it not to be supported. */
+        if (ssn->flags & STREAMTCP_FLAG_SERVER_WSCALE) {
+            ssn->client.wscale = TCP_WSCALE_MAX;
+        }
 
         /* Set the timestamp values used to validate the timestamp of
          * received packets.*/
@@ -1521,6 +1524,9 @@ static int StreamTcpPacketStateSynSent(ThreadVars *tv, Packet *p,
             ssn->flags |= STREAMTCP_FLAG_SACKOK;
         }
 
+        StreamTcpReassembleHandleSegment(tv, stt->ra_ctx, ssn,
+                &ssn->client, p, pq);
+
     } else {
         SCLogDebug("ssn %p: default case", ssn);
     }
-- 
2.47.2