diff options
Diffstat (limited to 'decoders/tls')
| -rw-r--r-- | decoders/tls/tls_decoder.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/decoders/tls/tls_decoder.c b/decoders/tls/tls_decoder.c index 2b084cc..858a950 100644 --- a/decoders/tls/tls_decoder.c +++ b/decoders/tls/tls_decoder.c @@ -1369,9 +1369,15 @@ void tls_tcp_stream_data_cb(struct session *sess, enum session_state sess_state, if(per_ss_ctx==NULL) { per_ss_ctx=(struct tls_decoder_context *)CALLOC(struct tls_decoder_context, 1); + per_ss_ctx->is_tls_protocol=TLS_DECODER_CONTINUE; session_set_exdata(sess, plugin_env->exdata_idx, (void *)per_ss_ctx); } + if(per_ss_ctx->is_tls_protocol==TLS_DECODER_FALSE) + { + return ; + } + // fragment: 1: less than TLS_RECORD_HEADER_SZ; 2: less than the length of the message; 3: multiple record messages if(is_clean_record_trunk(&(per_ss_ctx->record_trunk))) { @@ -1438,8 +1444,7 @@ void tls_tcp_stream_data_cb(struct session *sess, enum session_state sess_state, offset+=record_hdr.total_len; if(per_ss_ctx->is_tls_protocol!=TLS_DECODER_TRUE && per_ss_ctx->identify_pkt_count++>=plugin_env->max_identify_pkt) { - //TODO: - // stellar_session_plugin_dettach_current_session(sess); + per_ss_ctx->is_tls_protocol=TLS_DECODER_FALSE; return ; } break; |