diff options
| author | luwenpeng <[email protected]> | 2023-11-20 14:28:20 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2023-11-20 14:52:56 +0800 |
| commit | a63b66fe142b6949fbaf1dcd20d4cb06a0a0992f (patch) | |
| tree | 93b5416c169222bc8841d9966f080a69d8eeb143 | |
| parent | f4e719a78b2498e5a78305f30d3b2bcd5db122ef (diff) | |
bugfix: Decrypted traffic TCP handshake packet invalid direction
| -rw-r--r-- | common/src/tfe_packet_io.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/common/src/tfe_packet_io.cpp b/common/src/tfe_packet_io.cpp index a7cae4d..aae8f87 100644 --- a/common/src/tfe_packet_io.cpp +++ b/common/src/tfe_packet_io.cpp @@ -934,7 +934,7 @@ static void set_passthrough_reason(struct tfe_cmsg *cmsg, char *reason) } typedef int tcp_handshake_fn(struct tcp_restore_info *info, struct ether_addr *client_mac, struct ether_addr *server_mac, char *buffer, int size); -static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct tcp_restore_info *info, uint64_t session_id, int c2s_is_e2i_dir) +static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct tcp_restore_info *info, uint64_t session_id, struct route_ctx *c2s_route_ctx, struct route_ctx *s2c_route_ctx) { struct acceptor_kni_v4 *acceptor_ctx = thread->ref_acceptor_ctx; struct packet_io *packet_io = thread->ref_io; @@ -968,10 +968,10 @@ static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct { case 0: /* fail through */ case 2: - meta.is_e2i_dir = c2s_is_e2i_dir; + route_ctx_copy(&meta.route_ctx, c2s_route_ctx); break; case 1: - meta.is_e2i_dir = !c2s_is_e2i_dir; + route_ctx_copy(&meta.route_ctx, s2c_route_ctx); break; } packet_io_set_metadata(tx_buffs[i], &meta, logger); @@ -1082,7 +1082,7 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser (STREAM_PROTO_SSL == (enum tfe_stream_proto)stream_protocol_in_char && thread->ref_proxy->traffic_steering_options.enable_steering_ssl) || enable_decrypted_traffic_steering == 1) { - packet_io_send_fake_pkt(thread, &restore_info, meta->session_id, meta->is_e2i_dir); + packet_io_send_fake_pkt(thread, &restore_info, meta->session_id, &parser->seq_route_ctx, &parser->ack_route_ctx); fd_fake_c = tfe_tcp_restore_fd_create(&(restore_info.client), &(restore_info.server), thread->ref_proxy->traffic_steering_options.device_client, thread->ref_proxy->traffic_steering_options.so_mask_client); if (fd_fake_c < 0) |