diff options
author | David Fort <contact@hardening-consulting.com> | 2022-11-09 15:26:37 +0100 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2022-12-14 12:00:47 +0000 |
commit | bf158b3e4105a6e159ed570211d2f826e951083d (patch) | |
tree | ecd8acac7964c4df2e9937d1abe236002c89250e /epan/dissectors/packet-tpkt.c | |
parent | d90d525dd70c9234c08cc01e86151448d9890041 (diff) |
tpkt: don't have the heuristic enforce TPKT dissecting
Most RDP connections starts with TPKT and then switch to TLS, so enforcing TPKT
for the whole conversation makes the decoding fail.
Diffstat (limited to 'epan/dissectors/packet-tpkt.c')
-rw-r--r-- | epan/dissectors/packet-tpkt.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/epan/dissectors/packet-tpkt.c b/epan/dissectors/packet-tpkt.c index 41635cb5ac..ae602bfba2 100644 --- a/epan/dissectors/packet-tpkt.c +++ b/epan/dissectors/packet-tpkt.c @@ -594,8 +594,6 @@ dissect_ascii_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* da static int dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) { - conversation_t *conversation; - if (is_tpkt(tvb, 0) == -1) { /* Doesn't look like TPKT directly. Might be over TLS, so reject * and let the TLS heuristic dissector take a look @@ -603,8 +601,6 @@ dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *dat return 0; } - conversation = find_or_create_conversation(pinfo); - conversation_set_dissector(conversation, tpkt_handle); return dissect_tpkt(tvb, pinfo, tree, data); } |