tpkt: don't have the heuristic enforce TPKT dissecting

Most RDP connections starts with TPKT and then switch to TLS, so enforcing TPKT for the whole conversation makes the decoding fail.
author: David Fort <contact@hardening-consulting.com> 2022-11-09 15:26:37 +0100
committer: Alexis La Goutte <alexis.lagoutte@gmail.com> 2022-12-14 12:00:47 +0000
commit: bf158b3e4105a6e159ed570211d2f826e951083d (patch)
tree: ecd8acac7964c4df2e9937d1abe236002c89250e /epan/dissectors/packet-tpkt.c
parent: d90d525dd70c9234c08cc01e86151448d9890041 (diff)
1 files changed, 0 insertions, 4 deletions
diff --git a/epan/dissectors/packet-tpkt.c b/epan/dissectors/packet-tpkt.c
index 41635cb5ac..ae602bfba2 100644
--- a/epan/dissectors/packet-tpkt.c
+++ b/epan/dissectors/packet-tpkt.c
@@ -594,8 +594,6 @@ dissect_ascii_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* da
 static int
 dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 {
-    conversation_t    *conversation;
-
     if (is_tpkt(tvb, 0) == -1) {
         /* Doesn't look like TPKT directly. Might be over TLS, so reject
          * and let the TLS heuristic dissector take a look
@@ -603,8 +601,6 @@ dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *dat
         return 0;
     }
 
-    conversation = find_or_create_conversation(pinfo);
-    conversation_set_dissector(conversation, tpkt_handle);
     return dissect_tpkt(tvb, pinfo, tree, data);
 }
author	David Fort <contact@hardening-consulting.com>	2022-11-09 15:26:37 +0100
committer	Alexis La Goutte <alexis.lagoutte@gmail.com>	2022-12-14 12:00:47 +0000
commit	bf158b3e4105a6e159ed570211d2f826e951083d (patch)
tree	ecd8acac7964c4df2e9937d1abe236002c89250e /epan/dissectors/packet-tpkt.c
parent	d90d525dd70c9234c08cc01e86151448d9890041 (diff)