diff options
| -rw-r--r-- | epan/dissectors/packet-tls.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/epan/dissectors/packet-tls.c b/epan/dissectors/packet-tls.c index 81abc9586f..7eededcbe7 100644 --- a/epan/dissectors/packet-tls.c +++ b/epan/dissectors/packet-tls.c @@ -1111,6 +1111,22 @@ process_ssl_payload(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, SslSession *session, dissector_handle_t app_handle_port); +static guint32 +tls_msp_frament_id(struct tcp_multisegment_pdu *msp) +{ + /* + * If a frame contains multiple appdata PDUs, then "first_frame" is not + * sufficient to uniquely identify groups of fragments. Therefore include + * seq (the position of the initial fragment in the TLS stream) in the ID. + * As a frame most likely does not have multiple PDUs (except maybe for + * HTTP2), just let 'seq' contibute only a few bits. + */ + guint32 id = msp->first_frame; + id ^= (msp->seq & 0xff) << 24; + id ^= (msp->seq & 0xff00) << 16; + return id; +} + static void desegment_ssl(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 seq, guint32 nxtseq, @@ -1197,7 +1213,7 @@ again: } ipfd_head = fragment_add(&ssl_reassembly_table, tvb, offset, - pinfo, msp->first_frame, NULL, + pinfo, tls_msp_frament_id(msp), NULL, seq - msp->seq, len, (LT_SEQ (nxtseq,msp->nxtpdu))); @@ -1469,7 +1485,7 @@ again: /* add this segment as the first one for this new pdu */ fragment_add(&ssl_reassembly_table, tvb, deseg_offset, - pinfo, msp->first_frame, NULL, + pinfo, tls_msp_frament_id(msp), NULL, 0, nxtseq - deseg_seq, LT_SEQ(nxtseq, msp->nxtpdu)); } |