From cf839c931f90253afcc27f00ee159fe880f1a92a Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Fri, 1 May 2015 15:12:47 +0200
Subject: [PATCH] tls: force 'raw' reassembly after each record

Trigger raw reassembly after each record and after the handshake.
---
 src/app-layer-ssl.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index fc7583b1d0..d980b00abd 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -897,6 +897,9 @@ static int SSLv3Decode(uint8_t direction, SSLState *ssl_state,
                 if (ssl_state->curr_connp->bytes_processed == ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) {
                     SSLParserReset(ssl_state);
                 }
+
+                SCLogDebug("trigger RAW! (post HS)");
+                AppLayerParserTriggerRawStreamReassembly(ssl_state->f);
                 return parsed;
             }
 
@@ -920,6 +923,10 @@ static int SSLv3Decode(uint8_t direction, SSLState *ssl_state,
             AppLayerDecoderEventsSetEvent(ssl_state->f, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
             return -1;
         }
+
+        SCLogDebug("record complete, trigger RAW");
+        AppLayerParserTriggerRawStreamReassembly(ssl_state->f);
+
         /* looks like we have another record */
         uint32_t diff = ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN - ssl_state->curr_connp->bytes_processed;
         parsed += diff;