diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:40:56 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:40:56 +0000 |
commit | c248d29056abbc1fc4c5dc178bab48fb8d2c1fcb (patch) | |
tree | 4a13fc30604509224504e1911bc976e5df7bdf05 /htp/htp_connection_parser_private.h | |
parent | Initial commit. (diff) | |
download | libhtp-upstream/1%0.5.47.tar.xz libhtp-upstream/1%0.5.47.zip |
Adding upstream version 1:0.5.47.upstream/1%0.5.47
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'htp/htp_connection_parser_private.h')
-rw-r--r-- | htp/htp_connection_parser_private.h | 275 |
1 files changed, 275 insertions, 0 deletions
diff --git a/htp/htp_connection_parser_private.h b/htp/htp_connection_parser_private.h new file mode 100644 index 0000000..a055aa8 --- /dev/null +++ b/htp/htp_connection_parser_private.h @@ -0,0 +1,275 @@ +/*************************************************************************** + * Copyright (c) 2009-2010 Open Information Security Foundation + * Copyright (c) 2010-2013 Qualys, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + + * - Neither the name of the Qualys, Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + ***************************************************************************/ + +/** + * @file + * @author Ivan Ristic <ivanr@webkreator.com> + */ + +#ifndef HTP_CONNECTION_PARSER_PRIVATE_H +#define HTP_CONNECTION_PARSER_PRIVATE_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "htp_core.h" + +/** + * Connection parser structure. + */ +struct htp_connp_t { + + // General fields + + /** Current parser configuration structure. */ + htp_cfg_t *cfg; + + /** The connection structure associated with this parser. */ + htp_conn_t *conn; + + /** Opaque user data associated with this parser. */ + const void *user_data; + + /** + * On parser failure, this field will contain the error information. Do note, however, + * that the value in this field will only be valid immediately after an error condition, + * but it is not guaranteed to remain valid if the parser is invoked again. + */ + htp_log_t *last_error; + + + // Request parser fields + + /** Parser inbound status. Starts as HTP_OK, but may turn into HTP_ERROR. */ + enum htp_stream_state_t in_status; + + /** Parser output status. Starts as HTP_OK, but may turn into HTP_ERROR. */ + enum htp_stream_state_t out_status; + + /** + * When true, this field indicates that there is unprocessed inbound data, and + * that the response parsing code should stop at the end of the current request + * in order to allow more requests to be produced. + */ + unsigned int out_data_other_at_tx_end; + + /** + * The time when the last request data chunk was received. Can be NULL if + * the upstream code is not providing the timestamps when calling us. + */ + htp_time_t in_timestamp; + + /** Pointer to the current request data chunk. */ + unsigned char *in_current_data; + + /** The length of the current request data chunk. */ + int64_t in_current_len; + + /** The offset of the next byte in the request data chunk to read. */ + int64_t in_current_read_offset; + + /** + * The starting point of the data waiting to be consumed. This field is used + * in the states where reading data is not the same as consumption. + */ + int64_t in_current_consume_offset; + + /** + * Marks the starting point of raw data within the inbound data chunk. Raw + * data (e.g., complete headers) is sent to appropriate callbacks (e.g., + * REQUEST_HEADER_DATA). + */ + int64_t in_current_receiver_offset; + + /** How many data chunks does the inbound connection stream consist of? */ + size_t in_chunk_count; + + /** The index of the first chunk used in the current request. */ + size_t in_chunk_request_index; + + /** The offset, in the entire connection stream, of the next request byte. */ + int64_t in_stream_offset; + + /** + * The value of the request byte currently being processed. This field is + * populated when the IN_NEXT_* or IN_PEEK_* macros are invoked. + */ + int in_next_byte; + + /** Used to buffer a line of inbound data when buffering cannot be avoided. */ + unsigned char *in_buf; + + /** Stores the size of the buffer. Valid only when htp_tx_t::in_buf is not NULL. */ + size_t in_buf_size; + + /** + * Stores the current value of a folded request header. Such headers span + * multiple lines, and are processed only when all data is available. + */ + bstr *in_header; + + /** Ongoing inbound transaction. */ + htp_tx_t *in_tx; + + /** + * The request body length declared in a valid request header. The key here + * is "valid". This field will not be populated if the request contains both + * a Transfer-Encoding header and a Content-Length header. + */ + int64_t in_content_length; + + /** + * Holds the remaining request body length that we expect to read. This + * field will be available only when the length of a request body is known + * in advance, i.e. when request headers contain a Content-Length header. + */ + int64_t in_body_data_left; + + /** + * Holds the amount of data that needs to be read from the + * current data chunk. Only used with chunked request bodies. + */ + int64_t in_chunked_length; + + /** Current request parser state. */ + int (*in_state)(htp_connp_t *); + + /** Previous request parser state. Used to detect state changes. */ + int (*in_state_previous)(htp_connp_t *); + + /** The hook that should be receiving raw connection data. */ + htp_hook_t *in_data_receiver_hook; + + // Response parser fields + + /** + * Response counter, incremented with every new response. This field is + * used to match responses to requests. The expectation is that for every + * response there will already be a transaction (request) waiting. + */ + size_t out_next_tx_index; + + /** The time when the last response data chunk was received. Can be NULL. */ + htp_time_t out_timestamp; + + /** Pointer to the current response data chunk. */ + unsigned char *out_current_data; + + /** The length of the current response data chunk. */ + int64_t out_current_len; + + /** The offset of the next byte in the response data chunk to consume. */ + int64_t out_current_read_offset; + + /** + * The starting point of the data waiting to be consumed. This field is used + * in the states where reading data is not the same as consumption. + */ + int64_t out_current_consume_offset; + + /** + * Marks the starting point of raw data within the outbound data chunk. Raw + * data (e.g., complete headers) is sent to appropriate callbacks (e.g., + * RESPONSE_HEADER_DATA). + */ + int64_t out_current_receiver_offset; + + /** The offset, in the entire connection stream, of the next response byte. */ + int64_t out_stream_offset; + + /** The value of the response byte currently being processed. */ + int out_next_byte; + + /** Used to buffer a line of outbound data when buffering cannot be avoided. */ + unsigned char *out_buf; + + /** Stores the size of the buffer. Valid only when htp_tx_t::out_buf is not NULL. */ + size_t out_buf_size; + + /** + * Stores the current value of a folded response header. Such headers span + * multiple lines, and are processed only when all data is available. + */ + bstr *out_header; + + /** Ongoing outbound transaction */ + htp_tx_t *out_tx; + + /** + * The length of the current response body as presented in the + * Content-Length response header. + */ + int64_t out_content_length; + + /** The remaining length of the current response body, if known. Set to -1 otherwise. */ + int64_t out_body_data_left; + + /** + * Holds the amount of data that needs to be read from the + * current response data chunk. Only used with chunked response bodies. + */ + int64_t out_chunked_length; + + /** Current response parser state. */ + int (*out_state)(htp_connp_t *); + + /** Previous response parser state. */ + int (*out_state_previous)(htp_connp_t *); + + /** The hook that should be receiving raw connection data. */ + htp_hook_t *out_data_receiver_hook; + + /** Response decompressor used to decompress response body data. */ + htp_decompressor_t *out_decompressor; + + /** On a PUT request, this field contains additional file data. */ + htp_file_t *put_file; + + /** Request decompressor used to decompress request body data. */ + htp_decompressor_t *req_decompressor; +}; + +/** + * This function is most likely not used and/or not needed. + * + * @param[in] connp + */ +void htp_connp_in_reset(htp_connp_t *connp); + +#ifdef __cplusplus +} +#endif + +#endif /* HTP_CONNECTION_PARSER_PRIVATE_H */ + |