Adding upstream version 1:0.5.47.upstream/1%0.5.47

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 353 insertions, 0 deletions

diff --git a/htp/htp_core.h b/htp/htp_core.h
new file mode 100644
index 0000000..e4c933e
--- /dev/null
+++ b/htp/htp_core.h
@@ -0,0 +1,353 @@
+/***************************************************************************
+ * Copyright (c) 2009-2010 Open Information Security Foundation
+ * Copyright (c) 2010-2013 Qualys, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * - Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+
+ * - Neither the name of the Qualys, Inc. nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ ***************************************************************************/
+
+/**
+ * @file
+ * @author Ivan Ristic <ivanr@webkreator.com>
+ */
+
+#ifndef HTP_CORE_H
+#define	HTP_CORE_H
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+typedef int htp_status_t;
+
+typedef struct htp_cfg_t htp_cfg_t;
+typedef struct htp_conn_t htp_conn_t;
+typedef struct htp_connp_t htp_connp_t;
+typedef struct htp_file_t htp_file_t;
+typedef struct htp_file_data_t htp_file_data_t;
+typedef struct htp_header_t htp_header_t;
+typedef struct htp_header_line_t htp_header_line_t;
+typedef struct htp_log_t htp_log_t;
+typedef struct htp_param_t htp_param_t;
+typedef struct htp_tx_data_t htp_tx_data_t;
+typedef struct htp_tx_t htp_tx_t;
+typedef struct htp_uri_t htp_uri_t;
+typedef struct timeval htp_time_t;
+
+// Below are all htp_status_t return codes used by LibHTP. Enum is not
+// used here to allow applications to define their own codes.
+
+/**
+ * The lowest htp_status_t value LibHTP will use internally.
+ */
+#define HTP_ERROR_RESERVED          -1000
+
+/** General-purpose error code. */
+#define HTP_ERROR                   -1
+
+/**
+ * No processing or work was done. This is typically used by callbacks
+ * to indicate that they were not interested in doing any work in the
+ * given context.
+ */
+#define HTP_DECLINED                0
+
+/** Returned by a function when its work was successfully completed. */
+#define HTP_OK                      1
+
+/**
+ * Returned when processing a connection stream, after consuming all
+ * provided data. The caller should call again with more data.
+ */
+#define HTP_DATA                    2
+
+/**
+ * Returned when processing a connection stream, after encountering
+ * a situation where processing needs to continue on the alternate
+ * stream (e.g., the inbound parser needs to observe some outbound
+ * data). The data provided was not completely consumed. On the next
+ * invocation the caller should supply only the data that has not
+ * been processed already. Use htp_connp_req_data_consumed() and
+ * htp_connp_res_data_consumed() to determine how much of the most
+ * recent data chunk was consumed.
+ */
+#define HTP_DATA_OTHER              3
+
+/**
+ * Used by callbacks to indicate that the processing should stop. For example,
+ * returning HTP_STOP from a connection callback indicates that LibHTP should
+ * stop following that particular connection.
+ */
+#define HTP_STOP                    4
+
+/**
+ * Same as HTP_DATA, but indicates that any non-consumed part of the
+ * data chunk should be preserved (buffered) for later.
+ */
+#define HTP_DATA_BUFFER             5
+
+/**
+ * The highest htp_status_t value LibHTP will use internally.
+ */
+#define HTP_STATUS_RESERVED         1000
+
+/**
+ * Enumerates the possible values for authentication type.
+ */
+enum htp_auth_type_t {
+    /**
+     * This is the default value that is used before
+     * the presence of authentication is determined (e.g.,
+     * before request headers are seen).
+     */
+    HTP_AUTH_UNKNOWN = 0,
+
+    /** No authentication. */
+    HTP_AUTH_NONE = 1,
+
+    /** HTTP Basic authentication used. */
+    HTP_AUTH_BASIC = 2,
+
+    /** HTTP Digest authentication used. */
+    HTP_AUTH_DIGEST = 3,
+
+    /** HTTP Digest authentication used. */
+    HTP_AUTH_BEARER = 4,
+
+    /** Unrecognized authentication method. */
+    HTP_AUTH_UNRECOGNIZED = 9
+};
+
+enum htp_content_encoding_t {
+    /**
+     * This is the default value, which is used until the presence
+     * of content encoding is determined (e.g., before request headers
+     * are seen.
+     */
+    HTP_COMPRESSION_UNKNOWN = 0,
+
+    /** No compression. */
+    HTP_COMPRESSION_NONE = 1,
+
+    /** Gzip compression. */
+    HTP_COMPRESSION_GZIP = 2,
+
+    /** Deflate compression. */
+    HTP_COMPRESSION_DEFLATE = 3,
+
+    /** LZMA compression. */
+    HTP_COMPRESSION_LZMA = 4
+};
+
+/**
+ * Enumerates the possible request and response body codings.
+ */
+enum htp_transfer_coding_t {
+    /** Body coding not determined yet. */
+    HTP_CODING_UNKNOWN = 0,
+
+    /** No body. */
+    HTP_CODING_NO_BODY = 1,
+
+    /** Identity coding is used, which means that the body was sent as is. */
+    HTP_CODING_IDENTITY = 2,
+
+    /** Chunked encoding. */
+    HTP_CODING_CHUNKED = 3,
+
+    /** We could not recognize the encoding. */
+    HTP_CODING_INVALID = 4
+};
+
+enum htp_file_source_t {
+
+    HTP_FILE_MULTIPART = 1,
+
+    HTP_FILE_PUT = 2
+};
+
+// Various flag bits. Even though we have a flag field in several places
+// (header, transaction, connection), these fields are all in the same namespace
+// because we may want to set the same flag in several locations. For example, we
+// may set HTP_FIELD_FOLDED on the actual folded header, but also on the transaction
+// that contains the header. Both uses are useful.
+
+// Connection flags are 8 bits wide.
+#define HTP_CONN_PIPELINED                 0x000000001ULL
+#define HTP_CONN_HTTP_0_9_EXTRA            0x000000002ULL
+
+// All other flags are 64 bits wide.
+#define HTP_FIELD_UNPARSEABLE              0x000000004ULL
+#define HTP_FIELD_INVALID                  0x000000008ULL
+#define HTP_FIELD_FOLDED                   0x000000010ULL
+#define HTP_FIELD_REPEATED                 0x000000020ULL
+#define HTP_FIELD_LONG                     0x000000040ULL
+#define HTP_FIELD_RAW_NUL                  0x000000080ULL
+#define HTP_REQUEST_SMUGGLING              0x000000100ULL
+#define HTP_INVALID_FOLDING                0x000000200ULL
+#define HTP_REQUEST_INVALID_T_E            0x000000400ULL
+#define HTP_MULTI_PACKET_HEAD              0x000000800ULL
+#define HTP_HOST_MISSING                   0x000001000ULL
+#define HTP_HOST_AMBIGUOUS                 0x000002000ULL
+#define HTP_PATH_ENCODED_NUL               0x000004000ULL
+#define HTP_PATH_RAW_NUL                   0x000008000ULL
+#define HTP_PATH_INVALID_ENCODING          0x000010000ULL
+#define HTP_PATH_INVALID                   0x000020000ULL
+#define HTP_PATH_OVERLONG_U                0x000040000ULL
+#define HTP_PATH_ENCODED_SEPARATOR         0x000080000ULL
+#define HTP_PATH_UTF8_VALID                0x000100000ULL /* At least one valid UTF-8 character and no invalid ones. */
+#define HTP_PATH_UTF8_INVALID              0x000200000ULL
+#define HTP_PATH_UTF8_OVERLONG             0x000400000ULL
+#define HTP_PATH_HALF_FULL_RANGE           0x000800000ULL /* Range U+FF00 - U+FFEF detected. */
+#define HTP_STATUS_LINE_INVALID            0x001000000ULL
+#define HTP_HOSTU_INVALID                  0x002000000ULL /* Host in the URI. */
+#define HTP_HOSTH_INVALID                  0x004000000ULL /* Host in the Host header. */
+#define HTP_URLEN_ENCODED_NUL              0x008000000ULL
+#define HTP_URLEN_INVALID_ENCODING         0x010000000ULL
+#define HTP_URLEN_OVERLONG_U               0x020000000ULL
+#define HTP_URLEN_HALF_FULL_RANGE          0x040000000ULL /* Range U+FF00 - U+FFEF detected. */
+#define HTP_URLEN_RAW_NUL                  0x080000000ULL
+#define HTP_REQUEST_INVALID                0x100000000ULL
+#define HTP_REQUEST_INVALID_C_L            0x200000000ULL
+#define HTP_AUTH_INVALID                   0x400000000ULL
+
+#define HTP_MAX_HEADERS_REPETITIONS 64
+
+#define HTP_HOST_INVALID ( HTP_HOSTU_INVALID | HTP_HOSTH_INVALID )
+
+// Logging-related constants.
+#define HTP_LOG_MARK                 __FILE__,__LINE__
+
+/**
+ * Enumerates all log levels.
+ */
+enum htp_log_level_t {
+    HTP_LOG_NONE = 0,
+    HTP_LOG_ERROR = 1,
+    HTP_LOG_WARNING = 2,
+    HTP_LOG_NOTICE = 3,
+    HTP_LOG_INFO = 4,
+    HTP_LOG_DEBUG = 5,
+    HTP_LOG_DEBUG2 = 6
+};
+
+/**
+ * HTTP methods.
+ */
+enum htp_method_t {
+    /**
+     * Used by default, until the method is determined (e.g., before
+     * the request line is processed.
+     */
+    HTP_M_UNKNOWN = 0,
+    HTP_M_HEAD = 1,
+    HTP_M_GET = 2,
+    HTP_M_PUT = 3,
+    HTP_M_POST = 4,
+    HTP_M_DELETE = 5,
+    HTP_M_CONNECT = 6,
+    HTP_M_OPTIONS = 7,
+    HTP_M_TRACE = 8,
+    HTP_M_PATCH = 9,
+    HTP_M_PROPFIND = 10,
+    HTP_M_PROPPATCH = 11,
+    HTP_M_MKCOL = 12,
+    HTP_M_COPY = 13,
+    HTP_M_MOVE = 14,
+    HTP_M_LOCK = 15,
+    HTP_M_UNLOCK = 16,
+    HTP_M_VERSION_CONTROL = 17,
+    HTP_M_CHECKOUT = 18,
+    HTP_M_UNCHECKOUT = 19,
+    HTP_M_CHECKIN = 20,
+    HTP_M_UPDATE = 21,
+    HTP_M_LABEL = 22,
+    HTP_M_REPORT = 23,
+    HTP_M_MKWORKSPACE = 24,
+    HTP_M_MKACTIVITY = 25,
+    HTP_M_BASELINE_CONTROL = 26,
+    HTP_M_MERGE = 27,
+    HTP_M_INVALID = 28
+};
+
+// A collection of unique parser IDs.
+enum htp_parser_id_t {
+    /** application/x-www-form-urlencoded parser. */
+    HTP_PARSER_URLENCODED = 0,
+    
+    /** multipart/form-data parser. */
+    HTP_PARSER_MULTIPART = 1
+};
+
+// Protocol version constants; an enum cannot be
+// used here because we allow any properly-formatted protocol
+// version (e.g., 1.3), even those that do not actually exist.
+#define HTP_PROTOCOL_INVALID        -2
+#define HTP_PROTOCOL_UNKNOWN        -1
+#define HTP_PROTOCOL_0_9             9
+#define HTP_PROTOCOL_1_0             100
+#define HTP_PROTOCOL_1_1             101
+
+// A collection of possible data sources.
+enum htp_data_source_t {
+    /** Embedded in the URL. */
+    HTP_SOURCE_URL = 0,
+
+    /** Transported in the query string. */
+    HTP_SOURCE_QUERY_STRING = 1,
+
+    /** Cookies. */
+    HTP_SOURCE_COOKIE = 2,
+
+    /** Transported in the request body. */
+    HTP_SOURCE_BODY = 3
+};
+
+#define HTP_STATUS_INVALID           -1
+#define HTP_STATUS_UNKNOWN            0
+
+/**
+ * Enumerates all stream states. Each connection has two streams, one
+ * inbound and one outbound. Their states are tracked separately.
+ */
+enum htp_stream_state_t {
+    HTP_STREAM_NEW = 0,
+    HTP_STREAM_OPEN = 1,
+    HTP_STREAM_CLOSED = 2,
+    HTP_STREAM_ERROR = 3,
+    HTP_STREAM_TUNNEL = 4,
+    HTP_STREAM_DATA_OTHER = 5,
+    HTP_STREAM_STOP = 6,
+    HTP_STREAM_DATA = 9
+};
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* HTP_CORE_H */