1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
|
/***************************************************************************
* Copyright (c) 2009-2010 Open Information Security Foundation
* Copyright (c) 2010-2013 Qualys, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* - Neither the name of the Qualys, Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
***************************************************************************/
/**
* @file
* @author Ivan Ristic <ivanr@webkreator.com>
*/
#ifndef HTP_CORE_H
#define HTP_CORE_H
#ifdef __cplusplus
extern "C" {
#endif
typedef int htp_status_t;
typedef struct htp_cfg_t htp_cfg_t;
typedef struct htp_conn_t htp_conn_t;
typedef struct htp_connp_t htp_connp_t;
typedef struct htp_file_t htp_file_t;
typedef struct htp_file_data_t htp_file_data_t;
typedef struct htp_header_t htp_header_t;
typedef struct htp_header_line_t htp_header_line_t;
typedef struct htp_log_t htp_log_t;
typedef struct htp_param_t htp_param_t;
typedef struct htp_tx_data_t htp_tx_data_t;
typedef struct htp_tx_t htp_tx_t;
typedef struct htp_uri_t htp_uri_t;
typedef struct timeval htp_time_t;
// Below are all htp_status_t return codes used by LibHTP. Enum is not
// used here to allow applications to define their own codes.
/**
* The lowest htp_status_t value LibHTP will use internally.
*/
#define HTP_ERROR_RESERVED -1000
/** General-purpose error code. */
#define HTP_ERROR -1
/**
* No processing or work was done. This is typically used by callbacks
* to indicate that they were not interested in doing any work in the
* given context.
*/
#define HTP_DECLINED 0
/** Returned by a function when its work was successfully completed. */
#define HTP_OK 1
/**
* Returned when processing a connection stream, after consuming all
* provided data. The caller should call again with more data.
*/
#define HTP_DATA 2
/**
* Returned when processing a connection stream, after encountering
* a situation where processing needs to continue on the alternate
* stream (e.g., the inbound parser needs to observe some outbound
* data). The data provided was not completely consumed. On the next
* invocation the caller should supply only the data that has not
* been processed already. Use htp_connp_req_data_consumed() and
* htp_connp_res_data_consumed() to determine how much of the most
* recent data chunk was consumed.
*/
#define HTP_DATA_OTHER 3
/**
* Used by callbacks to indicate that the processing should stop. For example,
* returning HTP_STOP from a connection callback indicates that LibHTP should
* stop following that particular connection.
*/
#define HTP_STOP 4
/**
* Same as HTP_DATA, but indicates that any non-consumed part of the
* data chunk should be preserved (buffered) for later.
*/
#define HTP_DATA_BUFFER 5
/**
* The highest htp_status_t value LibHTP will use internally.
*/
#define HTP_STATUS_RESERVED 1000
/**
* Enumerates the possible values for authentication type.
*/
enum htp_auth_type_t {
/**
* This is the default value that is used before
* the presence of authentication is determined (e.g.,
* before request headers are seen).
*/
HTP_AUTH_UNKNOWN = 0,
/** No authentication. */
HTP_AUTH_NONE = 1,
/** HTTP Basic authentication used. */
HTP_AUTH_BASIC = 2,
/** HTTP Digest authentication used. */
HTP_AUTH_DIGEST = 3,
/** HTTP Digest authentication used. */
HTP_AUTH_BEARER = 4,
/** Unrecognized authentication method. */
HTP_AUTH_UNRECOGNIZED = 9
};
enum htp_content_encoding_t {
/**
* This is the default value, which is used until the presence
* of content encoding is determined (e.g., before request headers
* are seen.
*/
HTP_COMPRESSION_UNKNOWN = 0,
/** No compression. */
HTP_COMPRESSION_NONE = 1,
/** Gzip compression. */
HTP_COMPRESSION_GZIP = 2,
/** Deflate compression. */
HTP_COMPRESSION_DEFLATE = 3,
/** LZMA compression. */
HTP_COMPRESSION_LZMA = 4
};
/**
* Enumerates the possible request and response body codings.
*/
enum htp_transfer_coding_t {
/** Body coding not determined yet. */
HTP_CODING_UNKNOWN = 0,
/** No body. */
HTP_CODING_NO_BODY = 1,
/** Identity coding is used, which means that the body was sent as is. */
HTP_CODING_IDENTITY = 2,
/** Chunked encoding. */
HTP_CODING_CHUNKED = 3,
/** We could not recognize the encoding. */
HTP_CODING_INVALID = 4
};
enum htp_file_source_t {
HTP_FILE_MULTIPART = 1,
HTP_FILE_PUT = 2
};
// Various flag bits. Even though we have a flag field in several places
// (header, transaction, connection), these fields are all in the same namespace
// because we may want to set the same flag in several locations. For example, we
// may set HTP_FIELD_FOLDED on the actual folded header, but also on the transaction
// that contains the header. Both uses are useful.
// Connection flags are 8 bits wide.
#define HTP_CONN_PIPELINED 0x000000001ULL
#define HTP_CONN_HTTP_0_9_EXTRA 0x000000002ULL
// All other flags are 64 bits wide.
#define HTP_FIELD_UNPARSEABLE 0x000000004ULL
#define HTP_FIELD_INVALID 0x000000008ULL
#define HTP_FIELD_FOLDED 0x000000010ULL
#define HTP_FIELD_REPEATED 0x000000020ULL
#define HTP_FIELD_LONG 0x000000040ULL
#define HTP_FIELD_RAW_NUL 0x000000080ULL
#define HTP_REQUEST_SMUGGLING 0x000000100ULL
#define HTP_INVALID_FOLDING 0x000000200ULL
#define HTP_REQUEST_INVALID_T_E 0x000000400ULL
#define HTP_MULTI_PACKET_HEAD 0x000000800ULL
#define HTP_HOST_MISSING 0x000001000ULL
#define HTP_HOST_AMBIGUOUS 0x000002000ULL
#define HTP_PATH_ENCODED_NUL 0x000004000ULL
#define HTP_PATH_RAW_NUL 0x000008000ULL
#define HTP_PATH_INVALID_ENCODING 0x000010000ULL
#define HTP_PATH_INVALID 0x000020000ULL
#define HTP_PATH_OVERLONG_U 0x000040000ULL
#define HTP_PATH_ENCODED_SEPARATOR 0x000080000ULL
#define HTP_PATH_UTF8_VALID 0x000100000ULL /* At least one valid UTF-8 character and no invalid ones. */
#define HTP_PATH_UTF8_INVALID 0x000200000ULL
#define HTP_PATH_UTF8_OVERLONG 0x000400000ULL
#define HTP_PATH_HALF_FULL_RANGE 0x000800000ULL /* Range U+FF00 - U+FFEF detected. */
#define HTP_STATUS_LINE_INVALID 0x001000000ULL
#define HTP_HOSTU_INVALID 0x002000000ULL /* Host in the URI. */
#define HTP_HOSTH_INVALID 0x004000000ULL /* Host in the Host header. */
#define HTP_URLEN_ENCODED_NUL 0x008000000ULL
#define HTP_URLEN_INVALID_ENCODING 0x010000000ULL
#define HTP_URLEN_OVERLONG_U 0x020000000ULL
#define HTP_URLEN_HALF_FULL_RANGE 0x040000000ULL /* Range U+FF00 - U+FFEF detected. */
#define HTP_URLEN_RAW_NUL 0x080000000ULL
#define HTP_REQUEST_INVALID 0x100000000ULL
#define HTP_REQUEST_INVALID_C_L 0x200000000ULL
#define HTP_AUTH_INVALID 0x400000000ULL
#define HTP_MAX_HEADERS_REPETITIONS 64
#define HTP_HOST_INVALID ( HTP_HOSTU_INVALID | HTP_HOSTH_INVALID )
// Logging-related constants.
#define HTP_LOG_MARK __FILE__,__LINE__
/**
* Enumerates all log levels.
*/
enum htp_log_level_t {
HTP_LOG_NONE = 0,
HTP_LOG_ERROR = 1,
HTP_LOG_WARNING = 2,
HTP_LOG_NOTICE = 3,
HTP_LOG_INFO = 4,
HTP_LOG_DEBUG = 5,
HTP_LOG_DEBUG2 = 6
};
/**
* HTTP methods.
*/
enum htp_method_t {
/**
* Used by default, until the method is determined (e.g., before
* the request line is processed.
*/
HTP_M_UNKNOWN = 0,
HTP_M_HEAD = 1,
HTP_M_GET = 2,
HTP_M_PUT = 3,
HTP_M_POST = 4,
HTP_M_DELETE = 5,
HTP_M_CONNECT = 6,
HTP_M_OPTIONS = 7,
HTP_M_TRACE = 8,
HTP_M_PATCH = 9,
HTP_M_PROPFIND = 10,
HTP_M_PROPPATCH = 11,
HTP_M_MKCOL = 12,
HTP_M_COPY = 13,
HTP_M_MOVE = 14,
HTP_M_LOCK = 15,
HTP_M_UNLOCK = 16,
HTP_M_VERSION_CONTROL = 17,
HTP_M_CHECKOUT = 18,
HTP_M_UNCHECKOUT = 19,
HTP_M_CHECKIN = 20,
HTP_M_UPDATE = 21,
HTP_M_LABEL = 22,
HTP_M_REPORT = 23,
HTP_M_MKWORKSPACE = 24,
HTP_M_MKACTIVITY = 25,
HTP_M_BASELINE_CONTROL = 26,
HTP_M_MERGE = 27,
HTP_M_INVALID = 28
};
// A collection of unique parser IDs.
enum htp_parser_id_t {
/** application/x-www-form-urlencoded parser. */
HTP_PARSER_URLENCODED = 0,
/** multipart/form-data parser. */
HTP_PARSER_MULTIPART = 1
};
// Protocol version constants; an enum cannot be
// used here because we allow any properly-formatted protocol
// version (e.g., 1.3), even those that do not actually exist.
#define HTP_PROTOCOL_INVALID -2
#define HTP_PROTOCOL_UNKNOWN -1
#define HTP_PROTOCOL_0_9 9
#define HTP_PROTOCOL_1_0 100
#define HTP_PROTOCOL_1_1 101
// A collection of possible data sources.
enum htp_data_source_t {
/** Embedded in the URL. */
HTP_SOURCE_URL = 0,
/** Transported in the query string. */
HTP_SOURCE_QUERY_STRING = 1,
/** Cookies. */
HTP_SOURCE_COOKIE = 2,
/** Transported in the request body. */
HTP_SOURCE_BODY = 3
};
#define HTP_STATUS_INVALID -1
#define HTP_STATUS_UNKNOWN 0
/**
* Enumerates all stream states. Each connection has two streams, one
* inbound and one outbound. Their states are tracked separately.
*/
enum htp_stream_state_t {
HTP_STREAM_NEW = 0,
HTP_STREAM_OPEN = 1,
HTP_STREAM_CLOSED = 2,
HTP_STREAM_ERROR = 3,
HTP_STREAM_TUNNEL = 4,
HTP_STREAM_DATA_OTHER = 5,
HTP_STREAM_STOP = 6,
HTP_STREAM_DATA = 9
};
#ifdef __cplusplus
}
#endif
#endif /* HTP_CORE_H */
|
