HTP
0.3
|
#include <ctype.h>
#include <iconv.h>
#include <stdarg.h>
#include <stddef.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <sys/time.h>
#include "bstr.h"
#include "dslib.h"
#include "hooks.h"
#include "htp_decompressors.h"
#include "htp_urlencoded.h"
#include "htp_multipart.h"
Go to the source code of this file.
#define BESTFIT 0 |
#define CFG_NOT_SHARED 0 |
#define CFG_SHARED 1 |
#define CHUNKED 2 |
#define CR '\r' |
#define HTP_AMBIGUOUS_HOST 0x000800 |
#define HTP_AUTH_BASIC 1 |
#define HTP_AUTH_DIGEST 2 |
#define HTP_AUTH_NONE 0 |
#define HTP_AUTH_UNKNOWN 9 |
#define HTP_BASE_VERSION_TEXT "Trunk" |
#define HTP_DATA 1 |
#define HTP_DATA_OTHER 2 |
#define HTP_DECLINED 3 |
#define HTP_ERROR -1 |
#define HTP_FIELD_FOLDED 0x000004 |
#define HTP_FIELD_INVALID 0x000002 |
#define HTP_FIELD_LONG 0x000010 |
#define HTP_FIELD_NUL_BYTE 0x000020 |
#define HTP_FIELD_REPEATED 0x000008 |
#define HTP_FIELD_UNPARSEABLE 0x000001 |
#define HTP_FILE_MULTIPART 1 |
#define HTP_FILE_PUT 2 |
#define HTP_HEADER_INVALID_NAME 2 |
#define HTP_HEADER_LIMIT_HARD 18000 |
#define HTP_HEADER_LIMIT_SOFT 9000 |
#define HTP_HEADER_LWS_AFTER_FIELD_NAME 3 |
#define HTP_HEADER_MISSING_COLON 1 |
#define HTP_HOST_MISSING 0x000400 |
#define HTP_INVALID_CHUNKING 0x000100 |
#define HTP_INVALID_FOLDING 0x000080 |
#define HTP_LINE_TOO_LONG_HARD 4 |
#define HTP_LINE_TOO_LONG_SOFT 5 |
#define HTP_LOG_DEBUG 5 |
#define HTP_LOG_DEBUG2 6 |
#define HTP_LOG_ERROR 1 |
#define HTP_LOG_INFO 4 |
#define HTP_LOG_MARK __FILE__,__LINE__ |
#define HTP_LOG_NOTICE 3 |
#define HTP_LOG_WARNING 2 |
#define HTP_MULTI_PACKET_HEAD 0x000200 |
#define HTP_OK 0 |
#define HTP_PATH_ENCODED_NUL 0x001000 |
#define HTP_PATH_ENCODED_SEPARATOR 0x010000 |
#define HTP_PATH_FULLWIDTH_EVASION 0x100000 |
#define HTP_PATH_INVALID 0x004000 |
#define HTP_PATH_INVALID_ENCODING 0x002000 |
#define HTP_PATH_OVERLONG_U 0x008000 |
#define HTP_PATH_UTF8_INVALID 0x040000 |
#define HTP_PATH_UTF8_OVERLONG 0x080000 |
#define HTP_PATH_UTF8_VALID 0x020000 |
#define HTP_REQUEST_SMUGGLING 0x000040 |
#define HTP_SERVER_APACHE 11 |
#define HTP_SERVER_APACHE_2_2 12 |
#define HTP_SERVER_GENERIC 1 |
#define HTP_SERVER_IDS 2 |
#define HTP_SERVER_IIS_4_0 4 |
#define HTP_SERVER_IIS_5_0 5 |
#define HTP_SERVER_IIS_5_1 6 |
#define HTP_SERVER_IIS_6_0 7 |
#define HTP_SERVER_IIS_7_0 8 |
#define HTP_SERVER_IIS_7_5 9 |
#define HTP_SERVER_MINIMAL 0 |
#define HTP_SERVER_TOMCAT_6_0 10 |
#define HTP_STATUS_LINE_INVALID 0x200000 |
#define HTP_VALID_STATUS_MAX 999 |
#define HTP_VALID_STATUS_MIN 100 |
#define HTTP_0_9 9 |
#define HTTP_1_0 100 |
#define HTTP_1_1 101 |
#define IDENTITY 1 |
#define IN_COPY_BYTE_OR_RETURN | ( | X | ) |
if ((X)->in_current_offset < (X)->in_current_len) { \ (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \ (X)->in_current_offset++; \ (X)->in_stream_offset++; \ } else { \ return HTP_DATA; \ } \ \ if ((X)->in_line_len < (X)->in_line_size) { \ (X)->in_line[(X)->in_line_len] = (X)->in_next_byte; \ (X)->in_line_len++; \ if (((X)->in_line_len == HTP_HEADER_LIMIT_SOFT)&&(!((X)->in_tx->flags & HTP_FIELD_LONG))) { \ (X)->in_tx->flags |= HTP_FIELD_LONG; \ htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_SOFT, "Request field over soft limit"); \ } \ } else { \ htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_HARD, "Request field over hard limit"); \ return HTP_ERROR; \ }
#define IN_NEXT_BYTE | ( | X | ) |
if ((X)->in_current_offset < (X)->in_current_len) { \ (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \ (X)->in_current_offset++; \ (X)->in_stream_offset++; \ } else { \ (X)->in_next_byte = -1; \ }
#define IN_NEXT_BYTE_OR_RETURN | ( | X | ) |
if ((X)->in_current_offset < (X)->in_current_len) { \ (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \ (X)->in_current_offset++; \ (X)->in_stream_offset++; \ } else { \ return HTP_DATA; \ }
#define IN_TEST_NEXT_BYTE_OR_RETURN | ( | X | ) |
if ((X)->in_current_offset >= (X)->in_current_len) { \ return HTP_DATA; \ }
#define LF '\n' |
#define LOG_NO_CODE 0 |
#define M_BASELINE_CONTROL 24 |
#define M_CHECKIN 18 |
#define M_CHECKOUT 16 |
#define M_CONNECT 4 |
#define M_COPY 11 |
#define M_DELETE 3 |
#define M_GET 0 |
#define M_HEAD 1000 |
#define M_INVALID 26 |
#define M_LABEL 20 |
#define M_LOCK 13 |
#define M_MERGE 25 |
#define M_MKACTIVITY 23 |
#define M_MKCOL 10 |
#define M_MKWORKSPACE 22 |
#define M_MOVE 12 |
#define M_OPTIONS 5 |
#define M_PATCH 7 |
#define M_POST 2 |
#define M_PROPFIND 8 |
#define M_PROPPATCH 9 |
#define M_PUT 1 |
#define M_REPORT 21 |
#define M_TRACE 6 |
#define M_UNCHECKOUT 17 |
#define M_UNKNOWN -1 |
#define M_UNLOCK 14 |
#define M_UPDATE 19 |
#define M_VERSION_CONTROL 15 |
#define NO 0 |
#define NONE 0 |
#define NONE 0 |
#define OUT_COPY_BYTE_OR_RETURN | ( | X | ) |
if ((X)->out_current_offset < (X)->out_current_len) { \ (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \ (X)->out_current_offset++; \ (X)->out_stream_offset++; \ } else { \ return HTP_DATA; \ } \ \ if ((X)->out_line_len < (X)->out_line_size) { \ (X)->out_line[(X)->out_line_len] = (X)->out_next_byte; \ (X)->out_line_len++; \ if (((X)->out_line_len == HTP_HEADER_LIMIT_SOFT)&&(!((X)->out_tx->flags & HTP_FIELD_LONG))) { \ (X)->out_tx->flags |= HTP_FIELD_LONG; \ htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_SOFT, "Response field over soft limit"); \ } \ } else { \ htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_HARD, "Response field over hard limit"); \ return HTP_ERROR; \ }
#define OUT_NEXT_BYTE | ( | X | ) |
if ((X)->out_current_offset < (X)->out_current_len) { \ (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \ (X)->out_current_offset++; \ (X)->out_stream_offset++; \ } else { \ (X)->out_next_byte = -1; \ }
#define OUT_NEXT_BYTE_OR_RETURN | ( | X | ) |
if ((X)->out_current_offset < (X)->out_current_len) { \ (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \ (X)->out_current_offset++; \ (X)->out_stream_offset++; \ } else { \ return HTP_DATA; \ }
#define OUT_TEST_NEXT_BYTE_OR_RETURN | ( | X | ) |
if ((X)->out_current_offset >= (X)->out_current_len) { \ return HTP_DATA; \ }
#define PIPELINED_CONNECTION 1 |
#define PROTOCOL_UNKNOWN -1 |
#define STATUS_400 400 |
#define STATUS_404 401 |
#define STREAM_STATE_CLOSED 2 |
#define STREAM_STATE_DATA 9 |
#define STREAM_STATE_DATA_OTHER 5 |
#define STREAM_STATE_ERROR 3 |
#define STREAM_STATE_NEW 0 |
#define STREAM_STATE_OPEN 1 |
#define STREAM_STATE_TUNNEL 4 |
#define TERMINATE 1 |
#define TX_PROGRESS_DONE 10 |
#define TX_PROGRESS_NEW 0 |
#define TX_PROGRESS_REQ_BODY 3 |
#define TX_PROGRESS_REQ_HEADERS 2 |
#define TX_PROGRESS_REQ_LINE 1 |
#define TX_PROGRESS_REQ_TRAILER 4 |
#define TX_PROGRESS_RES_BODY 8 |
#define TX_PROGRESS_RES_HEADERS 7 |
#define TX_PROGRESS_RES_LINE 6 |
#define TX_PROGRESS_RES_TRAILER 9 |
#define TX_PROGRESS_WAIT 5 |
#define URL_DECODER_DECODE_INVALID 2 |
#define URL_DECODER_PRESERVE_PERCENT 0 |
#define URL_DECODER_REMOVE_PERCENT 1 |
#define URL_DECODER_STATUS_400 400 |
#define YES 1 |
typedef struct htp_conn_t htp_conn_t |
typedef struct htp_connp_t htp_connp_t |
typedef struct htp_file_data_t htp_file_data_t |
typedef struct htp_file_t htp_file_t |
typedef struct htp_header_line_t htp_header_line_t |
typedef struct htp_header_t htp_header_t |
typedef struct timeval htp_time_t |
typedef struct htp_tx_data_t htp_tx_data_t |
void fprint_bstr | ( | FILE * | stream, |
const char * | name, | ||
bstr * | b | ||
) |
void fprint_raw_data | ( | FILE * | stream, |
const char * | name, | ||
unsigned char * | data, | ||
size_t | len | ||
) |
void fprint_raw_data_ex | ( | FILE * | stream, |
const char * | name, | ||
unsigned char * | data, | ||
size_t | offset, | ||
size_t | len | ||
) |
int htp_ch_multipart_callback_request_body_data | ( | htp_tx_data_t * | d | ) |
Finalize MULTIPART processing.
d |
int htp_ch_multipart_callback_request_headers | ( | htp_connp_t * | connp | ) |
Inspect request headers and register the MULTIPART request data hook if it contains a multipart/form-data body.
connp |
int htp_ch_urlencoded_callback_request_body_data | ( | htp_tx_data_t * | d | ) |
Invoked to process a part of request body data.
d |
int htp_ch_urlencoded_callback_request_headers | ( | htp_connp_t * | connp | ) |
Determine if the request has a URLENCODED body, then create and attach the URLENCODED parser if it does.
int htp_ch_urlencoded_callback_request_line | ( | htp_connp_t * | connp | ) |
Parse query string, if available. This method is invoked after the request line has been processed.
connp |
int htp_chomp | ( | unsigned char * | data, |
size_t * | len | ||
) |
Remove one or more line terminators (LF or CRLF) from the end of the line provided as input.
Creates a copy of the supplied configuration structure. The idea is to create one or more configuration objects at configuration-time, but to use this function to create per-connection copies. That way it will be possible to adjust per-connection configuration as necessary, without affecting the global configuration. Make sure no other thread changes the configuration object while this function is operating.
cfg |
htp_cfg_t* htp_config_create | ( | void | ) |
Creates a new configuration structure. Configuration structures created at configuration time must not be changed afterwards in order to support lock-less copying.
void htp_config_destroy | ( | htp_cfg_t * | cfg | ) |
Destroy a configuration structure.
cfg |
Registers a callback that is invoked every time there is a log message.
cfg | |
callback_fn |
void htp_config_register_multipart_parser | ( | htp_cfg_t * | cfg | ) |
Registers the MULTIPART parser. This parser will extract information stored in request bodies, when they are in multipart/form-data format.
cfg |
void htp_config_register_request | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request callback.
cfg | |
callback_fn |
void htp_config_register_request_body_data | ( | htp_cfg_t * | cfg, |
int(*)(htp_tx_data_t *) | callback_fn | ||
) |
Registers a request_body_data callback.
cfg | |
callback_fn |
void htp_config_register_request_file_data | ( | htp_cfg_t * | cfg, |
int(*)(htp_file_data_t *) | callback_fn | ||
) |
Registers a request_file_data callback.
cfg | |
callback_fn |
void htp_config_register_request_headers | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_headers callback.
cfg | |
callback_fn |
void htp_config_register_request_line | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_line callback.
cfg | |
callback_fn |
void htp_config_register_request_trailer | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_trailer callback.
cfg | |
callback_fn |
void htp_config_register_request_uri_normalize | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_uri_normalize callback.
cfg | |
callback_fn |
void htp_config_register_response | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a response callback.
cfg | |
callback_fn |
void htp_config_register_response_body_data | ( | htp_cfg_t * | cfg, |
int(*)(htp_tx_data_t *) | callback_fn | ||
) |
Registers a request_body_data callback.
cfg | |
callback_fn |
void htp_config_register_response_headers | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_headers callback.
cfg | |
callback_fn |
void htp_config_register_response_line | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_line callback.
cfg | |
callback_fn |
void htp_config_register_response_trailer | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a request_trailer callback.
cfg | |
callback_fn |
void htp_config_register_transaction_start | ( | htp_cfg_t * | cfg, |
int(*)(htp_connp_t *) | callback_fn | ||
) |
Registers a transaction_start callback.
cfg | |
callback_fn |
void htp_config_register_urlencoded_parser | ( | htp_cfg_t * | cfg | ) |
Registers the URLENCODED parser with the configuration. The parser will parse the query string when available, as well as the request body when in correct format.
cfg |
void htp_config_set_bestfit_map | ( | htp_cfg_t * | cfg, |
unsigned char * | map | ||
) |
Update the best-fit map, which is used to convert UCS-2 characters into single-byte characters. By default a Windows 1252 best-fit map is used. The map is an list of triplets, the first 2 bytes being an UCS-2 character to map from, and the third byte being the single byte to map to. Make sure that your map contains the mappings to cover the fullwidth form characters (U+FF00-FFEF).
cfg | |
map |
void htp_config_set_generate_request_uri_normalized | ( | htp_cfg_t * | cfg, |
int | generate | ||
) |
Whether to generate the request_uri_normalized field.
cfg | |
generate |
void htp_config_set_path_backslash_separators | ( | htp_cfg_t * | cfg, |
int | backslash_separators | ||
) |
Configures whether backslash characters are treated as path segment separators. They are not on Unix systems, but are on Windows systems. If this setting is enabled, a path such as "/one\two/three" will be converted to "/one/two/three".
cfg | |
backslash_separators |
void htp_config_set_path_case_insensitive | ( | htp_cfg_t * | cfg, |
int | case_insensitive | ||
) |
Configures filesystem sensitivity. This setting affects how URL paths are normalized. There are no path modifications by default, but on a case-insensitive systems path will be converted to lowercase.
cfg | |
case_insensitive |
void htp_config_set_path_compress_separators | ( | htp_cfg_t * | cfg, |
int | compress_separators | ||
) |
Configures whether consecutive path segment separators will be compressed. When enabled, a path such as "/one//two" will be normalized to "/one/two". The backslash_separators and decode_separators parameters are used before compression takes place. For example, if backshasl_deparators and decode_separators are both enabled, the path "/one\\/two\/%5cthree/%2f//four" will be converted to "/one/two/three/four".
cfg | |
compress_separators |
void htp_config_set_path_control_char_handling | ( | htp_cfg_t * | cfg, |
int | control_char_handling | ||
) |
This parameter is used to predict how a server will react when control characters are present in a request path, but does not affect path normalization.
cfg | |
control_char_handling | Use NONE with servers that ignore control characters in request path, and STATUS_400 with servers that respond with 400. |
void htp_config_set_path_convert_utf8 | ( | htp_cfg_t * | cfg, |
int | convert_utf8 | ||
) |
Controls the UTF-8 treatment of request paths. One option is to only validate path as UTF-8. In this case, the UTF-8 flags will be raised as appropriate, and the path will remain in UTF-8 (if it was UTF-8in the first place). The other option is to convert a UTF-8 path into a single byte stream using best-fit mapping.
cfg | |
convert_utf8 |
void htp_config_set_path_decode_separators | ( | htp_cfg_t * | cfg, |
int | decode_separators | ||
) |
Configures whether encoded path segment separators will be decoded. Apache does not do this, but IIS does. If enabled, a path such as "/one%2ftwo" will be normalized to "/one/two". If the backslash_separators option is also enabled, encoded backslash characters will be converted too (and subsequently normalized to forward slashes).
cfg | |
decode_separators |
void htp_config_set_path_decode_u_encoding | ( | htp_cfg_t * | cfg, |
int | decode_u_encoding | ||
) |
Configures whether u-encoded sequences in path will be decoded. Such sequences will be treated as invalid URL encoding if decoding is not desirable.
cfg | |
decode_u_encoding |
void htp_config_set_path_invalid_encoding_handling | ( | htp_cfg_t * | cfg, |
int | invalid_encoding_handling | ||
) |
Configures how server reacts to invalid encoding in path.
cfg | |
invalid_encoding_handling | The available options are: URL_DECODER_PRESERVE_PERCENT, URL_DECODER_REMOVE_PERCENT, URL_DECODER_DECODE_INVALID and URL_DECODER_STATUS_400. |
void htp_config_set_path_invalid_utf8_handling | ( | htp_cfg_t * | cfg, |
int | invalid_utf8_handling | ||
) |
Configures how server reacts to invalid UTF-8 characters in path. This setting will not affect path normalization; it only controls what response status we expect for a request that contains invalid UTF-8 characters.
cfg | |
invalid_utf8_handling | Possible values: NONE or STATUS_400. |
void htp_config_set_path_nul_encoded_handling | ( | htp_cfg_t * | cfg, |
int | nul_encoded_handling | ||
) |
Configures how server reacts to encoded NUL bytes. Some servers will terminate path at NUL, while some will respond with 400 or 404. When the termination option is not used, the NUL byte will remain in the path.
cfg | |
nul_encoded_handling | Possible values: TERMINATE, STATUS_400, STATUS_404 |
void htp_config_set_path_nul_raw_handling | ( | htp_cfg_t * | cfg, |
int | nul_raw_handling | ||
) |
Configures how server reacts to raw NUL bytes. Some servers will terminate path at NUL, while some will respond with 400 or 404. When the termination option is not used, the NUL byte will remain in the path.
cfg | |
nul_raw_handling | Possible values: TERMINATE, STATUS_400, STATUS_404 |
void htp_config_set_path_replacement_char | ( | htp_cfg_t * | cfg, |
int | replacement_char | ||
) |
Sets the replacement character that will be used to in the lossy best-fit mapping from Unicode characters into single-byte streams. The question mark is the default replacement character.
cfg | |
replacement_char |
void htp_config_set_path_unicode_mapping | ( | htp_cfg_t * | cfg, |
int | unicode_mapping | ||
) |
Controls what the library does when it encounters an Unicode character where only a single-byte would do (e.g., the u-encoded characters). Conversion always takes place; this parameter is used to correctly predict the status code used in response. In the future there will probably be an option to convert such characters to UCS-2 or UTF-8.
cfg | |
unicode_mapping | Possible values: BESTFIT, STATUS_400, STATUS_404. |
void htp_config_set_path_utf8_overlong_handling | ( | htp_cfg_t * | cfg, |
int | utf8_overlong_handling | ||
) |
Controls how server reacts to overlong UTF-8 characters. Not used at the moment.
cfg | |
utf8_overlong_handling |
void htp_config_set_response_decompression | ( | htp_cfg_t * | cfg, |
int | enabled | ||
) |
Controls whether compressed response bodies will be automatically decompressed.
cfg | |
enabled | set to 1 to enable decompression, 0 otherwise |
int htp_config_set_server_personality | ( | htp_cfg_t * | cfg, |
int | personality | ||
) |
Configure desired server personality.
cfg | |
personality |
void htp_config_set_tx_auto_destroy | ( | htp_cfg_t * | cfg, |
int | tx_auto_destroy | ||
) |
Configures whether transactions will be automatically destroyed once they are no longer needed.
cfg | |
tx_auto_destroy |
htp_conn_t* htp_conn_create | ( | htp_connp_t * | connp | ) |
Creates a new connection structure.
connp |
void htp_conn_destroy | ( | htp_conn_t * | conn | ) |
Destroys a connection, as well as all the transactions it contains. It is not possible to destroy a connection structure yet leave any of its transactions intact. This is because transactions need its connection and connection structures hold little data anyway. The opposite is true, though it is possible to delete a transaction but leave its connection alive.
conn |
int htp_conn_remove_tx | ( | htp_conn_t * | conn, |
htp_tx_t * | tx | ||
) |
Removes the given transaction structure, which makes it possible to safely destroy it. It is safe to destroy transactions in this way because the index of the transactions (in a connection) is preserved.
conn | |
tx |
void htp_connp_clear_error | ( | htp_connp_t * | connp | ) |
Clears an existing parser error, if any.
connp |
void htp_connp_close | ( | htp_connp_t * | connp, |
htp_time_t * | timestamp | ||
) |
Closes the connection associated with the supplied parser.
connp | |
timestamp |
htp_connp_t* htp_connp_create | ( | htp_cfg_t * | cfg | ) |
Creates a new connection parser using the provided configuration. Because the configuration structure is used directly, in a multithreaded environment you are not allowed to change the structure, ever. If you have a need to change configuration on per-connection basis, make a copy of the configuration structure to go along with every connection parser.
cfg |
htp_connp_t* htp_connp_create_copycfg | ( | htp_cfg_t * | cfg | ) |
Creates a new configuration parser, making a copy of the supplied configuration structure.
cfg |
void htp_connp_destroy | ( | htp_connp_t * | connp | ) |
Destroys the connection parser and its data structures, leaving the connection data intact.
connp |
void htp_connp_destroy_all | ( | htp_connp_t * | connp | ) |
Destroys the connection parser, its data structures, as well as the connection and its transactions.
connp |
htp_log_t* htp_connp_get_last_error | ( | htp_connp_t * | connp | ) |
Returns the last error that occurred with this connection parser. Do note, however, that the value in this field will only be valid immediately after an error condition, but it is not guaranteed to remain valid if the parser is invoked again.
connp |
void* htp_connp_get_user_data | ( | htp_connp_t * | connp | ) |
Retrieve the user data associated with this connection parser.
connp |
htp_header_t* htp_connp_header_parse | ( | htp_connp_t * | , |
unsigned char * | , | ||
size_t | |||
) |
char* htp_connp_in_state_as_string | ( | htp_connp_t * | connp | ) |
int htp_connp_is_line_folded | ( | unsigned char * | data, |
size_t | len | ||
) |
Determines if the given line is a continuation (of some previous line).
connp | |
data | |
len |
int htp_connp_is_line_ignorable | ( | htp_connp_t * | connp, |
unsigned char * | data, | ||
size_t | len | ||
) |
Determines if the given line can be ignored when it appears before a request.
connp | |
data | |
len |
int htp_connp_is_line_terminator | ( | htp_connp_t * | connp, |
unsigned char * | data, | ||
size_t | len | ||
) |
Determines if the given line is a request terminator.
connp | |
data | |
len |
void htp_connp_open | ( | htp_connp_t * | connp, |
const char * | remote_addr, | ||
int | remote_port, | ||
const char * | local_addr, | ||
int | local_port, | ||
htp_time_t * | timestamp | ||
) |
Opens connection.
connp | |
remote_addr | Remote address |
remote_port | Remote port |
local_addr | Local address |
local_port | Local port |
timestamp |
char* htp_connp_out_state_as_string | ( | htp_connp_t * | connp | ) |
int htp_connp_REQ_BODY_CHUNKED_DATA | ( | htp_connp_t * | connp | ) |
Processes a chunk of data.
connp |
int htp_connp_REQ_BODY_CHUNKED_DATA_END | ( | htp_connp_t * | connp | ) |
Consumes bytes until the end of the current line.
connp |
int htp_connp_REQ_BODY_CHUNKED_LENGTH | ( | htp_connp_t * | connp | ) |
Extracts chunk length.
connp |
int htp_connp_REQ_BODY_DETERMINE | ( | htp_connp_t * | connp | ) |
Determines presence (and encoding) of a request body.
connp |
int htp_connp_REQ_BODY_IDENTITY | ( | htp_connp_t * | connp | ) |
Processes identity request body.
connp |
int htp_connp_REQ_CONNECT_CHECK | ( | htp_connp_t * | connp | ) |
Performs check for a CONNECT transaction to decide whether inbound parsing needs to be suspended.
connp |
int htp_connp_REQ_CONNECT_WAIT_RESPONSE | ( | htp_connp_t * | connp | ) |
Determines whether inbound parsing, which was suspended after encountering a CONNECT transaction, can proceed (after receiving the response).
connp |
int htp_connp_req_data | ( | htp_connp_t * | connp, |
htp_time_t * | timestamp, | ||
unsigned char * | data, | ||
size_t | len | ||
) |
Process a chunk of inbound (client or request) data.
connp | |
timestamp | |
data | |
len |
size_t htp_connp_req_data_consumed | ( | htp_connp_t * | connp | ) |
Returns how many bytes from the current data chunks were consumed so far.
connp |
int htp_connp_REQ_HEADERS | ( | htp_connp_t * | connp | ) |
Parses request headers.
connp |
int htp_connp_REQ_IDLE | ( | htp_connp_t * | connp | ) |
The idle state is invoked before and after every transaction. Consequently, it will start a new transaction when data is available and finalise a transaction which has been processed.
connp |
int htp_connp_REQ_LINE | ( | htp_connp_t * | connp | ) |
Parses request line.
connp |
int htp_connp_REQ_PROTOCOL | ( | htp_connp_t * | connp | ) |
Determines request protocol.
connp |
int htp_connp_RES_BODY_CHUNKED_DATA | ( | htp_connp_t * | connp | ) |
Processes a chunk of data.
connp |
int htp_connp_RES_BODY_CHUNKED_DATA_END | ( | htp_connp_t * | connp | ) |
Consumes bytes until the end of the current line.
connp |
int htp_connp_RES_BODY_CHUNKED_LENGTH | ( | htp_connp_t * | connp | ) |
Extracts chunk length.
connp |
int htp_connp_RES_BODY_DETERMINE | ( | htp_connp_t * | connp | ) |
Determines presence (and encoding) of a response body.
connp |
int htp_connp_RES_BODY_IDENTITY | ( | htp_connp_t * | connp | ) |
Processes identity response body.
connp |
int htp_connp_res_data | ( | htp_connp_t * | connp, |
htp_time_t * | timestamp, | ||
unsigned char * | data, | ||
size_t | len | ||
) |
Process a chunk of outbound (server or response) data.
connp | |
timestamp | |
data | |
len |
size_t htp_connp_res_data_consumed | ( | htp_connp_t * | connp | ) |
int htp_connp_RES_HEADERS | ( | htp_connp_t * | connp | ) |
Parses response headers.
connp |
int htp_connp_RES_IDLE | ( | htp_connp_t * | connp | ) |
The response idle state will initialize response processing, as well as finalize each transactions after we are done with it.
connp |
int htp_connp_RES_LINE | ( | htp_connp_t * | connp | ) |
Parses response line.
connp |
void htp_connp_set_user_data | ( | htp_connp_t * | connp, |
void * | user_data | ||
) |
Associate user data with the supplied parser.
connp | |
user_data |
int htp_convert_method_to_number | ( | bstr * | method | ) |
Converts request method, given as a string, into a number.
method |
Decode a request path according to the settings in the provided configuration structure.
cfg | |
tx | |
path |
bstr* htp_extract_quoted_string_as_bstr | ( | char * | data, |
size_t | len, | ||
size_t * | endoffset | ||
) |
const char* htp_get_version | ( | void | ) |
Returns the library version.
int htp_is_line_empty | ( | unsigned char * | data, |
size_t | len | ||
) |
Is the given line empty? This function expects the line to have a terminating LF.
data | |
len |
int htp_is_line_whitespace | ( | unsigned char * | data, |
size_t | len | ||
) |
Does line consist entirely of whitespace characters?
data | |
len |
int htp_is_lws | ( | int | c | ) |
Is character a linear white space character?
c |
int htp_is_separator | ( | int | c | ) |
Is character a separator character?
c |
int htp_is_space | ( | int | c | ) |
Is character a white space character?
c |
int htp_is_text | ( | int | c | ) |
Is character a text character?
c |
int htp_is_token | ( | int | c | ) |
Is character a token character?
c |
int htp_is_uri_unreserved | ( | unsigned char | c | ) |
Is URI character reserved?
c |
void htp_log | ( | htp_connp_t * | connp, |
const char * | file, | ||
int | line, | ||
int | level, | ||
int | code, | ||
const char * | fmt, | ||
... | |||
) |
Records one log message.
connp | |
file | |
line | |
level | |
code | |
fmt |
int htp_mpart_part_handle_data | ( | htp_mpart_part_t * | part, |
unsigned char * | data, | ||
size_t | len, | ||
int | is_line | ||
) |
Handles part data.
part | |
data | |
len | |
is_line |
int htp_mpart_part_process_headers | ( | htp_mpart_part_t * | part | ) |
Process part headers. In the current implementation, we only parse the Content-Disposition header if it is present.
part |
int htp_mpartp_is_boundary_character | ( | int | c | ) |
Determine if the supplied character is allowed in boundary.
c |
int htp_mpartp_parse_header | ( | htp_mpart_part_t * | part, |
unsigned char * | data, | ||
size_t | len | ||
) |
Parses one part header.
data | |
len | |
Success | indication |
Normalize request hostname. Convert all characters to lowercase and remove trailing dots from the end, if present.
hostname |
int htp_normalize_parsed_uri | ( | htp_connp_t * | connp, |
htp_uri_t * | incomplete, | ||
htp_uri_t * | normalized | ||
) |
Normalize a previously-parsed request URI.
connp | |
incomplete | |
normalized |
void htp_normalize_uri_path_inplace | ( | bstr * | s | ) |
Normalize URL path. This function implements the remove dot segments algorithm specified in RFC 3986, section 5.2.4.
s |
int htp_parse_authority | ( | htp_connp_t * | connp, |
bstr * | authority, | ||
htp_uri_t ** | uri | ||
) |
Parses request URI, making no attempt to validate the contents.
connp | |
authority | |
uri |
int htp_parse_authorization | ( | htp_connp_t * | connp | ) |
Parses Authorization request header.
connp |
int htp_parse_authorization_basic | ( | htp_connp_t * | connp, |
htp_header_t * | auth_header | ||
) |
Parses Basic Authorization request header.
connp | |
auth_header |
int htp_parse_authorization_digest | ( | htp_connp_t * | connp, |
htp_header_t * | auth_header | ||
) |
Parses Digest Authorization request header.
connp | |
auth_header |
int htp_parse_chunked_length | ( | unsigned char * | data, |
size_t | len | ||
) |
Parses chunk length (positive hexadecimal number). White space is allowed before and after the number.
data | |
len |
int htp_parse_content_length | ( | bstr * | b | ) |
Parses Content-Length string (positive decimal number). White space is allowed before and after the number.
b |
int htp_parse_cookies_v0 | ( | htp_connp_t * | connp | ) |
Parses Cookie request header in v0 format.
connp |
int htp_parse_positive_integer_whitespace | ( | unsigned char * | data, |
size_t | len, | ||
int | base | ||
) |
A forgiving parser for a positive integer in a given base. White space is allowed before and after the number.
data | |
len | |
base |
int htp_parse_protocol | ( | bstr * | protocol | ) |
Determines protocol number from a textual representation (i.e., "HTTP/1.1"). This function will only understand a properly formatted protocol information. It does not try to be flexible.
protocol |
int htp_parse_request_header_apache_2_2 | ( | htp_connp_t * | connp, |
htp_header_t * | h, | ||
unsigned char * | data, | ||
size_t | len | ||
) |
Parses a message header line as Apache 2.2 does.
connp | |
h | |
data | |
len |
int htp_parse_request_header_generic | ( | htp_connp_t * | connp, |
htp_header_t * | h, | ||
unsigned char * | data, | ||
size_t | len | ||
) |
Generic request header parser.
connp | |
h | |
data | |
len |
int htp_parse_request_line_apache_2_2 | ( | htp_connp_t * | connp | ) |
Parse request line as Apache 2.2 does.
connp |
int htp_parse_request_line_generic | ( | htp_connp_t * | connp | ) |
Generic request line parser.
connp |
int htp_parse_response_header_generic | ( | htp_connp_t * | connp, |
htp_header_t * | h, | ||
char * | data, | ||
size_t | len | ||
) |
Generic response header parser.
connp | |
h | |
data | |
len |
int htp_parse_response_line_generic | ( | htp_connp_t * | connp | ) |
Generic response line parser.
connp |
int htp_parse_single_cookie_v0 | ( | htp_connp_t * | connp, |
char * | data, | ||
size_t | len | ||
) |
Parses a single v0 request cookie and places the results into tx->request_cookies.
connp | |
data | |
len |
int htp_parse_status | ( | bstr * | status | ) |
Determines the numerical value of a response status given as a string.
status |
Parses request URI, making no attempt to validate the contents.
input | |
uri |
int htp_prenormalize_uri_path_inplace | ( | bstr * | s, |
int * | flags, | ||
int | case_insensitive, | ||
int | backslash, | ||
int | decode_separators, | ||
int | remove_consecutive | ||
) |
void htp_print_log | ( | FILE * | stream, |
htp_log_t * | log | ||
) |
Prints one log message to stderr.
log |
int htp_process_request_header_apache_2_2 | ( | htp_connp_t * | connp | ) |
Extract one request header. A header can span multiple lines, in which case they will be folded into one before parsing is attempted.
connp |
int htp_process_request_header_generic | ( | htp_connp_t * | connp | ) |
Extract one request header. A header can span multiple lines, in which case they will be folded into one before parsing is attempted.
connp |
int htp_process_response_header_generic | ( | htp_connp_t * | connp | ) |
Generic response header line(s) processor, which assembles folded lines into a single buffer before invoking the parsing function.
connp |
void htp_replace_hostname | ( | htp_connp_t * | connp, |
htp_uri_t * | parsed_uri, | ||
bstr * | hostname | ||
) |
Replace the URI in the structure with the one provided as the parameter to this function (which will typically be supplied in a Host header).
connp | |
parsed_uri | |
hostname |
int htp_req_run_hook_body_data | ( | htp_connp_t * | connp, |
htp_tx_data_t * | d | ||
) |
Run the REQUEST_BODY_DATA hook.
connp | |
d |
int htp_res_run_hook_body_data | ( | htp_connp_t * | connp, |
htp_tx_data_t * | d | ||
) |
Run the RESPONSE_BODY_DATA hook.
connp | |
d |
int htp_resembles_response_line | ( | htp_tx_t * | tx | ) |
Determine if the information provided on the response line is good enough. Browsers are lax when it comes to response line parsing. In most cases they will only look for the words "http" at the beginning.
tx |
Transcode one bstr.
cd | |
input | |
output |
int htp_transcode_params | ( | htp_connp_t * | connp, |
table_t ** | params, | ||
int | destroy_old | ||
) |
Transcode all parameters supplied in the table.
connp | |
params | |
destroy_old |
htp_tx_t* htp_tx_create | ( | htp_cfg_t * | cfg, |
int | is_cfg_shared, | ||
htp_conn_t * | conn | ||
) |
Creates a new transaction structure.
cfg | |
is_cfg_shared | |
conn |
void htp_tx_destroy | ( | htp_tx_t * | tx | ) |
Destroys the supplied transaction.
tx |
Construct a bstr that contains the raw request headers.
tx |
Get a bstr that contains the raw request headers. This method will always return an up-to-date buffer, containing the last known headers. Thus, if it is called once after REQUEST_HEADERS phase it will return one buffer, but it may return a different buffer if called after REQUEST_TRAILERS phase (but only if the request actually contains trailer headers). Do not retain the bstr pointer, as the buffer may change. If there are no changes to the request header structure, only one buffer will be constructed and used. (Multiple invocations of this method will not cause multiple buffers to be created.)
tx |
void* htp_tx_get_user_data | ( | htp_tx_t * | tx | ) |
Returns the user data associated with this transaction.
tx |
char* htp_tx_progress_as_string | ( | htp_tx_t * | tx | ) |
void htp_tx_register_request_body_data | ( | htp_tx_t * | tx, |
int(*)(htp_tx_data_t *) | callback_fn | ||
) |
Register callback for the transaction-specific REQUEST_BODY_DATA hook.
tx | callback_fn |
void htp_tx_register_response_body_data | ( | htp_tx_t * | tx, |
int(*)(htp_tx_data_t *) | callback_fn | ||
) |
Register callback for the transaction-specific RESPONSE_BODY_DATA hook.
tx | callback_fn |
Sets the configuration that is to be used for this transaction.
tx | |
cfg | |
is_cfg_shared |
void htp_tx_set_user_data | ( | htp_tx_t * | tx, |
void * | user_data | ||
) |
Associates user data with this transaction.
tx | |
user_data |
void htp_uriencoding_normalize_inplace | ( | bstr * | s | ) |
Decode a URL-encoded string, leaving the reserved characters and invalid encodings alone.
s |
Decode a UTF-8 encoded path. Overlong characters will be decoded, invalid characters will be left as-is. Best-fit mapping will be used to convert UTF-8 into a single-byte stream.
cfg | |
tx | |
path |