HTP  0.3
htp.h
Go to the documentation of this file.
00001 /***************************************************************************
00002  * Copyright 2009-2010 Open Information Security Foundation
00003  * Copyright 2010-2011 Qualys, Inc.
00004  *
00005  * Licensed to You under the Apache License, Version 2.0 (the "License");
00006  * you may not use this file except in compliance with the License.
00007  * You may obtain a copy of the License at
00008  *
00009  *     http://www.apache.org/licenses/LICENSE-2.0
00010  *
00011  * Unless required by applicable law or agreed to in writing, software
00012  * distributed under the License is distributed on an "AS IS" BASIS,
00013  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00014  * See the License for the specific language governing permissions and
00015  * limitations under the License.
00016  ***************************************************************************/
00017 
00023 #ifndef _HTP_H
00024 #define _HTP_H
00025 
00026 typedef struct htp_cfg_t htp_cfg_t;
00027 typedef struct htp_conn_t htp_conn_t;
00028 typedef struct htp_connp_t htp_connp_t;
00029 typedef struct htp_file_t htp_file_t;
00030 typedef struct htp_file_data_t htp_file_data_t;
00031 typedef struct htp_header_t htp_header_t;
00032 typedef struct htp_header_line_t htp_header_line_t;
00033 typedef struct htp_log_t htp_log_t;
00034 typedef struct htp_tx_data_t htp_tx_data_t;
00035 typedef struct htp_tx_t htp_tx_t;
00036 typedef struct htp_uri_t htp_uri_t;
00037 
00038 #include <ctype.h>
00039 #include <iconv.h>
00040 #include <stdarg.h>
00041 #include <stddef.h>
00042 #include <stdio.h>
00043 #include <stdint.h>
00044 #include <stdlib.h>
00045 #include <string.h>
00046 #include <sys/time.h>
00047 
00048 #include "bstr.h"
00049 #include "dslib.h"
00050 #include "hooks.h"
00051 #include "htp_decompressors.h"
00052 #include "htp_urlencoded.h"
00053 #include "htp_multipart.h"
00054 
00055 // -- Defines -------------------------------------------------------------------------------------
00056 
00057 #define HTP_BASE_VERSION_TEXT   "Trunk"
00058 
00059 #define HTP_ERROR              -1
00060 #define HTP_OK                  0
00061 #define HTP_DATA                1
00062 #define HTP_DATA_OTHER          2
00063 #define HTP_DECLINED            3
00064 
00065 #define PROTOCOL_UNKNOWN        -1
00066 #define HTTP_0_9                9
00067 #define HTTP_1_0                100
00068 #define HTTP_1_1                101
00069 
00070 #define HTP_LOG_MARK                __FILE__,__LINE__
00071 
00072 #define HTP_LOG_ERROR               1
00073 #define HTP_LOG_WARNING             2
00074 #define HTP_LOG_NOTICE              3
00075 #define HTP_LOG_INFO                4
00076 #define HTP_LOG_DEBUG               5
00077 #define HTP_LOG_DEBUG2              6
00078 
00079 #define HTP_HEADER_MISSING_COLON            1
00080 #define HTP_HEADER_INVALID_NAME             2
00081 #define HTP_HEADER_LWS_AFTER_FIELD_NAME     3
00082 #define HTP_LINE_TOO_LONG_HARD              4
00083 #define HTP_LINE_TOO_LONG_SOFT              5
00084 
00085 #define HTP_HEADER_LIMIT_HARD               18000
00086 #define HTP_HEADER_LIMIT_SOFT               9000
00087 
00088 #define HTP_VALID_STATUS_MIN    100
00089 #define HTP_VALID_STATUS_MAX    999
00090 
00091 #define LOG_NO_CODE             0
00092 
00093 #define CR '\r'
00094 #define LF '\n'
00095 
00096 #define M_UNKNOWN              -1
00097 
00098 // The following request method are defined in Apache 2.2.13, in httpd.h.
00099 #define M_GET                   0
00100 #define M_PUT                   1
00101 #define M_POST                  2
00102 #define M_DELETE                3
00103 #define M_CONNECT               4
00104 #define M_OPTIONS               5
00105 #define M_TRACE                 6
00106 #define M_PATCH                 7
00107 #define M_PROPFIND              8
00108 #define M_PROPPATCH             9
00109 #define M_MKCOL                 10
00110 #define M_COPY                  11
00111 #define M_MOVE                  12
00112 #define M_LOCK                  13
00113 #define M_UNLOCK                14
00114 #define M_VERSION_CONTROL       15
00115 #define M_CHECKOUT              16
00116 #define M_UNCHECKOUT            17
00117 #define M_CHECKIN               18
00118 #define M_UPDATE                19
00119 #define M_LABEL                 20
00120 #define M_REPORT                21
00121 #define M_MKWORKSPACE           22
00122 #define M_MKACTIVITY            23
00123 #define M_BASELINE_CONTROL      24
00124 #define M_MERGE                 25
00125 #define M_INVALID               26
00126 
00127 // Interestingly, Apache does not define M_HEAD
00128 #define M_HEAD                  1000
00129 
00130 #define HTP_FIELD_UNPARSEABLE           0x000001
00131 #define HTP_FIELD_INVALID               0x000002
00132 #define HTP_FIELD_FOLDED                0x000004
00133 #define HTP_FIELD_REPEATED              0x000008
00134 #define HTP_FIELD_LONG                  0x000010
00135 #define HTP_FIELD_NUL_BYTE              0x000020
00136 #define HTP_REQUEST_SMUGGLING           0x000040
00137 #define HTP_INVALID_FOLDING             0x000080
00138 #define HTP_INVALID_CHUNKING            0x000100
00139 #define HTP_MULTI_PACKET_HEAD           0x000200
00140 #define HTP_HOST_MISSING                0x000400
00141 #define HTP_AMBIGUOUS_HOST              0x000800
00142 #define HTP_PATH_ENCODED_NUL            0x001000
00143 #define HTP_PATH_INVALID_ENCODING       0x002000
00144 #define HTP_PATH_INVALID                0x004000
00145 #define HTP_PATH_OVERLONG_U             0x008000
00146 #define HTP_PATH_ENCODED_SEPARATOR      0x010000
00147 
00148 #define HTP_PATH_UTF8_VALID             0x020000 /* At least one valid UTF-8 character and no invalid ones */
00149 #define HTP_PATH_UTF8_INVALID           0x040000
00150 #define HTP_PATH_UTF8_OVERLONG          0x080000
00151 #define HTP_PATH_FULLWIDTH_EVASION      0x100000 /* Range U+FF00 - U+FFFF detected */
00152 
00153 #define HTP_STATUS_LINE_INVALID         0x200000
00154 
00155 #define PIPELINED_CONNECTION        1
00156 
00157 #define HTP_SERVER_MINIMAL          0
00158 #define HTP_SERVER_GENERIC          1
00159 #define HTP_SERVER_IDS              2
00160 #define HTP_SERVER_IIS_4_0          4   /* Windows NT 4.0 */
00161 #define HTP_SERVER_IIS_5_0          5   /* Windows 2000 */
00162 #define HTP_SERVER_IIS_5_1          6   /* Windows XP Professional */
00163 #define HTP_SERVER_IIS_6_0          7   /* Windows 2003 */
00164 #define HTP_SERVER_IIS_7_0          8   /* Windows 2008 */
00165 #define HTP_SERVER_IIS_7_5          9   /* Windows 7 */
00166 #define HTP_SERVER_TOMCAT_6_0       10  /* Unused */
00167 #define HTP_SERVER_APACHE           11
00168 #define HTP_SERVER_APACHE_2_2       12
00169 
00170 #define NONE                        0
00171 #define IDENTITY                    1
00172 #define CHUNKED                     2
00173 
00174 #define TX_PROGRESS_NEW             0
00175 #define TX_PROGRESS_REQ_LINE        1
00176 #define TX_PROGRESS_REQ_HEADERS     2
00177 #define TX_PROGRESS_REQ_BODY        3
00178 #define TX_PROGRESS_REQ_TRAILER     4
00179 #define TX_PROGRESS_WAIT            5
00180 #define TX_PROGRESS_RES_LINE        6
00181 #define TX_PROGRESS_RES_HEADERS     7
00182 #define TX_PROGRESS_RES_BODY        8
00183 #define TX_PROGRESS_RES_TRAILER     9
00184 #define TX_PROGRESS_DONE            10
00185 
00186 #define STREAM_STATE_NEW            0
00187 #define STREAM_STATE_OPEN           1
00188 #define STREAM_STATE_CLOSED         2
00189 #define STREAM_STATE_ERROR          3
00190 #define STREAM_STATE_TUNNEL         4
00191 #define STREAM_STATE_DATA_OTHER     5
00192 #define STREAM_STATE_DATA           9
00193 
00194 #define URL_DECODER_PRESERVE_PERCENT            0
00195 #define URL_DECODER_REMOVE_PERCENT              1
00196 #define URL_DECODER_DECODE_INVALID              2
00197 #define URL_DECODER_STATUS_400                  400
00198 
00199 #define NONE        0
00200 #define NO          0
00201 #define BESTFIT     0
00202 #define YES         1
00203 #define TERMINATE   1
00204 #define STATUS_400  400
00205 #define STATUS_404  401
00206 
00207 #define HTP_AUTH_NONE       0
00208 #define HTP_AUTH_BASIC      1
00209 #define HTP_AUTH_DIGEST     2
00210 #define HTP_AUTH_UNKNOWN    9
00211 
00212 #define HTP_FILE_MULTIPART  1
00213 #define HTP_FILE_PUT        2
00214 
00215 #define IN_TEST_NEXT_BYTE_OR_RETURN(X) \
00216 if ((X)->in_current_offset >= (X)->in_current_len) { \
00217     return HTP_DATA; \
00218 }
00219 
00220 #define IN_NEXT_BYTE(X) \
00221 if ((X)->in_current_offset < (X)->in_current_len) { \
00222     (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \
00223     (X)->in_current_offset++; \
00224     (X)->in_stream_offset++; \
00225 } else { \
00226     (X)->in_next_byte = -1; \
00227 }
00228 
00229 #define IN_NEXT_BYTE_OR_RETURN(X) \
00230 if ((X)->in_current_offset < (X)->in_current_len) { \
00231     (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \
00232     (X)->in_current_offset++; \
00233     (X)->in_stream_offset++; \
00234 } else { \
00235     return HTP_DATA; \
00236 }
00237 
00238 #define IN_COPY_BYTE_OR_RETURN(X) \
00239 if ((X)->in_current_offset < (X)->in_current_len) { \
00240     (X)->in_next_byte = (X)->in_current_data[(X)->in_current_offset]; \
00241     (X)->in_current_offset++; \
00242     (X)->in_stream_offset++; \
00243 } else { \
00244     return HTP_DATA; \
00245 } \
00246 \
00247 if ((X)->in_line_len < (X)->in_line_size) { \
00248     (X)->in_line[(X)->in_line_len] = (X)->in_next_byte; \
00249     (X)->in_line_len++; \
00250     if (((X)->in_line_len == HTP_HEADER_LIMIT_SOFT)&&(!((X)->in_tx->flags & HTP_FIELD_LONG))) { \
00251         (X)->in_tx->flags |= HTP_FIELD_LONG; \
00252         htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_SOFT, "Request field over soft limit"); \
00253     } \
00254 } else { \
00255     htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_HARD, "Request field over hard limit"); \
00256     return HTP_ERROR; \
00257 }
00258 
00259 #define OUT_TEST_NEXT_BYTE_OR_RETURN(X) \
00260 if ((X)->out_current_offset >= (X)->out_current_len) { \
00261     return HTP_DATA; \
00262 }
00263 
00264 #define OUT_NEXT_BYTE(X) \
00265 if ((X)->out_current_offset < (X)->out_current_len) { \
00266     (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \
00267     (X)->out_current_offset++; \
00268     (X)->out_stream_offset++; \
00269 } else { \
00270     (X)->out_next_byte = -1; \
00271 }
00272 
00273 #define OUT_NEXT_BYTE_OR_RETURN(X) \
00274 if ((X)->out_current_offset < (X)->out_current_len) { \
00275     (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \
00276     (X)->out_current_offset++; \
00277     (X)->out_stream_offset++; \
00278 } else { \
00279     return HTP_DATA; \
00280 }
00281 
00282 #define OUT_COPY_BYTE_OR_RETURN(X) \
00283 if ((X)->out_current_offset < (X)->out_current_len) { \
00284     (X)->out_next_byte = (X)->out_current_data[(X)->out_current_offset]; \
00285     (X)->out_current_offset++; \
00286     (X)->out_stream_offset++; \
00287 } else { \
00288     return HTP_DATA; \
00289 } \
00290 \
00291 if ((X)->out_line_len < (X)->out_line_size) { \
00292     (X)->out_line[(X)->out_line_len] = (X)->out_next_byte; \
00293     (X)->out_line_len++; \
00294     if (((X)->out_line_len == HTP_HEADER_LIMIT_SOFT)&&(!((X)->out_tx->flags & HTP_FIELD_LONG))) { \
00295         (X)->out_tx->flags |= HTP_FIELD_LONG; \
00296         htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_SOFT, "Response field over soft limit"); \
00297     } \
00298 } else { \
00299     htp_log((X), HTP_LOG_MARK, HTP_LOG_ERROR, HTP_LINE_TOO_LONG_HARD, "Response field over hard limit"); \
00300     return HTP_ERROR; \
00301 }
00302 
00303 #ifdef __cplusplus
00304 extern "C" {
00305 #endif
00306 
00307 typedef struct timeval htp_time_t;
00308 
00309 // -- Data structures -----------------------------------------------------------------------------
00310 
00311 struct htp_cfg_t {
00317     size_t field_limit_hard;
00318     
00322     size_t field_limit_soft;              
00323 
00327     int log_level;
00328 
00332     int tx_auto_destroy;
00333 
00337     int spersonality;
00338 
00340     int (*parse_request_line)(htp_connp_t *connp);
00341 
00343     int (*parse_response_line)(htp_connp_t *connp);
00344 
00346     int (*process_request_header)(htp_connp_t *connp);
00347 
00349     int (*process_response_header)(htp_connp_t *connp);
00350 
00352     int (*parameter_processor)(table_t *params, bstr *name, bstr *value);
00353 
00354     
00355     // Path handling
00356 
00358     int path_backslash_separators;
00359     
00361     int path_case_insensitive;
00362 
00364     int path_compress_separators;
00365 
00370     int path_control_char_handling;
00371 
00375     int path_convert_utf8;
00376 
00378     int path_decode_separators;
00379 
00381     int path_decode_u_encoding;
00382 
00386     int path_invalid_encoding_handling;
00387 
00389     int path_invalid_utf8_handling;
00390 
00392     int path_nul_encoded_handling;
00393 
00395     int path_nul_raw_handling;
00396 
00398     unsigned char bestfit_replacement_char;
00399 
00400     int params_decode_u_encoding;
00401     int params_invalid_encoding_handling;    
00402     int params_nul_encoded_handling;
00403     int params_nul_raw_handling;    
00404 
00406     int path_unicode_mapping;      
00407 
00409     int path_utf8_overlong_handling;
00410 
00412     unsigned char *bestfit_map;
00413 
00415     int generate_request_uri_normalized;
00416 
00418     int response_decompression_enabled;
00419 
00420     char *request_encoding;
00421 
00422     char *internal_encoding;
00423 
00424     int parse_request_cookies;
00425     int parse_request_http_authentication;
00426     int extract_request_files;
00427     char *tmpdir;
00428 
00429     // Hooks
00430 
00434     htp_hook_t *hook_transaction_start;
00435 
00437     htp_hook_t *hook_request_line;
00438 
00440     htp_hook_t *hook_request_uri_normalize;
00441 
00443     htp_hook_t *hook_request_headers;   
00444 
00451     htp_hook_t *hook_request_body_data;
00452 
00453     htp_hook_t *hook_request_file_data;
00454 
00458     htp_hook_t *hook_request_trailer;
00459 
00461     htp_hook_t *hook_request;
00462 
00464     htp_hook_t *hook_response_line;
00465 
00467     htp_hook_t *hook_response_headers;
00468 
00476     htp_hook_t *hook_response_body_data;
00477 
00481     htp_hook_t *hook_response_trailer;
00482 
00487     htp_hook_t *hook_response;
00488 
00492     htp_hook_t *hook_log;
00493 
00495     void *user_data;
00496 };
00497 
00498 struct htp_conn_t {
00500     htp_connp_t *connp;
00501 
00503     char *remote_addr;
00504 
00506     int remote_port;
00507 
00509     char *local_addr;
00510 
00512     int local_port;
00513 
00518     list_t *transactions;
00519 
00521     list_t *messages;   
00522 
00524     unsigned int flags;   
00525 
00527     htp_time_t open_timestamp;
00528 
00530     htp_time_t close_timestamp;
00531     
00533     size_t in_data_counter;
00534 
00536     size_t out_data_counter;
00537 
00539     size_t in_packet_counter;
00540 
00542     size_t out_packet_counter;
00543 };
00544 
00545 struct htp_connp_t {
00546     // General fields
00547     
00549     htp_cfg_t *cfg;
00550 
00555     int is_cfg_private;
00556 
00558     htp_conn_t *conn;
00559 
00561     void *user_data;   
00562 
00567     htp_log_t *last_error;
00568 
00569     // Request parser fields
00570 
00572     unsigned int in_status;
00573 
00575     unsigned int out_status;
00576     
00577     unsigned int out_data_other_at_tx_end;
00578 
00580     htp_time_t in_timestamp;
00581 
00583     unsigned char *in_current_data;
00584 
00586     int64_t in_current_len;
00587 
00589     int64_t in_current_offset;
00590 
00592     size_t in_chunk_count;
00593 
00595     size_t in_chunk_request_index;
00596 
00598     int64_t in_stream_offset;
00599 
00601     int in_next_byte;
00602 
00604     unsigned char *in_line;
00605 
00607     size_t in_line_size;
00608 
00610     size_t in_line_len;    
00611 
00613     htp_tx_t *in_tx;   
00614 
00616     htp_header_line_t *in_header_line;
00617 
00622     int in_header_line_index;
00623 
00625     int in_header_line_counter;
00626 
00632     int64_t in_content_length;
00633 
00638     int64_t in_body_data_left;
00639 
00643     int in_chunked_length;
00644 
00646     int (*in_state)(htp_connp_t *);
00647 
00648     // Response parser fields
00649 
00654     size_t out_next_tx_index;
00655 
00657     htp_time_t out_timestamp;
00658 
00660     unsigned char *out_current_data;
00661 
00663     int64_t out_current_len;
00664 
00666     int64_t out_current_offset;
00667 
00669     int64_t out_stream_offset;
00670 
00672     int out_next_byte;
00673 
00675     unsigned char *out_line;
00676 
00678     size_t out_line_size;
00679 
00681     size_t out_line_len;       
00682         
00684     htp_tx_t *out_tx;
00685 
00687     htp_header_line_t *out_header_line;
00688 
00693     int out_header_line_index;
00694 
00696     int out_header_line_counter;
00697 
00702     int64_t out_content_length;
00703 
00705     int64_t out_body_data_left;
00706 
00710     int out_chunked_length;
00711 
00713     int (*out_state)(htp_connp_t *);
00714 
00716     htp_decompressor_t *out_decompressor;
00717 
00718     htp_file_t *put_file;
00719 };
00720 
00721 struct htp_file_t {
00723     int source;
00724 
00726     bstr *filename;   
00727 
00729     size_t len;
00730 
00732     char *tmpname;
00733 
00735     int fd;
00736 };
00737 
00738 struct htp_file_data_t {
00740     htp_tx_t *tx;
00741 
00743     htp_file_t *file;
00744 
00746     unsigned char *data;
00747 
00749     size_t len;
00750 };
00751 
00752 struct htp_log_t {
00754     htp_connp_t *connp;
00755 
00757     htp_tx_t *tx;
00758 
00760     const char *msg;
00761 
00763     int level;
00764 
00766     int code;
00767 
00769     const char *file;
00770 
00772     unsigned int line;
00773 };
00774 
00775 struct htp_header_line_t {
00777     bstr *line;
00778 
00780     size_t name_offset;
00781 
00783     size_t name_len;
00784 
00786     size_t value_offset;
00787 
00789     size_t value_len;
00790 
00792     unsigned int has_nulls;
00793 
00795     int first_nul_offset;
00796 
00798     unsigned int flags;
00799     
00801     htp_header_t *header;
00802 };
00803 
00804 struct htp_header_t {
00806     bstr *name;
00807 
00809     bstr *value;   
00810 
00812     unsigned int flags;
00813 };
00814 
00815 struct htp_tx_t {
00817     htp_connp_t *connp;
00818 
00820     htp_conn_t *conn;
00821 
00823     htp_cfg_t *cfg;
00824 
00829     int is_cfg_shared;
00830 
00832     void *user_data;
00833     
00834     // Request
00835     unsigned int request_ignored_lines;
00836 
00838     bstr *request_line;
00839 
00841     bstr *request_line_raw;
00842 
00844     int request_line_nul;
00845 
00847     int request_line_nul_offset;
00848 
00850     bstr *request_method;
00851 
00853     int request_method_number;
00854 
00856     bstr *request_uri;
00857 
00863     bstr *request_uri_normalized;
00864 
00866     bstr *request_protocol;
00867 
00871     int request_protocol_number;
00872 
00874     int protocol_is_simple;   
00875 
00881     htp_uri_t *parsed_uri;
00882 
00889     htp_uri_t *parsed_uri_incomplete;
00890 
00896     size_t request_message_len;
00897 
00903     size_t request_entity_len;
00904 
00912     size_t request_nonfiledata_len;
00913 
00918     size_t request_filedata_len;        
00919 
00921     list_t *request_header_lines;
00922 
00924     size_t request_header_lines_no_trailers;
00925 
00927     table_t *request_headers;
00928 
00932     bstr *request_headers_raw;
00933 
00937     size_t request_headers_raw_lines;
00938 
00940     bstr *request_headers_sep;
00941 
00945     int request_transfer_coding;
00946 
00948     int request_content_encoding;
00949 
00954     bstr *request_content_type;
00955 
00956 
00960     htp_hook_t *hook_request_body_data;
00961 
00965     htp_hook_t *hook_response_body_data;
00966 
00970     htp_urlenp_t *request_urlenp_query;
00971 
00975     htp_urlenp_t *request_urlenp_body;
00976 
00981     htp_mpartp_t *request_mpartp;
00982 
00984     table_t *request_params_query;
00985     int request_params_query_reused;
00986 
00988     table_t *request_params_body;
00989     int request_params_body_reused;
00990 
00992     table_t *request_cookies;
00993 
00994     int request_auth_type;
00995     bstr *request_auth_username;
00996     bstr *request_auth_password;
00997 
00998     // Response
00999 
01001     unsigned int response_ignored_lines;
01002 
01004     bstr *response_line;
01005 
01007     bstr *response_line_raw;
01008 
01010     bstr *response_protocol;
01011 
01015     int response_protocol_number;
01016 
01018     bstr *response_status;
01019 
01021     int response_status_number;
01022 
01026     int response_status_expected_number;
01027 
01029     bstr *response_message;
01030 
01032     int seen_100continue;   
01033 
01035     list_t *response_header_lines;
01036 
01038     table_t *response_headers;
01039 
01041     bstr *response_headers_sep;
01042 
01048     size_t response_message_len;
01049 
01055     size_t response_entity_len;
01056 
01058     int response_transfer_coding;
01059 
01061     int response_content_encoding;   
01062     
01063     // Common
01064 
01068     unsigned int flags;
01069 
01071     unsigned int progress;
01072 };
01073 
01075 struct htp_tx_data_t {
01077     htp_tx_t *tx;
01078 
01080     unsigned char *data;
01081 
01083     size_t len;
01084 };
01085 
01090 struct htp_uri_t {
01092     bstr *scheme;
01093 
01095     bstr *username;
01096 
01098     bstr *password;
01099 
01101     bstr *hostname;
01102 
01104     bstr *port;
01105 
01107     int port_number;
01108 
01110     bstr *path;
01111 
01113     bstr *query;
01114 
01116     bstr *fragment;
01117 };
01118 
01119 // -- Functions -----------------------------------------------------------------------------------
01120 
01121 const char *htp_get_version(void);
01122 
01123 htp_cfg_t *htp_config_copy(htp_cfg_t *cfg);
01124 htp_cfg_t *htp_config_create(void);
01125       void htp_config_destroy(htp_cfg_t *cfg); 
01126 
01127 void htp_config_register_transaction_start(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01128 void htp_config_register_request_line(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01129 void htp_config_register_request_uri_normalize(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01130 void htp_config_register_request_headers(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01131 void htp_config_register_request_body_data(htp_cfg_t *cfg, int (*callback_fn)(htp_tx_data_t *));
01132 void htp_config_register_request_file_data(htp_cfg_t *cfg, int (*callback_fn)(htp_file_data_t *));
01133 void htp_config_register_request_trailer(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01134 void htp_config_register_request(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01135 
01136 void htp_config_register_response_line(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01137 void htp_config_register_response_headers(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01138 void htp_config_register_response_body_data(htp_cfg_t *cfg, int (*callback_fn)(htp_tx_data_t *));
01139 void htp_config_register_response_trailer(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01140 void htp_config_register_response(htp_cfg_t *cfg, int (*callback_fn)(htp_connp_t *));
01141 
01142 void htp_config_register_log(htp_cfg_t *cfg, int (*callback_fn)(htp_log_t *));
01143 
01144 void htp_config_set_tx_auto_destroy(htp_cfg_t *cfg, int tx_auto_destroy);
01145 
01146  int htp_config_set_server_personality(htp_cfg_t *cfg, int personality);
01147 void htp_config_set_response_decompression(htp_cfg_t *cfg, int enabled);
01148 
01149 void htp_config_set_bestfit_map(htp_cfg_t *cfg, unsigned char *map);
01150 void htp_config_set_path_backslash_separators(htp_cfg_t *cfg, int backslash_separators);
01151 void htp_config_set_path_case_insensitive(htp_cfg_t *cfg, int path_case_insensitive);
01152 void htp_config_set_path_compress_separators(htp_cfg_t *cfg, int compress_separators);
01153 void htp_config_set_path_control_char_handling(htp_cfg_t *cfg, int control_char_handling);
01154 void htp_config_set_path_convert_utf8(htp_cfg_t *cfg, int convert_utf8);
01155 void htp_config_set_path_decode_separators(htp_cfg_t *cfg, int backslash_separators);
01156 void htp_config_set_path_decode_u_encoding(htp_cfg_t *cfg, int decode_u_encoding);
01157 void htp_config_set_path_invalid_encoding_handling(htp_cfg_t *cfg, int invalid_encoding_handling);
01158 void htp_config_set_path_invalid_utf8_handling(htp_cfg_t *cfg, int invalid_utf8_handling);
01159 void htp_config_set_path_nul_encoded_handling(htp_cfg_t *cfg, int nul_encoded_handling);
01160 void htp_config_set_path_nul_raw_handling(htp_cfg_t *cfg, int nul_raw_handling);
01161 void htp_config_set_path_replacement_char(htp_cfg_t *cfg, int replacement_char);
01162 void htp_config_set_path_unicode_mapping(htp_cfg_t *cfg, int unicode_mapping);
01163 void htp_config_set_path_utf8_overlong_handling(htp_cfg_t *cfg, int utf8_overlong_handling);
01164 
01165 void htp_config_set_generate_request_uri_normalized(htp_cfg_t *cfg, int generate);
01166 
01167 void htp_config_register_urlencoded_parser(htp_cfg_t *cfg);
01168 void htp_config_register_multipart_parser(htp_cfg_t *cfg);
01169 
01170 
01171 htp_connp_t *htp_connp_create(htp_cfg_t *cfg);
01172 htp_connp_t *htp_connp_create_copycfg(htp_cfg_t *cfg);
01173 void htp_connp_open(htp_connp_t *connp, const char *remote_addr, int remote_port, const char *local_addr, int local_port, htp_time_t *timestamp);
01174 void htp_connp_close(htp_connp_t *connp, htp_time_t *timestamp);
01175 void htp_connp_destroy(htp_connp_t *connp);
01176 void htp_connp_destroy_all(htp_connp_t *connp);
01177 
01178  void htp_connp_set_user_data(htp_connp_t *connp, void *user_data);
01179 void *htp_connp_get_user_data(htp_connp_t *connp);
01180 
01181 htp_conn_t *htp_conn_create(htp_connp_t *connp);
01182        void htp_conn_destroy(htp_conn_t *conn);
01183         int htp_conn_remove_tx(htp_conn_t *conn, htp_tx_t *tx);
01184 
01185    int htp_connp_req_data(htp_connp_t *connp, htp_time_t *timestamp, unsigned char *data, size_t len);
01186 size_t htp_connp_req_data_consumed(htp_connp_t *connp);
01187    int htp_connp_res_data(htp_connp_t *connp, htp_time_t *timestamp, unsigned char *data, size_t len);
01188 size_t htp_connp_res_data_consumed(htp_connp_t *connp);
01189 
01190       void htp_connp_clear_error(htp_connp_t *connp);
01191 htp_log_t *htp_connp_get_last_error(htp_connp_t *connp);
01192 
01193 htp_header_t *htp_connp_header_parse(htp_connp_t *, unsigned char *, size_t);
01194 
01195 #define CFG_NOT_SHARED  0
01196 #define CFG_SHARED      1
01197 
01198 htp_tx_t *htp_tx_create(htp_cfg_t *cfg, int is_cfg_shared, htp_conn_t *conn);
01199      void htp_tx_destroy(htp_tx_t *tx);
01200      void htp_tx_set_config(htp_tx_t *tx, htp_cfg_t *cfg, int is_cfg_shared);
01201 
01202      void htp_tx_set_user_data(htp_tx_t *tx, void *user_data);
01203     void *htp_tx_get_user_data(htp_tx_t *tx);
01204 
01205 // void htp_tx_register_response_body_data(htp_tx_t *tx, int (*callback_fn)(htp_tx_data_t *));
01206 
01207 // Parsing functions
01208 
01209 int htp_parse_request_line_generic(htp_connp_t *connp);
01210 int htp_parse_request_header_generic(htp_connp_t *connp, htp_header_t *h, unsigned char *data, size_t len);
01211 int htp_process_request_header_generic(htp_connp_t *);
01212 
01213 int htp_parse_request_header_apache_2_2(htp_connp_t *connp, htp_header_t *h, unsigned char *data, size_t len);
01214 int htp_parse_request_line_apache_2_2(htp_connp_t *connp);
01215 int htp_process_request_header_apache_2_2(htp_connp_t *);
01216 
01217 int htp_parse_response_line_generic(htp_connp_t *connp);
01218 int htp_parse_response_header_generic(htp_connp_t *connp, htp_header_t *h, char *data, size_t len);
01219 int htp_process_response_header_generic(htp_connp_t *connp);
01220 
01221 // Parser states
01222 
01223 int htp_connp_REQ_IDLE(htp_connp_t *connp);
01224 int htp_connp_REQ_LINE(htp_connp_t *connp);
01225 int htp_connp_REQ_PROTOCOL(htp_connp_t *connp);
01226 int htp_connp_REQ_HEADERS(htp_connp_t *connp);
01227 int htp_connp_REQ_BODY_DETERMINE(htp_connp_t *connp);
01228 int htp_connp_REQ_BODY_IDENTITY(htp_connp_t *connp);
01229 int htp_connp_REQ_BODY_CHUNKED_LENGTH(htp_connp_t *connp);
01230 int htp_connp_REQ_BODY_CHUNKED_DATA(htp_connp_t *connp);
01231 int htp_connp_REQ_BODY_CHUNKED_DATA_END(htp_connp_t *connp);
01232 
01233 int htp_connp_REQ_CONNECT_CHECK(htp_connp_t *connp);
01234 int htp_connp_REQ_CONNECT_WAIT_RESPONSE(htp_connp_t *connp);
01235 
01236 int htp_connp_RES_IDLE(htp_connp_t *connp);
01237 int htp_connp_RES_LINE(htp_connp_t *connp);
01238 int htp_connp_RES_HEADERS(htp_connp_t *connp);
01239 int htp_connp_RES_BODY_DETERMINE(htp_connp_t *connp);
01240 int htp_connp_RES_BODY_IDENTITY(htp_connp_t *connp);
01241 int htp_connp_RES_BODY_CHUNKED_LENGTH(htp_connp_t *connp);
01242 int htp_connp_RES_BODY_CHUNKED_DATA(htp_connp_t *connp);
01243 int htp_connp_RES_BODY_CHUNKED_DATA_END(htp_connp_t *connp);
01244 
01245 // Utility functions
01246 
01247 int htp_convert_method_to_number(bstr *);
01248 int htp_is_lws(int c);
01249 int htp_is_separator(int c);
01250 int htp_is_text(int c);
01251 int htp_is_token(int c);
01252 int htp_chomp(unsigned char *data, size_t *len);
01253 int htp_is_space(int c);
01254 
01255 int htp_parse_protocol(bstr *protocol);
01256 
01257 int htp_is_line_empty(unsigned char *data, size_t len);
01258 int htp_is_line_whitespace(unsigned char *data, size_t len);
01259 
01260 int htp_connp_is_line_folded(unsigned char *data, size_t len);
01261 int htp_connp_is_line_terminator(htp_connp_t *connp, unsigned char *data, size_t len);
01262 int htp_connp_is_line_ignorable(htp_connp_t *connp, unsigned char *data, size_t len);
01263 
01264 int htp_parse_uri(bstr *input, htp_uri_t **uri);
01265 int htp_parse_authority(htp_connp_t *connp, bstr *input, htp_uri_t **uri);
01266 int htp_normalize_parsed_uri(htp_connp_t *connp, htp_uri_t *parsed_uri_incomplete, htp_uri_t *parsed_uri);
01267 bstr *htp_normalize_hostname_inplace(bstr *input);
01268 void htp_replace_hostname(htp_connp_t *connp, htp_uri_t *parsed_uri, bstr *hostname);
01269 int htp_is_uri_unreserved(unsigned char c);
01270 
01271 int htp_decode_path_inplace(htp_cfg_t *cfg, htp_tx_t *tx, bstr *path);
01272 
01273 void htp_uriencoding_normalize_inplace(bstr *s);
01274 
01275  int htp_prenormalize_uri_path_inplace(bstr *s, int *flags, int case_insensitive, int backslash, int decode_separators, int remove_consecutive);
01276 void htp_normalize_uri_path_inplace(bstr *s);
01277 
01278 void htp_utf8_decode_path_inplace(htp_cfg_t *cfg, htp_tx_t *tx, bstr *path);
01279 void htp_utf8_validate_path(htp_tx_t *tx, bstr *path);
01280 
01281 int htp_parse_content_length(bstr *b);
01282 int htp_parse_chunked_length(unsigned char *data, size_t len);
01283 int htp_parse_positive_integer_whitespace(unsigned char *data, size_t len, int base);
01284 int htp_parse_status(bstr *status);
01285 int htp_parse_authorization_digest(htp_connp_t *connp, htp_header_t *auth_header);
01286 int htp_parse_authorization_basic(htp_connp_t *connp, htp_header_t *auth_header);
01287 
01288 void htp_log(htp_connp_t *connp, const char *file, int line, int level, int code, const char *fmt, ...);
01289 void htp_print_log(FILE *stream, htp_log_t *log);
01290 
01291 void fprint_bstr(FILE *stream, const char *name, bstr *b);
01292 void fprint_raw_data(FILE *stream, const char *name, unsigned char *data, size_t len);
01293 void fprint_raw_data_ex(FILE *stream, const char *name, unsigned char *data, size_t offset, size_t len);
01294 
01295 char *htp_connp_in_state_as_string(htp_connp_t *connp);
01296 char *htp_connp_out_state_as_string(htp_connp_t *connp);
01297 char *htp_tx_progress_as_string(htp_tx_t *tx);
01298 
01299 bstr *htp_unparse_uri_noencode(htp_uri_t *uri);
01300 
01301 int htp_resembles_response_line(htp_tx_t *tx);
01302 
01303 bstr *htp_tx_generate_request_headers_raw(htp_tx_t *tx);
01304 bstr *htp_tx_get_request_headers_raw(htp_tx_t *tx);
01305 
01306 int htp_req_run_hook_body_data(htp_connp_t *connp, htp_tx_data_t *d);
01307 int htp_res_run_hook_body_data(htp_connp_t *connp, htp_tx_data_t *d);
01308 
01309 void htp_tx_register_request_body_data(htp_tx_t *tx, int (*callback_fn)(htp_tx_data_t *));
01310 void htp_tx_register_response_body_data(htp_tx_t *tx, int (*callback_fn)(htp_tx_data_t *));
01311 
01312 int htp_ch_urlencoded_callback_request_body_data(htp_tx_data_t *d);
01313 int htp_ch_urlencoded_callback_request_headers(htp_connp_t *connp);
01314 int htp_ch_urlencoded_callback_request_line(htp_connp_t *connp);
01315 int htp_ch_multipart_callback_request_body_data(htp_tx_data_t *d);
01316 int htp_ch_multipart_callback_request_headers(htp_connp_t *connp);
01317 
01318 int htp_php_parameter_processor(table_t *params, bstr *name, bstr *value);
01319 
01320 int htp_transcode_params(htp_connp_t *connp, table_t **params, int destroy_old);
01321 int htp_transcode_bstr(iconv_t cd, bstr *input, bstr **output);
01322 
01323 int htp_parse_single_cookie_v0(htp_connp_t *connp, char *data, size_t len);
01324 int htp_parse_cookies_v0(htp_connp_t *connp);
01325 int htp_parse_authorization(htp_connp_t *connp);
01326 
01327 int htp_decode_urlencoded_inplace(htp_cfg_t *cfg, htp_tx_t *tx, bstr *input);
01328 
01329 bstr *htp_extract_quoted_string_as_bstr(char *data, size_t len, size_t *endoffset);
01330 
01331 int htp_mpart_part_process_headers(htp_mpart_part_t *part);
01332 int htp_mpartp_parse_header(htp_mpart_part_t *part, unsigned char *data, size_t len);
01333 int htp_mpart_part_handle_data(htp_mpart_part_t *part, unsigned char *data, size_t len, int is_line);
01334 int htp_mpartp_is_boundary_character(int c);
01335 
01336 #ifdef __cplusplus
01337 }
01338 #endif
01339 
01340 #endif  /* _HTP_H */
01341 
01342