app-layer-htp.c File Reference
#include "suricata.h"#include "suricata-common.h"#include "conf.h"#include "decode.h"#include "util-print.h"#include "util-byte.h"#include "stream-tcp.h"#include "app-layer-protos.h"#include "app-layer-parser.h"#include "app-layer.h"#include "app-layer-detect-proto.h"#include "app-layer-frames.h"#include "app-layer-htp.h"#include "app-layer-htp-body.h"#include "app-layer-htp-file.h"#include "app-layer-htp-libhtp.h"#include "app-layer-htp-xff.h"#include "app-layer-htp-range.h"#include "app-layer-htp-mem.h"#include "util-debug.h"#include "util-misc.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "flow-util.h"#include "detect-engine.h"#include "detect-engine-build.h"#include "detect-engine-state.h"#include "detect-parse.h"#include "util-memcmp.h"#include "util-random.h"#include "util-validate.h"#include "detect-engine-alert.h"#include "conf-yaml-loader.h"
Include dependency graph for app-layer-htp.c:
Go to the source code of this file.
Macros | |
| #define | IF_HTP_PERSONALITY_NUM(p) if (strcasecmp(#p, str) == 0) return HTP_SERVER_ ## p |
| #define | HTP_MAX_MESSAGES 512 |
| #define | HTP_ERROR_MAX (sizeof(htp_errors) / sizeof(htp_errors[0])) |
| #define | HTP_WARNING_MAX (sizeof(htp_warnings) / sizeof(htp_warnings[0])) |
| enum | HttpFrameTypes { HTTP_FRAME_REQUEST, HTTP_FRAME_RESPONSE } |
| StreamingBufferConfig | htp_sbcfg = STREAMING_BUFFER_CONFIG_INITIALIZER |
| SCEnumCharMap | http_decoder_event_table [] |
| SCEnumCharMap | http_frame_table [] |
| struct { | |
| const char * msg | |
| uint8_t de | |
| } | htp_errors [] |
| struct { | |
| const char * msg | |
| uint8_t de | |
| } | htp_warnings [] |
| SC_ATOMIC_DECLARE (uint32_t, htp_config_flags) | |
| void | HTPStateFree (void *state) |
| Function to frees the HTTP state memory and also frees the HTTP connection parser memory which was used by the HTP library. More... | |
| void | AppLayerHtpEnableRequestBodyCallback (void) |
| Sets a flag that informs the HTP app layer that some module in the engine needs the http request body data. \initonly. More... | |
| void | AppLayerHtpEnableResponseBodyCallback (void) |
| Sets a flag that informs the HTP app layer that some module in the engine needs the http request body data. \initonly. More... | |
| void | AppLayerHtpNeedFileInspection (void) |
| Sets a flag that informs the HTP app layer that some module in the engine needs the http request file. More... | |
| void | HTPAtExitPrintStats (void) |
| Print the stats of the HTTP requests. More... | |
| void | HTPFreeConfig (void) |
| Clears the HTTP server configuration memory used by HTP library. More... | |
| void | HTPConfigure (void) |
| void | AppLayerHtpPrintStats (void) |
| void * | HtpGetTxForH2 (void *alstate) |
| void | RegisterHTPParsers (void) |
| Register the HTTP protocol and state handling functions to APP layer of the engine. More... | |
| void | HtpConfigCreateBackup (void) |
| void | HtpConfigRestoreBackup (void) |
Detailed Description
This file provides a HTTP protocol support for the engine using HTP library.
Definition in file app-layer-htp.c.
Macro Definition Documentation
◆ HTP_ERROR_MAX
| #define HTP_ERROR_MAX (sizeof(htp_errors) / sizeof(htp_errors[0])) |
Definition at line 626 of file app-layer-htp.c.
◆ HTP_MAX_MESSAGES
| #define HTP_MAX_MESSAGES 512 |
Limit to the number of libhtp messages that can be handled
Definition at line 87 of file app-layer-htp.c.
◆ HTP_WARNING_MAX
| #define HTP_WARNING_MAX (sizeof(htp_warnings) / sizeof(htp_warnings[0])) |
Definition at line 627 of file app-layer-htp.c.
◆ IF_HTP_PERSONALITY_NUM
| #define IF_HTP_PERSONALITY_NUM | ( | p | ) | if (strcasecmp(#p, str) == 0) return HTP_SERVER_ ## p |
Enumeration Type Documentation
◆ HttpFrameTypes
| enum HttpFrameTypes |
| Enumerator | |
|---|---|
| HTTP_FRAME_REQUEST | |
| HTTP_FRAME_RESPONSE | |
Definition at line 174 of file app-layer-htp.c.
Function Documentation
◆ SC_ATOMIC_DECLARE()
| SC_ATOMIC_DECLARE | ( | uint32_t | , |
| htp_config_flags | |||
| ) |
Variable Documentation
◆ de
| uint8_t de |
Definition at line 554 of file app-layer-htp.c.
Referenced by DetectHelperKeywordRegister(), DetectHelperTransformRegister(), and DetectThresholdDataCopy().
◆ htp_errors
| struct { ... } htp_errors[] |
Initial value:
= {
{ "GZip decompressor: inflateInit2 failed", HTTP_DECODER_EVENT_GZIP_DECOMPRESSION_FAILED},
{ "Request field invalid: colon missing", HTTP_DECODER_EVENT_REQUEST_FIELD_MISSING_COLON},
{ "Response field invalid: missing colon", HTTP_DECODER_EVENT_RESPONSE_FIELD_MISSING_COLON},
{ "Request chunk encoding: Invalid chunk length", HTTP_DECODER_EVENT_INVALID_REQUEST_CHUNK_LEN},
{ "Response chunk encoding: Invalid chunk length", HTTP_DECODER_EVENT_INVALID_RESPONSE_CHUNK_LEN},
{ "Invalid C-L field in response", HTTP_DECODER_EVENT_INVALID_CONTENT_LENGTH_FIELD_IN_RESPONSE},
{ "Already seen 100-Continue", HTTP_DECODER_EVENT_100_CONTINUE_ALREADY_SEEN},
{ "Unable to match response to request", HTTP_DECODER_EVENT_UNABLE_TO_MATCH_RESPONSE_TO_REQUEST},
{ "Invalid server port information in request", HTTP_DECODER_EVENT_INVALID_SERVER_PORT_IN_REQUEST},
{ "Request buffer over", HTTP_DECODER_EVENT_REQUEST_FIELD_TOO_LONG},
{ "Response buffer over", HTTP_DECODER_EVENT_RESPONSE_FIELD_TOO_LONG},
{ "C-T multipart/byteranges in responses not supported", HTTP_DECODER_EVENT_RESPONSE_MULTIPART_BYTERANGES},
{ "Compression bomb:", HTTP_DECODER_EVENT_COMPRESSION_BOMB},
}
◆ htp_sbcfg
Definition at line 83 of file app-layer-htp.c.
Referenced by HtpBodyAppendChunk(), HtpBodyFree(), HtpBodyPrune(), HTPFileClose(), HTPFileOpen(), and HTPFileStoreChunk().
◆ htp_warnings
| struct { ... } htp_warnings[] |
◆ http_decoder_event_table
| SCEnumCharMap http_decoder_event_table[] |
Definition at line 96 of file app-layer-htp.c.
◆ http_frame_table
| SCEnumCharMap http_frame_table[] |
Initial value:
Definition at line 179 of file app-layer-htp.c.
◆ msg
| const char* msg |
Definition at line 553 of file app-layer-htp.c.
Referenced by LuaCallbackError(), SCLog(), and SCLogErr().
