Go to the documentation of this file.
33 #ifndef __APP_LAYER_HTP_H__
34 #define __APP_LAYER_HTP_H__
46 #define HTP_CONFIG_DEFAULT_REQUEST_BODY_LIMIT 4096U
47 #define HTP_CONFIG_DEFAULT_RESPONSE_BODY_LIMIT 4096U
48 #define HTP_CONFIG_DEFAULT_REQUEST_INSPECT_MIN_SIZE 32768U
49 #define HTP_CONFIG_DEFAULT_REQUEST_INSPECT_WINDOW 4096U
50 #define HTP_CONFIG_DEFAULT_RESPONSE_INSPECT_MIN_SIZE 32768U
51 #define HTP_CONFIG_DEFAULT_RESPONSE_INSPECT_WINDOW 4096U
52 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_SOFT 9000U
53 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_HARD 18000U
55 #define HTP_CONFIG_DEFAULT_LZMA_LAYERS 0U
57 #define HTP_CONFIG_DEFAULT_LZMA_MEMLIMIT 1048576U
58 #define HTP_CONFIG_DEFAULT_COMPRESSION_BOMB_LIMIT 1048576U
60 #define HTP_CONFIG_DEFAULT_COMPRESSION_TIME_LIMIT 100000
62 #define HTP_CONFIG_DEFAULT_RANDOMIZE 1
63 #define HTP_CONFIG_DEFAULT_RANDOMIZE_RANGE 10
66 #define HTP_BOUNDARY_MAX 200U
69 #define HTP_FLAG_STATE_CLOSED_TS 0x0002
71 #define HTP_FLAG_STATE_CLOSED_TC 0x0004
73 #define HTP_FLAG_STORE_FILES_TS 0x0040
74 #define HTP_FLAG_STORE_FILES_TC 0x0080
75 #define HTP_FLAG_STORE_FILES_TX_TS 0x0100
76 #define HTP_FLAG_STORE_FILES_TX_TC 0x0200
201 #define HTP_CONTENTTYPE_SET BIT_U8(0)
202 #define HTP_BOUNDARY_SET BIT_U8(1)
203 #define HTP_BOUNDARY_OPEN BIT_U8(2)
204 #define HTP_FILENAME_SET BIT_U8(3)
205 #define HTP_DONTSTORE BIT_U8(4)
206 #define HTP_STREAM_DEPTH_SET BIT_U8(5)
265 #define HTP_REQUIRE_REQUEST_BODY (1 << 0)
268 #define HTP_REQUIRE_REQUEST_MULTIPART (1 << 1)
270 #define HTP_REQUIRE_REQUEST_FILE (1 << 2)
272 #define HTP_REQUIRE_RESPONSE_BODY (1 << 3)
struct HtpState_ HtpState
const struct HTPCfgRec_ * cfg
@ HTTP_DECODER_EVENT_INVALID_CONTENT_LENGTH_FIELD_IN_RESPONSE
void AppLayerHtpNeedFileInspection(void)
Sets a flag that informs the HTP app layer that some module in the engine needs the http request file...
@ HTTP_DECODER_EVENT_HOST_HEADER_AMBIGUOUS
@ HTTP_DECODER_EVENT_REQUEST_SERVER_PORT_TCP_PORT_MISMATCH
@ HTTP_DECODER_EVENT_UNKNOWN_ERROR
@ HTTP_DECODER_EVENT_TOO_MANY_WARNINGS
uint32_t request_headers_raw_len
@ HTTP_DECODER_EVENT_COMPRESSION_BOMB
@ HTTP_DECODER_EVENT_DUPLICATE_CONTENT_LENGTH_FIELD_IN_REQUEST
struct HtpTxUserData_ HtpTxUserData
void AppLayerHtpPrintStats(void)
@ HTTP_DECODER_EVENT_INVALID_RESPONSE_FIELD_FOLDING
@ HTTP_DECODER_EVENT_MULTIPART_INVALID_HEADER
void * HtpGetTxForH2(void *)
@ HTTP_DECODER_EVENT_UNABLE_TO_MATCH_RESPONSE_TO_REQUEST
@ HTTP_DECODER_EVENT_RESPONSE_HEADER_INVALID
@ HTTP_DECODER_EVENT_RESPONSE_HEADER_REPETITION
enum HtpSwfCompressType_ HtpSwfCompressType
@ HTTP_DECODER_EVENT_INVALID_AUTHORITY_PORT
@ HTTP_SWF_COMPRESSION_ZLIB
bstr * request_uri_normalized
uint32_t swf_compress_depth
void HTPStateFree(void *)
Function to frees the HTTP state memory and also frees the HTTP connection parser memory which was us...
Data structure to store app layer decoder events.
@ HTTP_DECODER_EVENT_INVALID_TRANSFER_ENCODING_VALUE_IN_REQUEST
@ HTTP_DECODER_EVENT_LZMA_MEMLIMIT_REACHED
@ HTTP_DECODER_EVENT_HEADER_HOST_INVALID
@ HTTP_DECODER_EVENT_URI_HOST_INVALID
uint64_t content_len_so_far
struct HtpBodyChunk_ __attribute__((__packed__))
DNP3 link header.
@ HTTP_DECODER_EVENT_RESPONSE_INVALID_PROTOCOL
@ HTTP_DECODER_EVENT_MULTIPART_NO_FILEDATA
@ HTTP_DECODER_EVENT_REQUEST_BODY_UNEXPECTED
uint64_t last_request_data_stamp
@ HTTP_SWF_COMPRESSION_NONE
void HtpConfigCreateBackup(void)
uint32_t inspect_min_size
@ HTTP_DECODER_EVENT_RESPONSE_MULTIPART_BYTERANGES
void AppLayerHtpEnableRequestBodyCallback(void)
Sets a flag that informs the HTP app layer that some module in the engine needs the http request body...
@ HTTP_DECODER_EVENT_RESPONSE_FIELD_MISSING_COLON
@ HTTP_DECODER_EVENT_REQUEST_LINE_LEADING_WHITESPACE
uint8_t response_has_trailers
uint8_t * request_headers_raw
uint32_t swf_decompress_depth
@ HTTP_DECODER_EVENT_METHOD_DELIM_NON_COMPLIANT
int swf_decompression_enabled
void HTPAtExitPrintStats(void)
Print the stats of the HTTP requests.
uint8_t request_has_trailers
struct HTPCfgRec_ HTPCfgRec
StreamingBufferConfig sbcfg
Data structures and function prototypes for keeping state for the detection engine.
void AppLayerHtpEnableResponseBodyCallback(void)
Sets a flag that informs the HTP app layer that some module in the engine needs the http request body...
@ HTTP_DECODER_EVENT_INVALID_CONTENT_LENGTH_FIELD_IN_REQUEST
HtpSwfCompressType swf_compression_type
@ HTTP_DECODER_EVENT_MULTIPART_GENERIC_ERROR
DetectEngineState * de_state
@ HTTP_DECODER_EVENT_RESPONSE_CHUNKED_OLD_PROTO
@ HTTP_DECODER_EVENT_REQUEST_FIELD_TOO_LONG
@ HTTP_DECODER_EVENT_URI_DELIM_NON_COMPLIANT
@ HTTP_DECODER_EVENT_REQUEST_LINE_INVALID
uint8_t request_body_type
@ HTTP_DECODER_EVENT_TOO_MANY_ENCODING_LAYERS
@ HTTP_DECODER_EVENT_INVALID_RESPONSE_CHUNK_LEN
@ HTTP_DECODER_EVENT_INVALID_TRANSFER_ENCODING_VALUE_IN_RESPONSE
@ HTTP_DECODER_EVENT_DUPLICATE_CONTENT_LENGTH_FIELD_IN_RESPONSE
uint8_t * response_headers_raw
@ HTTP_DECODER_EVENT_REQUEST_HEADER_INVALID
SC_ATOMIC_EXTERN(uint32_t, htp_config_flags)
@ HTTP_DECODER_EVENT_INVALID_REQUEST_FIELD_FOLDING
uint64_t last_response_data_stamp
void HtpConfigRestoreBackup(void)
@ HTTP_DECODER_EVENT_INVALID_REQUEST_CHUNK_LEN
@ HTP_BODY_REQUEST_MULTIPART
@ HTTP_DECODER_EVENT_AUTH_UNRECOGNIZED
struct HtpBodyChunk_ * next
uint8_t response_body_init
@ HTTP_DECODER_EVENT_REQUEST_FIELD_MISSING_COLON
@ HTTP_DECODER_EVENT_REQUEST_LINE_INCOMPLETE
@ HTTP_DECODER_EVENT_DOUBLE_ENCODED_URI
@ HTTP_DECODER_EVENT_RESPONSE_FIELD_TOO_LONG
@ HTTP_SWF_COMPRESSION_BOTH
void RegisterHTPParsers(void)
Register the HTTP protocol and state handling functions to APP layer of the engine.
@ HTTP_DECODER_EVENT_MISSING_HOST_HEADER
@ HTTP_SWF_COMPRESSION_LZMA
struct HTPCfgDir_ HTPCfgDir
@ HTTP_DECODER_EVENT_100_CONTINUE_ALREADY_SEEN
void HtpBodyPrint(HtpBody *)
Print the information and chunks of a Body.
void HTPFreeConfig(void)
Clears the HTTP server configuration memory used by HTP library.
uint32_t response_headers_raw_len
@ HTTP_DECODER_EVENT_RESPONSE_INVALID_STATUS
@ HTTP_DECODER_EVENT_ABNORMAL_CE_HEADER
uint8_t request_body_init
@ HTTP_DECODER_EVENT_INVALID_SERVER_PORT_IN_REQUEST
void HtpBodyFree(HtpBody *)
Free the information held in the request body.
StreamingBufferSegment sbseg
@ HTTP_DECODER_EVENT_GZIP_DECOMPRESSION_FAILED
@ HTTP_DECODER_EVENT_REQUEST_HEADER_REPETITION
@ HTTP_DECODER_EVENT_RESPONSE_ABNORMAL_TRANSFER_ENCODING
AppLayerDecoderEvents * decoder_events
uint16_t htp_messages_offset