app-layer-htp: add HTTP CONNECT support

diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c
index 43441fc76747ae1e6a307791531485cc9ffed293..c5d9c707244ba1d4d0704b8bfe9b4c4a8ec7dace 100644 (file)
--- a/src/app-layer-htp.c
+++ b/src/app-layer-htp.c
@@ -2011,6 +2011,20 @@ static int HTPCallbackResponse(htp_tx_t *tx)
     /* response done, do raw reassembly now to inspect state and stream
      * at the same time. */
     AppLayerParserTriggerRawStreamReassembly(hstate->f, STREAM_TOCLIENT);
+
+    /* handle HTTP CONNECT */
+    if (tx->request_method_number == HTP_M_CONNECT) {
+        /* any 2XX status response implies that the connection will become
+           a tunnel immediately after this packet (RFC 7230, 3.3.3). */
+        if ((tx->response_status_number >= 200) &&
+                (tx->response_status_number < 300) &&
+                (hstate->transaction_cnt == 1)) {
+            FlowSetChangeProtoFlag(hstate->f);
+            tx->request_progress = HTP_REQUEST_COMPLETE;
+            tx->response_progress = HTP_RESPONSE_COMPLETE;
+        }
+    }
+
     SCReturnInt(HTP_OK);
 }