From: Philippe Antoine Date: Fri, 17 Jan 2025 13:42:41 +0000 (+0100) Subject: http: aliases for htp opaque htp_tx_t X-Git-Tag: suricata-8.0.0-beta1~553 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F12419%2Fhead;p=thirdparty%2Fsuricata.git http: aliases for htp opaque htp_tx_t In preparation of libhtp rust --- diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c index 48f3a1a2ee..d191ff0443 100644 --- a/src/app-layer-htp-file.c +++ b/src/app-layer-htp-file.c @@ -26,6 +26,7 @@ #include "suricata-common.h" #include "app-layer-htp-file.h" +#include "app-layer-htp-libhtp.h" #include "app-layer-htp-range.h" #include "app-layer-events.h" #include "util-validate.h" @@ -181,9 +182,9 @@ int HTPFileOpenWithRange(HtpState *s, HtpTxUserData *txud, const uint8_t *filena // Then, we will try to handle reassembly of different ranges of the same file uint8_t *keyurl; uint32_t keylen; - if (tx->request_hostname != NULL) { - uint32_t hlen = (uint32_t)bstr_len(tx->request_hostname); - if (bstr_len(tx->request_hostname) > UINT16_MAX) { + if (htp_tx_request_hostname(tx) != NULL) { + uint32_t hlen = (uint32_t)bstr_len(htp_tx_request_hostname(tx)); + if (bstr_len(htp_tx_request_hostname(tx)) > UINT16_MAX) { hlen = UINT16_MAX; } keylen = hlen + filename_len; @@ -191,7 +192,7 @@ int HTPFileOpenWithRange(HtpState *s, HtpTxUserData *txud, const uint8_t *filena if (keyurl == NULL) { SCReturnInt(-1); } - memcpy(keyurl, bstr_ptr(tx->request_hostname), hlen); + memcpy(keyurl, bstr_ptr(htp_tx_request_hostname(tx)), hlen); memcpy(keyurl + hlen, filename, filename_len); } else { // do not reassemble file without host info @@ -402,9 +403,9 @@ static int HTPFileParserTest01(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -476,8 +477,8 @@ static int HTPFileParserTest02(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF_NULL(htp_tx_request_method(tx)); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); FAIL_IF_NULL(tx_ud->files_ts.tail); @@ -568,9 +569,9 @@ static int HTPFileParserTest03(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); @@ -664,9 +665,9 @@ static int HTPFileParserTest04(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); @@ -730,9 +731,9 @@ static int HTPFileParserTest05(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); @@ -805,9 +806,9 @@ static int HTPFileParserTest06(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); @@ -870,8 +871,8 @@ static int HTPFileParserTest07(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF_NULL(htp_tx_request_method(tx)); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); @@ -1192,9 +1193,9 @@ static int HTPFileParserTest11(void) htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NULL(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); - FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method), "POST", 4) != 0); + FAIL_IF(memcmp(bstr_util_strdup_to_c(htp_tx_request_method(tx)), "POST", 4) != 0); HtpTxUserData *tx_ud = htp_tx_get_user_data(tx); FAIL_IF_NULL(tx_ud); diff --git a/src/app-layer-htp-libhtp.h b/src/app-layer-htp-libhtp.h index 3e5dfa63f2..eb97479c11 100644 --- a/src/app-layer-htp-libhtp.h +++ b/src/app-layer-htp-libhtp.h @@ -96,6 +96,31 @@ #define HTP_RESPONSE_PROGRESS_TRAILER HTP_RESPONSE_TRAILER #define HTP_RESPONSE_PROGRESS_COMPLETE HTP_RESPONSE_COMPLETE +// Functions introduced to handle opaque htp_tx_t +#define htp_tx_flags(tx) tx->flags +#define htp_tx_is_protocol_0_9(tx) tx->is_protocol_0_9 +#define htp_tx_request_auth_type(tx) tx->request_auth_type +#define htp_tx_request_hostname(tx) tx->request_hostname +#define htp_tx_request_line(tx) tx->request_line +#define htp_tx_request_message_len(tx) tx->request_message_len +#define htp_tx_request_method(tx) tx->request_method +#define htp_tx_request_method_number(tx) tx->request_method_number +#define htp_tx_request_port_number(tx) tx->request_port_number +#define htp_tx_request_progress(tx) tx->request_progress +#define htp_tx_request_protocol(tx) tx->request_protocol +#define htp_tx_request_protocol_number(tx) tx->request_protocol_number +#define htp_tx_request_uri(tx) tx->request_uri +#define htp_tx_request_headers(tx) tx->request_headers +#define htp_tx_response_headers(tx) tx->response_headers +#define htp_tx_response_protocol(tx) tx->response_protocol +#define htp_tx_response_line(tx) tx->response_line +#define htp_tx_response_message(tx) tx->response_message +#define htp_tx_response_message_len(tx) tx->response_message_len +#define htp_tx_response_status(tx) tx->response_status +#define htp_tx_response_status_number(tx) tx->response_status_number +#define htp_tx_response_progress(tx) tx->response_progress +#define htp_tx_response_protocol_number(tx) tx->response_protocol_number + bstr *SCHTPGenerateNormalizedUri(htp_tx_t *tx, htp_uri_t *uri, bool uri_include_all); #endif /* SURICATA_APP_LAYER_HTP_LIBHTP__H */ diff --git a/src/app-layer-htp-xff.c b/src/app-layer-htp-xff.c index c145e5818e..b823f89905 100644 --- a/src/app-layer-htp-xff.c +++ b/src/app-layer-htp-xff.c @@ -27,6 +27,7 @@ #include "app-layer-parser.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "app-layer-htp-xff.h" #ifndef HAVE_MEMRCHR @@ -140,8 +141,8 @@ int HttpXFFGetIPFromTx(const Flow *f, uint64_t tx_id, HttpXFFCfg *xff_cfg, } htp_header_t *h_xff = NULL; - if (tx->request_headers != NULL) { - h_xff = htp_table_get_c(tx->request_headers, xff_cfg->header); + if (htp_tx_request_headers(tx) != NULL) { + h_xff = htp_table_get_c(htp_tx_request_headers(tx), xff_cfg->header); } if (h_xff != NULL && bstr_len(h_xff->value) >= XFF_CHAIN_MINLEN && diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 7375c315a4..2448c2b272 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -453,10 +453,10 @@ static void HTPStateTransactionFree(void *state, uint64_t id) * free it here. htp_tx_destroy however, will refuse to do this. * As htp_tx_destroy_incomplete isn't available in the public API, * we hack around it here. */ - if (unlikely(!(tx->request_progress == HTP_REQUEST_PROGRESS_COMPLETE && - tx->response_progress == HTP_RESPONSE_PROGRESS_COMPLETE))) { - tx->request_progress = HTP_REQUEST_PROGRESS_COMPLETE; - tx->response_progress = HTP_RESPONSE_PROGRESS_COMPLETE; + if (unlikely(!(htp_tx_request_progress(tx) == HTP_REQUEST_PROGRESS_COMPLETE && + htp_tx_response_progress(tx) == HTP_RESPONSE_PROGRESS_COMPLETE))) { + htp_tx_request_progress(tx) = HTP_REQUEST_PROGRESS_COMPLETE; + htp_tx_response_progress(tx) = HTP_RESPONSE_PROGRESS_COMPLETE; } // replaces tx in the s->conn->transactions list by NULL htp_tx_destroy(tx); @@ -756,42 +756,42 @@ static inline void HTPErrorCheckTxRequestFlags(HtpState *s, htp_tx_t *tx) #ifdef DEBUG BUG_ON(s == NULL || tx == NULL); #endif - if (tx->flags & (HTP_FLAGS_REQUEST_INVALID_T_E | HTP_FLAGS_REQUEST_INVALID_C_L | - HTP_FLAGS_HOST_MISSING | HTP_FLAGS_HOST_AMBIGUOUS | - HTP_FLAGS_HOSTU_INVALID | HTP_FLAGS_HOSTH_INVALID)) { + if (htp_tx_flags(tx) & (HTP_FLAGS_REQUEST_INVALID_T_E | HTP_FLAGS_REQUEST_INVALID_C_L | + HTP_FLAGS_HOST_MISSING | HTP_FLAGS_HOST_AMBIGUOUS | + HTP_FLAGS_HOSTU_INVALID | HTP_FLAGS_HOSTH_INVALID)) { HtpTxUserData *htud = (HtpTxUserData *) htp_tx_get_user_data(tx); if (htud == NULL) return; - if (tx->flags & HTP_FLAGS_REQUEST_INVALID_T_E) + if (htp_tx_flags(tx) & HTP_FLAGS_REQUEST_INVALID_T_E) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_INVALID_TRANSFER_ENCODING_VALUE_IN_REQUEST); - if (tx->flags & HTP_FLAGS_REQUEST_INVALID_C_L) + if (htp_tx_flags(tx) & HTP_FLAGS_REQUEST_INVALID_C_L) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_INVALID_CONTENT_LENGTH_FIELD_IN_REQUEST); - if (tx->flags & HTP_FLAGS_HOST_MISSING) + if (htp_tx_flags(tx) & HTP_FLAGS_HOST_MISSING) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_MISSING_HOST_HEADER); - if (tx->flags & HTP_FLAGS_HOST_AMBIGUOUS) + if (htp_tx_flags(tx) & HTP_FLAGS_HOST_AMBIGUOUS) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_HOST_HEADER_AMBIGUOUS); - if (tx->flags & HTP_FLAGS_HOSTU_INVALID) + if (htp_tx_flags(tx) & HTP_FLAGS_HOSTU_INVALID) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_URI_HOST_INVALID); - if (tx->flags & HTP_FLAGS_HOSTH_INVALID) + if (htp_tx_flags(tx) & HTP_FLAGS_HOSTH_INVALID) HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_HEADER_HOST_INVALID); } - if (tx->request_auth_type == HTP_AUTH_TYPE_UNRECOGNIZED) { + if (htp_tx_request_auth_type(tx) == HTP_AUTH_TYPE_UNRECOGNIZED) { HtpTxUserData *htud = (HtpTxUserData *) htp_tx_get_user_data(tx); if (htud == NULL) return; HTPSetEvent(s, htud, STREAM_TOSERVER, HTTP_DECODER_EVENT_AUTH_UNRECOGNIZED); } - if (tx->is_protocol_0_9 && tx->request_method_number == HTP_METHOD_UNKNOWN && - (tx->request_protocol_number == HTP_PROTOCOL_INVALID || - tx->request_protocol_number == HTP_PROTOCOL_UNKNOWN)) { + if (htp_tx_is_protocol_0_9(tx) && htp_tx_request_method_number(tx) == HTP_METHOD_UNKNOWN && + (htp_tx_request_protocol_number(tx) == HTP_PROTOCOL_INVALID || + htp_tx_request_protocol_number(tx) == HTP_PROTOCOL_UNKNOWN)) { HtpTxUserData *htud = (HtpTxUserData *) htp_tx_get_user_data(tx); if (htud == NULL) return; @@ -973,15 +973,15 @@ static AppLayerResult HTPHandleResponseData(Flow *f, void *htp_state, AppLayerPa break; case HTP_STREAM_STATE_TUNNEL: tx = htp_connp_get_out_tx(hstate->connp); - if (tx != NULL && tx->response_status_number == 101) { + if (tx != NULL && htp_tx_response_status_number(tx) == 101) { htp_header_t *h = - (htp_header_t *)htp_table_get_c(tx->response_headers, "Upgrade"); + (htp_header_t *)htp_table_get_c(htp_tx_response_headers(tx), "Upgrade"); if (h == NULL) { break; } uint16_t dp = 0; - if (tx->request_port_number != -1) { - dp = (uint16_t)tx->request_port_number; + if (htp_tx_request_port_number(tx) != -1) { + dp = (uint16_t)htp_tx_request_port_number(tx); } consumed = (uint32_t)htp_connp_res_data_consumed(hstate->connp); if (bstr_cmp_c(h->value, "h2c") == 0) { @@ -1141,8 +1141,7 @@ static int HTTPParseContentDispositionHeader(uint8_t *name, size_t name_len, */ static int HtpRequestBodySetupMultipart(htp_tx_t *tx, HtpTxUserData *htud) { - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers, - "Content-Type"); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_request_headers(tx), "Content-Type"); if (h != NULL && bstr_len(h->value) > 0) { htud->mime_state = SCMimeStateInit(bstr_ptr(h->value), (uint32_t)bstr_len(h->value)); if (htud->mime_state) { @@ -1353,7 +1352,7 @@ static int HtpResponseBodyHandle(HtpState *hstate, HtpTxUserData *htud, int result = 0; /* see if we need to open the file - * we check for tx->response_line in case of junk + * we check for htp_tx_response_line(tx) in case of junk * interpreted as body before response line */ if (!(htud->tcflags & HTP_FILENAME_SET)) { @@ -1363,8 +1362,8 @@ static int HtpResponseBodyHandle(HtpState *hstate, HtpTxUserData *htud, size_t filename_len = 0; /* try Content-Disposition header first */ - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->response_headers, - "Content-Disposition"); + htp_header_t *h = + (htp_header_t *)htp_table_get_c(htp_tx_response_headers(tx), "Content-Disposition"); if (h != NULL && bstr_len(h->value) > 0) { /* parse content-disposition */ (void)HTTPParseContentDispositionHeader((uint8_t *)"filename=", 9, @@ -1382,7 +1381,8 @@ static int HtpResponseBodyHandle(HtpState *hstate, HtpTxUserData *htud, if (filename != NULL) { // set range if present - htp_header_t *h_content_range = htp_table_get_c(tx->response_headers, "content-range"); + htp_header_t *h_content_range = + htp_table_get_c(htp_tx_response_headers(tx), "content-range"); if (filename_len > SC_FILENAME_MAX) { // explicitly truncate the file name if too long filename_len = SC_FILENAME_MAX; @@ -1466,7 +1466,7 @@ static int HTPCallbackRequestBodyData(htp_tx_data_t *d) if (!tx_ud->response_body_init) { tx_ud->response_body_init = 1; - if (d->tx->request_method_number == HTP_METHOD_POST) { + if (d->htp_tx_request_method_number(tx) == HTP_METHOD_POST) { SCLogDebug("POST"); int r = HtpRequestBodySetupMultipart(d->tx, tx_ud); if (r == 1) { @@ -1475,7 +1475,7 @@ static int HTPCallbackRequestBodyData(htp_tx_data_t *d) tx_ud->request_body_type = HTP_BODY_REQUEST_POST; SCLogDebug("not multipart"); } - } else if (d->tx->request_method_number == HTP_METHOD_PUT) { + } else if (d->htp_tx_request_method_number(tx) == HTP_METHOD_PUT) { tx_ud->request_body_type = HTP_BODY_REQUEST_PUT; } } @@ -1916,23 +1916,22 @@ static int HTPCallbackResponseComplete(htp_tx_t *tx) AppLayerParserTriggerRawStreamReassembly(hstate->f, STREAM_TOCLIENT); /* handle HTTP CONNECT */ - if (tx->request_method_number == HTP_METHOD_CONNECT) { + if (htp_tx_request_method_number(tx) == HTP_METHOD_CONNECT) { /* any 2XX status response implies that the connection will become a tunnel immediately after this packet (RFC 7230, 3.3.3). */ - if ((tx->response_status_number >= 200) && - (tx->response_status_number < 300) && - (hstate->transaction_cnt == 1)) { + if ((htp_tx_response_status_number(tx) >= 200) && + (htp_tx_response_status_number(tx) < 300) && (hstate->transaction_cnt == 1)) { uint16_t dp = 0; - if (tx->request_port_number != -1) { - dp = (uint16_t)tx->request_port_number; + if (htp_tx_request_port_number(tx) != -1) { + dp = (uint16_t)htp_tx_request_port_number(tx); } // both ALPROTO_HTTP1 and ALPROTO_TLS are normal options if (!AppLayerRequestProtocolChange(hstate->f, dp, ALPROTO_UNKNOWN)) { HTPSetEvent( hstate, htud, STREAM_TOCLIENT, HTTP_DECODER_EVENT_FAILED_PROTOCOL_CHANGE); } - tx->request_progress = HTP_REQUEST_PROGRESS_COMPLETE; - tx->response_progress = HTP_RESPONSE_PROGRESS_COMPLETE; + htp_tx_request_progress(tx) = HTP_REQUEST_PROGRESS_COMPLETE; + htp_tx_response_progress(tx) = HTP_RESPONSE_PROGRESS_COMPLETE; } } @@ -1960,7 +1959,7 @@ static int HTPCallbackRequestLine(htp_tx_t *tx) bstr_free(tx_ud->request_uri_normalized); tx_ud->request_uri_normalized = request_uri_normalized; - if (tx->flags) { + if (htp_tx_flags(tx)) { HTPErrorCheckTxRequestFlags(hstate, tx); } return HTP_STATUS_OK; @@ -2944,12 +2943,12 @@ static int HTPParserTest01(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); FAIL_IF(strcmp(bstr_util_strdup_to_c(h->value), "Victor/1.0")); - FAIL_IF(tx->request_method_number != HTP_METHOD_POST); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_POST); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -2988,12 +2987,12 @@ static int HTPParserTest01b(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); FAIL_IF(strcmp(bstr_util_strdup_to_c(h->value), "Victor/1.0")); - FAIL_IF(tx->request_method_number != HTP_METHOD_POST); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_POST); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3043,12 +3042,12 @@ static int HTPParserTest01c(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); FAIL_IF(strcmp(bstr_util_strdup_to_c(h->value), "Victor/1.0")); - FAIL_IF(tx->request_method_number != HTP_METHOD_POST); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_POST); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3099,12 +3098,12 @@ static int HTPParserTest01a(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); FAIL_IF(strcmp(bstr_util_strdup_to_c(h->value), "Victor/1.0")); - FAIL_IF(tx->request_method_number != HTP_METHOD_POST); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_POST); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3141,11 +3140,11 @@ static int HTPParserTest02(void) htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NOT_NULL(h); - FAIL_IF_NULL(tx->request_method); - char *method = bstr_util_strdup_to_c(tx->request_method); + FAIL_IF_NULL(htp_tx_request_method(tx)); + char *method = bstr_util_strdup_to_c(htp_tx_request_method(tx)); FAIL_IF_NULL(method); FAIL_IF(strcmp(method, "POST") != 0); @@ -3195,10 +3194,10 @@ static int HTPParserTest03(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NOT_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_UNKNOWN); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_UNKNOWN); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3236,11 +3235,11 @@ static int HTPParserTest04(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NOT_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_UNKNOWN); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V0_9); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_UNKNOWN); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V0_9); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3307,13 +3306,13 @@ static int HTPParserTest05(void) htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF_NOT(tx->request_method_number == HTP_METHOD_POST); - FAIL_IF_NOT(tx->request_protocol_number == HTP_PROTOCOL_V1_0); + FAIL_IF_NOT(htp_tx_request_method_number(tx) == HTP_METHOD_POST); + FAIL_IF_NOT(htp_tx_request_protocol_number(tx) == HTP_PROTOCOL_V1_0); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF_NOT(tx->response_status_number == 200); + FAIL_IF_NOT(htp_tx_response_status_number(tx) == 200); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -3395,13 +3394,13 @@ static int HTPParserTest06(void) htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != 200); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_response_status_number(tx) != 200); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); AppLayerParserThreadCtxFree(alp_tctx); @@ -3640,7 +3639,7 @@ static int HTPParserTest10(void) FAIL_IF_NULL(htp_state); htp_tx_t *tx = HTPStateGetTx(htp_state, 0); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); char *name = bstr_util_strdup_to_c(h->name); @@ -3818,7 +3817,7 @@ static int HTPParserTest13(void) htp_state = f->alstate; FAIL_IF_NULL(htp_state); htp_tx_t *tx = HTPStateGetTx(htp_state, 0); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); char *name = bstr_util_strdup_to_c(h->name); @@ -5168,8 +5167,8 @@ libhtp:\n\ htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); void *txtmp = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, f->alstate, 0); AppLayerDecoderEvents *decoder_events = @@ -5269,8 +5268,8 @@ libhtp:\n\ htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); void *txtmp = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, f->alstate, 0); AppLayerDecoderEvents *decoder_events = @@ -5326,8 +5325,8 @@ static int HTPParserTest16(void) htp_tx_t *tx = HTPStateGetTx(htp_state, 0); FAIL_IF_NULL(tx); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION //these events are disabled during fuzzing as they are too noisy and consume much resource @@ -5391,14 +5390,14 @@ static int HTPParserTest20(void) FAIL_IF_NULL(http_state); htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != 0); - FAIL_IF(tx->response_protocol_number != -1); + FAIL_IF(htp_tx_response_status_number(tx) != 0); + FAIL_IF(htp_tx_response_protocol_number(tx) != -1); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -5450,14 +5449,14 @@ static int HTPParserTest21(void) FAIL_IF_NULL(http_state); htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != 0); - FAIL_IF(tx->response_protocol_number != -1); + FAIL_IF(htp_tx_response_status_number(tx) != 0); + FAIL_IF(htp_tx_response_protocol_number(tx) != -1); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -5504,14 +5503,14 @@ static int HTPParserTest22(void) FAIL_IF_NULL(http_state); htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != -0); - FAIL_IF(tx->response_protocol_number != -1); + FAIL_IF(htp_tx_response_status_number(tx) != -0); + FAIL_IF(htp_tx_response_protocol_number(tx) != -1); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -5558,14 +5557,14 @@ static int HTPParserTest23(void) FAIL_IF_NULL(http_state); htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != -1); - FAIL_IF(tx->response_protocol_number != -2); + FAIL_IF(htp_tx_response_status_number(tx) != -1); + FAIL_IF(htp_tx_response_protocol_number(tx) != -2); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); @@ -5612,14 +5611,14 @@ static int HTPParserTest24(void) FAIL_IF_NULL(http_state); htp_tx_t *tx = HTPStateGetTx(http_state, 0); FAIL_IF_NULL(tx); - htp_header_t *h = htp_table_get_index(tx->request_headers, 0, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(tx), 0, NULL); FAIL_IF_NULL(h); - FAIL_IF(tx->request_method_number != HTP_METHOD_GET); - FAIL_IF(tx->request_protocol_number != HTP_PROTOCOL_V1_1); + FAIL_IF(htp_tx_request_method_number(tx) != HTP_METHOD_GET); + FAIL_IF(htp_tx_request_protocol_number(tx) != HTP_PROTOCOL_V1_1); - FAIL_IF(tx->response_status_number != -1); - FAIL_IF(tx->response_protocol_number != HTP_PROTOCOL_V1_0); + FAIL_IF(htp_tx_response_status_number(tx) != -1); + FAIL_IF(htp_tx_response_protocol_number(tx) != HTP_PROTOCOL_V1_0); AppLayerParserThreadCtxFree(alp_tctx); StreamTcpFreeConfig(true); diff --git a/src/app-layer-http2.c b/src/app-layer-http2.c index 84f51ec555..f5e148008e 100644 --- a/src/app-layer-http2.c +++ b/src/app-layer-http2.c @@ -33,6 +33,7 @@ #include "app-layer-parser.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "app-layer-http2.h" #include "rust.h" @@ -77,22 +78,22 @@ void HTTP2MimicHttp1Request(void *alstate_orig, void *h2s) if (h2s == NULL || h1tx == NULL) { return; } - if (h1tx->request_method == NULL) { + if (htp_tx_request_method(h1tx) == NULL) { // may happen if we only got the reply, not the HTTP1 request return; } // else - rs_http2_tx_set_method( - h2s, bstr_ptr(h1tx->request_method), (uint32_t)bstr_len(h1tx->request_method)); - if (h1tx->request_uri != NULL) { + rs_http2_tx_set_method(h2s, bstr_ptr(htp_tx_request_method(h1tx)), + (uint32_t)bstr_len(htp_tx_request_method(h1tx))); + if (htp_tx_request_uri(h1tx) != NULL) { // A request line without spaces gets interpreted as a request_method // and has request_uri=NULL - rs_http2_tx_set_uri( - h2s, bstr_ptr(h1tx->request_uri), (uint32_t)bstr_len(h1tx->request_uri)); + rs_http2_tx_set_uri(h2s, bstr_ptr(htp_tx_request_uri(h1tx)), + (uint32_t)bstr_len(htp_tx_request_uri(h1tx))); } - size_t nbheaders = htp_table_size(h1tx->request_headers); + size_t nbheaders = htp_table_size(htp_tx_request_headers(h1tx)); for (size_t i = 0; i < nbheaders; i++) { - htp_header_t *h = htp_table_get_index(h1tx->request_headers, i, NULL); + htp_header_t *h = htp_table_get_index(htp_tx_request_headers(h1tx), i, NULL); rs_http2_tx_add_header(h2s, bstr_ptr(h->name), (uint32_t)bstr_len(h->name), bstr_ptr(h->value), (uint32_t)bstr_len(h->value)); } diff --git a/src/detect-http-cookie.c b/src/detect-http-cookie.c index 30af774c91..013e9a276c 100644 --- a/src/detect-http-cookie.c +++ b/src/detect-http-cookie.c @@ -178,11 +178,10 @@ static InspectionBuffer *GetRequestData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->request_headers == NULL) + if (htp_tx_request_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers, - "Cookie"); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_request_headers(tx), "Cookie"); if (h == NULL || h->value == NULL) { SCLogDebug("HTTP cookie header not present in this request"); return NULL; @@ -206,11 +205,11 @@ static InspectionBuffer *GetResponseData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->response_headers == NULL) + if (htp_tx_response_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->response_headers, - "Set-Cookie"); + htp_header_t *h = + (htp_header_t *)htp_table_get_c(htp_tx_response_headers(tx), "Set-Cookie"); if (h == NULL || h->value == NULL) { SCLogDebug("HTTP cookie header not present in this request"); return NULL; diff --git a/src/detect-http-header-names.c b/src/detect-http-header-names.c index d052b40867..4b863ea6b5 100644 --- a/src/detect-http-header-names.c +++ b/src/detect-http-header-names.c @@ -92,12 +92,12 @@ static uint8_t *GetBufferForTX( if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_REQUEST_PROGRESS_HEADERS) return NULL; - headers = tx->request_headers; + headers = htp_tx_request_headers(tx); } else { if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_RESPONSE_PROGRESS_HEADERS) return NULL; - headers = tx->response_headers; + headers = htp_tx_response_headers(tx); } if (headers == NULL) return NULL; diff --git a/src/detect-http-header.c b/src/detect-http-header.c index 09d90849a4..6861c0986f 100644 --- a/src/detect-http-header.c +++ b/src/detect-http-header.c @@ -85,12 +85,12 @@ static uint8_t *GetBufferForTX( if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_REQUEST_PROGRESS_HEADERS) return NULL; - headers = tx->request_headers; + headers = htp_tx_request_headers(tx); } else { if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_RESPONSE_PROGRESS_HEADERS) return NULL; - headers = tx->response_headers; + headers = htp_tx_response_headers(tx); } if (headers == NULL) return NULL; @@ -555,9 +555,9 @@ static InspectionBuffer *GetHttp1HeaderData(DetectEngineThreadCtx *det_ctx, htp_tx_t *tx = (htp_tx_t *)txv; htp_table_t *headers; if (flags & STREAM_TOSERVER) { - headers = tx->request_headers; + headers = htp_tx_request_headers(tx); } else { - headers = tx->response_headers; + headers = htp_tx_response_headers(tx); } size_t no_of_headers = htp_table_size(headers); if (local_id == 0) { diff --git a/src/detect-http-headers-stub.h b/src/detect-http-headers-stub.h index 2a07a9ab9e..b32194108f 100644 --- a/src/detect-http-headers-stub.h +++ b/src/detect-http-headers-stub.h @@ -54,11 +54,10 @@ static InspectionBuffer *GetRequestData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->request_headers == NULL) + if (htp_tx_request_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers, - HEADER_NAME); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_request_headers(tx), HEADER_NAME); if (h == NULL || h->value == NULL) { SCLogDebug("HTTP %s header not present in this request", HEADER_NAME); @@ -110,11 +109,10 @@ static InspectionBuffer *GetResponseData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->response_headers == NULL) + if (htp_tx_response_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->response_headers, - HEADER_NAME); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_response_headers(tx), HEADER_NAME); if (h == NULL || h->value == NULL) { SCLogDebug("HTTP %s header not present in this request", HEADER_NAME); diff --git a/src/detect-http-host.c b/src/detect-http-host.c index d650bb8cf4..4b420bc293 100644 --- a/src/detect-http-host.c +++ b/src/detect-http-host.c @@ -243,11 +243,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->request_hostname == NULL) + if (htp_tx_request_hostname(tx) == NULL) return NULL; - const uint32_t data_len = bstr_len(tx->request_hostname); - const uint8_t *data = bstr_ptr(tx->request_hostname); + const uint32_t data_len = bstr_len(htp_tx_request_hostname(tx)); + const uint8_t *data = bstr_ptr(htp_tx_request_hostname(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); @@ -347,11 +347,10 @@ static InspectionBuffer *GetRawData(DetectEngineThreadCtx *det_ctx, uint32_t data_len = 0; if (tx->parsed_uri == NULL || tx->parsed_uri->hostname == NULL) { - if (tx->request_headers == NULL) + if (htp_tx_request_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers, - "Host"); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_request_headers(tx), "Host"); if (h == NULL || h->value == NULL) return NULL; diff --git a/src/detect-http-method.c b/src/detect-http-method.c index 2fbedad493..220265e6c8 100644 --- a/src/detect-http-method.c +++ b/src/detect-http-method.c @@ -204,11 +204,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->request_method == NULL) + if (htp_tx_request_method(tx) == NULL) return NULL; - const uint32_t data_len = bstr_len(tx->request_method); - const uint8_t *data = bstr_ptr(tx->request_method); + const uint32_t data_len = bstr_len(htp_tx_request_method(tx)); + const uint8_t *data = bstr_ptr(htp_tx_request_method(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-http-protocol.c b/src/detect-http-protocol.c index 56f858f644..39c643716c 100644 --- a/src/detect-http-protocol.c +++ b/src/detect-http-protocol.c @@ -92,9 +92,9 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, htp_tx_t *tx = (htp_tx_t *)txv; if (flow_flags & STREAM_TOSERVER) - str = tx->request_protocol; + str = htp_tx_request_protocol(tx); else if (flow_flags & STREAM_TOCLIENT) - str = tx->response_protocol; + str = htp_tx_response_protocol(tx); if (str == NULL) { SCLogDebug("HTTP protocol not set"); diff --git a/src/detect-http-request-line.c b/src/detect-http-request-line.c index daaceede84..4ad17bc3d1 100644 --- a/src/detect-http-request-line.c +++ b/src/detect-http-request-line.c @@ -159,11 +159,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id); if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (unlikely(tx->request_line == NULL)) { + if (unlikely(htp_tx_request_line(tx) == NULL)) { return NULL; } - const uint32_t data_len = bstr_len(tx->request_line); - const uint8_t *data = bstr_ptr(tx->request_line); + const uint32_t data_len = bstr_len(htp_tx_request_line(tx)); + const uint8_t *data = bstr_ptr(htp_tx_request_line(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-http-response-line.c b/src/detect-http-response-line.c index 421e3f8419..2604fdc7cb 100644 --- a/src/detect-http-response-line.c +++ b/src/detect-http-response-line.c @@ -158,11 +158,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id); if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (unlikely(tx->response_line == NULL)) { + if (unlikely(htp_tx_response_line(tx) == NULL)) { return NULL; } - const uint32_t data_len = bstr_len(tx->response_line); - const uint8_t *data = bstr_ptr(tx->response_line); + const uint32_t data_len = bstr_len(htp_tx_response_line(tx)); + const uint8_t *data = bstr_ptr(htp_tx_response_line(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-http-start.c b/src/detect-http-start.c index 2555019633..82e6299d70 100644 --- a/src/detect-http-start.c +++ b/src/detect-http-start.c @@ -92,14 +92,14 @@ static uint8_t *GetBufferForTX( if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_REQUEST_PROGRESS_HEADERS) return NULL; - line = tx->request_line; - headers = tx->request_headers; + line = htp_tx_request_line(tx); + headers = htp_tx_request_headers(tx); } else { if (AppLayerParserGetStateProgress(IPPROTO_TCP, ALPROTO_HTTP1, tx, flags) <= HTP_RESPONSE_PROGRESS_HEADERS) return NULL; - headers = tx->response_headers; - line = tx->response_line; + headers = htp_tx_response_headers(tx); + line = htp_tx_response_line(tx); } if (line == NULL || headers == NULL) return NULL; diff --git a/src/detect-http-stat-code.c b/src/detect-http-stat-code.c index b0638c3ed5..c1a537a681 100644 --- a/src/detect-http-stat-code.c +++ b/src/detect-http-stat-code.c @@ -162,11 +162,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->response_status == NULL) + if (htp_tx_response_status(tx) == NULL) return NULL; - const uint32_t data_len = bstr_len(tx->response_status); - const uint8_t *data = bstr_ptr(tx->response_status); + const uint32_t data_len = bstr_len(htp_tx_response_status(tx)); + const uint8_t *data = bstr_ptr(htp_tx_response_status(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-http-stat-msg.c b/src/detect-http-stat-msg.c index 52b4b68307..db2da4e712 100644 --- a/src/detect-http-stat-msg.c +++ b/src/detect-http-stat-msg.c @@ -171,11 +171,11 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->response_message == NULL) + if (htp_tx_response_message(tx) == NULL) return NULL; - const uint32_t data_len = bstr_len(tx->response_message); - const uint8_t *data = bstr_ptr(tx->response_message); + const uint32_t data_len = bstr_len(htp_tx_response_message(tx)); + const uint8_t *data = bstr_ptr(htp_tx_response_message(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-http-ua.c b/src/detect-http-ua.c index 7e5ba0d7ef..29d3f4f256 100644 --- a/src/detect-http-ua.c +++ b/src/detect-http-ua.c @@ -162,11 +162,10 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, if (buffer->inspect == NULL) { htp_tx_t *tx = (htp_tx_t *)txv; - if (tx->request_headers == NULL) + if (htp_tx_request_headers(tx) == NULL) return NULL; - htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers, - "User-Agent"); + htp_header_t *h = (htp_header_t *)htp_table_get_c(htp_tx_request_headers(tx), "User-Agent"); if (h == NULL || h->value == NULL) { SCLogDebug("HTTP UA header not present in this request"); return NULL; diff --git a/src/detect-http-uri.c b/src/detect-http-uri.c index e9c3b50e7a..5254424471 100644 --- a/src/detect-http-uri.c +++ b/src/detect-http-uri.c @@ -322,11 +322,11 @@ static InspectionBuffer *GetRawData(DetectEngineThreadCtx *det_ctx, InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id); if (!buffer->initialized) { htp_tx_t *tx = (htp_tx_t *)txv; - if (unlikely(tx->request_uri == NULL)) { + if (unlikely(htp_tx_request_uri(tx) == NULL)) { return NULL; } - const uint32_t data_len = bstr_len(tx->request_uri); - const uint8_t *data = bstr_ptr(tx->request_uri); + const uint32_t data_len = bstr_len(htp_tx_request_uri(tx)); + const uint8_t *data = bstr_ptr(htp_tx_request_uri(tx)); InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); InspectionBufferApplyTransforms(buffer, transforms); diff --git a/src/detect-lua.c b/src/detect-lua.c index bc01d6df28..60018060de 100644 --- a/src/detect-lua.c +++ b/src/detect-lua.c @@ -48,6 +48,7 @@ #include "app-layer.h" #include "app-layer-parser.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "stream-tcp.h" @@ -376,12 +377,12 @@ static int DetectLuaMatch (DetectEngineThreadCtx *det_ctx, if (tx == NULL) continue; - if ((tlua->flags & FLAG_DATATYPE_HTTP_REQUEST_LINE) && tx->request_line != NULL && - bstr_len(tx->request_line) > 0) { + if ((tlua->flags & FLAG_DATATYPE_HTTP_REQUEST_LINE) && + htp_tx_request_line(tx) != NULL && bstr_len(htp_tx_request_line(tx)) > 0) { lua_pushliteral(tlua->luastate, "http.request_line"); /* stack at -2 */ LuaPushStringBuffer(tlua->luastate, - (const uint8_t *)bstr_ptr(tx->request_line), - bstr_len(tx->request_line)); + (const uint8_t *)bstr_ptr(htp_tx_request_line(tx)), + bstr_len(htp_tx_request_line(tx))); lua_settable(tlua->luastate, -3); } } @@ -422,12 +423,12 @@ static int DetectLuaAppMatchCommon (DetectEngineThreadCtx *det_ctx, htp_tx_t *tx = NULL; tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP1, htp_state, det_ctx->tx_id); if (tx != NULL) { - if ((tlua->flags & FLAG_DATATYPE_HTTP_REQUEST_LINE) && tx->request_line != NULL && - bstr_len(tx->request_line) > 0) { + if ((tlua->flags & FLAG_DATATYPE_HTTP_REQUEST_LINE) && + htp_tx_request_line(tx) != NULL && bstr_len(htp_tx_request_line(tx)) > 0) { lua_pushliteral(tlua->luastate, "http.request_line"); /* stack at -2 */ LuaPushStringBuffer(tlua->luastate, - (const uint8_t *)bstr_ptr(tx->request_line), - bstr_len(tx->request_line)); + (const uint8_t *)bstr_ptr(htp_tx_request_line(tx)), + bstr_len(htp_tx_request_line(tx))); lua_settable(tlua->luastate, -3); } } diff --git a/src/log-httplog.c b/src/log-httplog.c index ae9e7df54a..7a36834f19 100644 --- a/src/log-httplog.c +++ b/src/log-httplog.c @@ -41,6 +41,7 @@ #include "output.h" #include "log-httplog.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "app-layer.h" #include "app-layer-parser.h" #include "util-privs.h" @@ -182,58 +183,55 @@ static void LogHttpLogCustom(LogHttpLogThread *aft, htp_tx_t *tx, const SCTime_t break; case LOG_HTTP_CF_REQUEST_METHOD: /* METHOD */ - if (tx->request_method != NULL) { - PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, - aft->buffer->size, (uint8_t *)bstr_ptr(tx->request_method), - bstr_len(tx->request_method)); - } else { - MemBufferWriteString(aft->buffer, LOG_CF_NONE); - } + if (htp_tx_request_method(tx) != NULL) { + PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, + (uint8_t *)bstr_ptr(htp_tx_request_method(tx)), + bstr_len(htp_tx_request_method(tx))); + } else { + MemBufferWriteString(aft->buffer, LOG_CF_NONE); + } break; case LOG_HTTP_CF_REQUEST_URI: /* URI */ - if (tx->request_uri != NULL) { - datalen = node->maxlen; - if (datalen == 0 || datalen > bstr_len(tx->request_uri)) { - datalen = bstr_len(tx->request_uri); - } - PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, - aft->buffer->size, (uint8_t *)bstr_ptr(tx->request_uri), - datalen); - } else { - MemBufferWriteString(aft->buffer, LOG_CF_NONE); + if (htp_tx_request_uri(tx) != NULL) { + datalen = node->maxlen; + if (datalen == 0 || datalen > bstr_len(htp_tx_request_uri(tx))) { + datalen = bstr_len(htp_tx_request_uri(tx)); } + PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, + (uint8_t *)bstr_ptr(htp_tx_request_uri(tx)), datalen); + } else { + MemBufferWriteString(aft->buffer, LOG_CF_NONE); + } break; case LOG_HTTP_CF_REQUEST_HOST: /* HOSTNAME */ - if (tx->request_hostname != NULL) - { - datalen = node->maxlen; - if (datalen == 0 || datalen > bstr_len(tx->request_hostname)) { - datalen = bstr_len(tx->request_hostname); - } - PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, - aft->buffer->size, (uint8_t *)bstr_ptr(tx->request_hostname), - datalen); - } else { - MemBufferWriteString(aft->buffer, LOG_CF_NONE); + if (htp_tx_request_hostname(tx) != NULL) { + datalen = node->maxlen; + if (datalen == 0 || datalen > bstr_len(htp_tx_request_hostname(tx))) { + datalen = bstr_len(htp_tx_request_hostname(tx)); } + PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, + (uint8_t *)bstr_ptr(htp_tx_request_hostname(tx)), datalen); + } else { + MemBufferWriteString(aft->buffer, LOG_CF_NONE); + } break; case LOG_HTTP_CF_REQUEST_PROTOCOL: /* PROTOCOL */ - if (tx->request_protocol != NULL) { - PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, - aft->buffer->size, (uint8_t *)bstr_ptr(tx->request_protocol), - bstr_len(tx->request_protocol)); - } else { - MemBufferWriteString(aft->buffer, LOG_CF_NONE); - } + if (htp_tx_request_protocol(tx) != NULL) { + PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, + (uint8_t *)bstr_ptr(htp_tx_request_protocol(tx)), + bstr_len(htp_tx_request_protocol(tx))); + } else { + MemBufferWriteString(aft->buffer, LOG_CF_NONE); + } break; case LOG_HTTP_CF_REQUEST_HEADER: /* REQUEST HEADER */ - if (tx->request_headers != NULL) { - h_request_hdr = htp_table_get_c(tx->request_headers, node->data); - } + if (htp_tx_request_headers(tx) != NULL) { + h_request_hdr = htp_table_get_c(htp_tx_request_headers(tx), node->data); + } if (h_request_hdr != NULL) { datalen = node->maxlen; if (datalen == 0 || datalen > bstr_len(h_request_hdr->value)) { @@ -248,14 +246,13 @@ static void LogHttpLogCustom(LogHttpLogThread *aft, htp_tx_t *tx, const SCTime_t break; case LOG_HTTP_CF_REQUEST_COOKIE: /* REQUEST COOKIE */ - if (tx->request_headers != NULL) { - h_request_hdr = htp_table_get_c(tx->request_headers, "Cookie"); - if (h_request_hdr != NULL) { - cvalue_len = GetCookieValue((uint8_t *)bstr_ptr(h_request_hdr->value), - (uint32_t)bstr_len(h_request_hdr->value), (char *)node->data, - &cvalue); - } + if (htp_tx_request_headers(tx) != NULL) { + h_request_hdr = htp_table_get_c(htp_tx_request_headers(tx), "Cookie"); + if (h_request_hdr != NULL) { + cvalue_len = GetCookieValue((uint8_t *)bstr_ptr(h_request_hdr->value), + (uint32_t)bstr_len(h_request_hdr->value), (char *)node->data, &cvalue); } + } if (cvalue_len > 0 && cvalue != NULL) { datalen = node->maxlen; if (datalen == 0 || datalen > cvalue_len) { @@ -269,24 +266,24 @@ static void LogHttpLogCustom(LogHttpLogThread *aft, htp_tx_t *tx, const SCTime_t break; case LOG_HTTP_CF_REQUEST_LEN: /* REQUEST LEN */ - MemBufferWriteString(aft->buffer, "%"PRIuMAX"", (uintmax_t)tx->request_message_len); - break; + MemBufferWriteString( + aft->buffer, "%" PRIuMAX "", (uintmax_t)htp_tx_request_message_len(tx)); + break; case LOG_HTTP_CF_RESPONSE_STATUS: /* RESPONSE STATUS */ - if (tx->response_status != NULL) { - PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, - aft->buffer->size, (uint8_t *)bstr_ptr(tx->response_status), - bstr_len(tx->response_status)); - } else { - MemBufferWriteString(aft->buffer, LOG_CF_NONE); - } + if (htp_tx_response_status(tx) != NULL) { + PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, + (uint8_t *)bstr_ptr(htp_tx_response_status(tx)), + bstr_len(htp_tx_response_status(tx))); + } else { + MemBufferWriteString(aft->buffer, LOG_CF_NONE); + } break; case LOG_HTTP_CF_RESPONSE_HEADER: /* RESPONSE HEADER */ - if (tx->response_headers != NULL) { - h_response_hdr = htp_table_get_c(tx->response_headers, - node->data); - } + if (htp_tx_response_headers(tx) != NULL) { + h_response_hdr = htp_table_get_c(htp_tx_response_headers(tx), node->data); + } if (h_response_hdr != NULL) { datalen = node->maxlen; if (datalen == 0 || datalen > bstr_len(h_response_hdr->value)) { @@ -301,8 +298,9 @@ static void LogHttpLogCustom(LogHttpLogThread *aft, htp_tx_t *tx, const SCTime_t break; case LOG_HTTP_CF_RESPONSE_LEN: /* RESPONSE LEN */ - MemBufferWriteString(aft->buffer, "%"PRIuMAX"", (uintmax_t)tx->response_message_len); - break; + MemBufferWriteString( + aft->buffer, "%" PRIuMAX "", (uintmax_t)htp_tx_response_message_len(tx)); + break; default: /* NO MATCH */ MemBufferWriteString(aft->buffer, LOG_CF_NONE); @@ -319,8 +317,8 @@ static void LogHttpLogExtended(LogHttpLogThread *aft, htp_tx_t *tx) /* referer */ htp_header_t *h_referer = NULL; - if (tx->request_headers != NULL) { - h_referer = htp_table_get_c(tx->request_headers, "referer"); + if (htp_tx_request_headers(tx) != NULL) { + h_referer = htp_table_get_c(htp_tx_request_headers(tx), "referer"); } if (h_referer != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, @@ -333,31 +331,32 @@ static void LogHttpLogExtended(LogHttpLogThread *aft, htp_tx_t *tx) LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); /* method */ - if (tx->request_method != NULL) { + if (htp_tx_request_method(tx) != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, - (uint8_t *)bstr_ptr(tx->request_method), - bstr_len(tx->request_method)); + (uint8_t *)bstr_ptr(htp_tx_request_method(tx)), + bstr_len(htp_tx_request_method(tx))); } LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); /* protocol */ - if (tx->request_protocol != NULL) { + if (htp_tx_request_protocol(tx) != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, - (uint8_t *)bstr_ptr(tx->request_protocol), - bstr_len(tx->request_protocol)); + (uint8_t *)bstr_ptr(htp_tx_request_protocol(tx)), + bstr_len(htp_tx_request_protocol(tx))); } else { MemBufferWriteString(aft->buffer, ""); } LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); /* response status */ - if (tx->response_status != NULL) { + if (htp_tx_response_status(tx) != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, - (uint8_t *)bstr_ptr(tx->response_status), - bstr_len(tx->response_status)); + (uint8_t *)bstr_ptr(htp_tx_response_status(tx)), + bstr_len(htp_tx_response_status(tx))); /* Redirect? */ - if ((tx->response_status_number > 300) && ((tx->response_status_number) < 303)) { - htp_header_t *h_location = htp_table_get_c(tx->response_headers, "location"); + if ((htp_tx_response_status_number(tx) > 300) && + ((htp_tx_response_status_number(tx)) < 303)) { + htp_header_t *h_location = htp_table_get_c(htp_tx_response_headers(tx), "location"); if (h_location != NULL) { MemBufferWriteString(aft->buffer, " => "); @@ -372,7 +371,8 @@ static void LogHttpLogExtended(LogHttpLogThread *aft, htp_tx_t *tx) /* length */ LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); - MemBufferWriteString(aft->buffer, "%"PRIuMAX" bytes", (uintmax_t)tx->response_message_len); + MemBufferWriteString( + aft->buffer, "%" PRIuMAX " bytes", (uintmax_t)htp_tx_response_message_len(tx)); } static TmEcode LogHttpLogIPWrapper(ThreadVars *tv, void *data, const Packet *p, Flow *f, HtpState *htp_state, htp_tx_t *tx, uint64_t tx_id, int ipproto) @@ -432,27 +432,26 @@ static TmEcode LogHttpLogIPWrapper(ThreadVars *tv, void *data, const Packet *p, MemBufferWriteString(aft->buffer, "%s ", timebuf); /* hostname */ - if (tx->request_hostname != NULL) { + if (htp_tx_request_hostname(tx) != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, - (uint8_t *)bstr_ptr(tx->request_hostname), - bstr_len(tx->request_hostname)); + (uint8_t *)bstr_ptr(htp_tx_request_hostname(tx)), + bstr_len(htp_tx_request_hostname(tx))); } else { MemBufferWriteString(aft->buffer, ""); } LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); /* uri */ - if (tx->request_uri != NULL) { + if (htp_tx_request_uri(tx) != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, - (uint8_t *)bstr_ptr(tx->request_uri), - bstr_len(tx->request_uri)); + (uint8_t *)bstr_ptr(htp_tx_request_uri(tx)), bstr_len(htp_tx_request_uri(tx))); } LOG_CF_WRITE_STAR_SEPARATOR(aft->buffer); /* user agent */ htp_header_t *h_user_agent = NULL; - if (tx->request_headers != NULL) { - h_user_agent = htp_table_get_c(tx->request_headers, "user-agent"); + if (htp_tx_request_headers(tx) != NULL) { + h_user_agent = htp_table_get_c(htp_tx_request_headers(tx), "user-agent"); } if (h_user_agent != NULL) { PrintRawUriBuf((char *)aft->buffer->buffer, &aft->buffer->offset, aft->buffer->size, diff --git a/src/output-json-http.c b/src/output-json-http.c index 87c8b6ddb8..24cdfa3cc1 100644 --- a/src/output-json-http.c +++ b/src/output-json-http.c @@ -39,6 +39,7 @@ #include "output.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "app-layer-htp-file.h" #include "app-layer-htp-xff.h" #include "app-layer.h" @@ -197,9 +198,9 @@ struct { static void EveHttpLogJSONBasic(JsonBuilder *js, htp_tx_t *tx) { /* hostname */ - if (tx->request_hostname != NULL) { - jb_set_string_from_bytes(js, "hostname", bstr_ptr(tx->request_hostname), - (uint32_t)bstr_len(tx->request_hostname)); + if (htp_tx_request_hostname(tx) != NULL) { + jb_set_string_from_bytes(js, "hostname", bstr_ptr(htp_tx_request_hostname(tx)), + (uint32_t)bstr_len(htp_tx_request_hostname(tx))); } /* port */ @@ -208,26 +209,27 @@ static void EveHttpLogJSONBasic(JsonBuilder *js, htp_tx_t *tx) * There is no connection (from the suricata point of view) between this * port and the TCP destination port of the flow. */ - if (tx->request_port_number >= 0) { - jb_set_uint(js, "http_port", tx->request_port_number); + if (htp_tx_request_port_number(tx) >= 0) { + jb_set_uint(js, "http_port", htp_tx_request_port_number(tx)); } /* uri */ - if (tx->request_uri != NULL) { - jb_set_string_from_bytes( - js, "url", bstr_ptr(tx->request_uri), (uint32_t)bstr_len(tx->request_uri)); + if (htp_tx_request_uri(tx) != NULL) { + jb_set_string_from_bytes(js, "url", bstr_ptr(htp_tx_request_uri(tx)), + (uint32_t)bstr_len(htp_tx_request_uri(tx))); } - if (tx->request_headers != NULL) { + if (htp_tx_request_headers(tx) != NULL) { /* user agent */ - htp_header_t *h_user_agent = htp_table_get_c(tx->request_headers, "user-agent"); + htp_header_t *h_user_agent = htp_table_get_c(htp_tx_request_headers(tx), "user-agent"); if (h_user_agent != NULL) { jb_set_string_from_bytes(js, "http_user_agent", bstr_ptr(h_user_agent->value), (uint32_t)bstr_len(h_user_agent->value)); } /* x-forwarded-for */ - htp_header_t *h_x_forwarded_for = htp_table_get_c(tx->request_headers, "x-forwarded-for"); + htp_header_t *h_x_forwarded_for = + htp_table_get_c(htp_tx_request_headers(tx), "x-forwarded-for"); if (h_x_forwarded_for != NULL) { jb_set_string_from_bytes(js, "xff", bstr_ptr(h_x_forwarded_for->value), (uint32_t)bstr_len(h_x_forwarded_for->value)); @@ -235,8 +237,8 @@ static void EveHttpLogJSONBasic(JsonBuilder *js, htp_tx_t *tx) } /* content-type */ - if (tx->response_headers != NULL) { - htp_header_t *h_content_type = htp_table_get_c(tx->response_headers, "content-type"); + if (htp_tx_response_headers(tx) != NULL) { + htp_header_t *h_content_type = htp_table_get_c(htp_tx_response_headers(tx), "content-type"); if (h_content_type != NULL) { const size_t size = bstr_len(h_content_type->value) * 2 + 1; char string[size]; @@ -246,7 +248,8 @@ static void EveHttpLogJSONBasic(JsonBuilder *js, htp_tx_t *tx) *p = '\0'; jb_set_string(js, "http_content_type", string); } - htp_header_t *h_content_range = htp_table_get_c(tx->response_headers, "content-range"); + htp_header_t *h_content_range = + htp_table_get_c(htp_tx_response_headers(tx), "content-range"); if (h_content_range != NULL) { jb_open_object(js, "content_range"); jb_set_string_from_bytes(js, "raw", bstr_ptr(h_content_range->value), @@ -269,8 +272,8 @@ static void EveHttpLogJSONExtended(JsonBuilder *js, htp_tx_t *tx) { /* referer */ htp_header_t *h_referer = NULL; - if (tx->request_headers != NULL) { - h_referer = htp_table_get_c(tx->request_headers, "referer"); + if (htp_tx_request_headers(tx) != NULL) { + h_referer = htp_table_get_c(htp_tx_request_headers(tx), "referer"); } if (h_referer != NULL) { jb_set_string_from_bytes( @@ -278,43 +281,43 @@ static void EveHttpLogJSONExtended(JsonBuilder *js, htp_tx_t *tx) } /* method */ - if (tx->request_method != NULL) { - jb_set_string_from_bytes(js, "http_method", bstr_ptr(tx->request_method), - (uint32_t)bstr_len(tx->request_method)); + if (htp_tx_request_method(tx) != NULL) { + jb_set_string_from_bytes(js, "http_method", bstr_ptr(htp_tx_request_method(tx)), + (uint32_t)bstr_len(htp_tx_request_method(tx))); } /* protocol */ - if (tx->request_protocol != NULL) { - jb_set_string_from_bytes(js, "protocol", bstr_ptr(tx->request_protocol), - (uint32_t)bstr_len(tx->request_protocol)); + if (htp_tx_request_protocol(tx) != NULL) { + jb_set_string_from_bytes(js, "protocol", bstr_ptr(htp_tx_request_protocol(tx)), + (uint32_t)bstr_len(htp_tx_request_protocol(tx))); } /* response status: from libhtp: * "Response status code, available only if we were able to parse it, HTP_STATUS_INVALID * otherwise. HTP_STATUS_UNKNOWN until parsing is attempted" .*/ - const int resp = tx->response_status_number; + const int resp = htp_tx_response_status_number(tx); if (resp > 0) { jb_set_uint(js, "status", (uint32_t)resp); - } else if (tx->response_status != NULL) { - jb_set_string_from_bytes(js, "status_string", bstr_ptr(tx->response_status), - (uint32_t)bstr_len(tx->response_status)); + } else if (htp_tx_response_status(tx) != NULL) { + jb_set_string_from_bytes(js, "status_string", bstr_ptr(htp_tx_response_status(tx)), + (uint32_t)bstr_len(htp_tx_response_status(tx))); } - htp_header_t *h_location = htp_table_get_c(tx->response_headers, "location"); + htp_header_t *h_location = htp_table_get_c(htp_tx_response_headers(tx), "location"); if (h_location != NULL) { jb_set_string_from_bytes( js, "redirect", bstr_ptr(h_location->value), (uint32_t)bstr_len(h_location->value)); } /* length */ - jb_set_uint(js, "length", tx->response_message_len); + jb_set_uint(js, "length", htp_tx_response_message_len(tx)); } static void EveHttpLogJSONHeaders( JsonBuilder *js, uint32_t direction, htp_tx_t *tx, LogHttpFileCtx *http_ctx) { - htp_table_t * headers = direction & LOG_HTTP_REQ_HEADERS ? - tx->request_headers : tx->response_headers; + htp_table_t *headers = direction & LOG_HTTP_REQ_HEADERS ? htp_tx_request_headers(tx) + : htp_tx_response_headers(tx); char name[MAX_SIZE_HEADER_NAME] = {0}; char value[MAX_SIZE_HEADER_VALUE] = {0}; size_t n = htp_table_size(headers); diff --git a/src/util-lua-http.c b/src/util-lua-http.c index 4f8916ce9c..2c9ec8bb38 100644 --- a/src/util-lua-http.c +++ b/src/util-lua-http.c @@ -38,6 +38,7 @@ #include "output.h" #include "app-layer-htp.h" +#include "app-layer-htp-libhtp.h" #include "app-layer.h" #include "app-layer-parser.h" #include "util-privs.h" @@ -63,11 +64,11 @@ static int HttpGetRequestHost(lua_State *luastate) if (tx == NULL) return LuaCallbackError(luastate, "internal error: no tx"); - if (tx->request_hostname == NULL) + if (htp_tx_request_hostname(tx) == NULL) return LuaCallbackError(luastate, "no request hostname"); - return LuaPushStringBuffer(luastate, - bstr_ptr(tx->request_hostname), bstr_len(tx->request_hostname)); + return LuaPushStringBuffer( + luastate, bstr_ptr(htp_tx_request_hostname(tx)), bstr_len(htp_tx_request_hostname(tx))); } static int HttpGetRequestUriRaw(lua_State *luastate) @@ -79,11 +80,11 @@ static int HttpGetRequestUriRaw(lua_State *luastate) if (tx == NULL) return LuaCallbackError(luastate, "internal error: no tx"); - if (tx->request_uri == NULL) + if (htp_tx_request_uri(tx) == NULL) return LuaCallbackError(luastate, "no request uri"); - return LuaPushStringBuffer(luastate, - bstr_ptr(tx->request_uri), bstr_len(tx->request_uri)); + return LuaPushStringBuffer( + luastate, bstr_ptr(htp_tx_request_uri(tx)), bstr_len(htp_tx_request_uri(tx))); } static int HttpGetRequestUriNormalized(lua_State *luastate) @@ -118,11 +119,11 @@ static int HttpGetRequestLine(lua_State *luastate) if (tx == NULL) return LuaCallbackError(luastate, "internal error: no tx"); - if (tx->request_line == NULL) + if (htp_tx_request_line(tx) == NULL) return LuaCallbackError(luastate, "no request_line"); - return LuaPushStringBuffer(luastate, - bstr_ptr(tx->request_line), bstr_len(tx->request_line)); + return LuaPushStringBuffer( + luastate, bstr_ptr(htp_tx_request_line(tx)), bstr_len(htp_tx_request_line(tx))); } static int HttpGetResponseLine(lua_State *luastate) @@ -134,11 +135,11 @@ static int HttpGetResponseLine(lua_State *luastate) if (tx == NULL) return LuaCallbackError(luastate, "internal error: no tx"); - if (tx->response_line == NULL) + if (htp_tx_response_line(tx) == NULL) return LuaCallbackError(luastate, "no response_line"); - return LuaPushStringBuffer(luastate, - bstr_ptr(tx->response_line), bstr_len(tx->response_line)); + return LuaPushStringBuffer( + luastate, bstr_ptr(htp_tx_response_line(tx)), bstr_len(tx->response_line)); } static int HttpGetHeader(lua_State *luastate, int dir) @@ -154,9 +155,9 @@ static int HttpGetHeader(lua_State *luastate, int dir) if (name == NULL) return LuaCallbackError(luastate, "1st argument missing, empty or wrong type"); - htp_table_t *headers = tx->request_headers; + htp_table_t *headers = htp_tx_request_headers(tx); if (dir == 1) - headers = tx->response_headers; + headers = htp_tx_response_headers(tx); if (headers == NULL) return LuaCallbackError(luastate, "tx has no headers"); @@ -224,10 +225,10 @@ static int HttpGetHeaders(lua_State *luastate, int dir) if (tx == NULL) return LuaCallbackError(luastate, "internal error: no tx"); - htp_table_t *table = tx->request_headers; + htp_table_t *table = htp_tx_request_headers(tx); if (dir == 1) - table = tx->response_headers; - if (tx->request_headers == NULL) + table = htp_tx_response_headers(tx); + if (htp_tx_request_headers(tx) == NULL) return LuaCallbackError(luastate, "no headers"); lua_newtable(luastate);