"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/preprocessors/snort_httpinspect.h" between
snort-2.9.16.1.tar.gz and snort-2.9.17.tar.gz

About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

snort_httpinspect.h  (snort-2.9.16.1)	:	snort_httpinspect.h  (snort-2.9.17)
skipping to change at line 50		skipping to change at line 50
extern MemPool *mime_log_mempool;		extern MemPool *mime_log_mempool;
extern DataBuffer HttpDecodeBuf;		extern DataBuffer HttpDecodeBuf;
#ifdef PERF_PROFILING		#ifdef PERF_PROFILING
extern PreprocStats hi2PerfStats;		extern PreprocStats hi2PerfStats;
extern PreprocStats hi2InitPerfStats;		extern PreprocStats hi2InitPerfStats;
extern PreprocStats hi2PayloadPerfStats;		extern PreprocStats hi2PayloadPerfStats;
extern PreprocStats hi2PseudoPerfStats;		extern PreprocStats hi2PseudoPerfStats;
#endif		#endif
/**		/**
** The definition of the configuration separators in the snort.conf		** The definition of the configuration separators in the snort.conf
** configure line.		** configure line.
*/		*/
#define CONF_SEPARATORS " \t\n\r"		#define CONF_SEPARATORS " \t\n\r"
#define MAX_METHOD_LEN 256		#define MAX_METHOD_LEN 256
/*		/*
** These are the definitions of the parser section delimiting		** These are the definitions of the parser section delimiting
** keywords to configure HttpInspect. When one of these keywords		** keywords to configure HttpInspect. When one of these keywords
skipping to change at line 85		skipping to change at line 86
#define MAX_GZIP_DEPTH 65535		#define MAX_GZIP_DEPTH 65535
#define DEFAULT_COMP_DEPTH 1460		#define DEFAULT_COMP_DEPTH 1460
#define DEFAULT_DECOMP_DEPTH 2920		#define DEFAULT_DECOMP_DEPTH 2920
#define DEFLATE_RAW_WBITS -15		#define DEFLATE_RAW_WBITS -15
#define DEFLATE_WBITS 15		#define DEFLATE_WBITS 15
#define GZIP_WBITS 31		#define GZIP_WBITS 31
#define XFF_MAX_PIPELINE_REQ 255		#define XFF_MAX_PIPELINE_REQ 255
		#define CONTENT_NONE 0
		#define PARTIAL_CONTENT 1
		#define FULL_CONTENT 2
typedef enum _HttpRespCompressType		typedef enum _HttpRespCompressType
{		{
HTTP_RESP_COMPRESS_TYPE__GZIP = 0x00000001,		HTTP_RESP_COMPRESS_TYPE__GZIP = 0x00000001,
HTTP_RESP_COMPRESS_TYPE__DEFLATE = 0x00000002		HTTP_RESP_COMPRESS_TYPE__DEFLATE = 0x00000002
} _HttpRespCompressType;		} _HttpRespCompressType;
typedef enum _DecompressStage		typedef enum _DecompressStage
{		{
HTTP_DECOMP_START,		HTTP_DECOMP_START,
HTTP_DECOMP_MID,		HTTP_DECOMP_MID,
HTTP_DECOMP_FIN		HTTP_DECOMP_FIN
} DecompressStage;		} DecompressStage;
typedef struct s_DECOMPRESS_STATE		typedef struct s_DECOMPRESS_STATE
{		{
uint8_t inflate_init;		uint8_t inflate_init;
		uint16_t compress_fmt;
		uint8_t decompress_data;
int compr_bytes_read;		int compr_bytes_read;
int decompr_bytes_read;		int decompr_bytes_read;
int compr_depth;		int compr_depth;
int decompr_depth;		int decompr_depth;
uint16_t compress_fmt;
uint8_t decompress_data;
z_stream d_stream;		z_stream d_stream;
MemBucket *bkt;		MemBucket *bkt;
bool deflate_initialized;		bool deflate_initialized;
DecompressStage stage;		DecompressStage stage;
} DECOMPRESS_STATE;		} DECOMPRESS_STATE;
typedef enum _ChunkLenState		typedef enum _ChunkLenState
{		{
CHUNK_LEN_DEFAULT = 0,		CHUNK_LEN_DEFAULT = 0,
CHUNK_LEN_INCOMPLETE		CHUNK_LEN_INCOMPLETE
skipping to change at line 132		skipping to change at line 137
uint8_t inspect_body;		uint8_t inspect_body;
uint8_t inspect_reassembled;		uint8_t inspect_reassembled;
uint8_t last_pkt_contlen;		uint8_t last_pkt_contlen;
uint8_t last_pkt_chunked;		uint8_t last_pkt_chunked;
uint32_t next_seq;		uint32_t next_seq;
uint32_t chunk_remainder;		uint32_t chunk_remainder;
int data_extracted;		int data_extracted;
uint32_t max_seq;		uint32_t max_seq;
bool flow_depth_excd;		bool flow_depth_excd;
bool eoh_found;		bool eoh_found;
bool look_for_partial_content;		uint8_t look_for_partial_content;
uint8_t chunk_len_state;		uint8_t chunk_len_state;
}HTTP_RESP_STATE;		}HTTP_RESP_STATE;
typedef struct s_HTTP_LOG_STATE		typedef struct s_HTTP_LOG_STATE
{		{
uint32_t uri_bytes;		uint32_t uri_bytes;
uint32_t hostname_bytes;		uint32_t hostname_bytes;
MemBucket *log_bucket;		MemBucket *log_bucket;
uint8_t *uri_extracted;		uint8_t *uri_extracted;
uint8_t *hostname_extracted;		uint8_t *hostname_extracted;
skipping to change at line 162		skipping to change at line 167
typedef struct _HttpSessionData		typedef struct _HttpSessionData
{		{
uint64_t event_flags;		uint64_t event_flags;
HTTP_RESP_STATE resp_state;		HTTP_RESP_STATE resp_state;
DECOMPRESS_STATE *decomp_state;		DECOMPRESS_STATE *decomp_state;
HTTP_LOG_STATE *log_state;		HTTP_LOG_STATE *log_state;
decode_utf_state_t utf_state;		decode_utf_state_t utf_state;
uint8_t log_flags;		uint8_t log_flags;
uint8_t cli_small_chunk_count;		uint8_t cli_small_chunk_count;
uint8_t srv_small_chunk_count;		uint8_t srv_small_chunk_count;
MimeState *mime_ssn;
fd_session_p_t fd_state;
uint8_t http_req_id;		uint8_t http_req_id;
uint8_t http_resp_id;		uint8_t http_resp_id;
uint8_t is_response;		uint8_t is_response;
uint8_t tList_count;		uint8_t tList_count;
		MimeState *mime_ssn;
		fd_session_p_t fd_state;
Transaction *tList_start;		Transaction *tList_start;
Transaction *tList_end;		Transaction *tList_end;
} HttpSessionData;		} HttpSessionData;
typedef struct _HISearch		typedef struct _HISearch
{		{
char *name;		char *name;
int name_len;		int name_len;
} HISearch;		} HISearch;
skipping to change at line 240		skipping to change at line 245
void FreeHttpSessionData(void *data);		void FreeHttpSessionData(void *data);
int GetHttpTrueIP(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);		int GetHttpTrueIP(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);
int GetHttpGzipData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);		int GetHttpGzipData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);
int GetHttpJSNormData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);		int GetHttpJSNormData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);
int GetHttpUriData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);		int GetHttpUriData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type);
int GetHttpHostnameData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type );		int GetHttpHostnameData(void *data, uint8_t **buf, uint32_t *len, uint32_t *type );
void HI_SearchInit(void);		void HI_SearchInit(void);
void HI_SearchFree(void);		void HI_SearchFree(void);
int HI_SearchStrFound(void *, void *, int , void *, void *);		int HI_SearchStrFound(void *, void *, int , void *, void *);
int GetHttpFlowDepth(void *, uint32_t);		int GetHttpFlowDepth(void *, uint32_t);
bool isHttpRespPartialCont(void *data);		uint8_t isHttpRespPartialCont(void *data);
bool GetHttpFastBlockingStatus();		bool GetHttpFastBlockingStatus();
static inline HttpSessionData * GetHttpSessionData(Packet *p)		static inline HttpSessionData * GetHttpSessionData(Packet *p)
{		{
if (p->ssnptr == NULL)		if (p->ssnptr == NULL)
return NULL;		return NULL;
return (HttpSessionData *)session_api->get_application_data(p->ssnptr, PP_HT TPINSPECT);		return (HttpSessionData *)session_api->get_application_data(p->ssnptr, PP_HT TPINSPECT);
}		}
static inline void freeTransactionNode(Transaction *tPtr)		static inline void freeTransactionNode(Transaction *tPtr)
{		{
if(tPtr->true_ip)		if(tPtr->true_ip)
sfaddr_free(tPtr->true_ip);		sfaddr_free(tPtr->true_ip);
free(tPtr);		free(tPtr);
		hi_stats.mem_used -= sizeof(Transaction);
}		}
static inline void deleteNode_tList(HttpSessionData *hsd)		static inline void deleteNode_tList(HttpSessionData *hsd)
{		{
Transaction *tmp = hsd->tList_start;		Transaction *tmp = hsd->tList_start;
hsd->tList_start = hsd->tList_start->next;		hsd->tList_start = hsd->tList_start->next;
if( hsd->tList_start == NULL )		if( hsd->tList_start == NULL )
hsd->tList_end = NULL;		hsd->tList_end = NULL;
freeTransactionNode(tmp);		freeTransactionNode(tmp);
}		}
End of changes. 9 change blocks.
6 lines changed or deleted		12 lines changed or added

---