virtual void TearDown() {
bstr_free(output);
bstr_free(o_boxing_wizards);
decompressor->destroy(decompressor);
htp_connp_destroy_all(connp);
htp_config_destroy(cfg);
}
/**
* Destroys the connection parser and its data structures, leaving
* the connection data intact.
*
* @param connp
*/
void htp_connp_destroy(htp_connp_t *connp) {
if (connp->out_decompressor != NULL) {
connp->out_decompressor->destroy(connp->out_decompressor);
connp->out_decompressor = NULL;
}
if (connp->in_header_line != NULL) {
if (connp->in_header_line->line != NULL) {
free(connp->in_header_line->line);
}
free(connp->in_header_line);
}
free(connp->in_line);
if (connp->out_header_line != NULL) {
if (connp->out_header_line->line != NULL) {
free(connp->out_header_line->line);
}
free(connp->out_header_line);
}
free(connp->out_line);
// Destroy the configuration structure, but only
// if it is our private copy
if (connp->is_cfg_private) {
htp_config_destroy(connp->cfg);
}
free(connp);
}
void htp_tx_set_config(htp_tx_t *tx, htp_cfg_t *cfg, int is_cfg_shared) {
if ((is_cfg_shared != HTP_CONFIG_PRIVATE) && (is_cfg_shared != HTP_CONFIG_SHARED)) return;
// If we're using a private configuration, destroy it.
if (tx->is_config_shared == HTP_CONFIG_PRIVATE) {
htp_config_destroy(tx->cfg);
}
tx->cfg = cfg;
tx->is_config_shared = is_cfg_shared;
}
/**
* Main entry point for this program.
*
* @param argc
* @param argv
*/
int main(int argc, char *argv[]) {
// Check parameters
if ((argc < 2)||(argc > 4)) {
print_usage();
return 1;
}
// Configure libnids
if (argc > 2) {
if (strcmp(argv[1], "-r") != 0) {
print_usage();
return 1;
}
nids_params.filename = argv[2];
if (argc == 4) {
nids_params.pcap_filter = argv[3];
}
} else {
nids_params.pcap_filter = argv[1];
}
// Initialize libnids
if (!nids_init()) {
fprintf(stderr, "libnids initialization failed: %s\n", nids_errbuf);
return 1;
}
// Create LibHTP configuration
cfg = htp_config_create();
htp_config_set_server_personality(cfg, HTP_SERVER_APACHE_2_2);
htp_config_register_response(cfg, callback_response);
htp_config_register_log(cfg, callback_log);
// Run libnids
nids_register_tcp(tcp_callback);
nids_run();
// Destroy LibHTP configuration
htp_config_destroy(cfg);
return 0;
}
void rbhtp_config_free( void* p )
{
htp_cfg_t* cfg = (htp_cfg_t*)p;
htp_config_destroy( cfg );
}
htp_cfg_t *htp_config_copy(htp_cfg_t *cfg) {
if (cfg == NULL) return NULL;
// Start by making a copy of the entire structure,
// which is essentially a shallow copy.
htp_cfg_t *copy = malloc(sizeof (htp_cfg_t));
if (copy == NULL) return NULL;
memcpy(copy, cfg, sizeof (htp_cfg_t));
// Now create copies of the hooks' structures.
if (cfg->hook_request_start != NULL) {
copy->hook_request_start = htp_hook_copy(cfg->hook_request_start);
if (copy->hook_request_start == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_line != NULL) {
copy->hook_request_line = htp_hook_copy(cfg->hook_request_line);
if (copy->hook_request_line == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_uri_normalize != NULL) {
copy->hook_request_uri_normalize = htp_hook_copy(cfg->hook_request_uri_normalize);
if (copy->hook_request_uri_normalize == NULL) {
free(copy);
return NULL;
}
}
if (cfg->hook_request_header_data != NULL) {
copy->hook_request_header_data = htp_hook_copy(cfg->hook_request_header_data);
if (copy->hook_request_header_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_headers != NULL) {
copy->hook_request_headers = htp_hook_copy(cfg->hook_request_headers);
if (copy->hook_request_headers == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_body_data != NULL) {
copy->hook_request_body_data = htp_hook_copy(cfg->hook_request_body_data);
if (copy->hook_request_body_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_file_data != NULL) {
copy->hook_request_file_data = htp_hook_copy(cfg->hook_request_file_data);
if (copy->hook_request_file_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_trailer != NULL) {
copy->hook_request_trailer = htp_hook_copy(cfg->hook_request_trailer);
if (copy->hook_request_trailer == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_trailer_data != NULL) {
copy->hook_request_trailer_data = htp_hook_copy(cfg->hook_request_trailer_data);
if (copy->hook_request_trailer_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_request_complete != NULL) {
copy->hook_request_complete = htp_hook_copy(cfg->hook_request_complete);
if (copy->hook_request_complete == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_start != NULL) {
copy->hook_response_start = htp_hook_copy(cfg->hook_response_start);
if (copy->hook_response_start == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_line != NULL) {
copy->hook_response_line = htp_hook_copy(cfg->hook_response_line);
if (copy->hook_response_line == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_header_data != NULL) {
copy->hook_response_header_data = htp_hook_copy(cfg->hook_response_header_data);
if (copy->hook_response_header_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_headers != NULL) {
copy->hook_response_headers = htp_hook_copy(cfg->hook_response_headers);
if (copy->hook_response_headers == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_body_data != NULL) {
copy->hook_response_body_data = htp_hook_copy(cfg->hook_response_body_data);
if (copy->hook_response_body_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_trailer != NULL) {
copy->hook_response_trailer = htp_hook_copy(cfg->hook_response_trailer);
if (copy->hook_response_trailer == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_trailer_data != NULL) {
copy->hook_response_trailer_data = htp_hook_copy(cfg->hook_response_trailer_data);
if (copy->hook_response_trailer_data == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_response_complete != NULL) {
copy->hook_response_complete = htp_hook_copy(cfg->hook_response_complete);
if (copy->hook_response_complete == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_transaction_complete != NULL) {
copy->hook_transaction_complete = htp_hook_copy(cfg->hook_response_complete);
if (copy->hook_transaction_complete == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
if (cfg->hook_log != NULL) {
copy->hook_log = htp_hook_copy(cfg->hook_log);
if (copy->hook_log == NULL) {
htp_config_destroy(copy);
return NULL;
}
}
return copy;
}
static void htpy_config_dealloc(htpy_config *self) {
htp_config_destroy(self->cfg);
self->ob_type->tp_free((PyObject *) self);
}
void htp_tx_destroy_incomplete(htp_tx_t *tx) {
if (tx == NULL) return;
// Disconnect transaction from other structures.
htp_conn_remove_tx(tx->conn, tx);
htp_connp_tx_remove(tx->connp, tx);
// Request fields.
bstr_free(tx->request_line);
bstr_free(tx->request_method);
bstr_free(tx->request_uri);
bstr_free(tx->request_protocol);
bstr_free(tx->request_content_type);
bstr_free(tx->request_hostname);
htp_uri_free(tx->parsed_uri_raw);
htp_uri_free(tx->parsed_uri);
// Request_headers.
if (tx->request_headers != NULL) {
htp_header_t *h = NULL;
for (size_t i = 0, n = htp_table_size(tx->request_headers); i < n; i++) {
h = htp_table_get_index(tx->request_headers, i, NULL);
bstr_free(h->name);
bstr_free(h->value);
free(h);
}
htp_table_destroy(tx->request_headers);
}
// Request parsers.
htp_urlenp_destroy(tx->request_urlenp_query);
htp_urlenp_destroy(tx->request_urlenp_body);
htp_mpartp_destroy(tx->request_mpartp);
// Request parameters.
htp_param_t *param = NULL;
for (size_t i = 0, n = htp_table_size(tx->request_params); i < n; i++) {
param = htp_table_get_index(tx->request_params, i, NULL);
free(param->name);
free(param->value);
free(param);
}
htp_table_destroy(tx->request_params);
// Request cookies.
if (tx->request_cookies != NULL) {
bstr *b = NULL;
for (size_t i = 0, n = htp_table_size(tx->request_cookies); i < n; i++) {
b = htp_table_get_index(tx->request_cookies, i, NULL);
bstr_free(b);
}
htp_table_destroy(tx->request_cookies);
}
htp_hook_destroy(tx->hook_request_body_data);
// Response fields.
bstr_free(tx->response_line);
bstr_free(tx->response_protocol);
bstr_free(tx->response_status);
bstr_free(tx->response_message);
bstr_free(tx->response_content_type);
// Destroy response headers.
if (tx->response_headers != NULL) {
htp_header_t *h = NULL;
for (size_t i = 0, n = htp_table_size(tx->response_headers); i < n; i++) {
h = htp_table_get_index(tx->response_headers, i, NULL);
bstr_free(h->name);
bstr_free(h->value);
free(h);
}
htp_table_destroy(tx->response_headers);
}
// If we're using a private configuration structure, destroy it.
if (tx->is_config_shared == HTP_CONFIG_PRIVATE) {
htp_config_destroy(tx->cfg);
}
free(tx);
}
void htp_tx_destroy(htp_tx_t *tx) {
bstr_free(tx->request_line);
bstr_free(tx->request_line_raw);
bstr_free(tx->request_method);
bstr_free(tx->request_uri);
bstr_free(tx->request_uri_normalized);
bstr_free(tx->request_protocol);
bstr_free(tx->request_headers_sep);
if (tx->parsed_uri != NULL) {
bstr_free(tx->parsed_uri->scheme);
bstr_free(tx->parsed_uri->username);
bstr_free(tx->parsed_uri->password);
bstr_free(tx->parsed_uri->hostname);
bstr_free(tx->parsed_uri->port);
bstr_free(tx->parsed_uri->path);
bstr_free(tx->parsed_uri->query);
bstr_free(tx->parsed_uri->fragment);
free(tx->parsed_uri);
}
if (tx->parsed_uri_incomplete != NULL) {
bstr_free(tx->parsed_uri_incomplete->scheme);
bstr_free(tx->parsed_uri_incomplete->username);
bstr_free(tx->parsed_uri_incomplete->password);
bstr_free(tx->parsed_uri_incomplete->hostname);
bstr_free(tx->parsed_uri_incomplete->port);
bstr_free(tx->parsed_uri_incomplete->path);
bstr_free(tx->parsed_uri_incomplete->query);
bstr_free(tx->parsed_uri_incomplete->fragment);
free(tx->parsed_uri_incomplete);
}
// Destroy request_header_lines.
if (tx->request_header_lines != NULL) {
for (int i = 0, n = htp_list_size(tx->request_header_lines); i < n; i++) {
htp_header_line_t *hl = htp_list_get(tx->request_header_lines, i);
bstr_free(hl->line);
// No need to destroy hl->header because
// htp_header_line_t does not own it.
free(hl);
}
htp_list_destroy(tx->request_header_lines);
tx->request_header_lines = NULL;
}
// Destroy request_headers.
if (tx->request_headers != NULL) {
htp_header_t *h = NULL;
for (int i = 0, n = htp_table_size(tx->request_headers); i < n; i++) {
h = htp_table_get_index(tx->request_headers, i, NULL);
bstr_free(h->name);
bstr_free(h->value);
free(h);
}
htp_table_destroy(tx->request_headers);
}
if (tx->request_headers_raw != NULL) {
bstr_free(tx->request_headers_raw);
}
if (tx->response_headers_raw != NULL) {
bstr_free(tx->response_headers_raw);
}
bstr_free(tx->response_line);
bstr_free(tx->response_line_raw);
bstr_free(tx->response_protocol);
bstr_free(tx->response_status);
bstr_free(tx->response_message);
bstr_free(tx->response_headers_sep);
// Destroy response_header_lines.
if (tx->response_header_lines != NULL) {
for (int i = 0, n = htp_list_size(tx->response_header_lines); i < n; i++) {
htp_header_line_t *hl = htp_list_get(tx->response_header_lines, i);
bstr_free(hl->line);
// No need to destroy hl->header because
// htp_header_line_t does not own it.
free(hl);
}
htp_list_destroy(tx->response_header_lines);
tx->response_header_lines = NULL;
}
// Destroy response headers.
if (tx->response_headers != NULL) {
htp_header_t *h = NULL;
for (int i = 0, n = htp_table_size(tx->response_headers); i < n; i++) {
h = htp_table_get_index(tx->response_headers, i, NULL);
bstr_free(h->name);
bstr_free(h->value);
free(h);
}
htp_table_destroy(tx->response_headers);
}
// Tell the connection to remove this transaction from the list.
htp_conn_remove_tx(tx->conn, tx);
// Invalidate the pointer to this transactions held
// by the connection parser. This is to allow a transaction
// to be destroyed from within the final response callback.
if (tx->connp != NULL) {
if (tx->connp->out_tx == tx) {
tx->connp->out_tx = NULL;
}
}
bstr_free(tx->request_content_type);
bstr_free(tx->response_content_type);
// Parsers
htp_urlenp_destroy(tx->request_urlenp_query);
htp_urlenp_destroy(tx->request_urlenp_body);
htp_mpartp_destroy(tx->request_mpartp);
// Request parameters
htp_param_t *param = NULL;
for (int i = 0, n = htp_table_size(tx->request_params); i < n; i++) {
param = htp_table_get_index(tx->request_params, i, NULL);
free(param->name);
free(param->value);
free(param);
}
htp_table_destroy(tx->request_params);
// Request cookies
if (tx->request_cookies != NULL) {
bstr *b = NULL;
for (int i = 0, n = htp_table_size(tx->request_cookies); i < n; i++) {
b = htp_table_get_index(tx->request_cookies, i, NULL);
bstr_free(b);
}
htp_table_destroy(tx->request_cookies);
}
htp_hook_destroy(tx->hook_request_body_data);
// If we're using a private configuration, destroy it.
if (tx->is_config_shared == HTP_CONFIG_PRIVATE) {
htp_config_destroy(tx->cfg);
}
free(tx);
}