/*
* %CopyrightBegin%
*
* Copyright Ericsson AB 2008-2016. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* %CopyrightEnd%
*/
/* A protocol decoder. Simple packet length extraction as well as packet
* body parsing with protocol specific callback interfaces (http and ssl).
*
* Code ripped out from inet_drv.c to also be used by BIF decode_packet.
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include "packet_parser.h"
#include <ctype.h>
#include "sys.h"
/* #define INET_DRV_DEBUG 1 */
#ifdef INET_DRV_DEBUG
# define DEBUG 1
# undef DEBUGF
# define DEBUGF(X) printf X
#endif
#define get_int24(s) ((((unsigned char*) (s))[0] << 16) | \
(((unsigned char*) (s))[1] << 8) | \
(((unsigned char*) (s))[2]))
#define get_little_int32(s) ((((unsigned char*) (s))[3] << 24) | \
(((unsigned char*) (s))[2] << 16) | \
(((unsigned char*) (s))[1] << 8) | \
(((unsigned char*) (s))[0]))
#if !defined(__WIN32__) && !defined(HAVE_STRNCASECMP)
#define STRNCASECMP my_strncasecmp
static int my_strncasecmp(const char *s1, const char *s2, size_t n)
{
int i;
for (i=0;i<n-1 && s1[i] && s2[i] && toupper(s1[i]) == toupper(s2[i]);++i)
;
return (toupper(s1[i]) - toupper(s2[i]));
}
#else
#define STRNCASECMP strncasecmp
#endif
#define HTTP_HDR_HASH_SIZE 53
#define HTTP_METH_HASH_SIZE 13
#define HTTP_MAX_NAME_LEN 50
static char tspecial[128];
static const char* http_hdr_strings[] = {
"Cache-Control",
"Connection",
"Date",
"Pragma",
"Transfer-Encoding",
"Upgrade",
"Via",
"Accept",
"Accept-Charset",
"Accept-Encoding",
"Accept-Language",
"Authorization",
"From",
"Host",
"If-Modified-Since",
"If-Match",
"If-None-Match",
"If-Range",
"If-Unmodified-Since",
"Max-Forwards",
"Proxy-Authorization",
"Range",
"Referer",
"User-Agent",
"Age",
"Location",
"Proxy-Authenticate",
"Public",
"Retry-After",
"Server",
"Vary",
"Warning",
"Www-Authenticate",
"Allow",
"Content-Base",
"Content-Encoding",
"Content-Language",
"Content-Length",
"Content-Location",
"Content-Md5",
"Content-Range",
"Content-Type",
"Etag",
"Expires",
"Last-Modified",
"Accept-Ranges",
"Set-Cookie",
"Set-Cookie2",
"X-Forwarded-For",
"Cookie",
"Keep-Alive",
"Proxy-Connection",
NULL
};
static const char* http_meth_strings[] = {
"OPTIONS",
"GET",
"HEAD",
"POST",
"PUT",
"DELETE",
"TRACE",
NULL
};
static http_atom_t http_hdr_table[sizeof(http_hdr_strings)/sizeof(char*)];
static http_atom_t http_meth_table[sizeof(http_meth_strings)/sizeof(char*)];
static http_atom_t* http_hdr_hash[HTTP_HDR_HASH_SIZE];
static http_atom_t* http_meth_hash[HTTP_METH_HASH_SIZE];
#define CRNL(ptr) (((ptr)[0] == '\r') && ((ptr)[1] == '\n'))
#define NL(ptr) ((ptr)[0] == '\n')
#define SP(ptr) (((ptr)[0] == ' ') || ((ptr)[0] == '\t'))
#define is_tspecial(x) ((((x) > 32) && ((x) < 128)) ? tspecial[(x)] : 1)
#define hash_update(h,c) do { \
unsigned long __g; \
(h) = ((h) << 4) + (c); \
if ((__g = (h) & 0xf0000000)) { \
(h) ^= (__g >> 24); \
(h) ^= __g; \
} \
} while(0)
static void http_hash_insert(const char* name, http_atom_t* entry,
http_atom_t** hash, int hsize)
{
unsigned long h = 0;
const unsigned char* ptr = (const unsigned char*) name;
int ix;
int len = 0;
while (*ptr != '\0') {
hash_update(h, *ptr);
ptr++;
len++;
}
ix = h % hsize;
entry->next = hash[ix];
entry->h = h;
entry->name = name;
entry->len = len;
entry->atom = driver_mk_atom((char*)name);
hash[ix] = entry;
}
static int http_init(void)
{
int i;
unsigned char* ptr;
for (i = 0; i < 33; i++)
tspecial[i] = 1;
for (i = 33; i < 127; i++)
tspecial[i] = 0;
for (ptr = (unsigned char*)"()<>@,;:\\\"/[]?={} \t"; *ptr != '\0'; ptr++)
tspecial[*ptr] = 1;
for (i = 0; i < HTTP_HDR_HASH_SIZE; i++)
http_hdr_hash[i] = NULL;
for (i = 0; http_hdr_strings[i] != NULL; i++) {
ASSERT(strlen(http_hdr_strings[i]) <= HTTP_MAX_NAME_LEN);
http_hdr_table[i].index = i;
http_hash_insert(http_hdr_strings[i],
&http_hdr_table[i],
http_hdr_hash, HTTP_HDR_HASH_SIZE);
}
for (i = 0; i < HTTP_METH_HASH_SIZE; i++)
http_meth_hash[i] = NULL;
for (i = 0; http_meth_strings[i] != NULL; i++) {
http_meth_table[i].index = i;
http_hash_insert(http_meth_strings[i],
&http_meth_table[i],
http_meth_hash, HTTP_METH_HASH_SIZE);
}
return 0;
}
#define CDR_MAGIC "GIOP"
struct cdr_head {
unsigned char magic[4]; /* 4 bytes must be 'GIOP' */
unsigned char major; /* major version */
unsigned char minor; /* minor version */
unsigned char flags; /* bit 0: 0 == big endian, 1 == little endian
bit 1: 1 == more fragments follow */
unsigned char message_type; /* message type ... */
unsigned char message_size[4]; /* size in (flags bit 0 byte order) */
};
#define TPKT_VRSN 3
struct tpkt_head {
unsigned char vrsn; /* contains TPKT_VRSN */
unsigned char reserved;
unsigned char packet_length[2]; /* size incl header, big-endian (?) */
};
void packet_parser_init()
{
static int done = 0;
if (!done) {
done = 1;
http_init();
}
}
/* Return > 0 Total packet length.in bytes
* = 0 Length unknown, need more data.
* < 0 Error, invalid format.
*/
int packet_get_length(enum PacketParseType htype,
const char* ptr, unsigned n, /* Bytes read so far */
unsigned max_plen, /* Max packet length, 0=no limit */
unsigned trunc_len, /* Truncate (lines) if longer, 0=no limit */
char delimiter, /* Line delimiting character */
int* statep) /* Protocol specific state */
{
unsigned hlen, plen;
switch (htype) {
case TCP_PB_RAW:
if (n == 0) goto more;
else {
DEBUGF((" => nothing remain packet=%d\r\n", n));
return n;
}
case TCP_PB_1:
/* TCP_PB_1: [L0 | Data] */
hlen = 1;
if (n < hlen) goto more;
plen = get_int8(ptr);
goto remain;
case TCP_PB_2:
/* TCP_PB_2: [L1,L0 | Data] */
hlen = 2;
if (n < hlen) goto more;
plen = get_int16(ptr);
goto remain;
case TCP_PB_4:
/* TCP_PB_4: [L3,L2,L1,L0 | Data] */
hlen = 4;
if (n < hlen) goto more;
plen = get_int32(ptr);
goto remain;
case TCP_PB_RM:
/* TCP_PB_RM: [L3,L2,L1,L0 | Data]
** where MSB (bit) is used to signal end of record
*/
hlen = 4;
if (n < hlen) goto more;
plen = get_int32(ptr) & 0x7fffffff;
goto remain;
case TCP_PB_LINE_LF: {
/* TCP_PB_LINE_LF: [Data ... Delimiter] */
const char* ptr2;
if ((ptr2 = memchr(ptr, delimiter, n)) == NULL) {
if (n > max_plen && max_plen != 0) { /* packet full */
DEBUGF((" => packet full (no NL)=%d\r\n", n));
goto error;
}
else if (n >= trunc_len && trunc_len!=0) { /* buffer full */
DEBUGF((" => line buffer full (no NL)=%d\r\n", n));
return trunc_len;
}
goto more;
}
else {
int len = (ptr2 - ptr) + 1; /* including newline */
if (len > max_plen && max_plen!=0) {
DEBUGF((" => packet_size %d exceeded\r\n", max_plen));
goto error;
}
if (len > trunc_len && trunc_len!=0) {
DEBUGF((" => truncated line=%d\r\n", trunc_len));
return trunc_len;
}
DEBUGF((" => nothing remain packet=%d\r\n", len));
return len;
}
}
case TCP_PB_ASN1: {
/* TCP_PB_ASN1: handles long (4 bytes) or short length format */
const char* tptr = ptr;
int length;
int nn = n;
if (n < 2) goto more;
nn--;
if ((*tptr++ & 0x1f) == 0x1f) { /* Long tag format */
while (nn && ((*tptr & 0x80) == 0x80)) {
tptr++;
nn--;
}
if (nn < 2) goto more;
tptr++;
nn--;
}
/* tptr now point to length field and nn characters remain */
length = *tptr & 0x7f;
if ((*tptr & 0x80) == 0x80) { /* Long length format */
tptr++;
nn--;
if (nn < length) goto more;
switch (length) {
case 0: plen = 0; break;
case 1: plen = get_int8(tptr); tptr += 1; break;
case 2: plen = get_int16(tptr); tptr += 2; break;
case 3: plen = get_int24(tptr); tptr += 3; break;
case 4: plen = get_int32(tptr); tptr += 4; break;
default: goto error; /* error */
}
}
else {
tptr++;
plen = length;
}
hlen = (tptr-ptr);
goto remain;
}
case TCP_PB_CDR: {
const struct cdr_head* hp;
hlen = sizeof(struct cdr_head);
if (n < hlen) goto more;
hp = (struct cdr_head*) ptr;
if (sys_memcmp(hp->magic, CDR_MAGIC, 4) != 0)
goto error;
if (hp->flags & 0x01) /* Byte ordering flag */
plen = get_little_int32(hp->message_size);
else
plen = get_int32(hp->message_size);
goto remain;
}
case TCP_PB_FCGI: {
const struct fcgi_head* hp;
hlen = sizeof(struct fcgi_head);
if (n < hlen) goto more;
hp = (struct fcgi_head*) ptr;
if (hp->version != FCGI_VERSION_1)
goto error;
plen = ((hp->contentLengthB1 << 8) | hp->contentLengthB0)
+ hp->paddingLength;
goto remain;
}
case TCP_PB_HTTPH:
case TCP_PB_HTTPH_BIN:
*statep = !0;
case TCP_PB_HTTP:
case TCP_PB_HTTP_BIN:
/* TCP_PB_HTTP: data \r\n(SP data\r\n)* */
plen = n;
if (((plen == 1) && NL(ptr)) || ((plen == 2) && CRNL(ptr)))
goto done;
else {
const char* ptr1 = ptr;
int len = plen;
if (!max_plen) {
/* This is for backward compatibility with old user of decode_packet
* that might use option 'line_length' to limit accepted length of
* http lines.
*/
max_plen = trunc_len;
}
while (1) {
const char* ptr2 = memchr(ptr1, '\n', len);
if (ptr2 == NULL) {
if (max_plen != 0) {
if (n >= max_plen) /* packet full */
goto error;
}
goto more;
}
else {
plen = (ptr2 - ptr) + 1;
if (*statep == 0) {
if (max_plen != 0 && plen > max_plen)
goto error;
goto done;
}
if (plen < n) {
if (SP(ptr2+1) && plen>2) {
/* header field value continue on next line */
ptr1 = ptr2+1;
len = n - plen;
}
else {
if (max_plen != 0 && plen > max_plen)
goto error;
goto done;
}
}
else {
if (max_plen != 0 && plen > max_plen)
goto error;
goto more;
}
}
}
}
case TCP_PB_TPKT: {
const struct tpkt_head* hp;
hlen = sizeof(struct tpkt_head);
if (n < hlen)
goto more;
hp = (struct tpkt_head*) ptr;
if (hp->vrsn == TPKT_VRSN) {
plen = get_int16(hp->packet_length) - hlen;
} else {
goto error;
}
goto remain;
}
case TCP_PB_SSL_TLS:
hlen = 5;
if (n < hlen) goto more;
if ((ptr[0] & 0x80) && ptr[2] == 1) {
/* Ssl-v2 Client hello <<1:1, Len:15, 1:8, Version:16>> */
plen = (get_int16(&ptr[0]) & 0x7fff) - 3;
}
else {
/* <<ContentType:8, Version:16, Length:16>> */
plen = get_int16(&ptr[3]);
}
goto remain;
default:
DEBUGF((" => case error\r\n"));
return -1;
}
more:
return 0;
remain:
{
int tlen = hlen + plen;
if ((max_plen != 0 && plen > max_plen)
|| tlen < (int)hlen) { /* wrap-around protection */
return -1;
}
return tlen;
}
done:
return plen;
error:
return -1;
}
static http_atom_t* http_hash_lookup(const char* name, int len,
unsigned long h,
http_atom_t** hash, int hsize)
{
int ix = h % hsize;
http_atom_t* ap = hash[ix];
while (ap != NULL) {
if ((ap->h == h) && (ap->len == len) &&
(strncmp(ap->name, name, len) == 0))
return ap;
ap = ap->next;
}
return NULL;
}
static void
http_parse_absoluteURI(PacketHttpURI* uri, const char* uri_ptr, int uri_len)
{
const char* p;
if ((p = memchr(uri_ptr, '/', uri_len)) == NULL) {
/* host [":" port] */
uri->s2_ptr = "/";
uri->s2_len = 1;
}
else {
int n = (p - uri_ptr);
uri->s2_ptr = p;
uri->s2_len = uri_len - n;
uri_len = n;
}
uri->s1_ptr = uri_ptr;
uri->port = 0; /* undefined */
/* host[:port] */
if ((p = memchr(uri_ptr, ':', uri_len)) == NULL) {
uri->s1_len = uri_len;
}
else {
int n = (p - uri_ptr);
int port = 0;
uri->s1_len = n;
n = uri_len - (n+1);
p++;
while(n && isdigit((int) *p)) {
port = port*10 + (*p - '0');
n--;
p++;
}
if (n==0 && port!=0)
uri->port = port;
}
}
/*
** Handle URI syntax:
**
** Request-URI = "*" | absoluteURI | abs_path
** absoluteURI = scheme ":" *( uchar | reserved )
** net_path = "//" net_loc [ abs_path ]
** abs_path = "/" rel_path
** rel_path = [ path ] [ ";" params ] [ "?" query ]
** path = fsegment *( "/" segment )
** fsegment = 1*pchar
** segment = *pchar
** params = param *( ";" param )
** param = *( pchar | "/" )
** query = *( uchar | reserved )
**
** http_URL = "http:" "//" host [ ":" port ] [ abs_path ]
**
** host = <A legal Internet host domain name
** or IP address (in dotted-decimal form),
** as defined by Section 2.1 of RFC 1123>
** port = *DIGIT
**
** {absoluteURI, <scheme>, <host>, <port>, <path+params+query>}
** when <scheme> = http | https
** {scheme, <scheme>, <chars>}
** wheb <scheme> is something else then http or https
** {abs_path, <path>}
**
** <string> (unknown form)
**
*/
static void http_parse_uri(PacketHttpURI* uri, const char* uri_ptr, int uri_len)
{
if ((uri_len == 1) && (uri_ptr[0] == '*'))
uri->type = URI_STAR;
else if ((uri_len <= 1) || (uri_ptr[0] == '/')) {
uri->type = URI_ABS_PATH;
uri->s1_ptr = uri_ptr;
uri->s1_len = uri_len;
}
else if ((uri_len>=7) && (STRNCASECMP(uri_ptr, "http://", 7) == 0)) {
uri_len -= 7;
uri_ptr += 7;
uri->type = URI_HTTP;
http_parse_absoluteURI(uri, uri_ptr, uri_len);
}
else if ((uri_len>=8) && (STRNCASECMP(uri_ptr, "https://", 8) == 0)) {
uri_len -= 8;
uri_ptr += 8;
uri->type = URI_HTTPS;
http_parse_absoluteURI(uri, uri_ptr, uri_len);
}
else {
char* ptr;
if ((ptr = memchr(uri_ptr, ':', uri_len)) == NULL) {
uri->type = URI_STRING;
uri->s1_ptr = uri_ptr;
uri->s1_len = uri_len;
}
else {
int slen = ptr - uri_ptr;
uri->type = URI_SCHEME;
uri->s1_ptr = uri_ptr;
uri->s1_len = slen;
uri->s2_ptr = uri_ptr + (slen+1);
uri->s2_len = uri_len - (slen+1);
}
}
}
/*
** parse http message:
** http_eoh - end of headers
** {http_header, Key, Value} - Key = atom() | string()
** {http_request, Method,Url,Version}
** {http_response, Version, Status, Message}
** {http_error, Error-Line}
*/
int packet_parse_http(const char* buf, int len, int* statep,
PacketCallbacks* pcb, void* arg)
{
const char* ptr = buf;
const char* p0;
int n = len;
/* remove trailing CRNL (accept NL as well) */
if ((n >= 2) && (buf[n-2] == '\r'))
n -= 2;
else if ((n >= 1) && (buf[n-1] == '\n'))
n -= 1;
if (*statep == 0) {
/* start-line = Request-Line | Status-Line */
if (n >= 5 && (strncmp(buf, "HTTP/", 5) == 0)) {
int major = 0;
int minor = 0;
int status = 0;
/* Status-Line = HTTP-Version SP
* Status-Code SP Reason-Phrase
* CRNL
* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT
*/
ptr += 5;
n -= 5;
p0 = ptr;
while (n && isdigit((int) *ptr)) {
major = 10*major + (*ptr - '0');
ptr++;
n--;
}
if (ptr==p0 || !n || (*ptr != '.'))
return -1;
ptr++;
n--;
p0 = ptr;
while (n && isdigit((int) *ptr)) {
minor = 10*minor + (*ptr - '0');
ptr++;
n--;
}
if (ptr==p0) return -1;
p0 = ptr;
while (n && SP(ptr)) {
ptr++; n--;
}
if (ptr==p0) return -1;
while (n && isdigit((int) *ptr)) {
status = 10*status + (*ptr - '0');
ptr++;
n--;
}
p0 = ptr;
while (n && SP(ptr)) {
ptr++; n--;
}
if (ptr==p0 && n>0) return -1;
/* NOTE: the syntax allows empty reason phrases */
(*statep) = !0;
return pcb->http_response(arg, major, minor, status,
ptr, n);
}
else {
/* Request-Line = Method SP Request-URI SP HTTP-Version CRLF */
http_atom_t* meth;
const char* meth_ptr = buf;
int meth_len;
PacketHttpURI uri;
const char* uri_ptr;
int uri_len;
int major = 0;
int minor = 0;
unsigned long h = 0;
while (n && !is_tspecial((unsigned char)*ptr)) {
hash_update(h, (int)*ptr);
ptr++;
n--;
}
meth_len = ptr - meth_ptr;
if (n == 0 || meth_len == 0 || !SP(ptr)) return -1;
meth = http_hash_lookup(meth_ptr, meth_len, h,
http_meth_hash, HTTP_METH_HASH_SIZE);
while (n && SP(ptr)) {
ptr++; n--;
}
uri_ptr = ptr;
while (n && !SP(ptr)) {
ptr++; n--;
}
if ((uri_len = (ptr - uri_ptr)) == 0)
return -1;
while (n && SP(ptr)) {
ptr++; n--;
}
if (n == 0) {
(*statep) = !0;
http_parse_uri(&uri, uri_ptr, uri_len);
return pcb->http_request(arg, meth, meth_ptr, meth_len,
&uri, 0, 9);
}
if (n < 8)
return -1;
if (strncmp(ptr, "HTTP/", 5) != 0)
return -1;
ptr += 5;
n -= 5;
p0 = ptr;
while (n && isdigit((int) *ptr)) {
major = 10*major + (*ptr - '0');
ptr++;
n--;
}
if (ptr==p0 || !n || (*ptr != '.'))
return -1;
ptr++;
n--;
p0 = ptr;
while (n && isdigit((int) *ptr)) {
minor = 10*minor + (*ptr - '0');
ptr++;
n--;
}
if (ptr==p0) return -1;
(*statep) = !0;
http_parse_uri(&uri, uri_ptr, uri_len);
return pcb->http_request(arg, meth, meth_ptr, meth_len,
&uri, major, minor);
}
}
else {
int up = 1; /* make next char uppercase */
http_atom_t* name;
char name_buf[HTTP_MAX_NAME_LEN];
const char* name_ptr = name_buf;
int name_len;
unsigned long h;
if (n == 0) {
/* end of headers */
*statep = 0; /* reset state (for next request) */
return pcb->http_eoh(arg);
}
h = 0;
name_len = 0;
while (!is_tspecial((unsigned char)*ptr)) {
if (name_len < HTTP_MAX_NAME_LEN) {
int c = *ptr;
if (up) {
if (islower(c)) {
c = toupper(c);
}
up = 0;
}
else {
if (isupper(c))
c = tolower(c);
else if (c == '-')
up = 1;
}
name_buf[name_len] = c;
hash_update(h, c);
}
name_len++;
ptr++;
if (--n == 0) return -1;
}
while (n && SP(ptr)) { /* Skip white space before ':' */
ptr++; n--;
}
if (*ptr != ':') {
return -1;
}
if (name_len <= HTTP_MAX_NAME_LEN) {
name = http_hash_lookup(name_buf, name_len, h,
http_hdr_hash, HTTP_HDR_HASH_SIZE);
}
else {
/* Is it ok to return original name without case adjustments? */
name_ptr = buf;
name = NULL;
}
ptr++;
n--;
/* Skip white space after ':' */
while (n && SP(ptr)) {
ptr++; n--;
}
return pcb->http_header(arg, name, name_ptr, name_len,
ptr, n);
}
return -1;
}
int packet_parse_ssl(const char* buf, int len,
PacketCallbacks* pcb, void* arg)
{
/* Check for ssl-v2 client hello */
if ((buf[0] & 0x80) && buf[2] == 1) {
unsigned major = (unsigned char) buf[3];
unsigned minor = (unsigned char) buf[4];
char prefix[4];
/* <<1:8,Length:24,Data/binary>> */
prefix[0] = 1;
put_int24(len-3,&prefix[1]);
return pcb->ssl_tls(arg, 22, major, minor, buf+3, len-3, prefix, sizeof(prefix));
}
else {
/* ContentType (1 byte), ProtocolVersion (2 bytes), Length (2 bytes big-endian) */
unsigned type = (unsigned char) buf[0];
unsigned major = (unsigned char) buf[1];
unsigned minor = (unsigned char) buf[2];
return pcb->ssl_tls(arg, type, major, minor, buf+5, len-5, NULL, 0);
}
}