Blame alp2/alp2.h

Packit Service 384592
/*
Packit Service 384592
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
Packit Service 384592
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
Packit Service 384592
*
Packit Service 384592
* You may not use this file except in compliance with
Packit Service 384592
* the License.  You may obtain a copy of the License at
Packit Service 384592
*
Packit Service 384592
*     http://www.apache.org/licenses/LICENSE-2.0
Packit Service 384592
*
Packit Service 384592
* If any of the files related to licensing are missing or if you have any
Packit Service 384592
* other questions related to licensing please contact Trustwave Holdings, Inc.
Packit Service 384592
* directly using the email address security@modsecurity.org.
Packit Service 384592
*/
Packit Service 384592
Packit Service 384592
#ifndef _ALP2_H_
Packit Service 384592
#define _ALP2_H_
Packit Service 384592
Packit Service 384592
#include <apr_time.h>
Packit Service 384592
#include <apr_uri.h>
Packit Service 384592
Packit Service 384592
#include "alp2_pp.h"
Packit Service 384592
#include "pcre.h"
Packit Service 384592
Packit Service 384592
/* -- Data structures -- */
Packit Service 384592
Packit Service 384592
typedef struct alp2_msg_t alp2_msg_t;
Packit Service 384592
Packit Service 384592
struct alp2_msg_t {
Packit Service 384592
    const char *engine_message;
Packit Service 384592
    const char *target;
Packit Service 384592
    const char *id;
Packit Service 384592
    const char *rev;
Packit Service 384592
    const char *msg;
Packit Service 384592
    const char *data;
Packit Service 384592
    const char *file;
Packit Service 384592
    unsigned long file_line;
Packit Service 384592
    size_t offset;
Packit Service 384592
    int severity;
Packit Service 384592
    int warning;
Packit Service 384592
    apr_array_header_t *tags;
Packit Service 384592
};
Packit Service 384592
Packit Service 384592
typedef struct auditlog2_t auditlog2_t;
Packit Service 384592
Packit Service 384592
struct auditlog2_t {
Packit Service 384592
    apr_pool_t *mp;
Packit Service 384592
Packit Service 384592
    /* Transaction data */
Packit Service 384592
Packit Service 384592
    const char *id;
Packit Service 384592
Packit Service 384592
    apr_time_t timestamp;
Packit Service 384592
    unsigned int duration;
Packit Service 384592
Packit Service 384592
    const char *src_ip;
Packit Service 384592
    unsigned int src_port;
Packit Service 384592
    const char *dst_ip;
Packit Service 384592
    unsigned int dst_port;
Packit Service 384592
Packit Service 384592
    /* Request */
Packit Service 384592
Packit Service 384592
    unsigned int request_line_valid;
Packit Service 384592
    const char *request_line;
Packit Service 384592
    const char *request_method;
Packit Service 384592
    const char *request_uri;
Packit Service 384592
    apr_uri_t *parsed_uri;
Packit Service 384592
    const char *request_protocol;
Packit Service 384592
    apr_table_t *request_headers;    
Packit Service 384592
Packit Service 384592
    /* Determine the hostname: The hostname from the URI is
Packit Service 384592
     * used where present, otherwise the value of the Host
Packit Service 384592
     * request header is used.
Packit Service 384592
     *
Packit Service 384592
     * If neither of these two is available we will use the
Packit Service 384592
     * combination of the destination IP and port as hostname.
Packit Service 384592
     *
Packit Service 384592
     * The resulting hostname may have the port attached.
Packit Service 384592
     */
Packit Service 384592
    const char *hostname;
Packit Service 384592
Packit Service 384592
    /* Response */
Packit Service 384592
Packit Service 384592
    const char *response_protocol;
Packit Service 384592
    unsigned int response_status;
Packit Service 384592
    const char *response_message;
Packit Service 384592
    apr_table_t *response_headers;
Packit Service 384592
    const char *response_tfn;
Packit Service 384592
Packit Service 384592
    /* Other */
Packit Service 384592
Packit Service 384592
    apr_table_t *trailer_headers;
Packit Service 384592
Packit Service 384592
    unsigned int was_intercepted;
Packit Service 384592
    unsigned int intercept_phase; /* -1 if interception did not happen */
Packit Service 384592
Packit Service 384592
    const char *producer;
Packit Service 384592
    const char *server;
Packit Service 384592
    const char *handler;
Packit Service 384592
Packit Service 384592
    const char *application_id;
Packit Service 384592
    const char *session_id;
Packit Service 384592
    const char *user_id;
Packit Service 384592
Packit Service 384592
    apr_array_header_t *messages;
Packit Service 384592
Packit Service 384592
    alp2_pp_entry_t *pp_entry;
Packit Service 384592
};
Packit Service 384592
Packit Service 384592
typedef struct alp2_t alp2_t;
Packit Service 384592
Packit Service 384592
struct alp2_t {
Packit Service 384592
    apr_pool_t *mp;
Packit Service 384592
Packit Service 384592
    void *user_data;
Packit Service 384592
    int (*user_callback)(alp2_t *alp);
Packit Service 384592
Packit Service 384592
    alp2_pp_t *pp;
Packit Service 384592
Packit Service 384592
    unsigned int previous_part_id;
Packit Service 384592
    unsigned int part_line_counter;
Packit Service 384592
    unsigned int part_data_done;
Packit Service 384592
    unsigned int seen_part_h;
Packit Service 384592
Packit Service 384592
    unsigned int done;
Packit Service 384592
    unsigned int parse_error;
Packit Service 384592
    apr_array_header_t *errors;
Packit Service 384592
Packit Service 384592
    /* Regular expression patterns. */
Packit Service 384592
    // TODO All these need reviewing
Packit Service 384592
    pcre *part_a_pattern;
Packit Service 384592
    pcre *request_line_pattern;
Packit Service 384592
    pcre *header_pattern;
Packit Service 384592
    pcre *response_line_pattern;
Packit Service 384592
    
Packit Service 384592
    pcre *trailer_action_pattern;
Packit Service 384592
    pcre *trailer_stopwatch_pattern;
Packit Service 384592
    pcre *trailer_webappinfo_pattern;
Packit Service 384592
Packit Service 384592
    auditlog2_t *auditlog;
Packit Service 384592
};
Packit Service 384592
Packit Service 384592
/* Higher-level (user) parser. */
Packit Service 384592
Packit Service 384592
/* NOTE Parser will create a subpool for its own use, but each
Packit Service 384592
 *      entry will be created in a separate subpool directly
Packit Service 384592
 *      under the main pool. This allows the created audit log
Packit Service 384592
 *      entries to survive the death of the parser.
Packit Service 384592
 */
Packit Service 384592
Packit Service 384592
Packit Service 384592
/* -- Functions -- */
Packit Service 384592
Packit Service 384592
int alp2_create(alp2_t **_alp, apr_pool_t *mp,
Packit Service 384592
                void *user_data, int (*user_callback)(alp2_t *alp));
Packit Service 384592
Packit Service 384592
int alp2_process(alp2_t *alp, const char *data, size_t len);
Packit Service 384592
Packit Service 384592
void alp2_destroy(alp2_t *alp);
Packit Service 384592
Packit Service 384592
auditlog2_t *alp2_auditlog_create(apr_pool_t *mp);
Packit Service 384592
Packit Service 384592
void alp2_auditlog_destroy(auditlog2_t *al);
Packit Service 384592
Packit Service 384592
#endif