libhtp-rs

rust/Cargo.toml.in

@@ -7,7 +7,7 @@ edition = "2021"
 rust-version = "1.67.1"
 
 [workspace]
-members = [".", "./derive"]
+members = [".", "./derive", "./htp"]
 
 [lib]
 crate-type = ["staticlib", "rlib"]
@@ -69,6 +69,8 @@ suricata-derive = { path = "./derive", version = "@PACKAGE_VERSION@" }
 
 suricata-lua-sys = { version = "0.1.0-alpha.1" }
 
+htp = { path = "./htp", version = "2.0.0" }
+
 [dev-dependencies]
 test-case = "~3.3.1"
 hex = "~0.4.3"

rust/Makefile.am

@@ -1,10 +1,12 @@
-EXTRA_DIST =	src derive \
+EXTRA_DIST =	src derive htp \
 		.cargo/config.toml.in \
 		cbindgen.toml \
 		dist/rust-bindings.h \
+		dist/htp/htp_rs.h \
 		vendor \
 		Cargo.toml Cargo.lock \
-		derive/Cargo.toml
+		derive/Cargo.toml \
+		htp/Cargo.toml
 
 if !DEBUG
 RELEASE = --release
@@ -57,6 +59,7 @@ endif
 			$(RUST_SURICATA_LIBDIR)/${RUST_SURICATA_LIBNAME}; \
 	fi
 	$(MAKE) gen/rust-bindings.h
+	$(MAKE) gen/htp/htp_rs.h
 	mkdir -p $(abs_top_builddir)/rust/gen
 	cp -a $(RUST_SURICATA_LIBDIR)/build/suricata-lua-sys-*/out/lua/*.h \
 		$(abs_top_builddir)/rust/gen/
@@ -92,6 +95,15 @@ else
 gen/rust-bindings.h:
 endif
 
+if HAVE_CBINDGEN
+gen/htp/htp_rs.h: $(RUST_SURICATA_LIB)
+	cd $(abs_top_srcdir)/rust/htp && \
+		cbindgen --config $(abs_top_srcdir)/rust/htp/cbindgen.toml \
+		--quiet --verify --output $(abs_top_builddir)/rust/gen/htp/htp_rs.h || true
+else
+gen/htp/htp_rs.h:
+endif
+
 doc:
 	CARGO_HOME=$(CARGO_HOME) $(CARGO) doc --all-features --no-deps
 
@@ -103,6 +115,15 @@ else
 dist/rust-bindings.h:
 endif
 
+if HAVE_CBINDGEN
+dist/htp/htp_rs.h:
+	cd $(abs_top_srcdir)/rust/htp && \
+	cbindgen --config cbindgen.toml \
+		--quiet --output $(abs_top_builddir)/rust/dist/htp/htp_rs.h
+else
+dist/htp/htp_rs.h:
+endif
+
 Cargo.toml: Cargo.toml.in
 
 update-lock: Cargo.toml

rust/htp/LICENSE

@@ -0,0 +1,31 @@
+Copyright (c) 2009-2010 Open Information Security Foundation
+Copyright (c) 2010-2013 Qualys, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+- Redistributions of source code must retain the above copyright
+  notice, this list of conditions and the following disclaimer.
+
+- Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in the
+  documentation and/or other materials provided with the distribution.
+
+- Neither the name of the Qualys, Inc. nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+

rust/htp/README.md

@@ -0,0 +1,71 @@
+# LibHTP
+
+---
+
+Copyright 2009-2010 Open Information Security Foundation  
+Copyright 2010-2013 Qualys, Inc.
+
+---
+
+LibHTP is a security-aware parser for the HTTP protocol and the related bits
+and pieces. The goals of the project, in the order of importance, are as
+follows:
+
+ 1. Completeness of coverage; LibHTP must be able to parse virtually all
+    traffic that is found in practice.
+
+ 2. Permissive parsing; LibHTP must never fail to parse a stream that would
+    be parsed by some other web server.
+
+ 3. Awareness of evasion techniques; LibHTP must be able to detect and
+    effectively deal with various evasion techniques, producing, where
+    practical, identical or practically identical results as the web
+    server processing the same traffic stream.
+
+ 4. Performance; The performance must be adequate for the desired tasks.
+    Completeness and security are often detrimental to performance. Our
+    idea of handling the conflicting requirements is to put the library
+    user in control, allowing him to choose the most desired library
+    characteristic.
+
+ | IMPORTANT   LIBHTP IS NOT YET CONSIDERED STABLE. USE AT YOUR OWN RISK. DO NOT  
+ |             USE IN PRODUCTION. WORK IS CURRENTLY UNDER WAY TO ENSURE THAT  
+ |             LIBHTP IS SECURE AND THAT IT PERFORMS WELL.  
+
+ | STATUS      LIBHTP IS VERY YOUNG AT THIS POINT. IT WILL BE SOME TIME BEFORE  
+ |             IT CAN BE CONSIDER COMPLETE. AT THE MOMENT, THE FOCUS OF DEVELOPMENT  
+ |             IS ON ACHIEVING THE FIRST TWO GOALS.  
+
+See the LICENSE file distributed with this work for information
+regarding licensing, copying and copyright ownership.
+
+
+# Usage
+Start using libHTP by including it in your project's `Cargo.toml`
+dependencies. The base library will also be required for using common
+types.
+
+**The minimum supported version of `rustc` is `1.58.1`.**
+
+## Example
+```
+[dependencies]
+htp = "2.0.0"
+```
+
+## FFI Support
+LibHTP has a foreign function interface for use in C/C++ projects.
+FFI Support can be enabled by building with the `cbindgen` feature.
+
+```
+# Install cbindgen which is required to generate headers
+cargo install --force cbindgen
+
+# Build headers and shared objects
+make
+```
+
+## LICENSE
+
+LibHTP is licensed under the BSD 3-Clause license (also known as "BSD New" and
+"BSD Simplified".) The complete text of the license is enclosed in the file LICENSE.

rust/htp/cbindgen.toml

@@ -0,0 +1,95 @@
+language = "C"
+
+# Header wrapping options
+#header = "LICENSE here"
+#trailer = ""
+include_guard = "_HTP_H"
+autogen_warning = "/* Warning, this file is autogenerated by cbindgen. Do NOT modify manually */"
+#include_version = true
+#sys_includes = [] # Sys headers
+includes = []
+no_includes = false
+cpp_compat = true
+#after_includes = ""
+
+# Code style
+#braces = "SameLine"
+#line_length = 100
+#tab_wideth = 2
+#documentation_style = auto
+
+# Codegen
+style = "both"
+
+after_includes = """
+#define htp_status_t HtpStatus
+#define htp_server_personality_t HtpServerPersonality
+#define htp_protocol_t HtpProtocol
+#define htp_unwanted_t HtpUnwanted
+#define htp_url_encoding_handling_t HtpUrlEncodingHandling
+#define htp_stream_state_t HtpStreamState
+#define htp_content_encoding_t HtpContentEncoding
+#define htp_log_code_t HtpLogCode
+#define htp_log_level_t HtpLogLevel
+#define htp_method_t HtpMethod
+#define htp_data_source_t HtpDataSource
+#define htp_parser_id_t HtpParserId
+#define htp_transfer_coding_t HtpTransferCoding
+#define htp_res_progress_t HtpResponseProgress
+#define htp_req_progress_t HtpRequestProgress
+"""
+
+[export.rename]
+"ConnectionFlags" = "HTP_CONNECTION_FLAGS"
+"HeaderFlags" = "HTP_HEADER_FLAGS"
+"HtpFlags" = "HTP_FLAGS"
+"Config" = "htp_cfg_t"
+"Connection" = "htp_conn_t"
+"ConnectionParser" = "htp_connp_t"
+"Header" = "htp_header_t"
+"Headers" = "htp_headers_t"
+"Param" = "htp_param_t"
+"Data" = "htp_tx_data_t"
+"Transaction" = "htp_tx_t"
+"Transactions" = "htp_txs_t"
+"Uri" = "htp_uri_t"
+"Bstr" = "bstr"
+"Table" = "htp_table_t"
+"Log" = "htp_log_t"
+"timeval" = "struct timeval"
+"Logs" = "htp_logs_t"
+
+[export]
+include = ["HtpStatus",
+"HtpServerPersonality",
+"HtpProtocol",
+"HtpUnwanted",
+"HtpUrlEncodingHandling",
+"HtpStreamState",
+"HtpContentEncoding",
+"HtpLogCode",
+"HtpLogLevel",
+"HtpMethod",
+"HtpDataSource",
+"HtpParserId",
+"HtpTransferCoding",
+"HtpResponseProgress",
+"HtpRequestProgress",
+"HtpFlags",
+"HeaderFlags",
+"ConnectionFlags"]
+
+[enum]
+rename_variants = "QualifiedScreamingSnakeCase"
+prefix_with_name = false
+
+[macro_expansion]
+bitflags = true
+
+# Rust parsing options
+[parse]
+parse_deps = false
+clean = false
+
+[parse.expand]
+features = ["cbindgen"]

rust/htp/fuzz/fuzz_targets/fuzz_htp.rs

@@ -0,0 +1,14 @@
+#![allow(non_snake_case)]
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+
+extern crate htp;
+
+use htp::test::{Test, TestConfig};
+use std::env;
+
+
+fuzz_target!(|data: &[u8]| {
+    let mut t = Test::new(TestConfig());
+    t.run_slice(data);
+});