From 5a20dc921ac3ad6ae04119f705efe1a6d4e6622c Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Thu, 2 May 2019 10:49:29 +0200 Subject: [PATCH] http: configures libhtp to allow spaces in uri Ticket: #2881 --- configure.ac | 2 ++ doc/userguide/upgrade.rst | 4 ++++ src/app-layer-htp.c | 3 +++ 3 files changed, 9 insertions(+) diff --git a/configure.ac b/configure.ac index 9780991122e4..b9b30ddee503 100644 --- a/configure.ac +++ b/configure.ac @@ -1537,6 +1537,7 @@ AC_CHECK_LIB([htp], [htp_tx_get_response_headers_raw],AC_DEFINE_UNQUOTED([HAVE_HTP_TX_GET_RESPONSE_HEADERS_RAW],[1],[Found htp_tx_get_response_headers_raw in libhtp]) ,,[-lhtp]) AC_CHECK_LIB([htp], [htp_decode_query_inplace],AC_DEFINE_UNQUOTED([HAVE_HTP_DECODE_QUERY_INPLACE],[1],[Found htp_decode_query_inplace function in libhtp]) ,,[-lhtp]) AC_CHECK_LIB([htp], [htp_config_set_response_decompression_layer_limit],AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_RESPONSE_DECOMPRESSION_LAYER_LIMIT],[1],[Found htp_config_set_response_decompression_layer_limit function in libhtp]) ,,[-lhtp]) + AC_CHECK_LIB([htp], [htp_config_set_allow_space_uri],AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_ALLOW_SPACE_URI],[1],[Found htp_config_set_allow_space_uri function in libhtp]) ,,[-lhtp]) AC_EGREP_HEADER(htp_config_set_path_decode_u_encoding, htp/htp.h, AC_DEFINE_UNQUOTED([HAVE_HTP_SET_PATH_DECODE_U_ENCODING],[1],[Found usable htp_config_set_path_decode_u_encoding function in libhtp]) ) AC_CHECK_LIB([htp], [htp_config_set_lzma_memlimit],AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_LZMA_MEMLIMIT],[1],[Found htp_config_set_lzma_memlimit function in libhtp]) ,,[-lhtp]) AC_CHECK_LIB([htp], [htp_config_set_lzma_layers],AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_LZMA_LAYERS],[1],[Found htp_config_set_lzma_layers function in libhtp]) ,,[-lhtp]) @@ -1562,6 +1563,7 @@ AC_DEFINE_UNQUOTED([HAVE_HTP_DECODE_QUERY_INPLACE],[1],[Assuming htp_decode_query_inplace function in bundled libhtp]) # enable when libhtp has been updated AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_RESPONSE_DECOMPRESSION_LAYER_LIMIT],[1],[Assuming htp_config_set_response_decompression_layer_limit function in bundled libhtp]) + AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_ALLOW_SPACE_URI],[1],[Assuming htp_config_set_allow_space_uri function in bundled libhtp]) AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_LZMA_MEMLIMIT],[1],[Assuming htp_config_set_lzma_memlimit function in bundled libhtp]) AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_LZMA_LAYERS],[1],[Assuming htp_config_set_lzma_layers function in bundled libhtp]) AC_DEFINE_UNQUOTED([HAVE_HTP_CONFIG_SET_COMPRESSION_BOMB_LIMIT],[1],[Assuming htp_config_set_compression_bomb_limit function in bundled libhtp]) diff --git a/doc/userguide/upgrade.rst b/doc/userguide/upgrade.rst index cece4186f783..3b7c0de14784 100644 --- a/doc/userguide/upgrade.rst +++ b/doc/userguide/upgrade.rst @@ -36,6 +36,10 @@ Upgrading 6.0 to 7.0 Major changes ~~~~~~~~~~~~~ - Upgrade of PCRE1 to PCRE2. See :ref:`pcre-update-v1-to-v2` for more details. +- Spaces are accepted in HTTP1 URIs instead of in the protocol version + +That is `GET /a b HTTP/1.1` gets now URI as `a b` and protocol as `HTTP/1.1` when +it used to be URI as `a` and protocol as `b HTTP/1.1` Removals ~~~~~~~~ diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index fcdd7eba1d9c..5690a02ebb6d 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -2449,6 +2449,9 @@ static void HTPConfigSetDefaultsPhase1(HTPCfgRec *cfg_prec) htp_config_register_response_complete(cfg_prec->cfg, HTPCallbackResponseComplete); htp_config_set_parse_request_cookies(cfg_prec->cfg, 0); +#ifdef HAVE_HTP_CONFIG_SET_ALLOW_SPACE_URI + htp_config_set_allow_space_uri(cfg_prec->cfg, 1); +#endif /* don't convert + to space by default */ htp_config_set_plusspace_decode(cfg_prec->cfg, HTP_DECODER_URLENCODED, 0);