blob: 7e254bc4612b59c2d330561585e097d95cf1fbf4 [file] [log] [blame]
Willy Tarreaud4c33c82013-01-07 21:59:07 +01001/*
2 * General protocol-agnostic payload-based sample fetches and ACLs
3 *
4 * Copyright 2000-2013 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <stdlib.h>
14#include <string.h>
15
16#include <proto/acl.h>
17#include <proto/arg.h>
18#include <proto/channel.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +010019#include <proto/pattern.h>
Willy Tarreaud4c33c82013-01-07 21:59:07 +010020#include <proto/payload.h>
21#include <proto/sample.h>
22
23
24/************************************************************************/
25/* All supported sample fetch functions must be declared here */
26/************************************************************************/
27
28/* wait for more data as long as possible, then return TRUE. This should be
29 * used with content inspection.
30 */
31static int
Willy Tarreau192252e2015-04-04 01:47:55 +020032smp_fetch_wait_end(struct proxy *px, struct session *sess, struct stream *s, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +010033 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +010034{
35 if (!(opt & SMP_OPT_FINAL)) {
36 smp->flags |= SMP_F_MAY_CHANGE;
37 return 0;
38 }
39 smp->type = SMP_T_BOOL;
40 smp->data.uint = 1;
41 return 1;
42}
43
44/* return the number of bytes in the request buffer */
45static int
Willy Tarreau192252e2015-04-04 01:47:55 +020046smp_fetch_len(struct proxy *px, struct session *sess, struct stream *s, unsigned int opt,
Willy Tarreau15e91e12015-04-04 00:52:09 +020047 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +010048{
Willy Tarreau22ec1ea2014-11-27 20:45:39 +010049 struct channel *chn;
50
Willy Tarreau22ec1ea2014-11-27 20:45:39 +010051 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &s->res : &s->req;
52 if (!chn->buf)
Willy Tarreaud4c33c82013-01-07 21:59:07 +010053 return 0;
54
55 smp->type = SMP_T_UINT;
Willy Tarreau47e8eba2013-09-11 23:28:46 +020056 smp->data.uint = chn->buf->i;
Willy Tarreaud4c33c82013-01-07 21:59:07 +010057 smp->flags = SMP_F_VOLATILE | SMP_F_MAY_CHANGE;
58 return 1;
59}
60
61/* returns the type of SSL hello message (mainly used to detect an SSL hello) */
62static int
Willy Tarreau192252e2015-04-04 01:47:55 +020063smp_fetch_ssl_hello_type(struct proxy *px, struct session *sess, struct stream *s, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +010064 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +010065{
66 int hs_len;
67 int hs_type, bleft;
68 struct channel *chn;
69 const unsigned char *data;
70
Willy Tarreau22ec1ea2014-11-27 20:45:39 +010071 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &s->res : &s->req;
72 if (!chn->buf)
Willy Tarreau83f25922014-11-26 13:24:24 +010073 goto not_ssl_hello;
74
Willy Tarreaud4c33c82013-01-07 21:59:07 +010075 bleft = chn->buf->i;
76 data = (const unsigned char *)chn->buf->p;
77
78 if (!bleft)
79 goto too_short;
80
81 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
82 /* SSLv3 header format */
83 if (bleft < 9)
84 goto too_short;
85
86 /* ssl version 3 */
87 if ((data[1] << 16) + data[2] < 0x00030000)
88 goto not_ssl_hello;
89
90 /* ssl message len must present handshake type and len */
91 if ((data[3] << 8) + data[4] < 4)
92 goto not_ssl_hello;
93
94 /* format introduced with SSLv3 */
95
96 hs_type = (int)data[5];
97 hs_len = ( data[6] << 16 ) + ( data[7] << 8 ) + data[8];
98
99 /* not a full handshake */
100 if (bleft < (9 + hs_len))
101 goto too_short;
102
103 }
104 else {
105 goto not_ssl_hello;
106 }
107
108 smp->type = SMP_T_UINT;
109 smp->data.uint = hs_type;
110 smp->flags = SMP_F_VOLATILE;
111
112 return 1;
113
114 too_short:
115 smp->flags = SMP_F_MAY_CHANGE;
116
117 not_ssl_hello:
118
119 return 0;
120}
121
122/* Return the version of the SSL protocol in the request. It supports both
123 * SSLv3 (TLSv1) header format for any message, and SSLv2 header format for
124 * the hello message. The SSLv3 format is described in RFC 2246 p49, and the
125 * SSLv2 format is described here, and completed p67 of RFC 2246 :
126 * http://wp.netscape.com/eng/security/SSL_2.html
127 *
128 * Note: this decoder only works with non-wrapping data.
129 */
130static int
Willy Tarreau192252e2015-04-04 01:47:55 +0200131smp_fetch_req_ssl_ver(struct proxy *px, struct session *sess, struct stream *s, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100132 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100133{
134 int version, bleft, msg_len;
135 const unsigned char *data;
136
Willy Tarreau53c9b4d2015-04-03 21:38:18 +0200137 if (!s->req.buf)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100138 return 0;
139
140 msg_len = 0;
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100141 bleft = s->req.buf->i;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100142 if (!bleft)
143 goto too_short;
144
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100145 data = (const unsigned char *)s->req.buf->p;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100146 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
147 /* SSLv3 header format */
148 if (bleft < 5)
149 goto too_short;
150
151 version = (data[1] << 16) + data[2]; /* version: major, minor */
152 msg_len = (data[3] << 8) + data[4]; /* record length */
153
154 /* format introduced with SSLv3 */
155 if (version < 0x00030000)
156 goto not_ssl;
157
158 /* message length between 1 and 2^14 + 2048 */
159 if (msg_len < 1 || msg_len > ((1<<14) + 2048))
160 goto not_ssl;
161
162 bleft -= 5; data += 5;
163 } else {
164 /* SSLv2 header format, only supported for hello (msg type 1) */
165 int rlen, plen, cilen, silen, chlen;
166
167 if (*data & 0x80) {
168 if (bleft < 3)
169 goto too_short;
170 /* short header format : 15 bits for length */
171 rlen = ((data[0] & 0x7F) << 8) | data[1];
172 plen = 0;
173 bleft -= 2; data += 2;
174 } else {
175 if (bleft < 4)
176 goto too_short;
177 /* long header format : 14 bits for length + pad length */
178 rlen = ((data[0] & 0x3F) << 8) | data[1];
179 plen = data[2];
180 bleft -= 3; data += 2;
181 }
182
183 if (*data != 0x01)
184 goto not_ssl;
185 bleft--; data++;
186
187 if (bleft < 8)
188 goto too_short;
189 version = (data[0] << 16) + data[1]; /* version: major, minor */
190 cilen = (data[2] << 8) + data[3]; /* cipher len, multiple of 3 */
191 silen = (data[4] << 8) + data[5]; /* session_id_len: 0 or 16 */
192 chlen = (data[6] << 8) + data[7]; /* 16<=challenge length<=32 */
193
194 bleft -= 8; data += 8;
195 if (cilen % 3 != 0)
196 goto not_ssl;
197 if (silen && silen != 16)
198 goto not_ssl;
199 if (chlen < 16 || chlen > 32)
200 goto not_ssl;
201 if (rlen != 9 + cilen + silen + chlen)
202 goto not_ssl;
203
204 /* focus on the remaining data length */
205 msg_len = cilen + silen + chlen + plen;
206 }
207 /* We could recursively check that the buffer ends exactly on an SSL
208 * fragment boundary and that a possible next segment is still SSL,
209 * but that's a bit pointless. However, we could still check that
210 * all the part of the request which fits in a buffer is already
211 * there.
212 */
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100213 if (msg_len > channel_recv_limit(&s->req) + s->req.buf->data - s->req.buf->p)
214 msg_len = channel_recv_limit(&s->req) + s->req.buf->data - s->req.buf->p;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100215
216 if (bleft < msg_len)
217 goto too_short;
218
219 /* OK that's enough. We have at least the whole message, and we have
220 * the protocol version.
221 */
222 smp->type = SMP_T_UINT;
223 smp->data.uint = version;
224 smp->flags = SMP_F_VOLATILE;
225 return 1;
226
227 too_short:
228 smp->flags = SMP_F_MAY_CHANGE;
229 not_ssl:
230 return 0;
231}
232
233/* Try to extract the Server Name Indication that may be presented in a TLS
234 * client hello handshake message. The format of the message is the following
235 * (cf RFC5246 + RFC6066) :
236 * TLS frame :
237 * - uint8 type = 0x16 (Handshake)
238 * - uint16 version >= 0x0301 (TLSv1)
239 * - uint16 length (frame length)
240 * - TLS handshake :
241 * - uint8 msg_type = 0x01 (ClientHello)
242 * - uint24 length (handshake message length)
243 * - ClientHello :
244 * - uint16 client_version >= 0x0301 (TLSv1)
245 * - uint8 Random[32] (4 first ones are timestamp)
246 * - SessionID :
247 * - uint8 session_id_len (0..32) (SessionID len in bytes)
248 * - uint8 session_id[session_id_len]
249 * - CipherSuite :
250 * - uint16 cipher_len >= 2 (Cipher length in bytes)
251 * - uint16 ciphers[cipher_len/2]
252 * - CompressionMethod :
253 * - uint8 compression_len >= 1 (# of supported methods)
254 * - uint8 compression_methods[compression_len]
255 * - optional client_extension_len (in bytes)
256 * - optional sequence of ClientHelloExtensions (as many bytes as above):
257 * - uint16 extension_type = 0 for server_name
258 * - uint16 extension_len
259 * - opaque extension_data[extension_len]
260 * - uint16 server_name_list_len (# of bytes here)
261 * - opaque server_names[server_name_list_len bytes]
262 * - uint8 name_type = 0 for host_name
263 * - uint16 name_len
264 * - opaque hostname[name_len bytes]
265 */
266static int
Willy Tarreau192252e2015-04-04 01:47:55 +0200267smp_fetch_ssl_hello_sni(struct proxy *px, struct session *sess, struct stream *s, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100268 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100269{
270 int hs_len, ext_len, bleft;
271 struct channel *chn;
272 unsigned char *data;
273
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100274 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &s->res : &s->req;
275 if (!chn->buf)
Willy Tarreau83f25922014-11-26 13:24:24 +0100276 goto not_ssl_hello;
277
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100278 bleft = chn->buf->i;
279 data = (unsigned char *)chn->buf->p;
280
281 /* Check for SSL/TLS Handshake */
282 if (!bleft)
283 goto too_short;
284 if (*data != 0x16)
285 goto not_ssl_hello;
286
Lukas Tribus57d22972014-04-10 21:36:22 +0200287 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100288 if (bleft < 3)
289 goto too_short;
Lukas Tribus57d22972014-04-10 21:36:22 +0200290 if (data[1] < 0x03)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100291 goto not_ssl_hello;
292
293 if (bleft < 5)
294 goto too_short;
295 hs_len = (data[3] << 8) + data[4];
296 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
297 goto not_ssl_hello; /* too short to have an extension */
298
299 data += 5; /* enter TLS handshake */
300 bleft -= 5;
301
302 /* Check for a complete client hello starting at <data> */
303 if (bleft < 1)
304 goto too_short;
305 if (data[0] != 0x01) /* msg_type = Client Hello */
306 goto not_ssl_hello;
307
308 /* Check the Hello's length */
309 if (bleft < 4)
310 goto too_short;
311 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
312 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
313 goto not_ssl_hello; /* too short to have an extension */
314
315 /* We want the full handshake here */
316 if (bleft < hs_len)
317 goto too_short;
318
319 data += 4;
320 /* Start of the ClientHello message */
321 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
322 goto not_ssl_hello;
323
324 ext_len = data[34]; /* session_id_len */
325 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
326 goto not_ssl_hello;
327
328 /* Jump to cipher suite */
329 hs_len -= 35 + ext_len;
330 data += 35 + ext_len;
331
332 if (hs_len < 4 || /* minimum one cipher */
333 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
334 ext_len > hs_len)
335 goto not_ssl_hello;
336
337 /* Jump to the compression methods */
338 hs_len -= 2 + ext_len;
339 data += 2 + ext_len;
340
341 if (hs_len < 2 || /* minimum one compression method */
342 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
343 goto not_ssl_hello;
344
345 /* Jump to the extensions */
346 hs_len -= 1 + data[0];
347 data += 1 + data[0];
348
349 if (hs_len < 2 || /* minimum one extension list length */
350 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
351 goto not_ssl_hello;
352
353 hs_len = ext_len; /* limit ourselves to the extension length */
354 data += 2;
355
356 while (hs_len >= 4) {
357 int ext_type, name_type, srv_len, name_len;
358
359 ext_type = (data[0] << 8) + data[1];
360 ext_len = (data[2] << 8) + data[3];
361
362 if (ext_len > hs_len - 4) /* Extension too long */
363 goto not_ssl_hello;
364
365 if (ext_type == 0) { /* Server name */
366 if (ext_len < 2) /* need one list length */
367 goto not_ssl_hello;
368
369 srv_len = (data[4] << 8) + data[5];
370 if (srv_len < 4 || srv_len > hs_len - 6)
371 goto not_ssl_hello; /* at least 4 bytes per server name */
372
373 name_type = data[6];
374 name_len = (data[7] << 8) + data[8];
375
376 if (name_type == 0) { /* hostname */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100377 smp->type = SMP_T_STR;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100378 smp->data.str.str = (char *)data + 9;
379 smp->data.str.len = name_len;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100380 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100381 return 1;
382 }
383 }
384
385 hs_len -= 4 + ext_len;
386 data += 4 + ext_len;
387 }
388 /* server name not found */
389 goto not_ssl_hello;
390
391 too_short:
392 smp->flags = SMP_F_MAY_CHANGE;
393
394 not_ssl_hello:
395
396 return 0;
397}
398
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200399/* Fetch the request RDP cookie identified in <cname>:<clen>, or any cookie if
Willy Tarreaub169eba2013-12-16 15:14:43 +0100400 * <clen> is empty (cname is then ignored). It returns the data into sample <smp>
401 * of type SMP_T_CSTR. Note: this decoder only works with non-wrapping data.
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100402 */
403int
Willy Tarreau87b09662015-04-03 00:22:06 +0200404fetch_rdp_cookie_name(struct stream *s, struct sample *smp, const char *cname, int clen)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100405{
406 int bleft;
407 const unsigned char *data;
408
Willy Tarreau53c9b4d2015-04-03 21:38:18 +0200409 if (!s->req.buf)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100410 return 0;
411
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100412 smp->flags = SMP_F_CONST;
413 smp->type = SMP_T_STR;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100414
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100415 bleft = s->req.buf->i;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100416 if (bleft <= 11)
417 goto too_short;
418
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100419 data = (const unsigned char *)s->req.buf->p + 11;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100420 bleft -= 11;
421
422 if (bleft <= 7)
423 goto too_short;
424
425 if (strncasecmp((const char *)data, "Cookie:", 7) != 0)
426 goto not_cookie;
427
428 data += 7;
429 bleft -= 7;
430
431 while (bleft > 0 && *data == ' ') {
432 data++;
433 bleft--;
434 }
435
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200436 if (clen) {
437 if (bleft <= clen)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100438 goto too_short;
439
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200440 if ((data[clen] != '=') ||
441 strncasecmp(cname, (const char *)data, clen) != 0)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100442 goto not_cookie;
443
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200444 data += clen + 1;
445 bleft -= clen + 1;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100446 } else {
447 while (bleft > 0 && *data != '=') {
448 if (*data == '\r' || *data == '\n')
449 goto not_cookie;
450 data++;
451 bleft--;
452 }
453
454 if (bleft < 1)
455 goto too_short;
456
457 if (*data != '=')
458 goto not_cookie;
459
460 data++;
461 bleft--;
462 }
463
464 /* data points to cookie value */
465 smp->data.str.str = (char *)data;
466 smp->data.str.len = 0;
467
468 while (bleft > 0 && *data != '\r') {
469 data++;
470 bleft--;
471 }
472
473 if (bleft < 2)
474 goto too_short;
475
476 if (data[0] != '\r' || data[1] != '\n')
477 goto not_cookie;
478
479 smp->data.str.len = (char *)data - smp->data.str.str;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100480 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100481 return 1;
482
483 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100484 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100485 not_cookie:
486 return 0;
487}
488
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200489/* Fetch the request RDP cookie identified in the args, or any cookie if no arg
490 * is passed. It is usable both for ACL and for samples. Note: this decoder
491 * only works with non-wrapping data. Accepts either 0 or 1 argument. Argument
Willy Tarreaub169eba2013-12-16 15:14:43 +0100492 * is a string (cookie name), other types will lead to undefined behaviour. The
493 * returned sample has type SMP_T_CSTR.
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200494 */
495int
Willy Tarreau192252e2015-04-04 01:47:55 +0200496smp_fetch_rdp_cookie(struct proxy *px, struct session *sess, struct stream *strm, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100497 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200498{
Willy Tarreau15e91e12015-04-04 00:52:09 +0200499 return fetch_rdp_cookie_name(strm, smp, args ? args->data.str.str : NULL, args ? args->data.str.len : 0);
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200500}
501
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100502/* returns either 1 or 0 depending on whether an RDP cookie is found or not */
503static int
Willy Tarreau192252e2015-04-04 01:47:55 +0200504smp_fetch_rdp_cookie_cnt(struct proxy *px, struct session *sess, struct stream *strm, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100505 const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100506{
507 int ret;
508
Willy Tarreau192252e2015-04-04 01:47:55 +0200509 ret = smp_fetch_rdp_cookie(px, sess, strm, opt, args, smp, kw, private);
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100510
511 if (smp->flags & SMP_F_MAY_CHANGE)
512 return 0;
513
514 smp->flags = SMP_F_VOLATILE;
515 smp->type = SMP_T_UINT;
516 smp->data.uint = ret;
517 return 1;
518}
519
520/* extracts part of a payload with offset and length at a given position */
521static int
Willy Tarreau192252e2015-04-04 01:47:55 +0200522smp_fetch_payload_lv(struct proxy *px, struct session *sess, struct stream *strm, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100523 const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100524{
525 unsigned int len_offset = arg_p[0].data.uint;
526 unsigned int len_size = arg_p[1].data.uint;
527 unsigned int buf_offset;
528 unsigned int buf_size = 0;
529 struct channel *chn;
530 int i;
531
532 /* Format is (len offset, len size, buf offset) or (len offset, len size) */
533 /* by default buf offset == len offset + len size */
534 /* buf offset could be absolute or relative to len offset + len size if prefixed by + or - */
535
Willy Tarreau15e91e12015-04-04 00:52:09 +0200536 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &strm->res : &strm->req;
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100537 if (!chn->buf)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100538 return 0;
539
540 if (len_offset + len_size > chn->buf->i)
541 goto too_short;
542
543 for (i = 0; i < len_size; i++) {
544 buf_size = (buf_size << 8) + ((unsigned char *)chn->buf->p)[i + len_offset];
545 }
546
547 /* buf offset may be implicit, absolute or relative */
548 buf_offset = len_offset + len_size;
549 if (arg_p[2].type == ARGT_UINT)
550 buf_offset = arg_p[2].data.uint;
551 else if (arg_p[2].type == ARGT_SINT)
552 buf_offset += arg_p[2].data.sint;
553
554 if (!buf_size || buf_size > chn->buf->size || buf_offset + buf_size > chn->buf->size) {
555 /* will never match */
556 smp->flags = 0;
557 return 0;
558 }
559
560 if (buf_offset + buf_size > chn->buf->i)
561 goto too_short;
562
563 /* init chunk as read only */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100564 smp->type = SMP_T_BIN;
565 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100566 chunk_initlen(&smp->data.str, chn->buf->p + buf_offset, 0, buf_size);
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100567 return 1;
568
569 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100570 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100571 return 0;
572}
573
574/* extracts some payload at a fixed position and length */
575static int
Willy Tarreau192252e2015-04-04 01:47:55 +0200576smp_fetch_payload(struct proxy *px, struct session *sess, struct stream *strm, unsigned int opt,
Thierry FOURNIERf41a8092014-12-07 18:37:57 +0100577 const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100578{
579 unsigned int buf_offset = arg_p[0].data.uint;
580 unsigned int buf_size = arg_p[1].data.uint;
581 struct channel *chn;
582
Willy Tarreau15e91e12015-04-04 00:52:09 +0200583 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &strm->res : &strm->req;
Willy Tarreau22ec1ea2014-11-27 20:45:39 +0100584 if (!chn->buf)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100585 return 0;
586
Willy Tarreau00f00842013-08-02 11:07:32 +0200587 if (buf_size > chn->buf->size || buf_offset + buf_size > chn->buf->size) {
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100588 /* will never match */
589 smp->flags = 0;
590 return 0;
591 }
592
593 if (buf_offset + buf_size > chn->buf->i)
594 goto too_short;
595
596 /* init chunk as read only */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100597 smp->type = SMP_T_BIN;
598 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreau00f00842013-08-02 11:07:32 +0200599 chunk_initlen(&smp->data.str, chn->buf->p + buf_offset, 0, buf_size ? buf_size : (chn->buf->i - buf_offset));
Willy Tarreau3889fff2015-01-13 20:20:10 +0100600 if (!buf_size && channel_may_recv(chn) && !channel_input_closed(chn))
Willy Tarreau00f00842013-08-02 11:07:32 +0200601 smp->flags |= SMP_F_MAY_CHANGE;
602
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100603 return 1;
604
605 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100606 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100607 return 0;
608}
609
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100610/* This function is used to validate the arguments passed to a "payload_lv" fetch
611 * keyword. This keyword allows two positive integers and an optional signed one,
612 * with the second one being strictly positive and the third one being greater than
613 * the opposite of the two others if negative. It is assumed that the types are
614 * already the correct ones. Returns 0 on error, non-zero if OK. If <err_msg> is
615 * not NULL, it will be filled with a pointer to an error message in case of
616 * error, that the caller is responsible for freeing. The initial location must
617 * either be freeable or NULL.
618 */
Thierry FOURNIER49f45af2014-12-08 19:50:43 +0100619int val_payload_lv(struct arg *arg, char **err_msg)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100620{
621 if (!arg[1].data.uint) {
622 memprintf(err_msg, "payload length must be > 0");
623 return 0;
624 }
625
626 if (arg[2].type == ARGT_SINT &&
627 (int)(arg[0].data.uint + arg[1].data.uint + arg[2].data.sint) < 0) {
628 memprintf(err_msg, "payload offset too negative");
629 return 0;
630 }
631 return 1;
632}
633
634/************************************************************************/
635/* All supported sample and ACL keywords must be declared here. */
636/************************************************************************/
637
638/* Note: must not be declared <const> as its list will be overwritten.
639 * Note: fetches that may return multiple types must be declared as the lowest
640 * common denominator, the type that can be casted into all other ones. For
641 * instance IPv4/IPv6 must be declared IPv4.
642 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200643static struct sample_fetch_kw_list smp_kws = {ILH, {
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100644 { "payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
645 { "payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
646 { "rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100647 { "rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_UINT, SMP_USE_L6REQ },
648 { "rep_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200649 { "req_len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100650 { "req_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100651 { "req_ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100652 { "req_ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100653
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200654 { "req.len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100655 { "req.payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6REQ },
656 { "req.payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ },
657 { "req.rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100658 { "req.rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_UINT, SMP_USE_L6REQ },
659 { "req.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100660 { "req.ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100661 { "req.ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200662 { "res.len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100663 { "res.payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6RES },
664 { "res.payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6RES },
Willy Tarreaufa957342013-01-14 16:07:52 +0100665 { "res.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100666 { "wait_end", smp_fetch_wait_end, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
667 { /* END */ },
668}};
669
670
671/* Note: must not be declared <const> as its list will be overwritten.
672 * Please take care of keeping this list alphabetically sorted.
673 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200674static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +0100675 { "payload", "req.payload", PAT_MATCH_BIN },
676 { "payload_lv", "req.payload_lv", PAT_MATCH_BIN },
677 { "req_rdp_cookie", "req.rdp_cookie", PAT_MATCH_STR },
678 { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", PAT_MATCH_INT },
679 { "req_ssl_sni", "req.ssl_sni", PAT_MATCH_STR },
680 { "req_ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
681 { "req.ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100682 { /* END */ },
683}};
684
685
686__attribute__((constructor))
687static void __payload_init(void)
688{
689 sample_register_fetches(&smp_kws);
690 acl_register_keywords(&acl_kws);
691}
692
693/*
694 * Local variables:
695 * c-indent-level: 8
696 * c-basic-offset: 8
697 * End:
698 */