at this point this makes a good parser for http headers...

svn path=/trunk/; revision=16053

plugins/tpg/http.tpg

@@ -48,12 +48,15 @@ typedef struct _http_info_value_t
 
 %rule sp = [ ]+ .
 
-%field version hyttp.version "HTTP Version" FT_STRING.
-%rule http_version = "HTTP/" ( "1.0" | "1.1" )<version> .
+%choice versions = "1.0" | "1.1".
+
+%field version hyttp.version "HTTP Version" FT_STRING .
+
+%sequence http_version = "HTTP/" & versions<version> .
 
 %field response hyttp.response "Response" FT_STRING .
 %field response_code hyttp.response.code "Response Code" FT_UINT32 BASE_DEC %{ http_response_codes %} .
-%rule response = (http_version sp [0-9]+<response_code:RESPONSE> ... { crlf } )<response:%plain_text> . {
+%sequence response = http_version & sp & [0-9]+<response_code:RESPONSE> & ... ( crlf ) . <response:%plain_text> {
     %root response
     %code %{
         TT_DATA->is_response = TRUE;
@@ -61,10 +64,11 @@ typedef struct _http_info_value_t
     %}
 }
 
+
 %field request hyttp.request "Request" FT_STRING .
 %field method hyttp.request.method "Request Method" FT_STRING  .
 %field uri hyttp.request.uri "Request URI" FT_STRING  .
-%rule request  = ([A-Z]+<method:METHOD> sp [^ ]+<uri:URI> sp http_version crlf )<request:%plain_text> . {
+%sequence request  = [A-Z]+<method:METHOD> & sp & [^ ]+<uri:URI> & sp & http_version & crlf . <request:%plain_text> {
     %root request
     %code %{
         TT_DATA->is_response = FALSE;
@@ -73,92 +77,92 @@ typedef struct _http_info_value_t
     %}
 }
 
-%rule req_resp = ( request | response ).
+%choice req_resp = request | response.
 
-%rule media  = [a-z]+ "/" [a-z]+ .
+%field media hyttp.content_type.media "Content-Type Media" FT_STRING  .
 
-%field content_type hyttp.content_type "Content-Type" FT_STRING  .
-
-#crash %rule content_type = 'Content-type: ' (media<content_type:MEDIA> crlf | ( media<content_type:MEDIA> ... { crlf } )) . { 
-%rule content_type = 'Content-type: ' media<content_type:MEDIA> ... { crlf } . { 
-%code %{
+%sequence media  = [a-z]+ & "/"  & [a-z]+ . <MEDIA> {
+    %code %{
         TT_DATA->media = TPG_STRING(MEDIA);
     %}
 }
 
+%field content_type hyttp.content_type "Content-Type" FT_STRING  .
+%sequence content_type_hdr = 'Content-type: ' & media<media> & ... ( crlf   %leave ) & crlf .
+
 %field content_length hyttp.headers.content_length "Content-Length" FT_UINT32 BASE_DEC .
-%rule content_length = 'Content-length: ' [0-9]+<content_length:LENGTH> crlf . {
+%sequence content_length = 'Content-length: '  & [0-9]+<content_length:LENGTH>  & crlf. {
     %code %{
         TT_DATA->content_length = TPG_UINT(LENGTH);
     %}
 }
 
 %field transfer_encoding hyttp.transfer_encoding "Transfer-Encoding" FT_STRING  .
-%rule transfer_encoding = 'Transfer-encoding: ' ...<transfer_encoding:ENCODING> { crlf }. {
+%sequence transfer_encoding = 'Transfer-encoding: ' & ...<transfer_encoding:ENCODING> ( crlf     %leave )  & crlf. {
     %code %{
         TT_DATA->transfer_encoding = TPG_STRING(ENCODING);
     %}
 }
 
 %field authorization hyttp.authorization "Authorization" FT_STRING  .
-%rule authorization = 'Authorization: ' ...<authorization> { crlf }  .
+%sequence authorization = 'Authorization: ' & ...<authorization> ( crlf     %leave ) & crlf.
 
 %field proxy_authorization hyttp.proxy_authorization "Proxy-Authorization" FT_STRING  .
-%rule proxy_author = 'Proxy-authorization: ' ...<proxy_authorization> { crlf }  .
+%sequence proxy_author = 'Proxy-authorization: ' & ...<proxy_authorization> ( crlf     %leave ) & crlf.
 
 %field proxy_authen hyttp.proxy_authenti "Proxy-Authenticate" FT_STRING  .
-%rule proxy_authen = 'Proxy-authenticate: ' ...<proxy_authen> { crlf }  .
+%sequence proxy_authen = 'Proxy-authenticate: ' & ...<proxy_authen> ( crlf     %leave ) & crlf.
 
 %field www_auth hyttp.www_authenticate "WWW-Authenticate" FT_STRING  .
-%rule www_auth = 'WWW-authenticate: ' ...<www_auth> { crlf }  .
+%sequence www_auth = 'WWW-authenticate: ' & ...<www_auth> ( crlf     %leave ) & crlf.
 
 %field content_encoding hyttp.content_encoding "Content-Encoding" FT_STRING  .
-%rule content_encoding = 'Content-Encoding: ' ...<content_encoding> { crlf }  .
+%sequence content_encoding = 'Content-Encoding: ' & ...<content_encoding> ( crlf     %leave ) & crlf.
 
 %field user_agent hyttp.content_encoding "User-Agent" FT_STRING  .
-%rule user_agent = 'User-Agent: ' ...<user_agent> { crlf }  .
+%sequence user_agent = 'User-Agent: ' & ...<user_agent> ( crlf     %leave ) & crlf.
 
 %field host hyttp.host "Host" FT_STRING  .
-%rule host  = 'Host: ' ...<host> { crlf } .
+%sequence host  = 'Host: ' & ...<host> ( crlf     %leave ) & crlf.
 
 %field accept hyttp.accept "Accept" FT_STRING  .
-%rule accept  = 'Accept: ' ...<accept> { crlf } .
+%sequence accept  = 'Accept: ' & ...<accept> ( crlf     %leave ) & crlf.
 
 %field accept_language hyttp.accept_language "Accept-Language" FT_STRING  .
-%rule accept_language  = 'Accept-language: ' ...<accept_language> { crlf } .
+%sequence accept_language  = 'Accept-language: ' & ...<accept_language> ( crlf     %leave ) & crlf.
 
 %field accept_encoding hyttp.accept_encoding "Accept-Language" FT_STRING  .
-%rule accept_encoding  = 'Accept-encoding: ' ...<accept_encoding> { crlf } .
+%sequence accept_encoding  = 'Accept-encoding: ' & ...<accept_encoding> ( crlf     %leave ) & crlf.
 
 %field accept_ranges hyttp.accept_encoding "Accept-Ranges" FT_STRING  .
-%rule accept_ranges  = 'Accept-Ranges: ' ...<accept_ranges> { crlf } .
+%sequence accept_ranges  = 'Accept-Ranges: ' & ...<accept_ranges> ( crlf     %leave ) & crlf.
 
 %field keep_alive hyttp.keep_alive "Keep-Alive" FT_UINT32 BASE_DEC .
-%rule keep_alive  = 'Keep-Alive: ' ...<keep_alive> { crlf } .
+%sequence keep_alive  = 'Keep-Alive: ' & ...<keep_alive> ( crlf     %leave ) & crlf.
 
 %field connection hyttp.connection "Connection" FT_STRING .
-%rule connection  = 'Connection: ' ...<connection> { crlf } .
+%sequence connection  = 'Connection: ' & ...<connection> ( crlf     %leave ) & crlf.
 
 %field referer hyttp.referer "Referer" FT_STRING .
-%rule referer  = 'Referer: ' ...<referer> { crlf } .
+%sequence referer  = 'Referer: ' & ...<referer> ( crlf     %leave ) & crlf.
 
 %field cookie hyttp.cookie "Cookie" FT_STRING .
-%rule cookie  = 'Cookie: ' ...<cookie> { crlf } .
+%sequence cookie  = 'Cookie: ' & ...<cookie> ( crlf     %leave ) & crlf.
 
 %field etag hyttp.etag "Etag" FT_STRING .
-%rule etag  = 'Etag: ' ["] [^"]+<etag> ["] crlf .
+%sequence etag  = 'Etag: ' & ["] & [^"]+<etag> & ["] & crlf .
 
 %field last_modified hyttp.last_modified "Last-Modified" FT_STRING .
-%rule last_modified  = 'Last-Modified: ' ...<last_modified> { crlf } .
+%sequence last_modified  = 'Last-Modified: ' & ...<last_modified> ( crlf     %leave ) & crlf.
 
 %field server hyttp.server "Server" FT_STRING .
-%rule server  = 'Server: ' ...<server> { crlf } .
+%sequence server  = 'Server: ' & ...<server> ( crlf     %leave ) & crlf.
 
-%rule other_header = ([A-Z] [a-zA-Z-]+) ": " ... { crlf } .
+%sequence other_header = [A-Z] & [a-zA-Z-]+ & ": " & ... ( crlf     %leave ) &  crlf.
 
 %field header hyttp.headers.line "HTTP Header Line" FT_BOOLEAN  .
-%rule header = (
-    content_type
+%choice header =
+    content_type_hdr
     | transfer_encoding
     | content_length
     | authorization
@@ -179,10 +183,11 @@ typedef struct _http_info_value_t
     | etag
     | last_modified
     | server
-    | other_header)<header:%plain_text> . {
+    | other_header . <header:%plain_text> {
     %root header
 }
 
+
 %tail %{
 /* tail */
 %}

plugins/tpg/packet-http.c

@@ -15,14 +15,24 @@ static const value_string http_response_codes[] = {
 static gint ett_http = -1;
 static int proto_http = -1;
 
-static tvbparse_wanted_t* rule_http_crlf; 
-static tvbparse_wanted_t* rule_http_header;
-static tvbparse_wanted_t* rule_http_req_resp;
+static int hf_http_is_response = -1;
+static int hf_http_request_method = -1;
+static int hf_http_response_code = -1;
+static int hf_http_transfer_encoding = -1;
+static int hf_http_content_length = -1;
+static int hf_http_media = -1;
+static int hf_http_request_uri = -1;
 
 static dissector_handle_t http_handle;
 
+
+struct _elem_tree_stack_frame {
+    proto_tree* tree;
+    tvbparse_elem_t* elem;
+};
+
 static void dissect_http(tvbuff_t* tvb, packet_info* pinfo _U_, proto_tree* tree) {
-    http_info_value_t* msgdata = ep_alloc(sizeof(http_info_value_t));
+    http_info_value_t* msgdata = ep_alloc0(sizeof(http_info_value_t));
     tvbparse_elem_t* reqresp;
     tpg_parser_data_t* tpg;
     proto_item* pi = proto_tree_add_item(tree,proto_http,tvb,0,-1,FALSE);
@@ -30,41 +40,58 @@ static void dissect_http(tvbuff_t* tvb, packet_info* pinfo _U_, proto_tree* tree
     
     tpg = tpg_start(pt,tvb,0,-1,msgdata);
     
-    if (( reqresp = TPG_GET(tpg,rule_http_req_resp) )) {
+    if (( reqresp = TPG_GET(tpg,http_tpg_data.wanted_http_req_resp) )) {
         tvbparse_elem_t* hdr;
         
-        while(( hdr = TPG_GET(tpg,rule_http_header) )) ;
-        
-        if ( TPG_GET(tpg,rule_http_crlf) ) {
-            return;
-        }
+        while(( hdr = TPG_GET(tpg,http_tpg_data.wanted_http_header) )) ;
         
+        if ( TPG_GET(tpg,http_tpg_data.wanted_http_crlf) ) {
+            pi = proto_tree_add_boolean(pt,hf_http_is_response,tvb,0,0,msgdata->is_response);
+            pt = proto_item_add_subtree(pi,ett_http);
+            
+            if (msgdata->is_response) {
+                proto_tree_add_uint(pt,hf_http_response_code,tvb,0,0,msgdata->response_code);
+                proto_tree_add_uint(pt,hf_http_content_length,tvb,0,0,msgdata->content_length);
+                if (msgdata->transfer_encoding) proto_tree_add_string(pt,hf_http_transfer_encoding,tvb,0,0,msgdata->transfer_encoding);
+                if (msgdata->media) proto_tree_add_string(pt,hf_http_media,tvb,0,0,msgdata->media);
+            } else {
+                if (msgdata->request_method) proto_tree_add_string(pt,hf_http_request_method,tvb,0,0,msgdata->request_method);
+                if (msgdata->request_uri) proto_tree_add_string(pt,hf_http_request_uri,tvb,0,0,msgdata->request_uri);
+            }
+            
     } else {
+            /* header fragment */
+        }
+    } else {
+        /* no header  */
         return;
     }
 }
 
 static void proto_register_http(void) {
     static hf_register_info hf[] = {
-        HF_HTTP_PARSER
+        HF_HTTP_PARSER,
+        { &hf_http_is_response, { "=Is Response", "hyttp.info.is_response", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "", HFILL }},
+        { &hf_http_request_method, { "=Method", "hyttp.info.method", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }},
+        { &hf_http_response_code, { "=Response Code", "hyttp.info.response.code", FT_UINT32, BASE_DEC, VALS( http_response_codes ), 0x0, "", HFILL }},
+        { &hf_http_transfer_encoding, { "=Transfer-Encoding", "hyttp.info.transfer_encoding", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }},
+        { &hf_http_content_length, { "=Content-Length", "hyttp.info.content_length", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL }},
+        { &hf_http_request_uri, { "=Request URI", "hyttp.info.uri", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }},
+        { &hf_http_media, { "=Media", "hyttp.info.media", FT_STRING, BASE_NONE, NULL, 0x0, "", HFILL }}
     };
     
-    static gint *ett[] = {
+    gint *ett[] = {
         ETT_HTTP_PARSER,
         &ett_http
 	};
     
     tpg_http_init();
     
-    proto_http = proto_register_protocol("HyTeTrP",
-                                         "HyTeTrP", "hytetrpr");
+    proto_http = proto_register_protocol("HyTTP",
+                                         "HyTTP", "hyttp");
 	proto_register_field_array(proto_http, hf, array_length(hf));
 	proto_register_subtree_array(ett, array_length(ett));
-    
-    rule_http_crlf = wanted_http_crlf();
-    rule_http_header = wanted_http_header();
-    rule_http_req_resp =  wanted_http_req_resp();
-        
+            
 }