dap 0.1.3 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 88bd3d23abc85411de3354902069d7bfae980809
-  data.tar.gz: 84459c4a10ba66f8c3b716c0f7e8f9bde1dc9c02
+  metadata.gz: 1cc592fe131d06b96989baa2072f92ac1c513465
+  data.tar.gz: 2550d569f533d19d43c05f7a1e778e111f4c96e2
 SHA512:
-  metadata.gz: 40c689fa8281c1dfcd2befea059657caaed9e6fcbaa42247371194d52730227145a5c7c2bc740e56a89f241d97e4d261cba40f4ecf997abbd5fb4a0903793ac6
-  data.tar.gz: b8a6f3f48509c4ae224a2a0750aefb0d8f4313764fe368fcc94e54604628e962535b94b93688ef8c69b5431875c57618f6f12d2780c7de95592853c10f2f7b26
+  metadata.gz: 4a162fc9fb0ae6f9caa0ac9fe1b4c6a3437eccb083d4c6127b334da28906b88584f06ef49ddd3f3a760c844cefe030c90141c6933359e5f44b18b21ba37c1f15
+  data.tar.gz: bbecce1d8ae4a2b1edcbc0e89c282fc04066431954a99520a80a910980dab9b552d4346aaf0016039885a5582d0c7c78c93a092be892a09cbd7f12e93d49532d

data/lib/dap/filter/http.rb

@@ -134,18 +134,77 @@ end
 class FilterDecodeHTTPReply
   include BaseDecoder
 
-  # TODO: Decode transfer-chunked responses
   def decode(data)
     lines = data.split(/\r?\n/)
-    resp  = lines.shift
+    resp = lines.shift
     save  = {}
     return save if resp !~ /^HTTP\/\d+\.\d+\s+(\d+)(?:\s+(.*))?/
 
     save["http_code"] = $1.to_i
     save["http_message"] = ($2 ? $2.strip : '')
     save["http_raw_headers"] = {}
+    save.merge!(parse_headers(lines))
 
-    clen = nil
+    head, raw_body = data.split(/\r?\n\r?\n/, 2)
+
+    # Some buggy systems exclude the header entirely
+    raw_body ||= head
+
+    save["http_raw_body"] = [raw_body].pack("m*").gsub(/\s+/n, "")
+    body = raw_body
+
+    transfer_encoding = save["http_raw_headers"]["transfer-encoding"]
+    if transfer_encoding && transfer_encoding.include?("chunked")
+      offset = 0
+      body = ''
+      while (true)
+        # read the chunk size from where we currently are.  The chunk size will
+        # be specified in hex, at the beginning, and is followed by \r\n.
+        if /^(?<chunk_size_str>[a-z0-9]+)\r\n/i =~ raw_body.slice(offset, raw_body.size)
+          # convert chunk size
+          chunk_size = chunk_size_str.to_i(16)
+          # advance past this chunk marker and its trailing \r\n
+          offset += chunk_size_str.size + 2
+          # read this chunk, starting from just past the chunk marker and
+          # stopping at the supposed end of the chunk
+          body << raw_body.slice(offset, chunk_size)
+          # advance the offset to past the end of the chunk and its trailing \r\n
+          offset += chunk_size + 2
+        else
+          break
+        end
+      end
+
+      # chunked-encoding allows headers to occur after the chunks, so parse those
+      if offset < raw_body.size
+        save.merge!(parse_headers(raw_body.slice(offset, raw_body.size).split(/\r?\n/)))
+      end
+    end
+
+    content_encoding = save["http_raw_headers"]["content-encoding"]
+    if content_encoding && content_encoding.include?("gzip")
+      begin
+        gunzip = Zlib::GzipReader.new(StringIO.new(body))
+        body = gunzip.read.encode('UTF-8', :invalid=>:replace, :replace=>'?')
+        gunzip.close()
+      rescue
+      end
+    end
+    save["http_body"] = body
+
+    if body =~ /<title>([^>]+)</mi
+      save["http_title"] = $1.strip
+    end
+
+    save
+  end
+
+  def valid_header_name?(name)
+    return name !~ /[\x00-\x1f()<>@,;:\\\"\/\[\]?={}\s]/
+  end
+
+  def parse_headers(lines)
+    headers = {}
 
     while lines.length > 0
       hline = lines.shift
@@ -154,41 +213,41 @@ class FilterDecodeHTTPReply
         header_name.downcase!
 
         if valid_header_name?(header_name)
-          save["http_raw_headers"] ||= {}
-          save["http_raw_headers"][header_name] ||= []
-          save["http_raw_headers"][header_name] << header_value
+          headers["http_raw_headers"] ||= {}
+          headers["http_raw_headers"][header_name] ||= []
+          headers["http_raw_headers"][header_name] << header_value
 
           # XXX: warning, all of these mishandle duplicate headers
           case header_name
           when 'etag'
-            save["http_etag"] = header_value
+            headers["http_etag"] = header_value
 
           when 'set-cookie'
             bits = header_value.gsub(/\;?\s*path=.*/i, '').gsub(/\;?\s*expires=.*/i, '').gsub(/\;\s*HttpOnly.*/, '')
-            save["http_cookie"] = bits
+            headers["http_cookie"] = bits
 
           when 'server'
-            save["http_server"] = header_value
+            headers["http_server"] = header_value
 
           when 'x-powered-by'
-            save["http_powered"] = header_value
+            headers["http_powered"] = header_value
 
           when 'date'
             d = DateTime.parse(header_value) rescue nil
-            save["http_date"] = d.to_time.utc.strftime("%Y%m%dT%H:%M:%S%z") if d
+            headers["http_date"] = d.to_time.utc.strftime("%Y%m%dT%H:%M:%S%z") if d
 
           when 'last-modified'
             d = DateTime.parse(header_value) rescue nil
-            save["http_modified"] = d.to_time.utc.strftime("%Y%m%dT%H:%M:%S%z") if d
+            headers["http_modified"] = d.to_time.utc.strftime("%Y%m%dT%H:%M:%S%z") if d
 
           when 'location'
-            save["http_location"] = header_value
+            headers["http_location"] = header_value
 
           when 'www-authenticate'
-            save["http_auth"] = header_value
+            headers["http_auth"] = header_value
 
           when 'content-length'
-            save["content-length"] = header_value.to_i
+            headers["content-length"] = header_value.to_i
           end
         else
           # not a valid header.  XXX, eventually we should log or do something more useful here
@@ -198,36 +257,8 @@ class FilterDecodeHTTPReply
       end
     end
 
-    head, body = data.split(/\r?\n\r?\n/, 2)
-
-    # Some buggy systems exclude the header entirely
-    body ||= head
-
-    save["http_raw_body"] = [body].pack("m*").gsub(/\s+/n, "")
-
-    content_encoding = save["http_raw_headers"]["content-encoding"]
-
-    if content_encoding && content_encoding.include?("gzip")
-      begin
-        gunzip = Zlib::GzipReader.new(StringIO.new(body))
-        body = gunzip.read.encode('UTF-8', :invalid=>:replace, :replace=>'?')
-        gunzip.close()
-      rescue
-      end
-    end
-    save["http_body"] = body
-
-    if body =~ /<title>([^>]+)</mi
-      save["http_title"] = $1.strip
-    end
-
-    save
-  end
-
-  def valid_header_name?(name)
-    return name !~ /[\x00-\x1f()<>@,;:\\\"\/\[\]?={}\s]/
+    return headers
   end
 end
-
 end
 end

data/lib/dap/version.rb

@@ -1,3 +1,3 @@
 module Dap
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

data/spec/dap/filter/http_filter_spec.rb

@@ -72,6 +72,19 @@ describe Dap::Filter::FilterDecodeHTTPReply do
       end
     end
 
+    context 'decoding chunked response' do
+      let(:body) { "5\r\nabcde\r\n0F\r\nfghijklmnopqrst\r\n06\r\nuvwxyz\r\n0\r\n" }
+      let(:decode) { filter.decode("HTTP/1.0 200 OK\r\nTransfer-encoding: chunked\r\n\r\n#{body}\r\nSecret: magic\r\n") }
+
+      it 'correctly dechunks body' do
+        expect(decode['http_body']).to eq(('a'..'z').to_a.join)
+      end
+
+      it 'finds trailing headers' do
+        expect(decode['http_raw_headers']['secret']).to eq(%w(magic))
+      end
+    end
+
     context 'decoding responses that are missing the "reason phrase", an RFC anomaly' do
       let(:decode) { filter.decode("HTTP/1.1 301\r\nDate: Tue, 28 Mar 2017 20:46:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 177\r\nConnection: close\r\nLocation: http://www.example.com/\r\n\r\nstuff") }
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dap
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-29 00:00:00.000000000 Z
+date: 2017-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec