bigsnitch/httpflow.h

188 lines
4.6 KiB
C
Raw Normal View History

2020-08-13 03:35:22 +00:00
#pragma once
#include <includes.h>
/*
{
"flow": {
"client_conn": {
2020-08-13 21:25:04 +00:00
"address": [
"::1",
37570,
0,
0
],
"alpn_proto_negotiated": "http/1.1",
"cipher_name": "TLS_AES_256_GCM_SHA384",
"clientcert": null,
"id": "a1e82917-2d58-4b99-be9e-2b962bc499b2",
"mitmcert": "mitmcertstring",
"sni": "yolo.jetzt",
"timestamp_end": null,
"timestamp_start": 1597284668.6260498,
"timestamp_tls_setup": 1597284669.8449724,
"tls_established": true,
"tls_extensions": [...],
"tls_version": "TLSv1.3"
2020-08-13 03:35:22 +00:00
},
"error": null,
"id": "a6aa4e6e-ca31-4f58-bf47-2da7bfcf0000",
"intercepted": false,
"marked": false,
"metadata": {},
"mode": "transparent",
"request": {
2020-08-13 21:25:04 +00:00
"content": "",
"first_line_format": "relative",
"headers": [
[
"Host",
"yolo.jetzt"
],
[
"User-Agent",
"curl/7.68.0"
],
[
"Accept",
]
],
"host": "yolo.jetzt",
"http_version": "HTTP/1.1",
"is_replay": false,
"method": "GET",
"path": "/",
"port": 443,
"scheme": "https",
"timestamp_end": 1597284669.92817,
"timestamp_start": 1597284669.8761458
2020-08-13 03:35:22 +00:00
},
"response": null,
"server_conn": {
2020-08-13 21:25:04 +00:00
"address": [
"yolo.jetzt",
443
],
"alpn_proto_negotiated": "http/1.1",
"cert": "certstring",
"id": "50a3b79d-2912-45f3-991b-c03406a1018f",
"ip_address": [
"95.156.226.69",
443
],
"sni": "yolo.jetzt",
"source_address": [
"192.168.42.102",
44949
],
"timestamp_end": null,
"timestamp_start": 1597284669.2133315,
"timestamp_tcp_setup": 1597284669.2892282,
"timestamp_tls_setup": 1597284669.584602,
"tls_established": true,
"tls_version": "TLSv1.2",
"via": null
2020-08-13 03:35:22 +00:00
},
"type": "http",
"version": 7
},
"msg": "request"
}
*/
namespace http {
struct Request
{
std::string server_ip_address;
bool tls;
std::string content;
std::string scheme;
std::string method;
std::string host;
std::string address;
unsigned short port;
std::string http_version;
std::string path;
double timestamp_start;
double timestamp_end;
std::vector<std::tuple<std::string,std::string>> headers;
std::string error;
};
2020-08-13 21:25:04 +00:00
struct Response {
int status_code;
std::string http_version;
std::string reason;
std::string content;
double timestamp_start;
double timestamp_end;
std::vector<std::tuple<std::string,std::string>> headers;
};
2020-08-13 03:35:22 +00:00
struct Flow {
2020-08-14 16:54:43 +00:00
std::string uid;
2020-08-13 03:35:22 +00:00
Request request;
Response response;
};
inline void to_json(json& j, const Flow& flow) {}
inline void from_json(const json& j, Flow& flow) {
std::cout << std::setw(4) << j << "\n\n";
if(!j.contains("flow")) {
return;
}
auto j_flow = j.at("flow");
2020-08-14 16:54:43 +00:00
j_flow.at("id").get_to(flow.uid);
2020-08-14 16:54:43 +00:00
if(j_flow.contains("server_conn")) {
j_flow.at("server_conn").at("tls_established").get_to(flow.request.tls);
2020-08-13 03:35:22 +00:00
}
// todo might crash with fabricated/missing json, add parser exception handling
if(j_flow.contains("request")) {
auto j_request = j_flow.at("request");
j_request.at("port").get_to(flow.request.port);
j_request.at("host").get_to(flow.request.host);
j_request.at("scheme").get_to(flow.request.scheme);
j_request.at("path").get_to(flow.request.path);
j_request.at("content").get_to(flow.request.content);
j_request.at("method").get_to(flow.request.method);
j_request.at("http_version").get_to(flow.request.http_version);
j_request.at("timestamp_start").get_to(flow.request.timestamp_start);
j_request.at("timestamp_end").get_to(flow.request.timestamp_end);
auto j_headers = j_request.at("headers");
for(auto& [k,v] : j_headers.items()) {
flow.request.headers.push_back(std::make_tuple(v.at(0), v.at(1)));
}
}
if(j_flow.contains("response")) {
auto j_response = j_flow.at("response");
j_response.at("status_code").get_to(flow.response.status_code);
j_response.at("http_version").get_to(flow.response.http_version);
j_response.at("reason").get_to(flow.response.reason);
j_response.at("content").get_to(flow.response.content);
j_response.at("timestamp_start").get_to(flow.response.timestamp_start);
j_response.at("timestamp_end").get_to(flow.response.timestamp_end);
auto j_headers = j_response.at("headers");
for(auto& [k,v] : j_headers.items()) {
flow.response.headers.push_back(std::make_tuple(v.at(0), v.at(1)));
}
2020-08-13 03:35:22 +00:00
}
}
}
Q_DECLARE_METATYPE(http::Flow)