Inital commit

author: Stefan Esser 2010-02-21 11:44:54 +0100
committer: Stefan Esser 2010-02-21 11:44:54 +0100
commit: 36dbfacbe64697d959f524e537b15b73c090d898 (patch)
tree: f1c7ce1409b0e7765fc72d550546967fcf0f9717 /php_suhosin.h
1 files changed, 420 insertions, 0 deletions
diff --git a/php_suhosin.h b/php_suhosin.h
new file mode 100644
index 0000000..56869ec
--- /dev/null
+++ b/php_suhosin.h
@@ -0,0 +1,420 @@
+/*
+  +----------------------------------------------------------------------+
+  | Suhosin Version 1                                                    |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2006-2007 The Hardened-PHP Project                     |
+  | Copyright (c) 2007 SektionEins GmbH                                  |
+  +----------------------------------------------------------------------+
+  | This source file is subject to version 3.01 of the PHP license,      |
+  | that is bundled with this package in the file LICENSE, and is        |
+  | available through the world-wide-web at the following url:           |
+  | http://www.php.net/license/3_01.txt                                  |
+  | If you did not receive a copy of the PHP license and are unable to   |
+  | obtain it through the world-wide-web, please send a note to          |
+  | license@php.net so we can mail you a copy immediately.               |
+  +----------------------------------------------------------------------+
+  | Author: Stefan Esser <sesser@sektioneins.de>                         |
+  +----------------------------------------------------------------------+
+*/
+/* $Id: php_suhosin.h,v 1.4 2008-01-13 22:50:37 sesser Exp $ */
+#ifndef PHP_SUHOSIN_H
+#define PHP_SUHOSIN_H
+#define SUHOSIN_EXT_VERSION  "0.9.29"
+/*#define SUHOSIN_DEBUG*/
+#define SUHOSIN_LOG "/tmp/suhosin_log.txt"
+#ifdef PHP_WIN32
+#define SDEBUG
+#else
+#ifdef SUHOSIN_DEBUG
+#define SDEBUG(msg...) \
+    {FILE *f;f=fopen(SUHOSIN_LOG, "a+");if(f){fprintf(f,"[%u] ",getpid());fprintf(f, msg);fprintf(f,"\n");fclose(f);}}
+#else
+#define SDEBUG(...)
+#endif    
+#endif
+extern zend_module_entry suhosin_module_entry;
+#define phpext_suhosin_ptr &suhosin_module_entry
+#ifdef PHP_WIN32
+#define PHP_SUHOSIN_API __declspec(dllexport)
+#else
+#define PHP_SUHOSIN_API
+#endif
+#ifdef ZTS
+#include "TSRM.h"
+#endif
+/*#define STATIC static*/
+#define STATIC
+#define BYTE unsigned char       /* 8 bits  */
+#define WORD unsigned int          /* 32 bits */
+PHP_MINIT_FUNCTION(suhosin);
+PHP_MSHUTDOWN_FUNCTION(suhosin);
+PHP_RINIT_FUNCTION(suhosin);
+PHP_RSHUTDOWN_FUNCTION(suhosin);
+PHP_MINFO_FUNCTION(suhosin);
+#include "ext/standard/basic_functions.h"
+ZEND_BEGIN_MODULE_GLOBALS(suhosin)
+        zend_uint in_code_type;
+        long execution_depth;
+        zend_bool simulation;
+    zend_bool stealth;
+        zend_bool protectkey;
+        zend_bool executor_allow_symlink;
+        char *filter_action;
+        char *sql_user_prefix;
+        char *sql_user_postfix;
+        long    sql_comment;
+        long    sql_opencomment;
+        long    sql_union;
+        long    sql_mselect;
+        
+        long max_execution_depth;
+        zend_bool       abort_request;
+        long executor_include_max_traversal;
+        zend_bool executor_include_allow_writable_files;
+        HashTable *include_whitelist;
+        HashTable *include_blacklist;
+        HashTable *func_whitelist;
+        HashTable *func_blacklist;
+        HashTable *eval_whitelist;
+        HashTable *eval_blacklist;
+        zend_bool executor_disable_eval;
+        zend_bool executor_disable_emod;
+/*      request variables */
+        long  max_request_variables;
+        long  cur_request_variables;
+        long  max_varname_length;
+        long  max_totalname_length;
+        long  max_value_length;
+        long  max_array_depth;
+        long  max_array_index_length;
+        zend_bool  disallow_nul;
+        zend_bool  disallow_ws;
+/*      cookie variables */
+        long  max_cookie_vars;
+        long  cur_cookie_vars;
+        long  max_cookie_name_length;
+        long  max_cookie_totalname_length;
+        long  max_cookie_value_length;
+        long  max_cookie_array_depth;
+        long  max_cookie_array_index_length;
+        zend_bool  disallow_cookie_nul;
+        zend_bool  disallow_cookie_ws;
+/*      get variables */
+        long  max_get_vars;
+        long  cur_get_vars;
+        long  max_get_name_length;
+        long  max_get_totalname_length;
+        long  max_get_value_length;
+        long  max_get_array_depth;
+        long  max_get_array_index_length;
+        zend_bool  disallow_get_nul;
+        zend_bool  disallow_get_ws;
+/*      post variables */
+        long  max_post_vars;
+        long  cur_post_vars;
+        long  max_post_name_length;
+        long  max_post_totalname_length;
+        long  max_post_value_length;
+        long  max_post_array_depth;
+        long  max_post_array_index_length;
+        zend_bool  disallow_post_nul;
+        zend_bool  disallow_post_ws;
+/*      fileupload */
+        long  upload_limit;
+        long  num_uploads;
+        zend_bool  upload_disallow_elf;
+        zend_bool  upload_disallow_binary;
+        zend_bool  upload_remove_binary;
+        char *upload_verification_script;
+        
+        zend_bool  no_more_variables;
+        zend_bool  no_more_get_variables;
+        zend_bool  no_more_post_variables;
+        zend_bool  no_more_cookie_variables;
+        zend_bool  no_more_uploads;
+/*      log */
+        zend_bool log_use_x_forwarded_for;
+        long    log_syslog;
+        long    log_syslog_facility;
+        long    log_syslog_priority;
+        long    log_script;
+        long    log_sapi;
+        char    *log_scriptname;
+        long    log_phpscript;
+        char    *log_phpscriptname;
+        zend_bool log_phpscript_is_safe;
+        long    log_file;
+        char    *log_filename;
+/*      header handler */
+        zend_bool allow_multiheader;
+/*      mailprotect */
+        long    mailprotect;
+        
+/*      memory_limit */
+        long    memory_limit;
+        long    hard_memory_limit;
+/*  sqlprotect */
+        zend_bool sql_bailout_on_error;
+        int (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC);
+/*      session */
+        void    *s_module;
+        int     (*old_s_read)(void **mod_data, const char *key, char **val, int *vallen TSRMLS_DC);
+        int     (*old_s_write)(void **mod_data, const char *key, const char *val, const int vallen TSRMLS_DC);
+        int     (*old_s_destroy)(void **mod_data, const char *key TSRMLS_DC);
+        BYTE fi[24],ri[24];
+        WORD fkey[120];
+        WORD rkey[120];
+        
+        zend_bool       session_encrypt;
+        char*   session_cryptkey;
+        zend_bool       session_cryptua;
+        zend_bool       session_cryptdocroot;
+        long            session_cryptraddr;
+        long            session_checkraddr;
+        
+        long    session_max_id_length;
+        
+        char*   decrypted_cookie;
+    char*       raw_cookie;
+        zend_bool       cookie_encrypt;
+        char*   cookie_cryptkey;
+        zend_bool       cookie_cryptua;
+        zend_bool       cookie_cryptdocroot;
+        long            cookie_cryptraddr;
+        long            cookie_checkraddr;
+        HashTable *cookie_plainlist;
+        HashTable *cookie_cryptlist;
+        
+        zend_bool       coredump;
+        zend_bool       apc_bug_workaround;
+        zend_bool       already_scanned;
+        zend_bool       do_not_scan;
+        
+        zend_bool       server_encode;
+        zend_bool       server_strip;
+        
+        zend_bool       disable_display_errors;
+        php_uint32   r_state[625];
+        php_uint32   *r_next;
+        int          r_left;
+    zend_bool    srand_ignore;
+    zend_bool    mt_srand_ignore;
+        php_uint32   mt_state[625];
+        php_uint32   *mt_next;
+        int          mt_left;
+        zend_bool r_is_seeded; 
+        zend_bool mt_is_seeded;
+        /* PERDIR Handling */
+        char *perdir;
+        zend_bool log_perdir;
+        zend_bool exec_perdir;
+        zend_bool get_perdir;
+        zend_bool post_perdir;
+        zend_bool cookie_perdir;
+        zend_bool request_perdir;
+        zend_bool upload_perdir;
+        zend_bool sql_perdir;
+        zend_bool misc_perdir;
+ZEND_END_MODULE_GLOBALS(suhosin)
+#ifdef ZTS
+#define SUHOSIN_G(v) TSRMG(suhosin_globals_id, zend_suhosin_globals *, v)
+#else
+#define SUHOSIN_G(v) (suhosin_globals.v)
+#endif
+#ifndef ZEND_INI_STAGE_HTACCESS
+#define ZEND_INI_STAGE_HTACCESS (1<<5)
+#endif
+ 
+#ifndef ZEND_ENGINE_2
+#define OnUpdateLong OnUpdateInt
+#define zend_symtable_find zend_hash_find
+#define zend_symtable_update zend_hash_update
+#define zend_symtable_exists zend_hash_exists
+#endif
+/* Error Constants */
+#ifndef S_MEMORY
+#define S_MEMORY                        (1<<0L)
+#define S_MISC                          (1<<1L)
+#define S_VARS                          (1<<2L)
+#define S_FILES                         (1<<3L)
+#define S_INCLUDE                       (1<<4L)
+#define S_SQL                           (1<<5L)
+#define S_EXECUTOR                      (1<<6L)
+#define S_MAIL                          (1<<7L)
+#define S_SESSION                       (1<<8L)
+#define S_INTERNAL                      (1<<29L)
+#define S_ALL (S_MEMORY | S_VARS | S_INCLUDE | S_FILES | S_MAIL | S_SESSION | S_MISC | S_SQL | S_EXECUTOR)
+#endif
+#define SUHOSIN_NORMAL  0
+#define SUHOSIN_EVAL    1
+#define SUHOSIN_FLAG_CREATED_BY_EVAL 1
+#define SUHOSIN_FLAG_NOT_EVALED_CODE 2
+ZEND_EXTERN_MODULE_GLOBALS(suhosin)
+static inline char *
+suhosin_str_tolower_dup(const char *source, unsigned int length)
+{
+        register char *dup = estrndup(source, length);
+        zend_str_tolower(dup, length);
+        return dup;
+}
+/* functions */
+PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...);
+char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key TSRMLS_DC);
+char *suhosin_decrypt_string(char *str, int padded_len, char *var, int vlen, char *key, int *orig_len, int check_ra TSRMLS_DC);
+char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, char *cryptkey TSRMLS_DC);
+char *suhosin_cookie_decryptor(TSRMLS_D);
+void suhosin_hook_post_handlers(TSRMLS_D);
+void suhosin_hook_register_server_variables();
+void suhosin_hook_header_handler();
+void suhosin_unhook_header_handler();
+void suhosin_hook_session(TSRMLS_D);
+void suhosin_unhook_session(TSRMLS_D);
+void suhosin_hook_crypt();
+void suhosin_hook_sha256();
+void suhosin_hook_ex_imp();
+void suhosin_hook_treat_data();
+void suhosin_hook_memory_limit();
+void suhosin_hook_execute(TSRMLS_D);
+void suhosin_unhook_execute();
+void suhosin_aes_gentables();
+void suhosin_aes_gkey(int nb,int nk,char *key TSRMLS_DC);
+void suhosin_aes_encrypt(char *buff TSRMLS_DC);
+void suhosin_aes_decrypt(char *buff TSRMLS_DC);
+unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
+unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
+extern unsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
+void normalize_varname(char *varname);
+int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TSRMLS_DC);
+void suhosin_bailout(TSRMLS_D);
+/* Add pseudo refcount macros for PHP version < 5.3 */
+#ifndef Z_REFCOUNT_PP
+#define Z_REFCOUNT_PP(ppz)              Z_REFCOUNT_P(*(ppz))
+#define Z_SET_REFCOUNT_PP(ppz, rc)      Z_SET_REFCOUNT_P(*(ppz), rc)
+#define Z_ADDREF_PP(ppz)                Z_ADDREF_P(*(ppz))
+#define Z_DELREF_PP(ppz)                Z_DELREF_P(*(ppz))
+#define Z_ISREF_PP(ppz)                 Z_ISREF_P(*(ppz))
+#define Z_SET_ISREF_PP(ppz)             Z_SET_ISREF_P(*(ppz))
+#define Z_UNSET_ISREF_PP(ppz)           Z_UNSET_ISREF_P(*(ppz))
+#define Z_SET_ISREF_TO_PP(ppz, isref)   Z_SET_ISREF_TO_P(*(ppz), isref)
+#define Z_REFCOUNT_P(pz)                zval_refcount_p(pz)
+#define Z_SET_REFCOUNT_P(pz, rc)        zval_set_refcount_p(pz, rc)
+#define Z_ADDREF_P(pz)                  zval_addref_p(pz)
+#define Z_DELREF_P(pz)                  zval_delref_p(pz)
+#define Z_ISREF_P(pz)                   zval_isref_p(pz)
+#define Z_SET_ISREF_P(pz)               zval_set_isref_p(pz)
+#define Z_UNSET_ISREF_P(pz)             zval_unset_isref_p(pz)
+#define Z_SET_ISREF_TO_P(pz, isref)     zval_set_isref_to_p(pz, isref)
+#define Z_REFCOUNT(z)                   Z_REFCOUNT_P(&(z))
+#define Z_SET_REFCOUNT(z, rc)           Z_SET_REFCOUNT_P(&(z), rc)
+#define Z_ADDREF(z)                     Z_ADDREF_P(&(z))
+#define Z_DELREF(z)                     Z_DELREF_P(&(z))
+#define Z_ISREF(z)                      Z_ISREF_P(&(z))
+#define Z_SET_ISREF(z)                  Z_SET_ISREF_P(&(z))
+#define Z_UNSET_ISREF(z)                Z_UNSET_ISREF_P(&(z))
+#define Z_SET_ISREF_TO(z, isref)        Z_SET_ISREF_TO_P(&(z), isref)
+#if defined(__GNUC__)
+#define zend_always_inline inline __attribute__((always_inline))
+#elif defined(_MSC_VER)
+#define zend_always_inline __forceinline
+#else
+#define zend_always_inline inline
+#endif
+static zend_always_inline zend_uint zval_refcount_p(zval* pz) {
+        return pz->refcount;
+}
+static zend_always_inline zend_uint zval_set_refcount_p(zval* pz, zend_uint rc) {
+        return pz->refcount = rc;
+}
+static zend_always_inline zend_uint zval_addref_p(zval* pz) {
+        return ++pz->refcount;
+}
+static zend_always_inline zend_uint zval_delref_p(zval* pz) {
+        return --pz->refcount;
+}
+static zend_always_inline zend_bool zval_isref_p(zval* pz) {
+        return pz->is_ref;
+}
+static zend_always_inline zend_bool zval_set_isref_p(zval* pz) {
+        return pz->is_ref = 1;
+}
+static zend_always_inline zend_bool zval_unset_isref_p(zval* pz) {
+        return pz->is_ref = 0;
+}
+static zend_always_inline zend_bool zval_set_isref_to_p(zval* pz, zend_bool isref) {
+        return pz->is_ref = isref;
+}
+#else
+#define PHP_ATLEAST_5_3   true
+#endif
+#endif  /* PHP_SUHOSIN_H */
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noet sw=4 ts=4 fdm=marker
+ * vim<600: noet sw=4 ts=4
+ */
author	Stefan Esser	2010-02-21 11:44:54 +0100
committer	Stefan Esser	2010-02-21 11:44:54 +0100
commit	36dbfacbe64697d959f524e537b15b73c090d898 (patch)
tree	f1c7ce1409b0e7765fc72d550546967fcf0f9717 /php_suhosin.h

diff --git a/php_suhosin.h b/php_suhosin.h new file mode 100644 index 0000000..56869ec --- /dev/null +++ b/php_suhosin.h
@@ -0,0 +1,420 @@
	1	/*
	2	+----------------------------------------------------------------------+
	3	\| Suhosin Version 1 \|
	4	+----------------------------------------------------------------------+
	5	\| Copyright (c) 2006-2007 The Hardened-PHP Project \|
	6	\| Copyright (c) 2007 SektionEins GmbH \|
	7	+----------------------------------------------------------------------+
	8	\| This source file is subject to version 3.01 of the PHP license, \|
	9	\| that is bundled with this package in the file LICENSE, and is \|
	10	\| available through the world-wide-web at the following url: \|
	11	\| http://www.php.net/license/3_01.txt \|
	12	\| If you did not receive a copy of the PHP license and are unable to \|
	13	\| obtain it through the world-wide-web, please send a note to \|
	14	\| license@php.net so we can mail you a copy immediately. \|
	15	+----------------------------------------------------------------------+
	16	\| Author: Stefan Esser <sesser@sektioneins.de> \|
	17	+----------------------------------------------------------------------+
	18	*/
	19
	20	/* $Id: php_suhosin.h,v 1.4 2008-01-13 22:50:37 sesser Exp $ */
	21
	22	#ifndef PHP_SUHOSIN_H
	23	#define PHP_SUHOSIN_H
	24
	25	#define SUHOSIN_EXT_VERSION "0.9.29"
	26
	27	/#define SUHOSIN_DEBUG/
	28	#define SUHOSIN_LOG "/tmp/suhosin_log.txt"
	29
	30	#ifdef PHP_WIN32
	31	#define SDEBUG
	32	#else
	33
	34	#ifdef SUHOSIN_DEBUG
	35	#define SDEBUG(msg...) \
	36	{FILE *f;f=fopen(SUHOSIN_LOG, "a+");if(f){fprintf(f,"[%u] ",getpid());fprintf(f, msg);fprintf(f,"\n");fclose(f);}}
	37	#else
	38	#define SDEBUG(...)
	39	#endif
	40	#endif
	41
	42	extern zend_module_entry suhosin_module_entry;
	43	#define phpext_suhosin_ptr &suhosin_module_entry
	44
	45	#ifdef PHP_WIN32
	46	#define PHP_SUHOSIN_API __declspec(dllexport)
	47	#else
	48	#define PHP_SUHOSIN_API
	49	#endif
	50
	51	#ifdef ZTS
	52	#include "TSRM.h"
	53	#endif
	54
	55	/#define STATIC static/
	56	#define STATIC
	57
	58	#define BYTE unsigned char /* 8 bits */
	59	#define WORD unsigned int /* 32 bits */
	60
	61	PHP_MINIT_FUNCTION(suhosin);
	62	PHP_MSHUTDOWN_FUNCTION(suhosin);
	63	PHP_RINIT_FUNCTION(suhosin);
	64	PHP_RSHUTDOWN_FUNCTION(suhosin);
	65	PHP_MINFO_FUNCTION(suhosin);
	66
	67	#include "ext/standard/basic_functions.h"
	68
	69	ZEND_BEGIN_MODULE_GLOBALS(suhosin)
	70	zend_uint in_code_type;
	71	long execution_depth;
	72	zend_bool simulation;
	73	zend_bool stealth;
	74	zend_bool protectkey;
	75	zend_bool executor_allow_symlink;
	76	char *filter_action;
	77	char *sql_user_prefix;
	78	char *sql_user_postfix;
	79	long sql_comment;
	80	long sql_opencomment;
	81	long sql_union;
	82	long sql_mselect;
	83
	84	long max_execution_depth;
	85	zend_bool abort_request;
	86	long executor_include_max_traversal;
	87	zend_bool executor_include_allow_writable_files;
	88
	89
	90	HashTable *include_whitelist;
	91	HashTable *include_blacklist;
	92
	93	HashTable *func_whitelist;
	94	HashTable *func_blacklist;
	95	HashTable *eval_whitelist;
	96	HashTable *eval_blacklist;
	97
	98	zend_bool executor_disable_eval;
	99	zend_bool executor_disable_emod;
	100
	101
	102	/* request variables */
	103	long max_request_variables;
	104	long cur_request_variables;
	105	long max_varname_length;
	106	long max_totalname_length;
	107	long max_value_length;
	108	long max_array_depth;
	109	long max_array_index_length;
	110	zend_bool disallow_nul;
	111	zend_bool disallow_ws;
	112	/* cookie variables */
	113	long max_cookie_vars;
	114	long cur_cookie_vars;
	115	long max_cookie_name_length;
	116	long max_cookie_totalname_length;
	117	long max_cookie_value_length;
	118	long max_cookie_array_depth;
	119	long max_cookie_array_index_length;
	120	zend_bool disallow_cookie_nul;
	121	zend_bool disallow_cookie_ws;
	122	/* get variables */
	123	long max_get_vars;
	124	long cur_get_vars;
	125	long max_get_name_length;
	126	long max_get_totalname_length;
	127	long max_get_value_length;
	128	long max_get_array_depth;
	129	long max_get_array_index_length;
	130	zend_bool disallow_get_nul;
	131	zend_bool disallow_get_ws;
	132	/* post variables */
	133	long max_post_vars;
	134	long cur_post_vars;
	135	long max_post_name_length;
	136	long max_post_totalname_length;
	137	long max_post_value_length;
	138	long max_post_array_depth;
	139	long max_post_array_index_length;
	140	zend_bool disallow_post_nul;
	141	zend_bool disallow_post_ws;
	142
	143	/* fileupload */
	144	long upload_limit;
	145	long num_uploads;
	146	zend_bool upload_disallow_elf;
	147	zend_bool upload_disallow_binary;
	148	zend_bool upload_remove_binary;
	149	char *upload_verification_script;
	150
	151	zend_bool no_more_variables;
	152	zend_bool no_more_get_variables;
	153	zend_bool no_more_post_variables;
	154	zend_bool no_more_cookie_variables;
	155	zend_bool no_more_uploads;
	156
	157
	158
	159	/* log */
	160	zend_bool log_use_x_forwarded_for;
	161	long log_syslog;
	162	long log_syslog_facility;
	163	long log_syslog_priority;
	164	long log_script;
	165	long log_sapi;
	166	char *log_scriptname;
	167	long log_phpscript;
	168	char *log_phpscriptname;
	169	zend_bool log_phpscript_is_safe;
	170	long log_file;
	171	char *log_filename;
	172
	173	/* header handler */
	174	zend_bool allow_multiheader;
	175
	176	/* mailprotect */
	177	long mailprotect;
	178
	179	/* memory_limit */
	180	long memory_limit;
	181	long hard_memory_limit;
	182
	183	/* sqlprotect */
	184	zend_bool sql_bailout_on_error;
	185
	186	int (old_php_body_write)(const char str, unsigned int str_length TSRMLS_DC);
	187
	188	/* session */
	189	void *s_module;
	190	int (old_s_read)(void mod_data, const char key, char *val, int vallen TSRMLS_DC);
	191	int (old_s_write)(void mod_data, const char key, const char *val, const int vallen TSRMLS_DC);
	192	int (old_s_destroy)(void mod_data, const char key TSRMLS_DC);
	193
	194	BYTE fi[24],ri[24];
	195	WORD fkey[120];
	196	WORD rkey[120];
	197
	198	zend_bool session_encrypt;
	199	char* session_cryptkey;
	200	zend_bool session_cryptua;
	201	zend_bool session_cryptdocroot;
	202	long session_cryptraddr;
	203	long session_checkraddr;
	204
	205	long session_max_id_length;
	206
	207	char* decrypted_cookie;
	208	char* raw_cookie;
	209	zend_bool cookie_encrypt;
	210	char* cookie_cryptkey;
	211	zend_bool cookie_cryptua;
	212	zend_bool cookie_cryptdocroot;
	213	long cookie_cryptraddr;
	214	long cookie_checkraddr;
	215	HashTable *cookie_plainlist;
	216	HashTable *cookie_cryptlist;
	217
	218	zend_bool coredump;
	219	zend_bool apc_bug_workaround;
	220	zend_bool already_scanned;
	221	zend_bool do_not_scan;
	222
	223	zend_bool server_encode;
	224	zend_bool server_strip;
	225
	226	zend_bool disable_display_errors;
	227
	228	php_uint32 r_state[625];
	229	php_uint32 *r_next;
	230	int r_left;
	231	zend_bool srand_ignore;
	232	zend_bool mt_srand_ignore;
	233	php_uint32 mt_state[625];
	234	php_uint32 *mt_next;
	235	int mt_left;
	236
	237	zend_bool r_is_seeded;
	238	zend_bool mt_is_seeded;
	239
	240	/* PERDIR Handling */
	241	char *perdir;
	242	zend_bool log_perdir;
	243	zend_bool exec_perdir;
	244	zend_bool get_perdir;
	245	zend_bool post_perdir;
	246	zend_bool cookie_perdir;
	247	zend_bool request_perdir;
	248	zend_bool upload_perdir;
	249	zend_bool sql_perdir;
	250	zend_bool misc_perdir;
	251
	252	ZEND_END_MODULE_GLOBALS(suhosin)
	253
	254	#ifdef ZTS
	255	#define SUHOSIN_G(v) TSRMG(suhosin_globals_id, zend_suhosin_globals *, v)
	256	#else
	257	#define SUHOSIN_G(v) (suhosin_globals.v)
	258	#endif
	259
	260	#ifndef ZEND_INI_STAGE_HTACCESS
	261	#define ZEND_INI_STAGE_HTACCESS (1<<5)
	262	#endif
	263
	264	#ifndef ZEND_ENGINE_2
	265	#define OnUpdateLong OnUpdateInt
	266	#define zend_symtable_find zend_hash_find
	267	#define zend_symtable_update zend_hash_update
	268	#define zend_symtable_exists zend_hash_exists
	269	#endif
	270
	271
	272	/* Error Constants */
	273	#ifndef S_MEMORY
	274	#define S_MEMORY (1<<0L)
	275	#define S_MISC (1<<1L)
	276	#define S_VARS (1<<2L)
	277	#define S_FILES (1<<3L)
	278	#define S_INCLUDE (1<<4L)
	279	#define S_SQL (1<<5L)
	280	#define S_EXECUTOR (1<<6L)
	281	#define S_MAIL (1<<7L)
	282	#define S_SESSION (1<<8L)
	283	#define S_INTERNAL (1<<29L)
	284	#define S_ALL (S_MEMORY \| S_VARS \| S_INCLUDE \| S_FILES \| S_MAIL \| S_SESSION \| S_MISC \| S_SQL \| S_EXECUTOR)
	285	#endif
	286
	287	#define SUHOSIN_NORMAL 0
	288	#define SUHOSIN_EVAL 1
	289
	290	#define SUHOSIN_FLAG_CREATED_BY_EVAL 1
	291	#define SUHOSIN_FLAG_NOT_EVALED_CODE 2
	292
	293	ZEND_EXTERN_MODULE_GLOBALS(suhosin)
	294
	295	static inline char *
	296	suhosin_str_tolower_dup(const char *source, unsigned int length)
	297	{
	298	register char *dup = estrndup(source, length);
	299	zend_str_tolower(dup, length);
	300	return dup;
	301	}
	302
	303	/* functions */
	304	PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...);
	305	char suhosin_encrypt_string(char str, int len, char var, int vlen, char key TSRMLS_DC);
	306	char suhosin_decrypt_string(char str, int padded_len, char var, int vlen, char key, int *orig_len, int check_ra TSRMLS_DC);
	307	char suhosin_generate_key(char key, zend_bool ua, zend_bool dr, long raddr, char *cryptkey TSRMLS_DC);
	308	char *suhosin_cookie_decryptor(TSRMLS_D);
	309	void suhosin_hook_post_handlers(TSRMLS_D);
	310	void suhosin_hook_register_server_variables();
	311	void suhosin_hook_header_handler();
	312	void suhosin_unhook_header_handler();
	313	void suhosin_hook_session(TSRMLS_D);
	314	void suhosin_unhook_session(TSRMLS_D);
	315	void suhosin_hook_crypt();
	316	void suhosin_hook_sha256();
	317	void suhosin_hook_ex_imp();
	318	void suhosin_hook_treat_data();
	319	void suhosin_hook_memory_limit();
	320	void suhosin_hook_execute(TSRMLS_D);
	321	void suhosin_unhook_execute();
	322	void suhosin_aes_gentables();
	323	void suhosin_aes_gkey(int nb,int nk,char *key TSRMLS_DC);
	324	void suhosin_aes_encrypt(char *buff TSRMLS_DC);
	325	void suhosin_aes_decrypt(char *buff TSRMLS_DC);
	326	unsigned int suhosin_input_filter(int arg, char var, char val, unsigned int val_len, unsigned int new_val_len TSRMLS_DC);
	327	unsigned int suhosin_input_filter_wrapper(int arg, char var, char val, unsigned int val_len, unsigned int new_val_len TSRMLS_DC);
	328	extern unsigned int (old_input_filter)(int arg, char var, char *val, unsigned int val_len, unsigned int new_val_len TSRMLS_DC);
	329	void normalize_varname(char *varname);
	330	int suhosin_rfc1867_filter(unsigned int event, void event_data, void *extra TSRMLS_DC);
	331	void suhosin_bailout(TSRMLS_D);
	332
	333	/* Add pseudo refcount macros for PHP version < 5.3 */
	334	#ifndef Z_REFCOUNT_PP
	335
	336	#define Z_REFCOUNT_PP(ppz) Z_REFCOUNT_P(*(ppz))
	337	#define Z_SET_REFCOUNT_PP(ppz, rc) Z_SET_REFCOUNT_P(*(ppz), rc)
	338	#define Z_ADDREF_PP(ppz) Z_ADDREF_P(*(ppz))
	339	#define Z_DELREF_PP(ppz) Z_DELREF_P(*(ppz))
	340	#define Z_ISREF_PP(ppz) Z_ISREF_P(*(ppz))
	341	#define Z_SET_ISREF_PP(ppz) Z_SET_ISREF_P(*(ppz))
	342	#define Z_UNSET_ISREF_PP(ppz) Z_UNSET_ISREF_P(*(ppz))
	343	#define Z_SET_ISREF_TO_PP(ppz, isref) Z_SET_ISREF_TO_P(*(ppz), isref)
	344
	345	#define Z_REFCOUNT_P(pz) zval_refcount_p(pz)
	346	#define Z_SET_REFCOUNT_P(pz, rc) zval_set_refcount_p(pz, rc)
	347	#define Z_ADDREF_P(pz) zval_addref_p(pz)
	348	#define Z_DELREF_P(pz) zval_delref_p(pz)
	349	#define Z_ISREF_P(pz) zval_isref_p(pz)
	350	#define Z_SET_ISREF_P(pz) zval_set_isref_p(pz)
	351	#define Z_UNSET_ISREF_P(pz) zval_unset_isref_p(pz)
	352	#define Z_SET_ISREF_TO_P(pz, isref) zval_set_isref_to_p(pz, isref)
	353
	354	#define Z_REFCOUNT(z) Z_REFCOUNT_P(&(z))
	355	#define Z_SET_REFCOUNT(z, rc) Z_SET_REFCOUNT_P(&(z), rc)
	356	#define Z_ADDREF(z) Z_ADDREF_P(&(z))
	357	#define Z_DELREF(z) Z_DELREF_P(&(z))
	358	#define Z_ISREF(z) Z_ISREF_P(&(z))
	359	#define Z_SET_ISREF(z) Z_SET_ISREF_P(&(z))
	360	#define Z_UNSET_ISREF(z) Z_UNSET_ISREF_P(&(z))
	361	#define Z_SET_ISREF_TO(z, isref) Z_SET_ISREF_TO_P(&(z), isref)
	362
	363	#if defined(__GNUC__)
	364	#define zend_always_inline inline __attribute__((always_inline))
	365	#elif defined(_MSC_VER)
	366	#define zend_always_inline __forceinline
	367	#else
	368	#define zend_always_inline inline
	369	#endif
	370
	371	static zend_always_inline zend_uint zval_refcount_p(zval* pz) {
	372	return pz->refcount;
	373	}
	374
	375	static zend_always_inline zend_uint zval_set_refcount_p(zval* pz, zend_uint rc) {
	376	return pz->refcount = rc;
	377	}
	378
	379	static zend_always_inline zend_uint zval_addref_p(zval* pz) {
	380	return ++pz->refcount;
	381	}
	382
	383	static zend_always_inline zend_uint zval_delref_p(zval* pz) {
	384	return --pz->refcount;
	385	}
	386
	387	static zend_always_inline zend_bool zval_isref_p(zval* pz) {
	388	return pz->is_ref;
	389	}
	390
	391	static zend_always_inline zend_bool zval_set_isref_p(zval* pz) {
	392	return pz->is_ref = 1;
	393	}
	394
	395	static zend_always_inline zend_bool zval_unset_isref_p(zval* pz) {
	396	return pz->is_ref = 0;
	397	}
	398
	399	static zend_always_inline zend_bool zval_set_isref_to_p(zval* pz, zend_bool isref) {
	400	return pz->is_ref = isref;
	401	}
	402
	403	#else
	404
	405	#define PHP_ATLEAST_5_3 true
	406
	407	#endif
	408
	409
	410	#endif /* PHP_SUHOSIN_H */
	411
	412
	413	/*
	414	* Local variables:
	415	* tab-width: 4
	416	* c-basic-offset: 4
	417	* End:
	418	* vim600: noet sw=4 ts=4 fdm=marker
	419	* vim<600: noet sw=4 ts=4
	420	*/