Merge pull request #245 from cisco/bhudson-dev

Added IPv6 support to Joy code base. Some things still lack IPv6 support. These are:

NFv9
IPFix collection and export
Anonymization
Labeled subnets
In order for labeled subnets and Anonymization to support IPv6, the Radix Trie will need to be modified to support IPv6 as well.

NFv9 and IPFix both need the proper templates and CANA numbers for processing.

README.md

@@ -89,6 +89,13 @@ This package was written by David McGrew, Blake Anderson, Philip Perricone
 and Bill Hudson {mcgrew,blaander,phperric,bhudson}@cisco.com of Cisco Systems
 Advanced Security Research Group (ASRG) and Security and Trust Organization (STO).
 
+### Release 4.3.0
+* Add IPv6 support to Joy and libjoy
+* IPFix collection and export only support IPv4
+* NFv9 only supports IPv4
+* Anonymization only supports IPv4 addresses
+* Subnet labeling only supports IPv4 addresses
+
 ### Release 4.2.0
 * Re-write joy.c to use libjoy library
 * Updated joy.c to utilize multi-threads for flow processing

VERSION

@@ -1 +1 @@
-4.2.1
+4.3.0

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for joy 4.2.1.
+# Generated by GNU Autoconf 2.69 for joy 4.3.0.
 #
 # Report bugs to <https://github.com/cisco/joy/issues>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='joy'
 PACKAGE_TARNAME='joy'
-PACKAGE_VERSION='4.2.1'
-PACKAGE_STRING='joy 4.2.1'
+PACKAGE_VERSION='4.3.0'
+PACKAGE_STRING='joy 4.3.0'
 PACKAGE_BUGREPORT='https://github.com/cisco/joy/issues'
 PACKAGE_URL='https://github.com/cisco/joy/'
 
@@ -1342,7 +1342,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures joy 4.2.1 to adapt to many kinds of systems.
+\`configure' configures joy 4.3.0 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1412,7 +1412,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of joy 4.2.1:";;
+     short | recursive ) echo "Configuration of joy 4.3.0:";;
    esac
   cat <<\_ACEOF
 
@@ -1531,7 +1531,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-joy configure 4.2.1
+joy configure 4.3.0
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2205,7 +2205,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by joy $as_me 4.2.1, which was
+It was created by joy $as_me 4.3.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3073,7 +3073,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='joy'
- VERSION='4.2.1'
+ VERSION='4.3.0'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -6822,16 +6822,16 @@ fi
 done
 
 ######################## PKG Versioning #######################
-PKG_VERSION_NUMBER="4:2:1"
+PKG_VERSION_NUMBER="4:3:0"
 
 
 $as_echo "#define JOY_MAJOR_VERSION 4" >>confdefs.h
 
 
-$as_echo "#define JOY_MINOR_VERSION 2" >>confdefs.h
+$as_echo "#define JOY_MINOR_VERSION 3" >>confdefs.h
 
 
-$as_echo "#define JOY_MICRO_VERSION 1" >>confdefs.h
+$as_echo "#define JOY_MICRO_VERSION 0" >>confdefs.h
 
 
 ######################## Library Versioning ####################
@@ -6840,7 +6840,7 @@ $as_echo "#define JOY_MICRO_VERSION 1" >>confdefs.h
 # For each shared library
 #
               #joy.so age for version
-JOY_LIBRARY_VERSION="4:2:0"
+JOY_LIBRARY_VERSION="4:3:0"
 
 
 case `pwd` in
@@ -18543,7 +18543,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by joy $as_me 4.2.1, which was
+This file was extended by joy $as_me 4.3.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -18610,7 +18610,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-joy config.status 4.2.1
+joy config.status 4.3.0
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -12,8 +12,8 @@
 # Shared objects are named library.so.Major.age.Minor by autotools
 #
 m4_define([joy_major_version], [4])
-m4_define([joy_minor_version], [2])
-m4_define([joy_micro_version], [1])
+m4_define([joy_minor_version], [3])
+m4_define([joy_micro_version], [0])
 
 
 m4_define([joy_version],[joy_major_version.joy_minor_version.joy_micro_version])

lib/Makefile.am

@@ -32,6 +32,7 @@ libjoy_la_SOURCES = \
 	../src/ppi.c \
 	../src/utils.c \
 	../src/dhcp.c \
+	../src/dhcpv6.c \
 	../src/payload.c \
 	../src/config.c \
 	../src/proto_identify.c \
@@ -45,6 +46,7 @@ libjoy_la_SOURCES = \
 		../src/include/classify.h \
 		../src/include/config.h \
 		../src/include/dhcp.h \
+		../src/include/dhcpv6.h \
 		../src/include/dns.h \
 		../src/include/err.h \
 		../src/include/example.h \
@@ -111,6 +113,7 @@ libjoy_la_SOURCES = \
 	../src/ppi.c \
 	../src/utils.c \
 	../src/dhcp.c \
+	../src/dhcpv6.c \
 	../src/payload.c \
 	../src/config.c \
 	../src/proto_identify.c \
@@ -126,6 +129,7 @@ libjoy_la_SOURCES = \
 		../src/include/classify.h \
 		../src/include/config.h \
 		../src/include/dhcp.h \
+		../src/include/dhcpv6.h \
 		../src/include/dns.h \
 		../src/include/err.h \
 		../src/include/example.h \
@@ -175,6 +179,7 @@ library_include_HEADERS= \
 		../src/include/classify.h \
 		../src/include/config.h \
 		../src/include/dhcp.h \
+		../src/include/dhcpv6.h \
 		../src/include/dns.h \
 		../src/include/err.h \
 		../src/include/example.h \

lib/Makefile.in

@@ -134,30 +134,32 @@ am__libjoy_la_SOURCES_DIST = ../src/joy_api.c ../src/p2f.c \
 	../src/str_match.c ../src/acsm.c ../src/dns.c ../src/example.c \
 	../src/ipfix.c ../src/ssh.c ../src/ike.c ../src/salt.c \
 	../src/parson.c ../src/fingerprint.c ../src/ppi.c \
-	../src/utils.c ../src/dhcp.c ../src/payload.c ../src/config.c \
-	../src/proto_identify.c ../src/fp.c ../src/extractor.c \
-	../src/updater.c ../safe_c_stub/src/safe_str_stub.c \
+	../src/utils.c ../src/dhcp.c ../src/dhcpv6.c ../src/payload.c \
+	../src/config.c ../src/proto_identify.c ../src/fp.c \
+	../src/extractor.c ../src/updater.c \
+	../safe_c_stub/src/safe_str_stub.c \
 	../safe_c_stub/src/safe_mem_stub.c ../src/include/acsm.h \
 	../src/include/addr_attr.h ../src/include/addr.h \
 	../src/include/anon.h ../src/include/classify.h \
 	../src/include/config.h ../src/include/dhcp.h \
-	../src/include/dns.h ../src/include/err.h \
-	../src/include/example.h ../src/include/feature.h \
-	../src/include/fingerprint.h ../src/include/hdr_dsc.h \
-	../src/include/http.h ../src/include/ike.h \
-	../src/include/ipfix.h ../src/include/joy_api.h \
-	../src/include/joy_api_private.h ../src/include/map.h \
-	../src/include/modules.h ../src/include/nfv9.h \
-	../src/include/osdetect.h ../src/include/output.h \
-	../src/include/p2f.h ../src/include/parson.h \
-	../src/include/payload.h ../src/include/pkt.h \
-	../src/include/pkt_proc.h ../src/include/ppi.h \
-	../src/include/procwatch.h ../src/include/proto_identify.h \
-	../src/include/radix_trie.h ../src/include/salt.h \
-	../src/include/ssh.h ../src/include/str_match.h \
-	../src/include/tls.h ../src/include/updater.h \
-	../src/include/utils.h ../src/include/fp.h \
-	../src/include/extractor.h ../src/include/wht.h
+	../src/include/dhcpv6.h ../src/include/dns.h \
+	../src/include/err.h ../src/include/example.h \
+	../src/include/feature.h ../src/include/fingerprint.h \
+	../src/include/hdr_dsc.h ../src/include/http.h \
+	../src/include/ike.h ../src/include/ipfix.h \
+	../src/include/joy_api.h ../src/include/joy_api_private.h \
+	../src/include/map.h ../src/include/modules.h \
+	../src/include/nfv9.h ../src/include/osdetect.h \
+	../src/include/output.h ../src/include/p2f.h \
+	../src/include/parson.h ../src/include/payload.h \
+	../src/include/pkt.h ../src/include/pkt_proc.h \
+	../src/include/ppi.h ../src/include/procwatch.h \
+	../src/include/proto_identify.h ../src/include/radix_trie.h \
+	../src/include/salt.h ../src/include/ssh.h \
+	../src/include/str_match.h ../src/include/tls.h \
+	../src/include/updater.h ../src/include/utils.h \
+	../src/include/fp.h ../src/include/extractor.h \
+	../src/include/wht.h
 am__dirstamp = $(am__leading_dot)dirstamp
 @BUILD_WITH_SAFEC_FALSE@am_libjoy_la_OBJECTS =  \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-joy_api.lo \
@@ -188,6 +190,7 @@ am__dirstamp = $(am__leading_dot)dirstamp
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-ppi.lo \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-utils.lo \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-dhcp.lo \
+@BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-dhcpv6.lo \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-payload.lo \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-config.lo \
 @BUILD_WITH_SAFEC_FALSE@	../src/libjoy_la-proto_identify.lo \
@@ -225,6 +228,7 @@ am__dirstamp = $(am__leading_dot)dirstamp
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-ppi.lo \
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-utils.lo \
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-dhcp.lo \
+@BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-dhcpv6.lo \
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-payload.lo \
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-config.lo \
 @BUILD_WITH_SAFEC_TRUE@	../src/libjoy_la-proto_identify.lo \
@@ -459,6 +463,7 @@ lib_LTLIBRARIES = libjoy.la
 @BUILD_WITH_SAFEC_FALSE@	../src/ppi.c \
 @BUILD_WITH_SAFEC_FALSE@	../src/utils.c \
 @BUILD_WITH_SAFEC_FALSE@	../src/dhcp.c \
+@BUILD_WITH_SAFEC_FALSE@	../src/dhcpv6.c \
 @BUILD_WITH_SAFEC_FALSE@	../src/payload.c \
 @BUILD_WITH_SAFEC_FALSE@	../src/config.c \
 @BUILD_WITH_SAFEC_FALSE@	../src/proto_identify.c \
@@ -474,6 +479,7 @@ lib_LTLIBRARIES = libjoy.la
 @BUILD_WITH_SAFEC_FALSE@		../src/include/classify.h \
 @BUILD_WITH_SAFEC_FALSE@		../src/include/config.h \
 @BUILD_WITH_SAFEC_FALSE@		../src/include/dhcp.h \
+@BUILD_WITH_SAFEC_FALSE@		../src/include/dhcpv6.h \
 @BUILD_WITH_SAFEC_FALSE@		../src/include/dns.h \
 @BUILD_WITH_SAFEC_FALSE@		../src/include/err.h \
 @BUILD_WITH_SAFEC_FALSE@		../src/include/example.h \
@@ -540,6 +546,7 @@ lib_LTLIBRARIES = libjoy.la
 @BUILD_WITH_SAFEC_TRUE@	../src/ppi.c \
 @BUILD_WITH_SAFEC_TRUE@	../src/utils.c \
 @BUILD_WITH_SAFEC_TRUE@	../src/dhcp.c \
+@BUILD_WITH_SAFEC_TRUE@	../src/dhcpv6.c \
 @BUILD_WITH_SAFEC_TRUE@	../src/payload.c \
 @BUILD_WITH_SAFEC_TRUE@	../src/config.c \
 @BUILD_WITH_SAFEC_TRUE@	../src/proto_identify.c \
@@ -553,6 +560,7 @@ lib_LTLIBRARIES = libjoy.la
 @BUILD_WITH_SAFEC_TRUE@		../src/include/classify.h \
 @BUILD_WITH_SAFEC_TRUE@		../src/include/config.h \
 @BUILD_WITH_SAFEC_TRUE@		../src/include/dhcp.h \
+@BUILD_WITH_SAFEC_TRUE@		../src/include/dhcpv6.h \
 @BUILD_WITH_SAFEC_TRUE@		../src/include/dns.h \
 @BUILD_WITH_SAFEC_TRUE@		../src/include/err.h \
 @BUILD_WITH_SAFEC_TRUE@		../src/include/example.h \
@@ -600,6 +608,7 @@ library_include_HEADERS = \
 		../src/include/classify.h \
 		../src/include/config.h \
 		../src/include/dhcp.h \
+		../src/include/dhcpv6.h \
 		../src/include/dns.h \
 		../src/include/err.h \
 		../src/include/example.h \
@@ -771,6 +780,8 @@ clean-libLTLIBRARIES:
 	../src/$(DEPDIR)/$(am__dirstamp)
 ../src/libjoy_la-dhcp.lo: ../src/$(am__dirstamp) \
 	../src/$(DEPDIR)/$(am__dirstamp)
+../src/libjoy_la-dhcpv6.lo: ../src/$(am__dirstamp) \
+	../src/$(DEPDIR)/$(am__dirstamp)
 ../src/libjoy_la-payload.lo: ../src/$(am__dirstamp) \
 	../src/$(DEPDIR)/$(am__dirstamp)
 ../src/libjoy_la-config.lo: ../src/$(am__dirstamp) \
@@ -818,6 +829,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-classify.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-config.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-dhcp.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-dhcpv6.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-dns.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-example.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@../src/$(DEPDIR)/libjoy_la-extractor.Plo@am__quote@
@@ -1066,6 +1078,13 @@ distclean-compile:
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libjoy_la_CFLAGS) $(CFLAGS) -c -o ../src/libjoy_la-dhcp.lo `test -f '../src/dhcp.c' || echo '$(srcdir)/'`../src/dhcp.c
 
+../src/libjoy_la-dhcpv6.lo: ../src/dhcpv6.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libjoy_la_CFLAGS) $(CFLAGS) -MT ../src/libjoy_la-dhcpv6.lo -MD -MP -MF ../src/$(DEPDIR)/libjoy_la-dhcpv6.Tpo -c -o ../src/libjoy_la-dhcpv6.lo `test -f '../src/dhcpv6.c' || echo '$(srcdir)/'`../src/dhcpv6.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ../src/$(DEPDIR)/libjoy_la-dhcpv6.Tpo ../src/$(DEPDIR)/libjoy_la-dhcpv6.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../src/dhcpv6.c' object='../src/libjoy_la-dhcpv6.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libjoy_la_CFLAGS) $(CFLAGS) -c -o ../src/libjoy_la-dhcpv6.lo `test -f '../src/dhcpv6.c' || echo '$(srcdir)/'`../src/dhcpv6.c
+
 ../src/libjoy_la-payload.lo: ../src/payload.c
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libjoy_la_CFLAGS) $(CFLAGS) -MT ../src/libjoy_la-payload.lo -MD -MP -MF ../src/$(DEPDIR)/libjoy_la-payload.Tpo -c -o ../src/libjoy_la-payload.lo `test -f '../src/payload.c' || echo '$(srcdir)/'`../src/payload.c
 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ../src/$(DEPDIR)/libjoy_la-payload.Tpo ../src/$(DEPDIR)/libjoy_la-payload.Plo

src/anon.c

@@ -242,6 +242,7 @@ static unsigned int addr_is_in_set (const struct in_addr *a) {
     }
     return 0;
 }
+
 /* determines number of bits in the subnet mask */
 static unsigned int bits_in_mask (void *a, unsigned int bytes) {
     unsigned int n = 0;
@@ -348,25 +349,27 @@ joy_status_e anon_init (const char *pathname, FILE *logfile) {
     return s;
 }
 
-/** buffer used for anonymized data */
-static char hexout[33];
-
 /**
- * \fn char *addr_get_anon_hexstring (const struct in_addr *a)
+ * \fn char *addr_get_anon_hexstring (const struct in_addr *a, char *buffer, int size)
  * \param a address to be anonymized
+ * \param buffer used to store anonymized data
+ * \param size of buffer
  * \return pointer to the anonymized output
  */
-char *addr_get_anon_hexstring (const struct in_addr *a) {
+void addr_get_anon_hexstring (const struct in_addr *a, char *buffer, int size) {
     unsigned char pt[16] = { 0, };
     unsigned char c[16];
 
+    /* must be IPV4_ANON_LEN bytes in length */
+    if (size < IPV4_ANON_LEN)
+       return;
+
+    memset_s(buffer, size, 0x00, size);
     memcpy_s(pt, sizeof(struct in_addr), a, sizeof(struct in_addr));
     AES_encrypt(pt, c, &key.enc_key);
-    snprintf(hexout, 33, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
+    snprintf(buffer, IPV4_ANON_LEN, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
                c[0], c[1], c[2], c[3], c[4], c[5], c[6], c[7], 
                c[8], c[9], c[10], c[11], c[12], c[13], c[14], c[15]);
-
-    return hexout;
 }
 
 /**