added prefix preserving anonymization

git-svn-id: file:///home/svn/mapi/trunk@971 8d5bb341-7cf1-0310-8cf6-ba355fef3186

added prefix preserving anonymization
git-svn-id: file:///home/svn/mapi/trunk@971 8d5bb341-7cf1-0310-8cf6-ba355fef3186
53b5fbbd · ae207e71 · 53b5fbbd · 53b5fbbd · 53b5fbbd · 53b5fbbd
Commit 53b5fbbd authored Nov 08, 2006 by
--- a/applications/appmon/Makefile
+++ b/applications/appmon/Makefile
@@ -5,7 +5,7 @@ BINS = appmon appform.cgi

 all: $(BINS)

-appmon:	appmon.o util.o
+appmon:	appmon.o util.o anon_prefix_preserving.o
 	$(CC) $(CFLAGS) $^ -o $@  -lrrd -lmapi

 appform.cgi: appform.o util.o

--- a/applications/appmon/anon_prefix_preserving.c
+++ b/applications/appmon/anon_prefix_preserving.c
--- a/applications/appmon/anon_prefix_preserving.h
+++ b/applications/appmon/anon_prefix_preserving.h
+#define _MAX_KEY_COLUMNS (256/32)
+#define _MAX_ROUNDS      14
+#define MAX_IV_SIZE      16
+
+typedef unsigned char  UINT8;
+typedef unsigned int   UINT32;
+typedef unsigned short UINT16;
+
+// Error codes
+#define RIJNDAEL_SUCCESS 0
+#define RIJNDAEL_UNSUPPORTED_MODE -1
+#define RIJNDAEL_UNSUPPORTED_DIRECTION -2
+#define RIJNDAEL_UNSUPPORTED_KEY_LENGTH -3
+#define RIJNDAEL_BAD_KEY -4
+#define RIJNDAEL_NOT_INITIALIZED -5
+#define RIJNDAEL_BAD_DIRECTION -6
+#define RIJNDAEL_CORRUPTED_DATA -7
+
+typedef enum { Encrypt , Decrypt } Direction;
+typedef enum { ECB , CBC , CFB1 } Mode;
+typedef enum { Key16Bytes , Key24Bytes , Key32Bytes } KeyLength;
+typedef enum { Valid , Invalid } State;
+
+int init(Mode mode,Direction dir,const UINT8 *key,KeyLength keyLen,UINT8 * initVector);
+int blockEncrypt(const UINT8 *input, int inputLen, UINT8 *outBuffer);
+int padEncrypt(const UINT8 *input, int inputOctets, UINT8 *outBuffer);
+int blockDecrypt(const UINT8 *input, int inputLen, UINT8 *outBuffer);
+int padDecrypt(const UINT8 *input, int inputOctets, UINT8 *outBuffer);
+void keySched(UINT8 key[_MAX_KEY_COLUMNS][4]);
+void keyEncToDec();
+void encrypt(const UINT8 a[16], UINT8 b[16]);
+void decrypt(const UINT8 a[16], UINT8 b[16]);
+UINT32 anonymize( const UINT32 orig_addr);
+void PAnonymizer(const UINT8 * key);
--- a/applications/appmon/appmon.c
+++ b/applications/appmon/appmon.c
@@ -18,6 +18,7 @@
 #include <mapi.h>

 #include "cgi_headers.h"
+#include "anon_prefix_preserving.h"

 // TOP includes
 #include <sys/socket.h>
@@ -54,7 +55,7 @@ static char *progname;
 int verbose;
 int RRD_verbose;
 int refresh_time;
-int anonymize;
+int do_anonymize;
 int private;

 char *MonitorName = "Monitor";
@@ -67,7 +68,7 @@ int main(int argc, char **argv) {
 	void sig_chld(int);
 	FILE *fp = NULL;
 	verbose = RRD_verbose = 0;
-	anonymize = 1;
+	do_anonymize = 1;
 	refresh_time = 10;
 	private = 1;
 	user_net = local_net = NULL;
@@ -95,10 +96,10 @@ int main(int argc, char **argv) {
 				MonitorName = strdup(optarg);
 				break;
 			case 'a':
-				anonymize = 1;
+				do_anonymize = 1;
 				break;
 			case 'p':
-				anonymize = 1;
+				do_anonymize = 1;
 				private = 1;
 				break;
 			case 's':
@@ -296,7 +297,7 @@ char *anonimize_ip(struct in_addr ip)
 	char *ipc = inet_ntoa(ip);
 	char *temp = NULL;

-	if(anonymize == 1) {
+	if(do_anonymize == 1) {
 		temp = strrchr(ipc, '.');
 		temp++;
 		
@@ -508,12 +509,16 @@ void *process() {

 		    for(i = 0; i < 10 && i < in_top_cnt; i++) {
 					struct in_addr ip;
+					struct in_addr anon_ip;
+
 					ip.s_addr = (unsigned long int)in_top_clients[i].ip;
 				
 					fprintf(fp, "<tr bgcolor=\"#ffffff\">\n");

-					if(anonymize) {
-						fprintf(fp, "<td align=left>%s</td>\n", anonimize_ip(ip));
+					if(do_anonymize) {
+						prefix_preserving_anonymize_field(&(in_top_clients[i].ip));
+						anon_ip.s_addr = in_top_clients[i].ip;
+						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(anon_ip));
 					}
 					else {
 						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(ip));
@@ -554,11 +559,14 @@ void *process() {
 				}

 		    for(i = 0; i < 10 && i < out_top_cnt; i++) {
-					fprintf(fp, "<tr bgcolor=\"#ffffff\">\n");
 					struct in_addr ip;
+					struct in_addr anon_ip;
+					fprintf(fp, "<tr bgcolor=\"#ffffff\">\n");
 					ip.s_addr = (unsigned long int)out_top_clients[i].ip;
-					if(anonymize) {
-						fprintf(fp, "<td align=left>%s</td>\n", anonimize_ip(ip));
+					if(do_anonymize) {
+						prefix_preserving_anonymize_field(&(out_top_clients[i].ip));
+						anon_ip.s_addr = out_top_clients[i].ip;
+						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(anon_ip));
 					}
 					else {
 						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(ip));
@@ -602,6 +610,8 @@ void *process() {

 		    for(i = 0; i < 5;i++) {
 					struct in_addr ip;
+					struct in_addr anon_ip;
+
 					fprintf(fp, "<tr bgcolor=\"#ffffff\">\n");

 					if(private) {
@@ -609,8 +619,10 @@ void *process() {
 					}
 					// IN
 					ip.s_addr = (unsigned long int)ip_in_top_clients[i].ip;
-					if(anonymize) {
-						fprintf(fp, "<td align=left>%s</td>\n", anonimize_ip(ip));
+					if(do_anonymize) {
+						prefix_preserving_anonymize_field(&(ip_in_top_clients[i].ip));
+						anon_ip.s_addr = ip_in_top_clients[i].ip;
+						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(anon_ip));
 					}
 					else {
 						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(ip));
@@ -624,8 +636,11 @@ void *process() {

 					// OUT
 					ip.s_addr = (unsigned long int)ip_out_top_clients[i].ip;
-					if(anonymize) {
-						fprintf(fp, "<td align=left>%s</td>\n", anonimize_ip(ip));
+
+					if(do_anonymize) {
+						prefix_preserving_anonymize_field(&(ip_out_top_clients[i].ip));
+						anon_ip.s_addr = ip_out_top_clients[i].ip;
+						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(anon_ip));
 					}
 					else {
 						fprintf(fp, "<td align=left>%s</td>\n", inet_ntoa(ip));