Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to TCP and UDP protocols #224

Open
wants to merge 45 commits into
base: dev
Choose a base branch
from
Open

Add support to TCP and UDP protocols #224

wants to merge 45 commits into from

Conversation

ThibaudCartegnie
Copy link
Contributor

@ThibaudCartegnie ThibaudCartegnie commented Jun 15, 2021
edited
Loading

✨ Add support to TCP and UDP protocols #224

‼️ Once all the checklist is done you have to:

  • stash merge this pull request
  • delete the corresponding branch
  • close the associated issue

📃 Type of change

Breaking change: fix or feature that would cause existing functionality to not work as expected.

✒️ Description

This PR adds the support for udp and tcp besides Unix sockets.

There are 2 major changes for the protocol :

  • The Darwin Header no longer contains a Certitude by default and it is now defined as packed, lowering its size from 56 bytes to 48 bytes.
  • The Manager configuration file holds a 'network' field to specify how the filter receives data (Unix Socket, TCP or UDP)

This draft is pushed for early comments.

🎯 Test Environments

Ubuntu (20.04)

  • Redis (5.0.7)
  • Boost (1.71.0)
  • g++ (9.3)
  • CMake (3.16.3)
  • Python (3.8.5)
  • Valgrind (3.15.0)

HardenedBSD (12.2)

  • Redis (6.0.14)
  • Boost (1.72.0)
  • clang (10.0.1)
  • CMake (3.20.4)
  • Python (3.8.10)
  • Valgrind(N/A)

✔️ Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • (If new filter) I have added corresponding page to the documentation
  • (If other changes) I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

  • 🙋 I certify on my honor that all the information provided is true, and I've done all I can to deliver a high quality code

Thibaud Cartegnie and others added 30 commits June 9, 2021 17:51
separated unix socket logic from generic logic in the server class in…
a4ea276 
…to 2 classes
@ThibaudCartegnie
Separated logic between tasks and Sessions, the separation is only ap…
534ba48 
…plied on the dga filter for now
@ThibaudCartegnie
Fixed potential corruption :
9da70fd 
If more than 1 certitude is sent back to client AND a body is set, the body is copied on the memory location of the certitudes
It is fixed by using the correct offset when copying the body data.
The other function using similar logic has been modified to keep it coherent.
@ThibaudCartegnie
Separated Sessions into UnixSession and TcpSession
0149aee 
UnixSessions are spawn by UnixServer and TcpSessions by TcpServer
Included a modification when passing arguments from sessions to task (move instead of ref)
@ThibaudCartegnie
WIP : First draft of DarwinPacket struct
60f0efc 
 - Used to pass needed data from Session to Task
@ThibaudCartegnie
Finished integration of DarwinPacket in session
551209b 
(some work is still need for the tasks)
@ThibaudCartegnie
Modified DarwinPacket to be more OOP-like
3c0be86 
State accessible by const getters only
State mutable with only two methods : add Certitude and mutateBody
@ThibaudCartegnie
Re-wired some things in the tasks
e8426bf 
Added a few methods for DarwinPacket
@ThibaudCartegnie
Put back structs in c header
6072b7f 
Added ParseBody in ATask::run with error handling
@ThibaudCartegnie
Adapted all compiled filters
f9b8b0f 
Fixed issues with threadpool instance and size issues in the ASession
@ThibaudCartegnie
Added parsing of tcp/udp
de6f710 
Fixed issues in the serialization
Added support for ipv6 in Tcp sessions
@ThibaudCartegnie
Adapted TcpServer and Config for ip addresses
d957e01 
Adapted python manager to handle tcp sockets
@ThibaudCartegnie
DarwinPacket: fixed issues with the serialization
711dc9d 
The packet was illformed near the certitudes
NextFilterConnector: Working WIP
@ThibaudCartegnie
Separated NextFilterConnector in :
3a46fe0 
Abstract/Tcp/Unix, fixed configuration for nextFilter
@ThibaudCartegnie
Moved all network related objects to network folder
070660b
@ThibaudCartegnie
Fixed Set of asio buffer in ANextFilterConnector
3be3f48
@ThibaudCartegnie
Fixed memory issues:
2436f5d 
- DarwinPacket copied only the first 15 bytes of event id
- Destructor of AServer wasn't virtual leading to memory leak when
UnixServer was destroyed
@ThibaudCartegnie
Fixed problem with the manager
80955db 
Service.update did not update nettwork field
@ThibaudCartegnie
Fixed manager (failed previous commit)
55dfa07
@ThibaudCartegnie
RedisManager: modified Rate Limit connection logic
98a3039 
Added retry attempts, modified tests accordingly
@ThibaudCartegnie
Adapted ATask, Asession and DarwinPacket
36e2ae0 
Proprietary filters needed additional methods for accessing private
fields of a packet
@ThibaudCartegnie
Adapted tests to TCP :
b8cbf63 
Added possibility to run all tests in TCP mode
@ThibaudCartegnie
Added tests for TCP connections
00b207d 
Assured working with ipv4 and ipv6 addresses
Fixed a few log lines in the redis test file
@ThibaudCartegnie
Added UDP protocol to darwin
5139e2a 
Fixed a few problems and cleaned some code
Added tests for tcp and udp
Added possibility to run all test in unix or tcp
@ThibaudCartegnie
Merge branch 'dev' into support_tcp_udp
79e7036
@ThibaudCartegnie
fixed few issues with the manager
b8d24db
@ThibaudCartegnie
Added comments documentation
9fabcd9 
Removed unused methods
@ThibaudCartegnie
Fixed method names
47e58b7
@ThibaudCartegnie
Few modification of NextFilter handling
3daf60c 
Specification of move semantic for DarwinPacket
@ThibaudCartegnie
Few fixes when passing information to next filters
06f9cbf
@ThibaudCartegnie
Added a tests for multi filters using the manager
8694a44 
Fixed a fex things accordingly
@ThibaudCartegnie
Fixed issue with UUIDs
7b61fdd 
EvtIdToString passed from Session to DarwinPacket
@ThibaudCartegnie
Fixed problems with next filters, cleaned tests
aa1b53c 
Also cleaned ASession a bit
@ThibaudCartegnie
Modified config of next filter for easier configuration
aa05f12
@ThibaudCartegnie
Modified protocol.h
b088029 
added packed attribute to darwin header
Removed certitude list default size
Modified parsing and serializing accordingly
@ThibaudCartegnie
Fixed clang/gcc warnings
13f4ab3 
Most case were unused variables or poorly chosen types
@ThibaudCartegnie
Fixed compilation issues on hardenedBSD
b3478ed 
Fixed issue with positional flags between test/manager and filters
@ThibaudCartegnie
Fixed last issue with UDP NextFilterConnector
15ef861
@ThibaudCartegnie
Added Thread Pool Cpp dependency
016d80f
@ThibaudCartegnie ThibaudCartegnie marked this pull request as ready for review July 30, 2021 12:47
frikilax
frikilax reviewed Dec 28, 2021
View reviewed changes
CMakeLists.txt Outdated Show resolved Hide resolved
CMakeLists.txt Outdated Show resolved Hide resolved
samples/base/AGenerator.hpp Outdated Show resolved Hide resolved
samples/base/ATask.cpp Outdated Show resolved Hide resolved
toolkit/Network.cpp Outdated Show resolved Hide resolved
samples/fbuffer/Connectors/AConnector.cpp Outdated Show resolved Hide resolved
samples/ftest/TestTask.cpp Show resolved Hide resolved
samples/ftest/TestTask.cpp Show resolved Hide resolved
samples/fyara/YaraTask.cpp Outdated Show resolved Hide resolved
samples/base/network/ASession.hpp Outdated Show resolved Hide resolved
@ThibaudCartegnie
Fixed github TBE comments
2206178 
- errors in comments
- missing parts of tests (and logging missing)
- removed useless variable in NextFilterConnector
@frikilax
Copy link
Member

Yeah, I'll try being lighter next time when suggesting changes: applying/validating them is a pain on github 😅

@frikilax
Copy link
Member

Outside my remaining comments (which aren't really important, except the one on RedisManager.cpp), everything seems great!

@HugoSoszynski thoughts on the PR and remaining comments I made (especially this one)?

@ThibaudCartegnie ThibaudCartegnie mentioned this pull request Jan 21, 2022
Draft
8 tasks
frikilax
frikilax previously approved these changes Feb 1, 2022
View reviewed changes
HugoSoszynski
HugoSoszynski previously approved these changes Mar 28, 2022
View reviewed changes
@ThibaudCartegnie
MANAGER:: Removed todo
c6352dd 
Removed TODO : No handling of tcp case needed in that part, nothing to be changed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frikilax frikilax frikilax approved these changes

@HugoSoszynski HugoSoszynski HugoSoszynski left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ThibaudCartegnie @frikilax @HugoSoszynski