pridana podpora pro stahovani vsechny typu zprav pomoci ridiciho prikazu '_any_'

078fc14f · Tomáš Plesník · eb47e923 · 078fc14f · 078fc14f · 078fc14f
Commit 078fc14f authored 12 years ago by Tomáš Plesník
--- a/src/warden-client/doc/CHANGELOG
+++ b/src/warden-client/doc/CHANGELOG
+2012-00-00 v.2.1 stable version
+-------------------------------
+- receiving of all types of messages now supported
 2012-07-27 v.2.0 stable version and bugfix release of warden-client-2.0.0-beta
 ------------------------------------------------------------------------------
 - Sender client code fixed, so that it will not terminate "parent"

--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -138,6 +138,7 @@ D. Types of events
   * test - clients can use these at will when debugging/testing, these
            messages will be processed and stored, but ignored later
   * other - the rest, uncategorizable yet
+   * _any_ - clients can use these for receiving of all types of messages
   In case of complex scenarios with structured info more events with
   particular parts of information can be created.

--- a/src/warden-server/doc/CHANGELOG
+++ b/src/warden-server/doc/CHANGELOG
+2012-00-00 v2.1 stable version
+------------------------------
+- receiving of all types of messages now supported
 2012-07-27 v2.0 stable version
 ------------------------------
 - MySQL database engine used
@@ -7,6 +12,7 @@
 - added automatic reconnect to DB
 - other minor bugs and issues fixed
 2012-03-02 v0.1.0 beta version
 ------------------------------
 - initial release of the Warden server

--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
 +----------------------------+
-| README - Warden Server 2.0 |
+| README - Warden Server 2.1 |
 +----------------------------+
 Content
@@ -23,7 +23,7 @@ A. Overall Information
 2. Version
-    2.0 (2012-07-27)
+    2.1 (2012-00-00)
 3. Package structure
@@ -87,11 +87,11 @@ C. Installation
 1. Check SHA1 checksum of the Warden server package archive.
-    $ sha1sum -c warden-server-2.0.tar.gz.sig
+    $ sha1sum -c warden-server-2.1.tar.gz.sig
 2. Untar it.
-    $ tar xzvf warden-server-2.0.tar.gz
+    $ tar xzvf warden-server-2.1.tar.gz
 3. Run install.sh. 

--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -20,7 +20,7 @@ use DateTime;
 use MIME::Base64;
 use Crypt::X509;
-our $VERSION = "2.0";
+our $VERSION = "2.1";
 ################################################################################
@@ -127,57 +127,56 @@ sub getAltNames
 sub authorizeClient
 {
-    my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
+  my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
+  my $sth;
-    my $sth;
-    # obtain cidr based on rigth common name and alternate names, service and client_type
-    if($function_name eq 'saveNewEvent') {
-        $sth = $DBH->prepare(   "SELECT hostname, ip_net_client, receive_own_events 
-                                FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? 
-                                ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
-    }
-    elsif($function_name eq 'getNewEvents') {
-        $sth = $DBH->prepare(   "SELECT hostname, ip_net_client, receive_own_events 
-                                FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ? 
-                                ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
-    }
-    if (!defined $sth) { die("Cannot prepare authorization statement in $function_name: $DBI::errstr\n")}
+  # obtain cidr based on rigth common name and alternate names, service and client_type
-    $sth->execute($service_type, $client_type);
+  if($function_name eq 'saveNewEvent') {
+    $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events 
-    my ($an, $cidr, $receive_own, $cidr_list);
+                          FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? 
-    my $correct_ip_source = 0;
+                          ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
-    my %ret;
+  } elsif($function_name eq 'getNewEvents') {
+    $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events 
-    while(($an, $cidr, $receive_own)  = $sth->fetchrow()) {
+                          FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ? 
-        my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
+                          ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+  }
-        $ret{'dns'} = $an;
-        $ret{'cidr'} = $cidr;
+  if (!defined $sth) { die("Cannot prepare authorization statement in $function_name: $DBI::errstr\n")}
-        $ret{'receive_own'} = $receive_own;
+  $sth->execute($service_type, $client_type);
-        if ($cidr_list->bin_find($ip)) {
+  my ($an, $cidr, $receive_own, $cidr_list);
-            $correct_ip_source = 1;
+  my $correct_ip_source = 0;
-            last;
+  my %ret;
-        }
-    };
+  while(($an, $cidr, $receive_own)  = $sth->fetchrow()) {
+    my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
-    # check if client is registered
-    if ($sth->rows == 0) {
-        write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - client is not registered");
-        die("Access denied - client is not registered at warden server!");
-        return undef;
-    }
-    # check if client has IP from registered CIDR
+    $ret{'dns'} = $an;
-    if (!$correct_ip_source) {
+    $ret{'cidr'} = $cidr;
-        write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
+    $ret{'receive_own'} = $receive_own;
-        die("Access denied - access from unauthorized subnet!");
-        return undef;
+    if ($cidr_list->bin_find($ip)) {
+      $correct_ip_source = 1;
+      last;
    }
+  }
-    return %ret;
+  # check if client is registered
-}
+  if ($sth->rows == 0) {
+    write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - client is not registered");
+    die("Access denied - client is not registered at warden server!");
+    return undef;
+  }
+  # check if client has IP from registered CIDR
+  if (!$correct_ip_source) {
+    write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
+    die("Access denied - access from unauthorized subnet!");
+    return undef;
+  }
+  return %ret;
+} # END of authorizeClient
 ################################################################################
@@ -205,26 +204,23 @@ sub saveNewEvent
  # parse object (event) parameters
  my $service		= $data->{'SERVICE'};
  my $detected		= $data->{'DETECTED'};
-  my $type		    = $data->{'TYPE'};
+  my $type		= $data->{'TYPE'};
  my $source_type	= $data->{'SOURCE_TYPE'};
  my $source		= $data->{'SOURCE'};
  my $target_proto	= $data->{'TARGET_PROTO'};
  my $target_port	= $data->{'TARGET_PORT'};
  my $attack_scale 	= $data->{'ATTACK_SCALE'};
-  my $note		    = $data->{'NOTE'};
+  my $note		= $data->{'NOTE'};
  my $priority		= $data->{'PRIORITY'};
  my $timeout		= $data->{'TIMEOUT'};
+  my %client = authorizeClient($alt_names, $ip, $service, $client_type, 'saveNewEvent');
-   my %client = authorizeClient($alt_names, $ip, $service, $client_type, 'saveNewEvent');
+  if(defined %client) {
-   if(defined %client) {
    # insert new events into DB
    $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
    if (!defined $sth) { die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n") }
    $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
+    return 1;
-      return 1;
  }
 } # END of saveNewEvent
@@ -239,30 +235,41 @@ sub getNewEvents
  my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
  # client network information
-  my $cn	    = $ENV{'SSL_CLIENT_S_DN_CN'};
+  my $cn	= $ENV{'SSL_CLIENT_S_DN_CN'};
-  my $alt_names = getAltNames(undef);
+  my $alt_names	= getAltNames(undef);
-  my $ip	    = $ENV{'REMOTE_ADDR'};
+  my $ip	= $ENV{'REMOTE_ADDR'};
+  my $client_type = "r";	# incoming client MUST be sender
-  my $client_type	= "r";	# incoming client MUST be sender
  # parse SOAP data object
  my $requested_type = $data->{'REQUESTED_TYPE'};
-  my $last_id		 = $data->{'LAST_ID'};
+  my $last_id	     = $data->{'LAST_ID'};
  my %client = authorizeClient($alt_names, $ip, $requested_type, $client_type, 'getNewEvents');
  if(defined %client) {
-    # check if client want your own events or not
+    if ($client{'receive_own'} eq 't') {	# check if client want your own events or not
-    if ($client{'receive_own'} eq 't') {
+      if ($requested_type eq '_any_') {		  # check if client want each or only one type of messages
-      $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
+        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' ORDER BY id ASC;");
-      if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
+        if (!defined $sth) {die("Cannot prepare ROE-ANY statement in getNewEvents: $DBI::errstr\n")}
-      $sth->execute($last_id, $requested_type);
+        $sth->execute($last_id);
+      } else {
+        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
+        if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
+        $sth->execute($last_id, $requested_type);
+      }
    } else {
-      $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
+      if ($requested_type eq '_any_') {
-      if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
+        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
-      my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
+        if (!defined $sth) {die("Cannot prepare ANY statement in getNewEvents: $DBI::errstr\n")}
-      $domain = '\%' . $domain;
+        my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
-      $sth->execute($last_id, $requested_type, $domain);
+        $domain = '\%' . $domain;
+        $sth->execute($last_id, $domain);
+      } else {
+        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
+        if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
+        my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
+        $domain = '\%' . $domain;
+        $sth->execute($last_id, $requested_type, $domain);
+      }
    }
    # parse items of events stored in DB
@@ -276,19 +283,19 @@ sub getNewEvents
      $source	 	= $result[7];
      $target_proto	= $result[8];
      $target_port 	= $result[9];
-      $attack_scale = $result[10];
+      $attack_scale	= $result[10];
      $note 		= $result[11];
      $priority 	= $result[12];
      $timeout	 	= $result[13];
      # create SOAP data object
      $event = SOAP::Data->name(event => \SOAP::Data->value(
-        SOAP::Data->name(ID		    => $id),
+        SOAP::Data->name(ID		=> $id),
        SOAP::Data->name(HOSTNAME	=> $hostname),
        SOAP::Data->name(SERVICE	=> $service),
        SOAP::Data->name(DETECTED	=> $detected),
        SOAP::Data->name(TYPE		=> $type),
-        SOAP::Data->name(SOURCE_TYPE=> $source_type),
+        SOAP::Data->name(SOURCE_TYPE	=> $source_type),
        SOAP::Data->name(SOURCE		=> $source),
        SOAP::Data->name(TARGET_PROTO	=> $target_proto),
        SOAP::Data->name(TARGET_PORT	=> $target_port),