diff --git a/src/warden-server/bin/getClients.pl b/src/warden-server/bin/getClients.pl
index 2d3b4715439f720f3b7277a4e8b0e9b017668eca..987d19238c679ada8c18003887b7b53d9575b003 100755
--- a/src/warden-server/bin/getClients.pl
+++ b/src/warden-server/bin/getClients.pl
@@ -3,39 +3,14 @@
# getClients.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use File::Basename;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
diff --git a/src/warden-server/bin/getStatus.pl b/src/warden-server/bin/getStatus.pl
index 8a63b927edfd961c9b9bf34a25836cc48a086cac..bc49afbad74bed2cc8728e8e8a9849c467e82c69 100755
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -3,39 +3,14 @@
# getStatus.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use File::Basename;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenStatus.pm';
@@ -102,29 +77,27 @@ my @server_status = @$server_status_ref;
print "Warden server variables:\n";
print "========================\n";
print "SERVER_VERSION:\t\t$server_status[0]\n";
-#print "ADDRESS:\t\t$server_status[1]\n";
-#print "PORT:\t\t\t$server_status[2]\n";
-#print "LOGDIR:\t\t\t$server_status[3]\n";
-#print "PIDDIR:\t\t\t$server_status[4]\n";
-#print "VARDIR:\t\t\t$server_status[5]\n";
-#print "SSL_KEY_FILE:\t\t$server_status[6]\n";
-#print "SSL_CERT_FILE:\t\t$server_status[7]\n";
-#print "SSLCA_FILE:\t\t$server_status[8]\n";
-print "SYSLOG_FACILITY:\t$server_status[9]\n";
+print "HOSTNAME:\t\t$server_status[1]\n";
+print "IP_ADDRESS:\t\t$server_status[2]\n";
+print "PORT:\t\t\t$server_status[3]\n";
+print "DB_NAME:\t\t$server_status[4]\n";
+print "DB_USER:\t\t$server_status[5]\n";
+print "DB_HOST:\t\t$server_status[6]\n";
+print "SYSLOG_FACILITY:\t$server_status[7]\n";
print "\n";
print "Warden server status:\n";
print "=====================\n";
-print "Database size:\t\t\t$server_status[10]\n";
-print "Count of saved events:\t\t$server_status[11]\n";
-print "Last ID in events table:\t$server_status[12]\n";
-print "Time of first inserted event:\t$server_status[13] (UTC)\n";
-print "Time of latest inserted event:\t$server_status[14] (UTC)\n";
-print "Count of registered clients:\t$server_status[15]\n";
+print "Database size:\t\t\t$server_status[8]\n";
+print "Count of saved events:\t\t$server_status[9]\n";
+print "Last ID in events table:\t$server_status[10]\n";
+print "Time of first inserted event:\t$server_status[11] (UTC)\n";
+print "Time of latest inserted event:\t$server_status[12] (UTC)\n";
+print "Count of registered clients:\t$server_status[13]\n";
print "\n";
# check if sum of registered client isn't 0
-if ($server_status[15] != 0) {
+if ($server_status[13] != 0) {
print "Statistics of registered senders:\n";
print "+-----------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n";
diff --git a/src/warden-server/bin/getWebStatus.sh b/src/warden-server/bin/getWebStatus.sh
index 8564fc96d7e17ed1a0a11df638e3cf6923e1641e..78b9b0e4d004dec8c1bce787a2f3251e411e713e 100755
--- a/src/warden-server/bin/getWebStatus.sh
+++ b/src/warden-server/bin/getWebStatus.sh
@@ -5,10 +5,24 @@ DB_USER=`cat /opt/warden-server/etc/warden-server.conf | grep DB_USER | sed 's/[
DB_PASS=`cat /opt/warden-server/etc/warden-server.conf | grep DB_PASS | sed 's/[";]//g' |awk '{print $3}'`
DB_HOST=`cat /opt/warden-server/etc/warden-server.conf | grep DB_HOST | sed 's/[";]//g' |awk '{print $3}'`
-echo "SELECT FROM_UNIXTIME( UNIX_TIMESTAMP( received ) - ( UNIX_TIMESTAMP( received ) % ( 60 ) ) ) AS t, COUNT( id ) FROM events GROUP BY t" | mysql -h $DB_HOST -u $DB_USER $DB_NAME
-apache2ctl status
-echo -n ""
+echo "DB_NAME: $DB_NAME"
+echo "DB_USER: $DB_USER"
+echo "DB_PASS: $DB_PASS"
+echo "DB_HOST: $DB_HOST"
+echo
+
+echo "DB status:"
+echo "----------"
+echo "SELECT FROM_UNIXTIME( UNIX_TIMESTAMP( received ) - ( UNIX_TIMESTAMP( received ) % ( 60 ) ) ) AS t, COUNT( id ) FROM events GROUP BY t" | mysql -h $DB_HOST --user=$DB_USER $DB_NAME --password='w4rd3n&r00t'
+echo
+echo "apache2ctl status:"
+echo "------------------"
+apache2ctl status
+echo
+echo "uptime:"
+echo "-------"
uptime
-echo -n klientu: ; netstat -nlpa | grep :443 | grep ESTA |wc -l;
+echo
+#echo -n klientu: ; netstat -nlpa | grep :443 | grep ESTA | wc -l;
echo -n FIN:; netstat | grep WAIT2 | wc -l
diff --git a/src/warden-server/bin/registerReceiver.pl b/src/warden-server/bin/registerReceiver.pl
index f345e5a4f3dbfeeb92d120f499fc33f1cf1dcf8f..a5f74d4b8371e56e6824b8798d59d19bc44de6bb 100755
--- a/src/warden-server/bin/registerReceiver.pl
+++ b/src/warden-server/bin/registerReceiver.pl
@@ -3,40 +3,15 @@
# registerReceiver.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
diff --git a/src/warden-server/bin/registerSender.pl b/src/warden-server/bin/registerSender.pl
index ec7ed41c484d7bd1025cc3dc4c11d071094bd9ea..f2435a99ec94f67ac617cc9afecc71d01747ae8e 100755
--- a/src/warden-server/bin/registerSender.pl
+++ b/src/warden-server/bin/registerSender.pl
@@ -3,40 +3,15 @@
# registerSender.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
diff --git a/src/warden-server/bin/unregisterClient.pl b/src/warden-server/bin/unregisterClient.pl
index fd7cd5c4459751a2cb8852d8df995dcff425d28f..f054b40753053ac76eaeecbd7e95f636d3dacd32 100755
--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -3,40 +3,15 @@
# unregisterClient.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use Getopt::Std;
use Switch;
use File::Basename;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
my $warden_path = '/opt/warden-server';
require $warden_path . '/lib/WardenReg.pm';
diff --git a/src/warden-server/doc/AUTHORS b/src/warden-server/doc/AUTHORS
new file mode 100644
index 0000000000000000000000000000000000000000..55961f38fce4c1d8d442a572443e431c3b8c4f5a
--- /dev/null
+++ b/src/warden-server/doc/AUTHORS
@@ -0,0 +1,24 @@
+AUTHORS AND MAINTAINERS :
+
+MAIN DEVELOPERS:
+Tomas Plesnik <plesnik@ics.muni.cz>
+Jan Soukal <soukal@ics.muni.cz>
+Michal Kostenec <kostenec@civ.zcu.cz>
+
+CONTRIBUTORS:
+Vit Slama <slama@cis.vutbr.cz>
+Martin Drasar <drasar@ics.muni.cz>
+
+TESTING:
+Jakub Cegan <cegan@ics.muni.cz>
+
+DEVELOPMENT MANAGER:
+Jan Vykopal <vykopal@ics.muni.cz>
+
+PROJECT MANAGERS:
+Pavel Kacha <ph@cesnet.cz>
+Andrea Kropacova <andrea@cesnet.cz>
+
+COMMUNITY:
+Radoslav Bodo <bodik@civ.zcu.cz>
+Radomir Orkac <orkac@cesnet.cz>
diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index 77e98a8c5cd129caf772b0c80f85dbe8515f14c3..4f395dccebfcfc7d67da289b37d598825c08091c 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -10,7 +10,6 @@ Content
D. Miscellaneous
E. Registration of Clients
F. Status Info
- G. Authors
--------------------------------------------------------------------------------
A. Overall Information
@@ -319,12 +318,5 @@ F. Status Info
parameters and returns detailed information about all registered clients.
--------------------------------------------------------------------------------
-G. Authors
-
-Development: Tomas PLESNIK <plesnik@ics.muni.cz>
- Jan SOUKAL <soukal@ics.muni.cz>
Copyright (C) 2011-2012 Cesnet z.s.p.o
-
-Special thanks go to Martin Drasar from CSIRT-MU for his help and support
-in the development of Warden system.
diff --git a/src/warden-server/etc/package_version b/src/warden-server/etc/package_version
index 69b3cb1d810801d8b0198886045c519848d22088..dab9935085995a0173d2a4ecbef8c889dca05383 100644
--- a/src/warden-server/etc/package_version
+++ b/src/warden-server/etc/package_version
@@ -1 +1 @@
-warden-server-0.1.0
+warden-server-2.0.0
diff --git a/src/warden-server/etc/warden-apache.conf b/src/warden-server/etc/warden-apache.conf
index 74e7aaefdcd0e9f746c1cb14ffe2993c0821470b..118d4622ff6913884209fa686c72b5d2a59cc84e 100644
--- a/src/warden-server/etc/warden-apache.conf
+++ b/src/warden-server/etc/warden-apache.conf
@@ -1,29 +1,24 @@
- #DumpIOInput On
- #DumpIOOutput On
- #DumpIOLogLevel warn
+#
+# warden-apache.conf - configuration file for the Apache server
+#
- SSLEngine on
+SSLEngine on
- SSLVerifyDepth 3
- SSLVerifyClient require
- SSLOptions +StdEnvVars +ExportCertData
+SSLVerifyDepth 3
+SSLVerifyClient require
+SSLOptions +StdEnvVars +ExportCertData
- SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
- SSLCertificateFile server-cert.pem
- SSLCertificateKeyFile server-key.pem
- SSLCACertificateFile ca-cert.pem
+SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem
+SSLCertificateKeyFile /opt/warden-client/etc/warden-dev.cesnet.cz.key
+SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem
- #Mozno umistit jeste pred samotny <VirtualHost>
- #http://perl.apache.org/docs/2.0/user/config/config.html#C_Parent_
- #Create a new parent Perl interpreter for the given VirtualHost and give it its own interpreter pool
-
- PerlOptions +Parent
- PerlSwitches -I/opt/warden-server/lib
-
- <Location /Warden>
- SetHandler perl-script
- PerlHandler Warden::ApacheDispatch
- SSLOptions +StdEnvVars
- </Location>
+PerlOptions +Parent
+PerlSwitches -I/opt/warden-server/lib
+<Location /Warden>
+ SetHandler perl-script
+ PerlHandler Warden::ApacheDispatch
+ SSLOptions +StdEnvVars
+</Location>
diff --git a/src/warden-server/etc/warden-server.conf b/src/warden-server/etc/warden-server.conf
index 48fba30e2d8f4aaa7eda4001db594cd1aa2f0ce7..3c8d86c48ecde55a8761d9399ab4932cb94ca0b6 100644
--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -2,52 +2,33 @@
# warden-server.conf - configuration file for Warden server
#
-#-------------------------------------------------------------------------------
-# ADDRESS - IP address of warden server
-#-------------------------------------------------------------------------------
-$ADDRESS = "warden-dev.cesnet.cz";
-
-#-------------------------------------------------------------------------------
-# PORT - used TCP port for Warden server
-#-------------------------------------------------------------------------------
-$PORT = "443";
-
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
#-------------------------------------------------------------------------------
$BASEDIR = "/opt/warden-server";
#-------------------------------------------------------------------------------
-# VARDIR - var directory
-#-------------------------------------------------------------------------------
-$VARDIR = "$BASEDIR/var/";
-
-#-------------------------------------------------------------------------------
-# LOGDIR - logging directory
+# FACILITY - syslog facility
#-------------------------------------------------------------------------------
-$LOGDIR = "/var/log/";
+$FACILITY = "local7";
#-------------------------------------------------------------------------------
-# PIDDIR - process ID directory
+# DB_NAME - database name of Warden server
#-------------------------------------------------------------------------------
-$PIDDIR = "/var/run/";
+$DB_NAME = "warden";
#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to server SSL certificate key file
+# DB_USER - user of Warden server database
#-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
+$DB_USER = "root";
#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to server SSL certificate file
+# DB_PASS - password of Warden server database
#-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
+$DB_PASS = "w4rd3n&r00t";
#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA ceritificate file
+# DB_HOST - what IP address to listen on of Warden server
#-------------------------------------------------------------------------------
-$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
+$DB_HOST = "localhost";
-#-------------------------------------------------------------------------------
-# FACILITY - syslog facility
-#-------------------------------------------------------------------------------
-$FACILITY = "local7";
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index 27a88c63f94ce9f2db4fd21695457c6cac435225..395f366719a4018275a395133276f8228c6bc376 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -1,141 +1,57 @@
#!/usr/bin/perl -w
#
-# warden-server.pl
+# Warden.pm
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
package Warden;
use strict;
-#use SOAP::Lite;
-#use SOAP::Transport::TCP;
-#use SOAP::Transport::HTTP;
-#use File::Pid;
-#use POSIX;
use DBI;
use DBD::mysql;
use Format::Human::Bytes;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use File::Basename;
-#use FindBin;
-#use Data::Dumper;
use Net::CIDR::Lite;
use DateTime;
-#use Crypt::OpenSSL::X509;
use MIME::Base64;
use Crypt::X509;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
+
################################################################################
-# CONFIG FILE VARIABLES
+# READING OF CONFIGURATION VARIABLES
################################################################################
-#my $script_name = $FindBin::Script;
my $conf_file = "/opt/warden-server/etc/warden-server.conf";
-#
-## first declaration of globa variables from config file
-#our $ADDRESS = undef;
-#our $PORT = undef;
-#our $LOGDIR = undef;
-#our $PIDDIR = undef;
-#our $VARDIR = undef;
-#our $SSL_KEY_FILE = undef;
-#our $SSL_CERT_FILE = undef;
-#our $SSL_CA_FILE = undef;
-our $FACILITY = undef;
-
-#DB options
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-
-#
-#$ADDRESS = "147.228.52.72";
-##
-###-------------------------------------------------------------------------------
-### PORT - used TCP port for Warden server
-###-------------------------------------------------------------------------------
-#$PORT = "8889";
-##
-###-------------------------------------------------------------------------------
-### BASEDIR - base directory of Warden server
-###-------------------------------------------------------------------------------
-#our $BASEDIR = "/opt/warden-server/";
-##
-###-------------------------------------------------------------------------------
-### VARDIR - var directory
-###-------------------------------------------------------------------------------
-#$VARDIR = "$BASEDIR/var/";
-##
-###-------------------------------------------------------------------------------
-### LOGDIR - logging directory
-###-------------------------------------------------------------------------------
-#$LOGDIR = "/var/log/";
-##
-###-------------------------------------------------------------------------------
-### PIDDIR - process ID directory
-###-------------------------------------------------------------------------------
-#$PIDDIR = "/var/run/";
-##
-##
-##
-## read config file
-if ( ! open( TMP, $conf_file) ) {
+our $FACILITY = undef;
+our $DB_NAME = undef;
+our $DB_USER = undef;
+our $DB_PASS = undef;
+our $DB_HOST = undef;
+
+# read config file
+if (!open( TMP, $conf_file)) {
die errMsg("Can't read config file '$conf_file': $!\n");
}
close TMP;
# load set variables by user
-if ( !do $conf_file ) {
+if (!do $conf_file) {
die errMsg("Errors in config file '$conf_file': $@");
}
-#
+
+
################################################################################
# VARIABLES
################################################################################
-#my $die_now = 0;
-
-# PID path
-#my $pid_file = $PIDDIR . $script_name . ".pid";
-# DB file
-#my $db_file = "warden.db";
-#my $db = $VARDIR . $db_file;
-
-# connect to DB - DBH is GLOBAL variable
-#my $dbargs = {AutoCommit => 0, PrintError => 1};
-#our $DBH = DBI->connect("dbi:SQLite:dbname=$db","","",$dbargs) or die errMsg("Can't connect to DB: $!");
our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 0}) || die "Could not connect to database: $DBI::errstr";
-#our $DBH;
+
################################################################################
# LOCAL FUNCTIONS
@@ -181,69 +97,27 @@ sub write2log
#-------------------------------------------------------------------------------
-# signalHandler - catch signals and end the program if one is caught.
-#-------------------------------------------------------------------------------
-#sub signalHandler
-#{
-# $die_now = 1; # this will cause the "infinite loop" to exit
-#} # End of signalHandler
-#
-#
+# getAltNames - parse Alternate names from SSL certifiate
#-------------------------------------------------------------------------------
-# sslErrorHandler - handle errors in SSL negitiation
-#-------------------------------------------------------------------------------
-#sub sslErrorHandler
-#{
-# my $socket = shift;
-# my $msg = shift;
-#
-# my $ip = $socket->peerhost;
-# print $socket $msg;
-# $socket->close;
-# write2log ("err", "Caught SSL handshake error from $ip: $msg");
-# return 1;
-#} # End of sslErrorHandler
-#
-#
-#-------------------------------------------------------------------------------
-# altNamesFilter - parse hostnames from subjectAltNames array for SQL
-# IN operator in database query
-#-------------------------------------------------------------------------------
-sub altNamesFilter
+sub getAltNames
{
- # my $alt_names_array_ref = shift;
- # my @alt_names_array = @$alt_names_array_ref;
-
- #our $CN;
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my @an_array;
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- #push @an_array, $DBH->quote($CN);
- # my $i = 1;
- # while ($i <= scalar @alt_names_array) {
- # push @an_array, $DBH->quote($alt_names_array[$i]);
- # $i+=2;
- # }
- # my $an_filter = join(',', @an_array);
- # return $an_filter;
-
-
- push @an_array, "'$CN'";
+ push(@an_array, $DBH->quote($cn));
my @a = split("\n", $ENV{'SSL_CLIENT_CERT'});
pop @a;
shift @a;
my $der = decode_base64(join("", @a));
my $decoded= Crypt::X509->new(cert => $der);
-
- foreach my $tmp (@{$decoded->SubjectAltName}){
- if($tmp =~ s/dNSName=//){
- push @an_array, "'$tmp'";
- }
- }
-
- my $an_filter = join(',', @an_array);
- return $an_filter;
+ foreach my $tmp (@{$decoded->SubjectAltName}){
+ if($tmp =~ s/dNSName=//){
+ push(@an_array, $DBH->quote($tmp));
+ }
+ }
+ my $alt_names = join(',', @an_array);
+ return $alt_names;
}
@@ -260,64 +134,39 @@ sub saveNewEvent
my ($class, $data) = @_;
my ($sth, $cidr_list);
- # variables defined by server
- #our $IP; # IP address of sender
- #our $CN; # common name of sender
- #our $AN_FILTER; # alternate names of sender
-
- # my @alt_names_array = $socket->peer_certificate("subjectAltNames");
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $AN_FILTER = altNamesFilter(undef);
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
-
- my $cn_db = $DBH->quote($CN);
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $alt_names = getAltNames(undef);
+ my $ip = $ENV{'REMOTE_ADDR'};
# variables defined by server
my $client_type = "s"; # incoming client MUST be sender
- my $client_type_db = $DBH->quote($client_type);
my $valid = "t"; # registered sender has valid events
- my $valid_db = $DBH->quote($valid);
my $received = DateTime->now; # time of event delivery (UTC)
- my $received_db = $DBH->quote($received);
- ## parse object (event) parameters
+ # parse object (event) parameters
my $service = $data->{'SERVICE'};
- my $service_db = $DBH->quote($service);
my $detected = $data->{'DETECTED'};
- my $detected_db = $DBH->quote($detected);
my $type = $data->{'TYPE'};
- my $type_db = $DBH->quote($type);
my $source_type = $data->{'SOURCE_TYPE'};
- my $source_type_db = $DBH->quote($source_type);
my $source = $data->{'SOURCE'};
- my $source_db = $DBH->quote($source);
my $target_proto = $data->{'TARGET_PROTO'};
- my $target_proto_db = $DBH->quote($target_proto);
my $target_port = $data->{'TARGET_PORT'};
- my $target_port_db = $DBH->quote($target_port);
my $attack_scale = $data->{'ATTACK_SCALE'};
- my $attack_scale_db = $DBH->quote($attack_scale);
my $note = $data->{'NOTE'};
- my $note_db = $DBH->quote($note);
my $priority = $data->{'PRIORITY'};
- my $priority_db = $DBH->quote($priority);
my $timeout = $data->{'TIMEOUT'};
- my $timeout_db = $DBH->quote($timeout);
- # Authorization of incomming client
- #-----------------------------------------------------------------------------
# obtain cidr based on rigth common name and alternate names, service and client_type
-
- $sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db LIMIT 1;");
- if ( !defined $sth ) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
- $sth->execute;
+ $sth = $DBH->prepare_cached("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? LIMIT 1;");
+ if (!defined $sth) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
+ $sth->execute($service, $client_type);
my ($an, $cidr) = $sth->fetchrow();
-
+
# check if client is registered
if (!defined $cidr) {
- write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
+ write2log ("err", "Unauthorized access to saveNewEvent from: $ip (CN: $cn; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
@@ -326,35 +175,30 @@ sub saveNewEvent
}
# check if client has IP from registered CIDR
- if (!$cidr_list->bin_find($IP)) {
- write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
- die("Access denied - access from bad subnet!");
+ if (!$cidr_list->bin_find($ip)) {
+ write2log ("err", "Unauthorized access to saveNewEvent from: $ip (CN: $cn; AN: $an) - access from bad subnet: $cidr");
+ die("Access denied - access from unauthorized subnet!");
} else {
-
- # insert new event
- $DBH->do("INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
-
-
- if ($DBH->err()) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
- #$DBH->commit();
+ # insert new events into DB
+ $sth=$DBH->prepare_cached("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
+ if (!defined $sth) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
+ $sth->execute(undef, $cn, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
# log last inserted ID
$sth = $DBH->prepare("SELECT last_insert_id()");
if ( !defined $sth ) {die("Cannot prepare last ID statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my $id= $sth->fetchrow();
- write2log ("info", "Stored new event (#$id) from $IP (CN: $CN; AN: )");
+ write2log ("info", "Stored new event (#$id) from $ip (CN: $cn; AN: $an)");
- if (! defined $id) {
- write2log ("err", "Event from $IP ($CN) was not save: INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
+ if (! defined $id) {
+ write2log ("err", "Event from $ip ($cn) was not save: INSERT INTO events VALUES (NULL,$cn,$service,$detected,$received,$type,$source_type,$source,$target_proto,$target_port,$attack_scale,$note,$priority,$timeout,$valid);");
die("Event was not save at warden server - database return empty ID!");
return 0;
} else {
return 1;
}
- }
-
- #$DBH->disconnect();
+ }
} # END of saveNewEvent
@@ -364,41 +208,30 @@ sub saveNewEvent
sub getNewEvents
{
my ($class, $data) = @_;
- my ($sth, @events, $event, @ids);
+ my ($sth, @events, $event, @ids, $cidr_list);
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
- # variables defined by server
- #our $IP; # IP address of receiver
- #our $CN; # common name of receiver
- #our $AN_FILTER; # alternate name of receiver
-
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $AN_FILTER = altNamesFilter(undef);
- my $IP = $ENV{'REMOTE_ADDR'};
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $alt_names = getAltNames(undef);
+ my $ip = $ENV{'REMOTE_ADDR'};
- my $cn_db = $DBH->quote($CN);
my $client_type = "r"; # incoming client MUST be sender
- my $client_type_db = $DBH->quote($client_type);
- my $cidr_list;
# parse SOAP data object
my $requested_type = $data->{'REQUESTED_TYPE'};
- my $requested_type_db = $DBH->quote($requested_type);
my $last_id = $data->{'LAST_ID'};
- my $last_id_db = $DBH->quote($last_id);
- # Authorization of incomming client
- #-----------------------------------------------------------------------------
# obtain cidr based on rigth common name, service and client_type
- $sth = $DBH->prepare("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND type = $requested_type_db AND client_type = $client_type_db limit 1;");
- if ( !defined $sth ) {die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}
- $sth->execute;
+ $sth = $DBH->prepare_cached("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ? LIMIT 1;");
+ if (!defined $sth) {die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}
+ $sth->execute($requested_type, $client_type);
my ($an, $receive_own_events, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
- write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - client is not registered");
+ write2log ("err", "Unauthorized access to getNewEvents from: $ip (CN: $cn; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
@@ -407,23 +240,22 @@ sub getNewEvents
}
# check if client has IP from registered CIDR
- if (!$cidr_list->bin_find($IP)) {
- write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
- die("Access denied - access from bad subnet!");
+ if (!$cidr_list->bin_find($ip)) {
+ write2log ("err", "Unauthorized access to getNewEvents from: $ip (CN: $cn; AN: $an) - access from bad subnet: $cidr");
+ die("Access denied - access from unathorized subnet!");
} else {
-
# check if client want your own events or not
if ($receive_own_events eq 't') {
- write2log("info", "SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' ORDER BY id ASC;");
- $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' ORDER BY id ASC;");
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
+ $sth->execute($last_id, $requested_type);
} else {
- my ($domain) = $CN =~ /([^\.]+\.[^\.]+)$/;
- my $domain_db = $DBH->quote("%$domain");
- write2log("info", "SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' AND hostname NOT LIKE $domain_db ORDER BY id ASC;");
- $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' AND hostname NOT LIKE $domain_db ORDER BY id ASC;");
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
+ my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
+ $domain = '\%' . $domain;
+ $sth->execute($last_id, $requested_type, $domain);
}
- if ( !defined $sth ) { die("Cannot prepare statement in getNewEvents: $DBI::errstr\n") }
- $sth->execute;
# parse items of events stored in DB
while (my @result = $sth->fetchrow()) {
@@ -462,18 +294,21 @@ sub getNewEvents
}
# log sent ID of events
- if (scalar(@events) != 0) {
- write2log("info", "Sent events with ID: [@ids] to $IP (CN: $CN; AN: $an)");
+ if (scalar @events != 0) {
+ if (scalar @ids == 1) {
+ write2log("info", "Sent 1 events [#$ids[0]] to $ip (CN: $cn; AN: $an)");
+ } else {
+ write2log("info", "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to $ip (CN: $cn; AN: $an)");
+ }
}
-
return @events;
}
} # END of getNewEvents
-#
-##-----------------------------------------------------------------------------
-## getLastId - get lastest saved event ID
-##-----------------------------------------------------------------------------
+
+#-----------------------------------------------------------------------------
+# getLastId - get lastest saved event ID
+#-----------------------------------------------------------------------------
sub getLastId
{
my ($class, $arg) = @_;
@@ -487,54 +322,40 @@ sub getLastId
} # END of getLastID
-##-----------------------------------------------------------------------------
-## registerSender - register new sender
-##-----------------------------------------------------------------------------
+#-----------------------------------------------------------------------------
+# registerSender - register new sender
+#-----------------------------------------------------------------------------
sub registerSender
{
my ($class, $data) = @_;
-
my $sth;
- #our $IP;
- #our $LOCAL_IP;
- #our $CN;
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $local_ip = $ENV{'SERVER_ADDR'};
-
-
- if ($LOCAL_IP ne $IP) {
- write2log ("err", "Unauthorized access to registerSender from: $IP ($CN) - access allowed only from localhost");
+ if ($local_ip ne $ip) {
+ write2log ("err", "Unauthorized access to registerSender from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
- # defined variables by server
+ # defined variables by method
my $client_type = "s";
- my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
- my $registered_db = $DBH->quote($registered);
- my $type = "null";
- my $type_db = $DBH->quote($type);
- my $receive_own_events = "null";
- my $receive_own_events_db = $DBH->quote($receive_own_events);
+ my $type = undef;
+ my $receive_own_events = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
- my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
- my $requestor_db = $DBH->quote($requestor);
my $service = $data->{'SERVICE'};
- my $service_db = $DBH->quote($service);
my $description_tags = $data->{'DESCRIPTION_TAGS'};
- my $description_tags_db = $DBH->quote($description_tags);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
- my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if sender has been already registered
- $sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
- if ( !defined $sth ) {die("Cannot prepare check statement in registerSender: $DBI::errstr\n")}
- $sth->execute;
+ $sth = $DBH->prepare_cached("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
+ if (!defined $sth) {die("Cannot prepare check statement in registerSender: $DBI::errstr\n")}
+ $sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new sender
@@ -542,9 +363,9 @@ sub registerSender
write2log ("err", "Attempt to re-register the sender");
die("Error - sender has already been registered at $result");
} else {
- $DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
- if ($DBH->err()) {die("Cannot do statement in registerSender: $DBI::errstr\n")}
- #$DBH->commit();
+ $sth = $DBH->prepare_cached("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
+ if (!defined $sth) {die("Cannot do statement in registerSender: $DBI::errstr\n")}
+ $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
write2log("info", "New sender $hostname (service: $service, cidr: $ip_net_client) was registered");
return 1;
}
@@ -558,47 +379,34 @@ sub registerSender
sub registerReceiver
{
my ($class, $data) = @_;
-
my $sth;
- #our $IP;
- #our $LOCAL_IP;
- #our $CN;
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
-
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $local_ip = $ENV{'SERVER_ADDR'};
- if ($LOCAL_IP ne $IP) {
- write2log ("err", "Unauthorized access to registerReceiver from: $IP ($CN) - access allowed only from localhost");
+ if ($local_ip ne $ip) {
+ write2log ("err", "Unauthorized access to registerReceiver from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
- # variables defined by server
+ # variables defined by method
my $client_type = "r";
- my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
- my $registered_db = $DBH->quote($registered);
- my $service = "null";
- my $service_db = $DBH->quote($service);
- my $description_tags = "null";
- my $description_tags_db = $DBH->quote($description_tags);
+ my $service = undef;
+ my $description_tags = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
- my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
- my $requestor_db = $DBH->quote($requestor);
my $type = $data->{'TYPE'};
- my $type_db = $DBH->quote($type);
my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
- my $receive_own_events_db = $DBH->quote($receive_own_events);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
- my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if receiver has been already registered
- $sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
- if ( !defined $sth ) {die("Cannot prepare check statement in registerReceiver: $DBI::errstr\n")}
- $sth->execute;
+ $sth = $DBH->prepare_cached("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
+ if (!defined $sth) {die("Cannot prepare check statement in registerReceiver: $DBI::errstr\n")}
+ $sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new receiver
@@ -606,9 +414,9 @@ sub registerReceiver
write2log ("err", "Attempt to re-register the receiver");
die("Error - receiver has already been registered at $result");
} else {
- $DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
- if ($DBH->err()) {die("Cannot do statement in registerReceiver: $DBI::errstr\n")}
- #$DBH->commit();
+ $sth = $DBH->prepare_cached("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
+ if (!defined($sth)) {die("Cannot do statement in registerReceiver: $DBI::errstr\n")}
+ $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
write2log("info", "New receiver $hostname (type: $type, cidr: $ip_net_client: receive_own_events: $receive_own_events) was registered");
return 1;
}
@@ -622,31 +430,25 @@ sub registerReceiver
sub unregisterClient
{
my ($class, $data) = @_;
-
my $sth;
- #our $IP;
- #our $LOCAL_IP;
- #our $CN;
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $local_ip = $ENV{'SERVER_ADDR'};
- if ($LOCAL_IP ne $IP) {
- write2log ("err", "Unauthorized access to unregisterClients from: $IP ($CN) - access allowed only from localhost");
+ if ($local_ip ne $ip) {
+ write2log ("err", "Unauthorized access to unregisterClients from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# parse SOAP data oject
my $client_id = $data->{'CLIENT_ID'};
- my $client_id_db = $DBH->quote($client_id);
# check if receiver has been already registered
- $sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = $client_id_db;");
- if ( !defined $sth ) {die("Cannot prepare check statement in unregisterClient: $DBI::errstr\n")}
- $sth->execute;
+ $sth = $DBH->prepare_cached("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = ? LIMIT 1;");
+ if (!defined $sth) {die("Cannot prepare check statement in unregisterClient: $DBI::errstr\n")}
+ $sth->execute($client_id);
my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
- my $hostname_db = $DBH->quote($hostname);
- my $service_db = $DBH->quote($service);
# delete registered client
if (!defined $id) {
@@ -654,20 +456,21 @@ sub unregisterClient
die("Error - client (#$client_id) is not registered");
} else {
if ($client_type eq 's') {
- $DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
- if ($DBH->err()) {die("Cannot do delete statement of sender in unregisterClient: $DBI::errstr\n")}
- #$DBH->commit();
+ $sth = $DBH->prepare_cached("DELETE FROM clients WHERE client_id = ?;");
+ if (!defined $sth) {die("Cannot do delete statement of sender in unregisterClient: $DBI::errstr\n")}
+ $sth->execute($client_id);
- $DBH->do("UPDATE events SET valid = 'f' where hostname = $hostname_db AND service = $service_db;");
- if ($DBH->err()) {die("Cannot do unvalidation statement in unregisterClient: $DBI::errstr\n")}
- #$DBH->commit();
+ $sth = $DBH->prepare_cached("UPDATE events SET valid = 'f' where hostname = ? AND service = ?;");
+ if (!defined $sth) {die("Cannot do unvalidation statement in unregisterClient: $DBI::errstr\n")}
+ $sth->execute($hostname, $service);
write2log("info", "Sender $hostname (client_id: $client_id, service: $service) was deleted and its data were invalidated" );
return 1;
} else {
- $DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
- if ($DBH->err()) {die("Cannot do delete statement of receiver in unregisterClient: $DBI::errstr\n")}
- #$DBH->commit();
+ $sth = $DBH->prepare_cached("DELETE FROM clients WHERE client_id = ?;");
+ if (!defined $sth) {die("Cannot do delete statement of receiver in unregisterClient: $DBI::errstr\n")}
+ $sth->execute($client_id);
+
write2log("info", "Receiver $hostname (client_id: $client_id) was deleted" );
return 1;
}
@@ -683,22 +486,18 @@ sub getClients
{
my ($class, $arg) = @_;
- #our $IP;
- #our $LOCAL_IP;
- #our $CN;
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $local_ip = $ENV{'SERVER_ADDR'};
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
-
-
- if ($LOCAL_IP ne $IP) {
- write2log ("err", "Unauthorized access to getClients from: $IP ($CN) - access allowed only from localhost");
+ if ($local_ip ne $ip) {
+ write2log ("err", "Unauthorized access to getClients from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- my $sth = $DBH->prepare("SELECT * FROM clients;");
+ my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
if (!defined $sth) { die("Cannot prepare statement in getClients: $DBI::errstr\n") }
$sth->execute;
@@ -730,7 +529,6 @@ sub getClients
}
my $sum = scalar @clients;
write2log("info", "Sending information about $sum registered clients");
-
return @clients;
}
} # END of getClients
@@ -743,27 +541,31 @@ sub getStatus
{
my ($class, $arg) = @_;
- #our $IP;
- #our $LOCAL_IP;
- #our $CN;
- my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $IP = $ENV{'REMOTE_ADDR'};
- my $LOCAL_IP = $ENV{'SERVER_ADDR'};
-
+ # client network information
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $local_ip = $ENV{'SERVER_ADDR'};
- if ($LOCAL_IP ne $IP) {
- write2log ("err", "Unauthorized access to getStatus from: $IP ($CN) - access allowed only from localhost");
+ if ($local_ip ne $ip) {
+ write2log ("err", "Unauthorized access to getStatus from: $ip ($cn) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my ($sth, @status);
+ # Warden server hostname
+ my $hostname = $ENV{'SERVER_NAME'};
+
+ # IP address of Warden server
+ my $ip_address = $ENV{'REMOTE_ADDR'};
+
+ # used port
+ my $port = $ENV{'SERVER_PORT'};
+
# size of database events
- #my $db_size = Format::Human::Bytes::base10(-s $db);
-
- $sth = $DBH->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
- $sth->execute("warden", "events");
- my $db_size_db = $sth->fetchrow();
- my $db_size = (defined $db_size_db ? Format::Human::Bytes::base10($db_size_db) : "none");
+ $sth = $DBH->prepare_cached("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
+ $sth->execute('warden', 'events');
+ my $size = $sth->fetchrow();
+ my $db_size = (defined $size ? Format::Human::Bytes::base10($size) : "none");
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
@@ -780,7 +582,6 @@ sub getStatus
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
-
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
@@ -803,15 +604,13 @@ sub getStatus
my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
SOAP::Data->name(VERSION => $VERSION),
- #SOAP::Data->name(ADDRESS => $ADDRESS),
- #SOAP::Data->name(PORT => $PORT),
- #SOAP::Data->name(LOGDIR => $LOGDIR),
- #SOAP::Data->name(PIDDIR => $PIDDIR),
- #SOAP::Data->name(VARDIR => $VARDIR),
- #SOAP::Data->name(SSL_KEY_FILE => $SSL_KEY_FILE),
- #SOAP::Data->name(SSL_CERT_FILE => $SSL_CERT_FILE),
- #SOAP::Data->name(SSL_CA_FILE => $SSL_CA_FILE),
+ SOAP::Data->name(HOSTNAME => $hostname),
+ SOAP::Data->name(IP_ADDRESS => $ip_address),
+ SOAP::Data->name(PORT => $port),
SOAP::Data->name(FACILITY => $FACILITY),
+ SOAP::Data->name(DB_NAME => $DB_NAME),
+ SOAP::Data->name(DB_USER => $DB_USER),
+ SOAP::Data->name(DB_HOST => $DB_HOST),
SOAP::Data->name(DB_SIZE => $db_size),
SOAP::Data->name(EVENTS_SUM => $events_sum),
SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
@@ -823,27 +622,25 @@ sub getStatus
# statistics of senders
if ($clients_sum != 0) {
- $sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's';");
- if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
+ $sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's' ORDER BY client_id ASC;");
+ if (!defined $sth) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
$sth->execute;
my ($client_id, $hostname, $service);
my $client_status;
while(($client_id, $hostname, $service) = $sth->fetchrow()) {
- my $hostname_db = $DBH->quote($hostname);
- my $service_db = $DBH->quote($service);
my $sth2;
# sum of stored events
- $sth2 = $DBH->prepare("SELECT count(*) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
- if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
- $sth2->execute;
+ $sth2 = $DBH->prepare_cached("SELECT count(*) FROM events WHERE hostname = ? AND service = ?;");
+ if (!defined $sth2) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
+ $sth2->execute($hostname, $service);
my $count = $sth2->fetchrow();
if (!defined $count) {$count = "none"}
# timestamp of last stored event
- $sth2 = $DBH->prepare("SELECT max(received) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
- if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
- $sth2->execute;
+ $sth2 = $DBH->prepare_cached("SELECT max(received) FROM events WHERE hostname = ? AND service = ?;");
+ if (!defined $sth2) {die("Cannot prepare statement in getStatus: $DBI::errstr\n")}
+ $sth2->execute($hostname, $service);
my $timestamp = $sth2->fetchrow();
- if (!defined $timestamp) { $timestamp = "none" }
+ if (!defined $timestamp) {$timestamp = "none"}
# create SOAP data object
$client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
@@ -860,139 +657,4 @@ sub getStatus
}
} # END of getStatus
-##
-##
-##################################################################################
-### MAIN warden-server
-##################################################################################
-##
-###-------------------------------------------------------------------------------
-### Superuser controle
-###-------------------------------------------------------------------------------
-##my $UID = $<;
-##if ($UID != 0) {
-## die errMsg("You must be root for running this script!")
-##}
-##
-###-------------------------------------------------------------------------------
-### Daemonize section
-###-------------------------------------------------------------------------------
-##use POSIX qw(setsid);
-##chdir '/';
-##umask 0;
-### all STDERR messages are printed on terminal
-##open STDIN, '/dev/null' or die errMsg("Can't read /dev/null: $!");
-##open STDOUT, '/dev/null' or die errMsg("Can't write to /dev/null: $!");
-##defined( my $pid = fork ) or die errMsg("Can't fork: $!");
-##exit if $pid;
-##
-###-------------------------------------------------------------------------------
-### Dissociate this process from the controlling terminal
-### that started it and stop being part of whatever
-### process group this process was a part of.
-###------------------------------------------------------------------------------
-##POSIX::setsid() or die errMsg("Can't start a new session.");
-##
-###-------------------------------------------------------------------------------
-### Callback signal handler for signals.
-###-------------------------------------------------------------------------------
-##$SIG{INT} = $SIG{TERM} = $SIG{HUP} = \&signalHandler;
-##$SIG{PIPE} = 'ignore';
-##
-###-------------------------------------------------------------------------------
-### Create pid file in /var/run/
-###-------------------------------------------------------------------------------
-##my $pfh = File::Pid->new( { file => $pid_file, } );
-##$pfh->write or die errMsg("Can't write PID file $pid_file: $!");
-##my $pid_number = $pfh->pid;
-##
-###-------------------------------------------------------------------------------
-### Starting of Warden server
-###-------------------------------------------------------------------------------
-##write2log("info", "Starting WARDEN server daemon with pid $pid_number");
-##
-### log of warden database size
-##my $db_size_human = Format::Human::Bytes::base10(-s $db);
-##write2log("info", "Size of DB file ($db_file) is: $db_size_human");
-##
-### start TCP server
-##my $server = SOAP::Transport::TCP::Server
-## ->new(
-## Listen => 5,
-## LocalAddr => $ADDRESS,
-## LocalPort => $PORT,
-## Proto => "tcp",
-## ReuseAddr => 1,
-## SSL_verify_mode => 0x02,
-## SSL_use_cert => 1,
-## SSL_server => 1,
-## SSL_key_file => $SSL_KEY_FILE,
-## SSL_cert_file => $SSL_CERT_FILE,
-## SSL_ca_file => $SSL_CA_FILE,
-## SSL_error_trap =>\&sslErrorHandler,
-## );
-##
-### check if socket exist
-##$server or die errMsg("Socket error: $!");
-##
-### start SOAP server
-##my $soap = SOAP::Server
-## ->new()
-## ->dispatch_to('Warden');
-##
-##
-###-------------------------------------------------------------------------------
-### Process of incoming client's requests and send response
-###-------------------------------------------------------------------------------
-##write2log("info", "Starting TCP and SOAP server at $ADDRESS:$PORT");
-##while ($die_now != 1)
-##{
-## my $socket = $server->accept();
-## next if (!$socket);
-##
-# our $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
-# my @alt_names_array = $socket->peer_certificate("subjectAltNames");
-# our $AN_FILTER = altNamesFilter(undef);
-# our $IP = $ENV{'REMOTE_ADDR'};
-# our $LOCAL_IP = $ENV{'SERVER_ADDR'};
-##
-## # read input serialized SOAP envelope and data
-## my ($request, $buf);
-## while (defined($buf = <$socket>))
-## {
-## $request .= $buf;
-## }
-##
-## # handle of called server function from client and send response to client
-## my $response = $soap->handle($request);
-## print $socket $response;
-##
-## $socket->close;
-## undef($socket);
-## undef($CN);
-## undef($AN_FILTER);
-## undef($IP);
-## undef($LOCAL_IP);
-##}
-##
-##
-##
-##################################################################################
-### Cleanup section
-##################################################################################
-##END {
-## if ($die_now == 1)
-## {
-## my $pid = trim(`cat $pid_file`);
-## write2log("info", "Stopping WARDEN server daemon with pid $pid");
-##
-## # close connection to DB
-## $DBH->disconnect();
-##
-## # remove pid file
-## $pfh->remove if defined $pfh;
-## }
-##}
-#
1;
-
diff --git a/src/warden-server/lib/Warden/ApacheDispatch.pm b/src/warden-server/lib/Warden/ApacheDispatch.pm
index ebd7ad68b31497bdb4a3cb05d14a4aeb445e8d63..11d1e4f0931f9157398bcb18e26ee6ca26239e93 100644
--- a/src/warden-server/lib/Warden/ApacheDispatch.pm
+++ b/src/warden-server/lib/Warden/ApacheDispatch.pm
@@ -1,7 +1,26 @@
+#!/usr/bin/perl -w
+#
+# ApacheDispatch.pm
+#
+# Copyright (C) 2011-2012 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
package Warden::ApacheDispatch;
- use SOAP::Transport::HTTP;
+
+use strict;
+use SOAP::Transport::HTTP;
+
+our $VERSION = "2.0";
+
+# set server dispatch_to
my $server = SOAP::Transport::HTTP::Apache->dispatch_to('.','Warden');
- sub handler {
- $server->handler(@_)
- }
+
+#-------------------------------------------------------------------------------
+# handler - call handler for Warden server
+#-------------------------------------------------------------------------------
+sub handler {
+ $server->handler(@_)
+}
+
1;
diff --git a/src/warden-server/lib/WardenConf.pm b/src/warden-server/lib/WardenConf.pm
index 1f8e7c3741f30a4f794dba4fdb6a3e3199682710..68103e459944098b7415a443724d5827a724f0e8 100755
--- a/src/warden-server/lib/WardenConf.pm
+++ b/src/warden-server/lib/WardenConf.pm
@@ -3,40 +3,14 @@
# WardenConf.pm
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
package WardenConf;
use strict;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
#-------------------------------------------------------------------------------
# loadConf - load variables from configuration file
diff --git a/src/warden-server/lib/WardenReg.pm b/src/warden-server/lib/WardenReg.pm
index 2da50837c51c78ab887c584a14bde283c6533a47..e5ff0cd13991b48ea419fd88d175d3986df899e3 100755
--- a/src/warden-server/lib/WardenReg.pm
+++ b/src/warden-server/lib/WardenReg.pm
@@ -3,43 +3,17 @@
# WardenReg.pm
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
package WardenReg;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
-our $VERSION = "0.1";
+our $VERSION = "2.0";
#-------------------------------------------------------------------------------
@@ -55,47 +29,6 @@ sub errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
-#sub c2s
-#{
-# my $uri = shift;
-# my $ssl_key_file = shift;
-# my $ssl_cert_file = shift;
-# my $ssl_ca_file = shift;
-# my $method = shift;
-# my $data = shift;
-#
-# my $client;
-# my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-# if (!($client = SOAP::Transport::TCP::Client->new(
-# PeerAddr => $server,
-# PeerPort => $port,
-# Proto => 'tcp',
-# SSL_use_cert => 1,
-# SSL_verify_mode => 0x02,
-# SSL_key_file => $ssl_key_file,
-# SSL_cert_file => $ssl_cert_file,
-# SSL_ca_file => $ssl_ca_file,
-# ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-#
-# # setting of URI and serialize SOAP envelope and data object
-# my $soap = SOAP::Lite->uri($uri);
-# my $envelope = $soap->serializer->envelope(method => $method, $data);
-#
-# # setting of TCP URI and send serialized SOAP envelope and data
-# my $tcp_uri = "tcp://$server:$port/$service";
-# my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-#
-# # check server response
-# if (!defined $result) {
-# errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-# } else {
-# # deserialized response from server -> create SOAP envelope and data object
-# my $response = $soap->deserializer->deserialize($result);
-# # check SOAP fault status
-# $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return 1;
-# }
-#}
-#
sub c2s
{
my $uri = shift;
@@ -104,19 +37,12 @@ sub c2s
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
-
my $client;
+
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new(
-# ssl_opts => {
-# verify_hostname => 0,
-# SSL_use_cert => 1,
-# SSL_verify_mode => 0x02,
-# SSL_key_file => $ssl_key_file,
-# SSL_cert_file => $ssl_cert_file,
-# SSL_ca_file => $ssl_ca_file
-#}
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
+ if (!($client = SOAP::Transport::HTTP::Client->new())) {
+ errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+ }
$client->ssl_opts( verify_hostname => 1,
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
@@ -124,13 +50,13 @@ sub c2s
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file);
- # setting of URI and serialize SOAP envelope and data object
+ # set URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method, $data);
-# setting of TCP URI and send serialized SOAP envelope and data
- my $tcp_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+ # set URI and send serialized SOAP envelope and data
+ my $server_uri = "https://$server:$port/$service";
+ my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
# check server response
if (!defined $result) {
@@ -144,8 +70,6 @@ sub c2s
}
-
-
#-------------------------------------------------------------------------------
# registerSender - register new warden sender
#-------------------------------------------------------------------------------
diff --git a/src/warden-server/lib/WardenStatus.pm b/src/warden-server/lib/WardenStatus.pm
index 22b1fbd724840288a7a9dac75b117101dfb2bb70..eea49e48d8112aa0e606206cef183129c60c5496 100755
--- a/src/warden-server/lib/WardenStatus.pm
+++ b/src/warden-server/lib/WardenStatus.pm
@@ -3,43 +3,17 @@
# WardenStatus.pm
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
package WardenStatus;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
-#use Data::Dumper;
-our $VERSION = "0.1";
+
+our $VERSION = "2.0";
#-------------------------------------------------------------------------------
@@ -55,45 +29,6 @@ sub errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
-#sub c2s
-#{
-# my $uri = shift;
-# my $ssl_key_file = shift;
-# my $ssl_cert_file = shift;
-# my $ssl_ca_file = shift;
-# my $method = shift;
-#
-# my $client;
-# my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-# if (!($client = SOAP::Transport::TCP::Client->new(
-# PeerAddr => $server,
-# PeerPort => $port,
-# Proto => 'tcp',
-# SSL_use_cert => 1,
-# SSL_verify_mode => 0x02,
-# SSL_key_file => $ssl_key_file,
-# SSL_cert_file => $ssl_cert_file,
-# SSL_ca_file => $ssl_ca_file,
-# ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-#
-# # setting of URI and serialize SOAP envelope and data object
-# my $soap = SOAP::Lite->uri($uri);
-# my $envelope = $soap->serializer->envelope(method => $method);
-#
-# # setting of TCP URI and send serialized SOAP envelope and data
-# my $tcp_uri = "tcp://$server:$port/$service";
-# my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-#
-# # check server response
-# if (!defined $result) {
-# errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-# } else {
-# # deserialized response from server -> create SOAP envelope and data object
-# my $response = $soap->deserializer->deserialize($result);
-# # check SOAP fault status
-# $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
-# }
-#}
sub c2s
{
my $uri = shift;
@@ -102,33 +37,26 @@ sub c2s
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
-
my $client;
- my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new(
-# ssl_opts => {
-# verify_hostname => 0,
-# SSL_use_cert => 1,
-# SSL_verify_mode => 0x02,
-# SSL_key_file => $ssl_key_file,
-# SSL_cert_file => $ssl_cert_file,
-# SSL_ca_file => $ssl_ca_file
-#}
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
- $client->ssl_opts( verify_hostname => 1,
- SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
- # setting of URI and serialize SOAP envelope and data object
+ my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
+ if (!($client = SOAP::Transport::HTTP::Client->new())) {
+ errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+ }
+ $client->ssl_opts(verify_hostname => 1,
+ SSL_use_cert => 1,
+ SSL_verify_mode => 0x02,
+ SSL_key_file => $ssl_key_file,
+ SSL_cert_file => $ssl_cert_file,
+ SSL_ca_file => $ssl_ca_file);
+
+ # set URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method);
-# setting of TCP URI and send serialized SOAP envelope and data
- my $tcp_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+ # setting of TCP URI and send serialized SOAP envelope and data
+ my $server_uri = "https://$server:$port/$service";
+ my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
# check server response
if (!defined $result) {
@@ -157,39 +85,31 @@ sub getClients
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
+ # call method getClients on the Warden server
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getClients");
- # match getClients functions response
- $response->match('/Envelope/Body/getClientsResponse/');
- my $i = 1;
- my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
+ # parse returned SOAP data object with clients
my @clients;
- my $response_data = $response->valueof("[$i]");
-
- # parse returned data object
- while (defined $response_data) {
- # inicialization of temporal client array
+ my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
+ my @response_list = $response->valueof('/Envelope/Body/getClientsResponse/client/');
+ while (scalar @response_list) {
+ my $response_data = shift(@response_list);
my @client;
- # parse items of one client
$client_id = $response_data->{'CLIENT_ID'} ;
$hostname = $response_data->{'HOSTNAME'};
$registered = $response_data->{'REGISTERED'};
$requestor = $response_data->{'REQUESTOR'};
- $service = $response_data->{'SERVICE'};
+ $service = defined $response_data->{'SERVICE'} ? $response_data->{'SERVICE'} : "-";
$client_type = $response_data->{'CLIENT_TYPE'};
- $type = defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "";
- $receive_own_events = defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "";
- $description_tags = defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "";
+ $type = defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "-";
+ $receive_own_events = defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "-";
+ $description_tags = defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "-";
$ip_net_client = $response_data->{'IP_NET_CLIENT'};
# push received clients from warden server into @clients which is returned
- @client = ("$client_id", "$hostname", "$registered", "$requestor", "$service", "$client_type", "$type", "$receive_own_events", "$description_tags", "$ip_net_client");
+ @client = ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
push (@clients,\@client);
-
- # go to the next received client
- $i++;
- $response_data = $response->valueof("[$i]");
}
return @clients;
} # End of getClients
@@ -210,25 +130,21 @@ sub getStatus
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
+ # call method getStatus on Warden server
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getStatus");
- # match getStatus functions response
- $response->match('/Envelope/Body/getStatusResponse/');
- my @status;
- my $i = 1;
+ #-----------------------------------------------------------------------------
+ # parse returned SOAP object with server status
+ my @response_list = $response->valueof('/Envelope/Body/getStatusResponse/server_status/');
+ my $response_data = shift(@response_list);
- # get first value from SOAP data object
- my $response_data = $response->valueof("[$i]");
- # parse items of server status
my $version = $response_data->{'VERSION'};
- #my $address = $response_data->{'ADDRESS'};
- #my $port = $response_data->{'PORT'};
- my $logdir = $response_data->{'LOGDIR'};
- #my $piddir = $response_data->{'PIDDIR'};
- my $vardir = $response_data->{'VARDIR'};
- #my $ssl_key_file_server = $response_data->{'SSL_KEY_FILE'};
- #my $ssl_cert_file_server = $response_data->{'SSL_CERT_FILE'};
- #my $ssl_ca_file_server = $response_data->{'SSL_CA_FILE'};
+ my $server_hostname = $response_data->{'HOSTNAME'};
+ my $ip_address = $response_data->{'IP_ADDRESS'};
+ my $port = $response_data->{'PORT'};
+ my $db_name = $response_data->{'DB_NAME'};
+ my $db_user = $response_data->{'DB_USER'};
+ my $db_host = $response_data->{'DB_HOST'};
my $facility = $response_data->{'FACILITY'};
my $db_size = $response_data->{'DB_SIZE'};
my $events_sum = $response_data->{'EVENTS_SUM'};
@@ -237,24 +153,26 @@ sub getStatus
my $events_last_timestamp = $response_data->{'EVENTS_LAST_TIMESTAMP'};
my $clients_sum = $response_data->{'CLIENTS_SUM'};
- #my @server_status = ("$version", "$address", "$port", "$logdir", "$piddir", "$vardir", "$ssl_key_file_server", "$ssl_cert_file_server", "$ssl_ca_file_server", "$facility", "$db_size", "$events_sum", "$events_last_id", "$events_first_timestamp", "$events_last_timestamp", "$clients_sum");
- my @server_status = ("$version", undef, undef, undef, undef, undef, undef, undef, undef, "$facility", "$db_size", "$events_sum", "$events_last_id", "$events_first_timestamp", "$events_last_timestamp", "$clients_sum");
+ my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
+ my @status;
push(@status, \@server_status);
- $i++;
- $response_data = $response->valueof("[$i]");
- while (defined $response_data) {
+ #-----------------------------------------------------------------------------
+ # parse returned SOAP object with client status
+ @response_list = $response->valueof('/Envelope/Body/getStatusResponse/client_status/');
+ my ($client_id, $hostname, $service, $count, $timestamp);
+ while (scalar @response_list) {
+ my $response_data = shift(@response_list);
my @client_status;
- # parse SOAP data object
+
my $client_id = $response_data->{'CLIENT_ID'};
my $hostname = $response_data->{'HOSTNAME'};
my $service = $response_data->{'SERVICE'};
my $count = $response_data->{'COUNT'};
my $timestamp = $response_data->{'TIMESTAMP'};
- @client_status = ("$client_id", "$hostname", "$service", "$count", "$timestamp");
+
+ @client_status = ($client_id, $hostname, $service, $count, $timestamp);
push(@status, \@client_status);
- $i++;
- $response_data = $response->valueof("[$i]");
}
return @status;
} # End of getStatus