diff --git a/src/warden-server/bin/getClients.pl b/src/warden-server/bin/getClients.pl
index 63fff51198bc46bd81b969878c6d26a8afcda9c0..0f1fd3402a37b1c8a27f1dc2858eda8941d154b4 100755
--- a/src/warden-server/bin/getClients.pl
+++ b/src/warden-server/bin/getClients.pl
@@ -1,93 +1,112 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# getClients.pl
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use Getopt::Std;
-use File::Basename;
+use DBI;
+use DBD::mysql;
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenCommon;
+
+
-our $VERSION = "2.1";
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+my $etc = "$RealBin/../etc";
-my $warden_path = '/opt/warden-server';
-require $warden_path . '/lib/WardenStatus.pm';
-my $filename = basename($0);
+# read config file
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
-#-------------------------------------------------------------------------------
-# Functions
-#-------------------------------------------------------------------------------
+
+################################################################################
+# FUNCTIONS
+################################################################################
sub usage {
- print "Usage: $filename [without parameters]\n";
+ print "Usage: $RealScript (without parameters) [-h -V]\n";
exit 1;
}
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- $msg = trim($msg);
- print $msg . "\n";
- exit 1;
-} # End of errMsg
+sub help {
+ print "$RealScript (without parameters) [-h -V]\n";
+ print "-h print this text and exit\n";
+ print "-V print version and exit\n";
+ exit 0;
+}
-#-------------------------------------------------------------------------------
-# trim - remove whitespace from the start and end of the string
-#-------------------------------------------------------------------------------
-sub trim
-{
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-} # End of trim
+sub version {
+ print "Current version: $VERSION\n";
+ exit 0;
+}
-#-------------------------------------------------------------------------------
+################################################################################
# MAIN
-#-------------------------------------------------------------------------------
-our ($opt_h);
+################################################################################
+our ($opt_h, $opt_V);
-die usage unless getopts("h");
-my $help = $opt_h;
+die usage unless getopts("hV");
+my $help = $opt_h;
+my $script_version = $opt_V;
-# catch help param
+# catch help option
if ($help) {
- usage;
+ help;
}
-# superuser controle
-my $UID = $<;
-if ($UID != 0) {
- die errMsg("You must be root for running this script!")
+# catch version option
+if ($script_version) {
+ version;
}
-
-my @clients = WardenStatus::getClients($warden_path);
-print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
-print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client |\n";
-print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
-foreach (@clients) {
- printf("| %-10s ", @$_[0] || "unknown");
- printf("| %-30s ", @$_[1] || "unknown");
- printf("| %19s ", @$_[2] || "unknown");
- printf("| %-23s ", @$_[3] || "unknown");
- printf("| %-25s ", @$_[4] || "unknown");
- printf("| %-2s ", @$_[5] || "unknown");
- printf("| %-15s ", @$_[6] || "unknown");
- printf("| %-4s ", @$_[7] || "unknown");
- printf("| %-50s ", @$_[8] || "unknown");
- printf("| %-18s |\n", @$_[9] || "unknown");
+# connect to DB
+my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
+
+# obtain data from DB
+my $sth = $dbh->prepare("SELECT * FROM clients ORDER BY client_id ASC;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $hash_ref = $sth->fetchall_hashref("client_id");
+
+# print table of clients
+print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
+print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client | Valid |\n";
+print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
+foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
+ printf("| %-10s ", $hash_ref->{$key}->{client_id} || "unknown");
+ printf("| %-30s ", $hash_ref->{$key}->{hostname} || "unknown");
+ printf("| %19s ", $hash_ref->{$key}->{registered} || "unknown");
+ printf("| %-23s ", $hash_ref->{$key}->{requestor} || "unknown");
+ printf("| %-25s ", $hash_ref->{$key}->{service} || "-");
+ printf("| %-2s ", $hash_ref->{$key}->{client_type} || "unknown");
+ printf("| %-15s ", $hash_ref->{$key}->{type} || "-");
+ printf("| %-4s ", $hash_ref->{$key}->{receive_own_events} || "-");
+ printf("| %-50s ", $hash_ref->{$key}->{description_tags} || "-");
+ printf("| %-18s ", $hash_ref->{$key}->{ip_net_client}|| "unknown");
+ printf("| %-5s |\n", $hash_ref->{$key}->{valid}|| "unknown");
}
-print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
+print "+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "\n";
print "Current registered clients in: " . scalar localtime(time) . "\n";
+# cleanup section
+END {
+ if (defined $dbh) {
+ $dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
+ }
+}
+
exit 0;
diff --git a/src/warden-server/bin/getStatus.pl b/src/warden-server/bin/getStatus.pl
index bcd6adf6d09286fab51f5ea3a15ff14465437402..51f1dcebdd2300781ac13db5f112d6d6406d631d 100755
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -1,132 +1,259 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# getStatus.pl
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use Getopt::Std;
-use File::Basename;
+use DBI;
+use DBD::mysql;
+use Format::Human::Bytes;
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenCommon;
-our $VERSION = "2.1";
-my $warden_path = '/opt/warden-server';
-require $warden_path . '/lib/WardenStatus.pm';
-my $filename = basename($0);
-#-------------------------------------------------------------------------------
-# Functions
-#-------------------------------------------------------------------------------
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+my $etc = "$RealBin/../etc";
+
+# read config file
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
+
+
+
+################################################################################
+# FUNCTIONS
+################################################################################
sub usage {
- print "Usage: $filename [without parameters]\n";
+ print "Usage: $RealScript (without parameters) [-h -V]\n";
exit 1;
}
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- $msg = trim($msg);
- print $msg . "\n";
- exit 1;
-} # End of errMsg
+sub help {
+ print "$RealScript (without parameters) [-h -V]\n";
+ print "-h print this text and exit\n";
+ print "-V print version and exit\n";
+ exit 0;
+}
-#-------------------------------------------------------------------------------
-# trim - remove whitespace from the start and end of the string
-#-------------------------------------------------------------------------------
-sub trim
-{
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-} # End of trim
+sub version {
+ print "Current version: $VERSION\n";
+ exit 0;
+}
-#-------------------------------------------------------------------------------
+
+################################################################################
# MAIN
-#-------------------------------------------------------------------------------
-our ($opt_h);
+################################################################################
+our ($opt_h, $opt_V);
-die usage unless getopts("h");
-my $help = $opt_h;
+die usage unless getopts("hV");
+my $help = $opt_h;
+my $script_version = $opt_V;
-# catch help param
+# catch help option
if ($help) {
- usage;
+ help;
+}
+
+# catch version option
+if ($script_version) {
+ version;
}
# superuser controle
my $UID = $<;
if ($UID != 0) {
- die errMsg("You must be root for running this script!")
+ WardenCommon::errMsg("You must be root for running this script!");
}
-my @status = WardenStatus::getStatus($warden_path);
+# connect to DB
+my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
-# take and remove first element of array @status and save it into $server_status_ref
-my $server_status_ref = shift(@status);
-my @server_status = @$server_status_ref;
-
-my $syslog;
-my $syslog_verbose;
-
-if ($server_status[7] == 1) {
+#-----------------------------------------------------------------------------
+# Warden server variables
+my $package_version = WardenCommon::trim(`cat /opt/warden-server/etc/package_version`);
+my $version = substr($package_version, 14);
+my $hostname = WardenCommon::trim(`hostname -f`);
+my $ip_address = WardenCommon::trim(`hostname -i`);
+my $port = WardenCommon::trim(`netstat -pln | grep apache | cut -f 4 -d ":"`);
+my ($syslog, $syslog_verbose);
+if ($WardenCommon::SYSLOG == 1) {
$syslog = "enabled";
} else {
$syslog = "disabled";
}
-
-if ($server_status[8] == 1) {
+if ($WardenCommon::SYSLOG_VERBOSE == 1) {
$syslog_verbose = "enabled";
} else {
$syslog_verbose = "disabled";
}
+#-------------------------------------------------------------------------------
+# Warden server status
+
+# size of database events
+my $sth = $dbh->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute($WardenCommon::DB_NAME, 'events') or die "Cannot execute statement: " . $sth->errstr;
+my $size = $sth->fetchrow();
+my $db_size = defined $size ? Format::Human::Bytes::base10($size) : "none";
+
+
+# sum of all records in table events
+$sth = $dbh->prepare("SELECT count(*) FROM events;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_sum = $sth->fetchrow();
+if (!defined $events_sum) {
+ $events_sum = "none";
+}
+
+# sum of valid records in table events
+$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_sum_valid = $sth->fetchrow();
+if (!defined $events_sum_valid) {
+ $events_sum_valid = "none";
+}
+
+# sum of obsolete records in table events
+$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 'o';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_sum_obsolete = $sth->fetchrow();
+if (!defined $events_sum_obsolete) {
+ $events_sum_obsolete = "none";
+}
+
+# sum of fail records in table events
+$sth = $dbh->prepare("SELECT count(*) FROM events WHERE valid = 'f';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_sum_invalid = $sth->fetchrow();
+if (!defined $events_sum_invalid) {
+ $events_sum_invalid = "none";
+}
+
+
+# id of last record in table events
+$sth = $dbh->prepare("SELECT max(id) FROM events WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_last_id = $sth->fetchrow();
+if (!defined $events_last_id) {
+ $events_last_id = "none";
+}
+
+
+# timestamp of first record in table events
+$sth = $dbh->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events WHERE valid = 't');") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_first_timestamp = $sth->fetchrow();
+if (!defined $events_first_timestamp) {
+ $events_first_timestamp = "none";
+}
+
+# timestamp of last record in table events
+$sth = $dbh->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events WHERE valid = 't');") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $events_last_timestamp = $sth->fetchrow();
+if (!defined $events_last_timestamp) {
+ $events_last_timestamp = "none";
+}
+
+
+# sum of all records in table clients
+$sth = $dbh->prepare("SELECT count(*) FROM clients;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $clients_sum = $sth->fetchrow();
+if (!defined $clients_sum) {
+ $clients_sum = "none";
+}
+
+# sum of valid records in table clients
+$sth = $dbh->prepare("SELECT count(*) FROM clients WHERE valid = 't';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $clients_sum_valid = $sth->fetchrow();
+if (!defined $clients_sum_valid) {
+ $clients_sum_valid = "none";
+}
+
+# sum of invaled records in table clients
+$sth = $dbh->prepare("SELECT count(*) FROM clients WHERE valid = 'f';") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute or die "Cannot execute statement: " . $sth->errstr;
+my $clients_sum_invalid = $sth->fetchrow();
+if (!defined $clients_sum_invalid) {
+ $clients_sum_invalid = "none";
+}
+
+#-------------------------------------------------------------------------------
+# Statistics of active registered senders
+my $hash_ref;
+if ($clients_sum != 0) {
+# $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.client_id=clients.client_id) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+
+ $sth->execute or die "Cannot execute statement: " . $sth->errstr;
+ my ($client_id, $hostname, $service, $count, $timestamp, $client_status);
+ $hash_ref = $sth->fetchall_hashref("client_id");
+}
+
+#-------------------------------------------------------------------------------
+# Print status info output
+
print "Warden server variables:\n";
print "========================\n";
-print "SERVER_VERSION:\t\t$server_status[0]\n";
-print "HOSTNAME:\t\t$server_status[1]\n";
-print "IP_ADDRESS:\t\t$server_status[2]\n";
-print "PORT:\t\t\t$server_status[3]\n";
-print "DB_NAME:\t\t$server_status[4]\n";
-print "DB_USER:\t\t$server_status[5]\n";
-print "DB_HOST:\t\t$server_status[6]\n";
+print "SERVER_VERSION:\t\t$version\n";
+print "HOSTNAME:\t\t$hostname\n";
+print "IP_ADDRESS:\t\t$ip_address\n";
+print "PORT:\t\t\t$port\n";
+print "BASEDIR:\t\t$WardenCommon::BASEDIR\n";
+print "DB_NAME:\t\t$WardenCommon::DB_NAME\n";
+print "DB_USER:\t\t$WardenCommon::DB_USER\n";
+print "DB_HOST:\t\t$WardenCommon::DB_HOST\n";
print "SYSLOG:\t\t\t$syslog\n";
print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n";
-print "SYSLOG_FACILITY:\t$server_status[9]\n";
+print "SYSLOG_FACILITY:\t$WardenCommon::SYSLOG_FACILITY\n";
+print "MAX_EVENTS_LIMIT:\t$WardenCommon::MAX_EVENTS_LIMIT\n";
print "\n";
print "Warden server status:\n";
print "=====================\n";
-print "Database size:\t\t\t$server_status[10]\n";
-print "Count of saved events:\t\t$server_status[11]\n";
-print "Last ID in events table:\t$server_status[12]\n";
-print "Time of first inserted event:\t$server_status[13] (UTC)\n";
-print "Time of latest inserted event:\t$server_status[14] (UTC)\n";
-print "Count of registered clients:\t$server_status[15]\n";
+print "Database size:\t\t\t\t$db_size\n";
+print "Count of all saved events:\t\t$events_sum\n";
+print " - count of valid events:\t\t$events_sum_valid\n";
+print " - count of obsolete events:\t\t$events_sum_obsolete\n";
+print " - count of invalid events:\t\t$events_sum_invalid\n";
+print "Last (valid) ID in events table:\t$events_last_id\n";
+print "Time of first (valid) inserted event:\t$events_first_timestamp (UTC)\n";
+print "Time of latest (valid) inserted event:\t$events_last_timestamp (UTC)\n";
+print "Count of all registered clients:\t$clients_sum\n";
+print " - count of valid registered clients:\t$clients_sum_valid\n";
+print " - count of invalid registered clients:\t$clients_sum_invalid\n";
print "\n";
-# check if sum of registered client isn't 0
-if ($server_status[15] != 0) {
- print "Statistics of active registered senders:\n";
- print "========================================\n";
+if ($clients_sum != 0) {
+ print "Statistics of ACTIVE and VALID registered senders:\n";
+ print "==================================================\n";
print "+----------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n";
print "+----------------------------------------------------------------------------------------------------------------+\n";
- foreach my $client_status_ref (@status){
- my @client_status = @$client_status_ref;
- printf("| %-10s ", $client_status[0] || "unknown");
- printf("| %-30s ", $client_status[1] || "unknown");
- printf("| %-25s ", $client_status[2] || "unknown");
- printf("| %-13s ", $client_status[3] || "unknown");
- printf("| %-20s |\n", $client_status[4] || "unknown");
+ foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
+ printf("| %-10s ", $hash_ref->{$key}->{client_id} || "unknown");
+ printf("| %-30s ", $hash_ref->{$key}->{hostname}|| "unknown");
+ printf("| %-25s ", $hash_ref->{$key}->{service} || "unknown");
+ printf("| %-13s ", $hash_ref->{$key}->{"count(*)"} || "unknown");
+ printf("| %-20s |\n", $hash_ref->{$key}->{"max(received)"} || "unknown");
}
print "+----------------------------------------------------------------------------------------------------------------+\n";
print "\n";
@@ -134,4 +261,11 @@ if ($server_status[15] != 0) {
print "Current server status in:\t" . scalar localtime(time) . "\n";
+# cleanup section
+END {
+ if (defined $dbh) {
+ $dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
+ }
+}
+
exit 0;
diff --git a/src/warden-server/bin/registerReceiver.pl b/src/warden-server/bin/registerReceiver.pl
index cada6e2055937d5432d881bd5d21c57b2dbe5a69..49f3d97d9da4114c788f5b33f19928809ae9e729 100755
--- a/src/warden-server/bin/registerReceiver.pl
+++ b/src/warden-server/bin/registerReceiver.pl
@@ -1,109 +1,184 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# registerReceiver.pl
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use Getopt::Std;
use Switch;
-use File::Basename;
+use DBI;
+use DBD::mysql;
+use DateTime;
+use Sys::Syslog qw(:DEFAULT setlogsock);
+Sys::Syslog::setlogsock('unix');
+use Carp;
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenCommon;
-our $VERSION = "2.0";
-my $warden_path = '/opt/warden-server';
-require $warden_path . '/lib/WardenReg.pm';
-my $filename = basename($0);
-#-------------------------------------------------------------------------------
-# Functions
-#-------------------------------------------------------------------------------
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+my $etc = "$RealBin/../etc";
+
+# read config file
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
+
+
+
+################################################################################
+# FUNCTIONS
+################################################################################
sub usage {
- print "Usage: $filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n";
+ print "Usage: $RealScript -n <hostname> -r <requestor> -t <type> -o -c <ip_net_client> [-i <client_id> -h -V]\n";
exit 1;
}
sub help {
- print "$filename [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>]\n";
- print "-h print this text and exit\n";
+ print "$RealScript -n <hostname> -r <requestor> -t <type> -o -c <ip_net_client> [-i <client_id> -h -V]\n";
print "-n hostname of receiver\n";
- print "-r client registration requestor\n";
+ print "-r e-mail address of client registration requestor\n";
print "-t type of received events or '_any_' for receiving of all types of events\n";
print "-o enable receiving of own events\n";
- print "-i CIDR of receiver\n";
+ print "-c CIDR of receiver\n";
+ print "-i user defined client ID (optional)\n";
+ print "-h print this text and exit\n";
+ print "-V print version and exit\n";
exit 0;
}
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- $msg = trim($msg);
- print $msg . "\n";
- exit 1;
-} # End of errMsg
+sub version {
+ print "Current version: $VERSION\n";
+ exit 0;
+}
+
#-------------------------------------------------------------------------------
-# trim - remove whitespace from the start and end of the string
+# sendMsg - wrapper for more complex WardenCommon::sendMsg function
#-------------------------------------------------------------------------------
-sub trim
+sub sendMsg
{
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-} # End of trim
+ my $severity = shift;
+ my $syslog_msg = shift;
+
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
+ $syslog_msg, undef, $RealScript);
+}
-#-------------------------------------------------------------------------------
+
+################################################################################
# MAIN
-#-------------------------------------------------------------------------------
-our ($opt_n, $opt_r, $opt_t, $opt_o, $opt_i, $opt_h);
+################################################################################
+our ($opt_n, $opt_r, $opt_t, $opt_o, $opt_c, $opt_i, $opt_h, $opt_V);
-if ($#ARGV == -1) {usage}
+if ($#ARGV == -1) {
+ usage;
+}
-die usage unless getopts("n:r:t:i:ho");
+die usage unless getopts("n:r:t:c:i:ohV");
my $hostname = $opt_n;
my $requestor = $opt_r;
my $type = $opt_t;
-my $ip_net_client = $opt_i;
+my $ip_net_client = $opt_c;
+my $client_id = $opt_i;
my $help = $opt_h;
+my $script_version = $opt_V;
my $receive_own_events = "f";
-
if ($opt_o) {
$receive_own_events = "t";
}
-# catch help param
+# catch help option
if ($help) {
help;
}
-if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
- die errMsg("Enter correct IP in CIDR format!");
+# catch version option
+if ($script_version) {
+ version;
}
-# superuser controle
-my $UID = $<;
-if ($UID != 0) {die errMsg("You must be root for running this script!")}
-
# check parameters definition
switch () {
- case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; }
- case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; }
- case {!defined $type} { print "ERROR: Parameter 'type' is not defined!\n"; exit 1; }
- case {!defined $receive_own_events} { print "ERROR: Parameter 'receive_own_events' is not defined!\n"; exit 1; }
- case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; }
+ case {!defined $hostname} {WardenCommon::errMsg("Parameter 'hostname' is not defined!")}
+ case {!defined $requestor} {WardenCommon::errMsg("Parameter 'requestor' is not defined!")}
+ case {!defined $type} {WardenCommon::errMsg("Parameter 'type' is not defined!")}
+ case {!defined $receive_own_events} {WardenCommon::errMsg("Parameter 'receive_own_events' is not defined!")}
+ case {!defined $ip_net_client} {WardenCommon::errMsg("Parameter 'ip_net_client' is not defined!")}
}
-my $return = WardenReg::registerReceiver($warden_path, $hostname, $requestor, $type, $receive_own_events, $ip_net_client);
-$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n";
+# check validity of IP address (CIDR format)
+if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
+ WardenCommon::errMsg("Enter correct IP address in CIDR format!");
+}
+
+# check client ID
+if (defined $client_id && $client_id !~ /^\d+\z/) {
+ WardenCommon::errMsg("Parameter 'client_id' is not a integer!");
+}
+
+# defined variables by script
+my $client_type = "r";
+my $valid = "t";
+my $registered = DateTime->now;
+my $service = undef;
+my $description_tags = undef;
+
+# connect to DB
+my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
+
+my $warden_server = WardenCommon::trim(`hostname -f`);
+
+# check if user defined client_id wasn't used
+my ($sth, $client_id_db, $registered_db);
+if (defined $client_id) {
+ $sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+ ($client_id_db, $registered_db) = $sth->fetchrow();
+ if (defined $client_id_db) {
+ sendMsg("err", "Attempt to use client_id (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
+ WardenCommon::errMsg("Client with ID '$client_id_db' has been already registered at Warden server '$warden_server' in '$registered_db'");
+ }
+}
+# check if receiver has been already registered
+$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE hostname = ? AND client_type = ? AND type = ? AND ip_net_client = ? LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute($hostname, $client_type, $type, $ip_net_client) or die "Cannot execute statement: " . $sth->errstr;
+($client_id_db, $registered_db) = $sth->fetchrow();
+if (defined $client_id_db) {
+ sendMsg("err", "Attempt to re-register receiver (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
+ WardenCommon::errMsg("Receiver has been already registered at Warden server '$warden_server' in '$registered_db' with ID '$client_id_db'");
+} else {
+ # register receiver
+ $sth = $dbh->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?,?);") or die "Cannot prepare statement: " . $dbh->errstr;
+ my $ret_val = $sth->execute($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client, $valid) or die "Cannot execute statement: " . $sth->errstr;
+ if ($ret_val == 1) {
+ my $last_insert_id = $dbh->last_insert_id(undef, undef, "clients", undef);
+ sendMsg("info", "New receiver [ID: '$last_insert_id', Hostname: '$hostname', Requestor: '$requestor', Type: '$type', ROE: '$receive_own_events', CIDR: '$ip_net_client'] has been registered");
+ WardenCommon::succMsg("Registration of receiver (#$last_insert_id) was SUCCESSFUL!!!");
+ } else {
+ WardenCommon::errMsg("Registration of receiver $hostname ($type) FAILED!!!");
+ }
+}
+
+# cleanup section
+END {
+ if (defined $dbh) {
+ $dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
+ }
+}
exit 0;
diff --git a/src/warden-server/bin/registerSender.pl b/src/warden-server/bin/registerSender.pl
index da34a2d8f2206608a673f745cc2d7eaf2cd33495..a2beb3f3e48006d5ec6ecd28e4c7f82fbe938c2a 100755
--- a/src/warden-server/bin/registerSender.pl
+++ b/src/warden-server/bin/registerSender.pl
@@ -1,105 +1,180 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# registerSender.pl
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use Getopt::Std;
use Switch;
-use File::Basename;
+use DBI;
+use DBD::mysql;
+use DateTime;
+use Sys::Syslog qw(:DEFAULT setlogsock);
+Sys::Syslog::setlogsock('unix');
+use Carp;
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenCommon;
-our $VERSION = "2.0";
-my $warden_path = '/opt/warden-server';
-require $warden_path . '/lib/WardenReg.pm';
-my $filename = basename($0);
-#-------------------------------------------------------------------------------
-# Functions
-#-------------------------------------------------------------------------------
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+my $etc = "$RealBin/../etc";
+
+# read config file
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
+
+
+
+################################################################################
+# FUNCTIONS
+################################################################################
sub usage {
- print "Usage: $filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n";
+ print "Usage: $RealScript -n <hostname> -r <requestor> -s <service> -d <description_tags> -c <ip_net_client> [-i <client_id> -h -V]\n";
exit 1;
}
+
sub help {
- print "$filename [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>]\n";
- print "-h print this text and exit\n";
+ print "$RealScript -n <hostname> -r <requestor> -s <service> -d <description_tags> -c <ip_net_client> [-i <client_id> -h -V]\n";
print "-n hostname of sender\n";
- print "-r client registration requestor\n";
+ print "-r e-mail address of client registration requestor\n";
print "-s name of service which sent events\n";
print "-d description tags of send events\n";
- print "-i CIDR of sender\n";
+ print "-c CIDR of sender\n";
+ print "-i user defined client ID (optional)\n";
+ print "-h print this text and exit\n";
+ print "-V print version and exit\n";
exit 0;
}
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- $msg = trim($msg);
- print $msg . "\n";
- exit 1;
-} # End of errMsg
+sub version {
+ print "Current version: $VERSION\n";
+ exit 0;
+}
#-------------------------------------------------------------------------------
-# trim - remove whitespace from the start and end of the string
+# sendMsg - wrapper for more complex WardenCommon::sendMsg function
#-------------------------------------------------------------------------------
-sub trim
+sub sendMsg
{
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-} # End of trim
+ my $severity = shift;
+ my $syslog_msg = shift;
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
+ $syslog_msg, undef, $RealScript);
+}
-#-------------------------------------------------------------------------------
-# MAIN
-#-------------------------------------------------------------------------------
-our ($opt_n, $opt_r, $opt_s, $opt_d, $opt_i, $opt_h);
-if ($#ARGV == -1) {usage}
-die usage unless getopts("n:r:s:d:i:h");
+################################################################################
+# MAIN
+################################################################################
+our ($opt_n, $opt_r, $opt_s, $opt_d, $opt_c, $opt_i, $opt_h, $opt_V);
+
+if ($#ARGV == -1) {
+ usage;
+}
+
+die usage unless getopts("n:r:s:d:c:i:hV");
my $hostname = $opt_n;
my $requestor = $opt_r;
my $service = $opt_s;
my $description_tags = $opt_d;
-my $ip_net_client = $opt_i;
+my $ip_net_client = $opt_c;
+my $client_id = $opt_i;
my $help = $opt_h;
+my $script_version = $opt_V;
-# catch help param
+# catch help option
if ($help) {
help;
}
-if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
- die errMsg("Enter correct IP in CIDR format!");
+# catch version option
+if ($script_version) {
+ version;
}
-# superuser controle
-my $UID = $<;
-if ($UID != 0) {die errMsg("You must be root for running this script!")}
-
# check parameters definition
switch () {
- case {!defined $hostname} { print "ERROR: Parameter 'hostname' is not defined!\n"; exit 1; }
- case {!defined $requestor} { print "ERROR: Parameter 'requestor' is not defined!\n"; exit 1; }
- case {!defined $service} { print "ERROR: Parameter 'service' is not defined!\n"; exit 1; }
- case {!defined $description_tags} { print "ERROR: Parameter 'description_tags' is not defined!\n"; exit 1; }
- case {!defined $ip_net_client} { print "ERROR: Parameter 'ip_net_client' is not defined!\n"; exit 1; }
+ case {!defined $hostname} {WardenCommon::errMsg("Parameter 'hostname' is not defined!")}
+ case {!defined $requestor} {WardenCommon::errMsg("Parameter 'requestor' is not defined!")}
+ case {!defined $service} {WardenCommon::errMsg("Parameter 'service' is not defined!")}
+ case {!defined $description_tags} {WardenCommon::errMsg("Parameter 'description_tags' is not defined!")}
+ case {!defined $ip_net_client} {WardenCommon::errMsg("Parameter 'ip_net_client' is not defined!")}
+}
+
+# check validity of IP address (CIDR format)
+if ($ip_net_client !~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$/) {
+ WardenCommon::errMsg("Enter correct IP in CIDR format!");
+}
+
+# check client ID
+if (defined $client_id && $client_id !~ /^\d+\z/) {
+ WardenCommon::errMsg("Parameter 'client_id' is not a integer!");
}
-# register sender at warden server
-my $return = WardenReg::registerSender($warden_path, $hostname, $requestor, $service, $description_tags, $ip_net_client);
-$return ? print "Registration of $hostname was SUCCESSFUL...\n" : print "Registration of $hostname FAILED!\n";
+# defined variables by method
+my $client_type = "s";
+my $valid = "t";
+my $registered = DateTime->now;
+my $type = undef;
+my $receive_own_events = undef;
+
+# connect to DB
+my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
+
+my $warden_server = WardenCommon::trim(`hostname -f`);
+
+# check if user defined client_id wasn't used
+my ($sth, $client_id_db, $registered_db);
+if (defined $client_id) {
+ $sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+ ($client_id_db, $registered_db) = $sth->fetchrow();
+ if (defined $client_id_db) {
+ sendMsg("err", "Attempt to use client_id (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
+ WardenCommon::errMsg("Client with ID '$client_id_db' has been already registered at Warden server '$warden_server' in '$registered_db'");
+ }
+}
+# check if sender has been already registered
+$sth = $dbh->prepare("SELECT client_id, registered FROM clients WHERE hostname = ? AND service = ? AND client_type = ? AND ip_net_client = ? LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute($hostname, $service, $client_type, $ip_net_client) or die "Cannot execute statement: " . $sth->errstr;
+($client_id_db, $registered_db) = $sth->fetchrow();
+if (defined $client_id_db) {
+ sendMsg("err", "Attempt to re-register sender (#$client_id_db) registered at Warden server '$warden_server' in '$registered_db'");
+ WardenCommon::errMsg("Sender has been already registered at Warden server '$warden_server' in '$registered_db' with ID '$client_id_db'");
+} else {
+ # register sender
+ $sth = $dbh->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?,?);") or die "Cannot prepare statement: " . $dbh->errstr;
+ my $ret_val = $sth->execute($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client, $valid) or die "Cannot execute statement: " . $sth->errstr;
+ if ($ret_val == 1) {
+ my $last_insert_id = $dbh->last_insert_id(undef, undef, "clients", undef);
+ sendMsg("info", "New sender [ID: '$last_insert_id', Hostname: '$hostname', Requestor: '$requestor', Service: '$service', Description_tags: '$description_tags', CIDR: '$ip_net_client'] has been registered");
+ WardenCommon::succMsg("Registration of sender (#$last_insert_id) was SUCCESSFUL!!!");
+ } else {
+ WardenCommon::errMsg("Registration of sender $hostname ($service) FAILED!!!");
+ }
+}
+
+# cleanup section
+END {
+ if (defined $dbh) {
+ $dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
+ }
+}
exit 0;
diff --git a/src/warden-server/bin/unregisterClient.pl b/src/warden-server/bin/unregisterClient.pl
index f054b40753053ac76eaeecbd7e95f636d3dacd32..25876ab437f9a6d690b3fff73f94374f2576e2d1 100755
--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -1,89 +1,152 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# unregisterClient.pl
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use Getopt::Std;
use Switch;
-use File::Basename;
+use DBI;
+use DBD::mysql;
+use DateTime;
+use Sys::Syslog qw(:DEFAULT setlogsock);
+Sys::Syslog::setlogsock('unix');
+use Carp;
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenCommon;
-our $VERSION = "2.0";
-my $warden_path = '/opt/warden-server';
-require $warden_path . '/lib/WardenReg.pm';
-my $filename = basename($0);
-#-------------------------------------------------------------------------------
-# Functions
-#-------------------------------------------------------------------------------
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+my $etc = "$RealBin/../etc";
+
+# read config file
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
+
+
+
+################################################################################
+# FUNCTIONS
+################################################################################
sub usage {
- print "Usage: $filename [-h -i <client_id>]\n";
+ print "Usage: $RealScript -i <client_id> [-h -V]\n";
exit 1;
}
+
sub help {
- print "$filename [-h -i <client_id>]\n";
- print "-h print this text and exit\n";
+ print "$RealScript -i <client_id> [-h -V]\n";
print "-i client_id for unregistration\n";
+ print "-h print this text and exit\n";
+ print "-V print version and exit\n";
exit 0;
}
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- $msg = trim($msg);
- print $msg . "\n";
- exit 1;
-} # End of errMsg
+sub version {
+ print "Current version: $VERSION\n";
+ exit 0;
+}
#-------------------------------------------------------------------------------
-# trim - remove whitespace from the start and end of the string
+# sendMsg - wrapper for more complex WardenCommon::sendMsg function
#-------------------------------------------------------------------------------
-sub trim
+sub sendMsg
{
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-} # End of trim
+ my $severity = shift;
+ my $syslog_msg = shift;
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
+ $syslog_msg, undef, $RealScript);
+}
-#-------------------------------------------------------------------------------
+
+
+################################################################################
# MAIN
-#-------------------------------------------------------------------------------
-our ($opt_h, $opt_i);
+################################################################################
+our ($opt_i, $opt_h, $opt_V);
-if ($#ARGV == -1) {usage}
+if ($#ARGV == -1) {
+ usage;
+}
-die usage unless getopts("i:h");
-my $client_id = $opt_i;
-my $help = $opt_h;
+die usage unless getopts("i:hV");
+my $client_id = $opt_i;
+my $help = $opt_h;
+my $script_version = $opt_V;
-# catch help param
+# catch help option
if ($help) {
- help;
+ help;
}
-# superuser controle
-my $UID = $<;
-if ($UID != 0) {die errMsg("You must be root for running this script!")}
+# catch version option
+if ($script_version) {
+ version;
+}
# check parameters definition
if (!defined $client_id) {
- print "ERROR: Parameter 'client_id' is not defined!\n";
- exit 1;
+ WardenCommon::errMsg("Parameter 'client_id' is not defined!");
}
-my $return = WardenReg::unregisterClient($warden_path, $client_id);
-$return ? print "Unregistration of client (#$client_id) was SUCCESSFUL...\n" : print "Unregistration of client (# $client_id) FAILED!\n";
+# connect to DB
+my $dbh = WardenCommon::connectDB($WardenCommon::DB_NAME, $WardenCommon::DB_HOST, $WardenCommon::DB_USER, $WardenCommon::DB_PASS);
+
+my $warden_server = WardenCommon::trim(`hostname -f`);
+
+# check if client has been already registered
+my $sth = $dbh->prepare("SELECT client_id, hostname, service, client_type, type FROM clients WHERE client_id = ? AND valid = 't' LIMIT 1;") or die "Cannot prepare statement: " . $dbh->errstr;
+$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+my ($id, $hostname, $service, $client_type, $type) = $sth->fetchrow();
+
+# delete registered client
+if (!defined $id) {
+ sendMsg("err", "Attempt to delete unregister client [Client_id: '$client_id'] from Warden server '$warden_server'");
+ WardenCommon::errMsg("Client (#$client_id) is not registered at Warden server '$warden_server'");
+} else {
+ if ($client_type eq 's') {
+ $sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+ if ($ret_val == 1) {
+ $sth = $dbh->prepare("UPDATE events SET valid = 'o' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+ # log message until after invalidate all events
+ sendMsg("info", "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted and its data were invalidated from Warden server '$warden_server'");
+ WardenCommon::succMsg("Unregistration of sender (#$client_id) was SUCCESSFUL!!!");
+ } else {
+ WardenCommon::errMsg("Unregistration of sender (#$client_id) FAILED!!!");
+ }
+ } else {
+ $sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
+ if ($ret_val == 1) {
+ sendMsg("info", "Receiver [Client_id: '$client_id', Hostname: '$hostname', Type: '$type'] has been deleted from Warden server '$warden_server'");
+ WardenCommon::succMsg("Unregistration of receiver (#$client_id) was SUCCESSFUL!!!");
+ } else {
+ WardenCommon::errMsg("Unregistration of receiver (#$client_id) FAILED!!!");
+ }
+ }
+}
+
+# cleanup section
+END {
+ if (defined $dbh) {
+ $dbh->disconnect or warn "Disconnection from database '$WardenCommon::DB_NAME' failed: $dbh->errstr\n";
+ }
+}
exit 0;
diff --git a/src/warden-server/bin/wardenWatchdog.pl b/src/warden-server/bin/wardenWatchdog.pl
new file mode 100755
index 0000000000000000000000000000000000000000..aeadb192198e5b16d9ee8f71997c2d36c95eed77
--- /dev/null
+++ b/src/warden-server/bin/wardenWatchdog.pl
@@ -0,0 +1,207 @@
+#!/usr/bin/perl
+#
+# WardenWatchdog.pl
+#
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
+
+use WardenConf;
+use strict;
+use warnings;
+use DBI;
+use DBD::mysql;
+use DateTime;
+#use Email::Simple;
+use Sys::Hostname;
+use Text::Wrap;
+use Data::Dumper;
+
+sub sendmailWrapper{
+ my $message = shift;
+
+ if(open(my $sendmail, '|/usr/sbin/sendmail -oi -t')){
+ print $sendmail $message;
+ close $sendmail;
+ return 1;
+ } else {
+ return (0, "Sending email failed: $!");
+ }
+}
+
+# Array of hashes
+#{query => ; text => ; contact => }
+
+# Get clients admins
+sub sendReport{
+
+ my $input_data = shift;
+ my $contact = $$input_data{'contact'};
+ my $domain = $$input_data{'domain'};
+ my $text = $$input_data{'text'};
+
+ my $from_hostname;
+ my $message;
+
+ if(!($contact)){
+ return (0, "Empty 'To' email header!\n");
+ }
+
+ $domain =~ s/\./\./;
+
+ eval{
+ $from_hostname = hostname();
+ if(!($from_hostname =~ m/$domain/gi)){
+ $from_hostname .= $domain;
+ }
+ };
+ if($@){
+ return (0, "Can't retrive hostname for 'From' header!\n");
+ }
+
+ eval{
+ #$message = Email::Simple->create(
+ #header => [
+ #To => $contact,
+ #From => 'warden_watchdog@'.$from_hostname,
+ #Subject => 'Kotrola stavu udalosti na Wardenu'],
+ #body => fill('','',$text));
+ };
+ if($@){
+ return (0, "Can't create email message\n");
+ }
+
+ print "== $contact ==\n$text\n";
+ my ($rc, $err) = 1;#sendmailWrapper($message->as_string);
+ if(!$rc){
+ return (0, $err);
+ }
+ return 1;
+}
+
+sub connect_to_DB {
+
+ my $dbPlatform = 'mysql';
+ my $dbName = 'warden';
+ my $dbHostname = 'localhost';
+ my $dbUser = 'root';
+ my $dbPasswd = 'w4rd3n&r00t';
+
+ my $dbhRef = shift;
+ my $dbh;
+
+ if($dbh = DBI->connect( "dbi:$dbPlatform:database=$dbName;host=$dbHostname", $dbUser, $dbPasswd, {RaiseError => 1, mysql_auto_reconnect => 1})){
+ $$dbhRef = $dbh;
+ return 1;
+ }
+ else{
+ return (0,"Cannot connect to database! ".DBI->errstr);
+ }
+}
+
+sub sendQuery{
+
+ my $configRef = shift;
+ my $eventsRef = shift;
+
+ my @config = @{$configRef};
+ my %bad_events;
+ my ($rc,$err);
+ my $dbh;
+
+ my $i = 0;
+ # connect to DB
+ ($rc,$err) = connect_to_DB(\$dbh);
+ if (!$rc){
+ return (0, $err);
+ }
+
+ while ($i < scalar(@config)) {
+ my $contact;
+
+ # run DB query -> requestor, client name
+ my $sth;
+ if (defined($config[$i]{query})){
+ $sth = $dbh->prepare($config[$i]{query});
+ }
+ else{
+ return (0, "No query availble\n");
+ }
+
+ if (!($sth->execute)){
+ return (0, "Couldn't get data from my database: $sth->errstr\n");
+ };
+
+ my @result;
+ while(@result = $sth->fetchrow()){
+ if (defined($config[$i]{contact})){
+ $contact = $config[$i]{contact};
+ }
+ else{
+ $contact = "from_db\@$result[0]";
+ }
+ $bad_events{$contact} .= $config[$i]{text} . "DB INFO: ". join(', ',@result) ."\n";
+ }
+ $sth->finish;
+ $i++;
+ }
+ # disconnect to DB
+ $dbh->disconnect;
+
+ %$eventsRef = %bad_events;
+
+ return 1;
+}
+
+
+sub run{
+
+ my $domain = shift;
+ my $period = shift;
+
+ my $date;
+
+ eval{
+ my $dt = DateTime->now();
+ $dt = DateTime->now()->subtract(days => $period);
+ $date = $dt->date();
+ };
+ if($@){
+ print "Warden watchdog - can't work with date\n";
+ #syslog("err|Warden watchdog - can't work with date\n");
+ }
+
+ my @configuration = (
+ {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "Hey, this is test of warning for admin!\n"},
+ {query => "SELECT requestor FROM clients WHERE service IN (SELECT service FROM events WHERE detected > '$date' AND type NOT IN ('portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other') AND valid = 't' GROUP BY service) GROUP BY requestor;", text => "Hey, this is test of warning!\n", contact => 'warden-administrator@cesnet.cz'});
+
+ $Text::Wrap::columns = 80;
+
+
+ my %bad_events;
+
+ my $i = 0;
+ while ($i < scalar(@configuration)) {
+ my ($rc,$err) = sendQuery(\@configuration,\%bad_events);
+ if (!$rc){
+ print "Warden watchdog - $err\n";
+ #syslog("err|Warden watchdog - $err\n");
+ }
+ $i++;
+ }
+
+ while (my ($contact, $text) = each(%bad_events)){
+ my %input = (contact => $contact, domain => $domain, text => $text);
+ my ($rc,$err) = sendReport(\%input);
+ if (!$rc){
+ # TODO syslog
+ print $err;
+ #syslog("err|Warden client - networkReporter $err\n");
+ }
+ print "\n\n";
+ }
+}
+
+run('warden-dev.cesnet.cz',7);
+1;
diff --git a/src/warden-server/doc/CHANGELOG b/src/warden-server/doc/CHANGELOG
index b26e6eb1ca6b58427f2c390e82cc08844c241a03..b7ec6711c32dd9d28f43030794ea50c63e40e92c 100644
--- a/src/warden-server/doc/CHANGELOG
+++ b/src/warden-server/doc/CHANGELOG
@@ -1,4 +1,8 @@
-2013-02-05 v2.1 stable version
+2013-??-?? v2.2 stable version
+------------------------------
+
+
+2012-11-16 v2.1 stable version
------------------------------
- fixed bug in default value of database timestamp type (#576, #577)
- fixed bug in getStatus function (#566)
@@ -7,7 +11,7 @@
- added update process (#573)
- added server limit of maximum number of events that can be (#526)
delivered to one client in one batch
-- added validation of received events parameters (#524, #817)
+- added validation of received events parameters (#524)
- server can provide clients with events disregarding event (#523)
type
- added verbose logging option (stack info) (#521)
diff --git a/src/warden-server/doc/INSTALL b/src/warden-server/doc/INSTALL
index dcd5cf607eb0f56d77f2dec542a4365dc44d31f0..96deaeb41112a3d4a97aa3b3b4a2563803c3fcc4 100644
--- a/src/warden-server/doc/INSTALL
+++ b/src/warden-server/doc/INSTALL
@@ -52,7 +52,7 @@ D. Post-installation steps
- include parameters from the Warden server configuration file (<warden-server_path>/etc/warden-apache.conf)
- # vim /etc/apache2/sites-enables/default(-ssl)
+ # vim /etc/apache2/sites-enabled/default(-ssl)
<VirtualHost *:443>
...
@@ -93,7 +93,7 @@ D. Post-installation steps
4) Warden server configuration
- - configure warden-server.conf, warden-client.conf and warden-apache.conf placed in <warden-server_path>/etc directory
+ - configure warden-server.conf and warden-apache.conf placed in <warden-server_path>/etc directory
5) Restart of Apache server
diff --git a/src/warden-server/doc/LICENSE b/src/warden-server/doc/LICENSE
index 41397ce2aac7e03fac59f38a50036b705044a184..56c21bd3431dfefaf5121bde87f4f16987e68d35 100644
--- a/src/warden-server/doc/LICENSE
+++ b/src/warden-server/doc/LICENSE
@@ -1,6 +1,6 @@
BSD License
-Copyright © 2011-2012 Cesnet z.s.p.o
+Copyright © 2011-203 Cesnet z.s.p.o
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index 85cbdb54018228df4dba8528bd052e01f2a72523..ec2d8c78de4e9fc01900dbdc43a447091f5fe9a4 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -1,5 +1,5 @@
+----------------------------+
-| README - Warden Server 2.1 |
+| README - Warden Server 2.2 |
+----------------------------+
Content
@@ -25,7 +25,7 @@ A. Overall Information
2. Version
- 2.1 (2013-02-05)
+ 2.2 (2013-??-??)
3. Package structure
@@ -49,13 +49,10 @@ A. Overall Information
etc/
package_version
warden-apache.conf
- warden-client.conf
warden-server.conf
lib/
- WardenConf.pm
Warden.pm
- WardenReg.pm
- WardenStatus.pm
+ WardenCommon.pm
Warden/
ApacheDispatch.pm
uninstall.sh
@@ -94,11 +91,11 @@ C. Installation
1. Check SHA1 checksum of the Warden server package archive.
- $ sha1sum -c warden-server-2.1.tar.gz.sig
+ $ sha1sum -c warden-server-2.2.tar.gz.sig
2. Untar it.
- $ tar xzvf warden-server-2.1.tar.gz
+ $ tar xzvf warden-server-2.2.tar.gz
3. Run install.sh.
@@ -123,16 +120,10 @@ C. Installation
4. Configuration files
- You are advised to check configuration file warden-apache.conf,
- warden-server.conf and warden-client.conf in warden-server/etc/
- directory after installation. For more information about post-installation
- steps see INSTALL file in 'doc' directory.
-
- Although this is the Warden server package it also contains several
- functions (for administration and maintenance) that are strictly
- client-side in a way the Warden system handles functions. Therefore you have
- to check both server and client config files to make sure your installation
- of the Warden server was successful and complete.
+ You are advised to check configuration file warden-apache.conf and
+ warden-server.conf in warden-server/etc/ directory after installation.
+ For more information about post-installation steps see INSTALL file in
+ 'doc' directory.
SOAP protocol is used for handling communication between server and clients.
Therefore, correct URI of Warden server must be set.
@@ -142,22 +133,8 @@ C. Installation
Configuration files contain following parameters:
- a) warden-client.conf:
- URI - URI Warden server
- e.g. 'https://warden.server.com:443/Warden'
-
- SSL_KEY_FILE - path to a host key file,
- e.g. '/etc/ssl/private/warden.server.com.key'
-
- SSL_CERT_FILE - path to a host certificate file,
- e.g. '/etc/ssl/certs/warden.server.com.pem'
-
- SSL_CA_FILE - path to a CA file
- e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
-
-
- b) warden-server.conf:
+ a) warden-server.conf:
The Warden server configuration file contains:
@@ -197,7 +174,7 @@ C. Installation
);
- c) warden-apache.conf
+ b) warden-apache.conf
The Apache2 configuration file for Warden server:
@@ -295,7 +272,7 @@ G. Registration of Clients
The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
- localhost (the same machine the Warden server is installed and running on).
+ the same machine the Warden server is installed and running on.
Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually
@@ -314,7 +291,8 @@ G. Registration of Clients
client registration,
service - name of the service of a new registered client,
description_tags - tags describing the nature of the service,
- ip_net_client - CIDR the client is only allowed to communicate from.
+ ip_net_client - CIDR the client is only allowed to communicate from,
+ client_id - user defined client ID (optionaly).
One can run registerSender.pl with -h argument to see a help.
@@ -333,14 +311,15 @@ G. Registration of Clients
for receiving of all types of events,
receive_own_events - boolean value describing if events originating from
the same CIDR will be sent to the client,
- ip_net_client - CIDR the client is only allowed to communicate from.
+ ip_net_client - CIDR the client is only allowed to communicate from,
+ client_id - user defined client ID (optionaly)
One can run registerReceiver.pl with -h argument to see a help.
3. Unregister Client
- In the Warden system, already registered clients can be removed
- (unregistered) via unregisterClient.pl.
+ In the Warden system, already registered clients can be unregistered
+ via unregisterClient.pl.
Following attribute must be provided in order to unregister existing client
successfully:
@@ -349,9 +328,9 @@ G. Registration of Clients
One can run unregisterClient.pl with -h argument to see a help.
- The process of unregistration deletes this client from clients table in DB.
- But all messages stored by this client (considering "sender" client) are not
- deleted, they are merely set 'invalid' in DB table events.
+ The process of unregistration set client (specified by client_id) like 'invalid'
+ in DB table clients and all messages stored by this client (considering "sender"
+ client) are not deleted, they are merely set 'invalid' in DB table events too.
--------------------------------------------------------------------------------
H. Status Info
@@ -376,4 +355,4 @@ H. Status Info
--------------------------------------------------------------------------------
-Copyright (C) 2011-2012 Cesnet z.s.p.o
+Copyright (C) 2011-2013 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/warden.mysql b/src/warden-server/doc/warden.mysql
index 9fe1a5a49fb6138e56e3980881f86c9510528842..4260cbfc36b1b9e9c1410cd17addea3e53a9f9f2 100644
--- a/src/warden-server/doc/warden.mysql
+++ b/src/warden-server/doc/warden.mysql
@@ -41,10 +41,7 @@ CREATE TABLE `clients` (
`receive_own_events` varchar(1) default NULL,
`description_tags` varchar(256) default NULL,
`ip_net_client` varchar(256) default NULL,
-<<<<<<< HEAD
-=======
`valid` varchar(1) default 't',
->>>>>>> warden-server-2.2
PRIMARY KEY (`client_id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
@@ -58,8 +55,6 @@ SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
CREATE TABLE `events` (
`id` int(11) NOT NULL auto_increment,
- `hostname` varchar(256) default NULL,
- `service` varchar(64) default NULL,
`detected` timestamp NOT NULL default '0000-00-00 00:00:00',
`received` timestamp NOT NULL default '0000-00-00 00:00:00',
`type` varchar(64) default NULL,
@@ -71,17 +66,12 @@ CREATE TABLE `events` (
`note` text,
`priority` int(1) unsigned default NULL,
`timeout` int(2) unsigned default NULL,
-<<<<<<< HEAD
- `valid` varchar(1) default NULL,
- PRIMARY KEY (`id`)
-=======
`valid` varchar(1) default 't',
`client_id` int(11) default NULL,
PRIMARY KEY (`id`),
KEY `idx_events_type_valid` (`type`,`valid`),
KEY `idx_events_client_id` (`client_id`),
KEY `idx_events_detected` (`detected`)
->>>>>>> warden-server-2.2
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
diff --git a/src/warden-server/doc/warden20to21.patch b/src/warden-server/doc/warden20to21.patch
deleted file mode 100644
index bf9c15fd92573c5b31eb2e16285634a53d40431a..0000000000000000000000000000000000000000
--- a/src/warden-server/doc/warden20to21.patch
+++ /dev/null
@@ -1,8 +0,0 @@
-ALTER TABLE `clients` CHANGE `registered` `registered` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00';
-
-ALTER TABLE `events`
-CHANGE `detected` `detected` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
-CHANGE `target_port` `target_port` INT( 2 ) UNSIGNED DEFAULT NULL ,
-CHANGE `attack_scale` `attack_scale` INT( 4 ) UNSIGNED DEFAULT NULL ,
-CHANGE `priority` `priority` INT( 1 ) UNSIGNED DEFAULT NULL ,
-CHANGE `timeout` `timeout` INT( 2 ) UNSIGNED DEFAULT NULL;
diff --git a/src/warden-server/etc/package_version b/src/warden-server/etc/package_version
index a27c1875f7ec4c43357ea2e43e62891f93fb0b3d..2b92ea1728d3be280027dbaca9702bce2f865f09 100644
--- a/src/warden-server/etc/package_version
+++ b/src/warden-server/etc/package_version
@@ -1 +1 @@
-warden-server-2.1
+warden-server-2.2
diff --git a/src/warden-server/etc/warden-apache.conf b/src/warden-server/etc/warden-apache.conf
index 0035c33a11bbfcc8c3fdc1986275fee267c2fe98..4ef065d313d36dd11bbf04c53ff497e074aecb7f 100644
--- a/src/warden-server/etc/warden-apache.conf
+++ b/src/warden-server/etc/warden-apache.conf
@@ -1,4 +1,5 @@
#
+#
# warden-apache.conf - configuration file for the Apache server
#
@@ -10,15 +11,15 @@ SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem
-SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key
+SSLCertificateFile /etc/ssl/certs/warden-c.cesnet.cz.pem
+SSLCertificateKeyFile /etc/ssl/private/warden-c.cesnet.cz.key
SSLCACertificateFile /etc/ssl/certs/tcs-ca-bundle.pem
PerlOptions +Parent
PerlSwitches -I /opt/warden-server/lib
<Location /Warden>
- SetHandler perl-script
- PerlHandler Warden::ApacheDispatch
- SSLOptions +StdEnvVars
+ SetHandler perl-script
+ PerlHandler Warden::ApacheDispatch
+ SSLOptions +StdEnvVars
</Location>
diff --git a/src/warden-server/etc/warden-client.conf b/src/warden-server/etc/warden-client.conf
deleted file mode 100644
index 945209a4bd204fff987d53237d8686c6d9048cac..0000000000000000000000000000000000000000
--- a/src/warden-server/etc/warden-client.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# warden-client.conf - configuration file for registration and status clients
-#
-
-#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
-#-------------------------------------------------------------------------------
-$URI = "https://warden-dev.cesnet.cz:443/Warden";
-
-#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to server SSL certificate key file
-#-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
-
-#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to server SSL certificate file
-#-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
-
-#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
-#-------------------------------------------------------------------------------
-$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
diff --git a/src/warden-server/etc/warden-server.conf b/src/warden-server/etc/warden-server.conf
index 1ac4fcecee6ee116ccc6beb983da2dbec97cad9f..2180acab1d7a28491017447329149d1f94a13e78 100644
--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -5,12 +5,12 @@
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
#-------------------------------------------------------------------------------
-$BASEDIR = '/opt/warden-server';
+$BASEDIR = "/opt/warden-server";
#-------------------------------------------------------------------------------
# SYSLOG - enable/disable syslog logging
#-------------------------------------------------------------------------------
-$SYSLOG = 1;
+$SYSLOG = 1;
#-------------------------------------------------------------------------------
# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
@@ -20,38 +20,38 @@ $SYSLOG_VERBOSE = 1;
#-------------------------------------------------------------------------------
# SYSLOG_FACILITY - syslog facility
#-------------------------------------------------------------------------------
-$SYSLOG_FACILITY = 'local7';
+$SYSLOG_FACILITY = "local7";
#-------------------------------------------------------------------------------
# DB_NAME - MySQL database name of Warden server
#-------------------------------------------------------------------------------
-$DB_NAME = 'warden';
+$DB_NAME = "warden";
#-------------------------------------------------------------------------------
# DB_USER - MySQL database user of Warden server
#-------------------------------------------------------------------------------
-$DB_USER = 'root';
+$DB_USER = "root";
#-------------------------------------------------------------------------------
# DB_PASS - MySQL database password of Warden server
#-------------------------------------------------------------------------------
-$DB_PASS = '';
+$DB_PASS = "";
#-------------------------------------------------------------------------------
# DB_HOST - MySQL database host
#-------------------------------------------------------------------------------
-$DB_HOST = 'localhost';
+$DB_HOST = "localhost";
#-------------------------------------------------------------------------------
# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
# delivered to one client in one batch
#-------------------------------------------------------------------------------
-$MAX_EVENTS_LIMIT = '1000000';
+$MAX_EVENTS_LIMIT = 1000000;
#-------------------------------------------------------------------------------
# VALID_STRINGS - validation hash containing allowed event attributes
#-------------------------------------------------------------------------------
%VALID_STRINGS = (
- 'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
- 'source_type' => ['IP', 'URL', 'Reply-To:']
+ "type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
+ "source_type" => ["IP", "URL", "Reply-To:"]
);
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index fe5dc3152adcb7ddd7da01cba3f078e0856ab71a..d9edf83541a479290119b12e833d20b6cce1b9cd 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -1,28 +1,26 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# Warden.pm
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
package Warden;
use strict;
+use warnings;
+
use DBI;
use DBD::mysql;
-use Format::Human::Bytes;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
-use File::Basename;
use Net::CIDR::Lite;
use DateTime;
use MIME::Base64;
use Crypt::X509;
use SOAP::Lite;
use Carp;
-<<<<<<< HEAD
-=======
use File::Basename;
my $lib = File::Basename::dirname(__FILE__);
@@ -37,71 +35,41 @@ use WardenCommon;
our $VERSION = "2.2";
our $FILENAME = File::Basename::basename(__FILE__);
my $etc = "$lib/../etc";
->>>>>>> warden-server-2.2
-our $VERSION = "2.1";
################################################################################
# READING OF CONFIGURATION VARIABLES
################################################################################
+my $conf_file = "$etc/warden-server.conf";
+WardenCommon::loadConf($conf_file);
-my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-our $MAX_EVENTS_LIMIT = 1000000; # default value
-our %VALID_STRINGS = (); # inicialization of empty hash
-
-# load set variables by user
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
################################################################################
-# VARIABLES
+# DB CONNECT
################################################################################
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+ || die "Could not connect to database: $DBI::errstr";
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBH->errstr";
################################################################################
-# LOCAL FUNCTIONS
+# FUNCTIONS
################################################################################
#-------------------------------------------------------------------------------
-# sendMsg - sent message to syslog (SYS::Syslog) and to client (SOAP::Fault)
-#
-# Args: (SYSLOG severity, SYSLOG msg, SOAP msg)
+# sendMsg - wrapper for more complex WardenCommon::sendMsg function
#-------------------------------------------------------------------------------
sub sendMsg
{
- my $severity = shift;
- my $syslog_msg = shift;
- my $soap_msg = shift;
- my $filename = File::Basename::basename($0);
-
- if ($SYSLOG_VERBOSE == 1 && ($severity eq "err" || $severity eq "debug")) {
- $syslog_msg .= "\nStack info: " . Carp::longmess();
- }
-
- if ($SYSLOG == 1 && defined $severity && defined $syslog_msg) {
- Sys::Syslog::openlog($filename, "cons,pid", $SYSLOG_FACILITY);
- Sys::Syslog::syslog("$severity", "$syslog_msg");
- Sys::Syslog::closelog();
- }
+ my $severity = shift;
+ my $syslog_msg = shift;
+ my $soap_msg = shift;
- if (defined $soap_msg) {
- die SOAP::Fault->faultstring($soap_msg);
- }
-} # End of sendMsg
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
+ $syslog_msg, $soap_msg, $FILENAME);
+}
#-------------------------------------------------------------------------------
@@ -140,28 +108,40 @@ sub authorizeClient
# obtain cidr based on rigth common name and alternate names, service and client_type
if($function_name eq 'saveNewEvent') {
- $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
} elsif($function_name eq 'getNewEvents') {
- $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
- }
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ } elsif($function_name eq 'getClientInfo') {
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ } elsif($function_name eq 'getLastId') {
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ }
+
+ # check db handler
if (!defined $sth) {
sendMsg("err",
- "Cannot prepare authorization statement in '$function_name': $DBH->errstr",
- "Internal 'prepare' server error")
+ "Cannot prepare authorization statement in $function_name: $DBH->errstr",
+ "Internal 'prepare' server error");
}
- $sth->execute($service_type, $client_type);
- my ($an, $cidr, $receive_own, $cidr_list);
+ # execute query for two or none params functions
+ if ($function_name eq 'saveNewEvent' || $function_name eq 'getNewEvents') {
+ $sth->execute($service_type, $client_type);
+ } else {
+ $sth->execute;
+ }
+
+ # obtain registration info about clients
+ my ($client_id, $ip_net_client, $receive_own, $ip_net_client_list);
my $correct_ip_source = 0;
my %ret;
- while(($an, $cidr, $receive_own) = $sth->fetchrow()) {
- my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
+ while(($client_id, $ip_net_client, $receive_own) = $sth->fetchrow()) {
+ my $ip_net_client_list = Net::CIDR::Lite->new->add($ip_net_client);
- $ret{'dns'} = $an;
- $ret{'cidr'} = $cidr;
+ $ret{'client_id'} = $client_id;
$ret{'receive_own'} = $receive_own;
- if ($cidr_list->bin_find($ip)) {
+ if ($ip_net_client_list->bin_find($ip)) {
$correct_ip_source = 1;
last;
}
@@ -170,16 +150,16 @@ sub authorizeClient
# check if client is registered
if ($sth->rows == 0) {
sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - client is not registered",
- "Access denied - client is not registered at Warden server '$ENV{'SERVER_NAME'}'");
+ "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - client is not registered at Warden server '$ENV{'SERVER_NAME'}'",
+ "Access denied - client is not registered at Warden server '$ENV{'SERVER_NAME'}'");
return undef;
}
# check if client has IP from registered CIDR
if (!$correct_ip_source) {
sendMsg ("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access from another subnet than '$ret{'cidr'}'",
- "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet");
+ "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access to Warden server '$ENV{'SERVER_NAME'}' from another subnet than '$ip_net_client'",
+ "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet '$ip_net_client'");
return undef;
}
@@ -187,6 +167,7 @@ sub authorizeClient
} # END of authorizeClient
+
################################################################################
# SOAP Functions
################################################################################
@@ -197,7 +178,7 @@ sub authorizeClient
sub saveNewEvent
{
my ($class, $data) = @_;
- my ($sth, $cidr_list);
+ my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -225,15 +206,15 @@ sub saveNewEvent
my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
if (defined %client) {
- sendMsg("info",
+ sendMsg("debug",
"Incoming event: [service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
- undef);
- if (%VALID_STRINGS) { # check if hash is not empty - use VALIDATION HASH
- if (!(exists $VALID_STRINGS{'type'} && grep $type eq $_, @{$VALID_STRINGS{'type'}})) {
+ undef);
+ if (%WardenCommon::VALID_STRINGS) { # check if hash is not empty - use VALIDATION HASH
+ if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) {
sendMsg("err",
"Unknown event type from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type']",
- "Unknown event type: '$type'");
- } elsif (!(exists $VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$VALID_STRINGS{'source_type'}})) {
+ "Unknown event type: '$type'");
+ } elsif (!(exists $WardenCommon::VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$WardenCommon::VALID_STRINGS{'source_type'}})) {
sendMsg("err",
"Unknown source type from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Source_type: '$source_type']",
"Unknown source type: '$source_type'");
@@ -247,48 +228,37 @@ sub saveNewEvent
"Unknown detected time format: '$detected'");
}
- my $change_string = "";
+ my @change_list;
if (defined $target_port && $target_port !~ /^\d+\z/) {
- $change_string = $change_string . "target_port: '$target_port'";
+ push(@change_list, "target_port: '$target_port'");
$target_port = undef;
}
if (defined $attack_scale && $attack_scale !~ /^\d+\z/) {
- if ($change_string eq "") {
- $change_string = $change_string . "attack_scale: '$attack_scale'";
- } else {
- $change_string = $change_string . ", attack_scale: '$attack_scale'";
- }
+ push(@change_list, "attack_scale: '$attack_scale'");
$attack_scale = undef;
}
if (defined $priority && $priority !~ /^\d+\z/) {
- if ($change_string eq "") {
- $change_string = $change_string . "priority: '$priority'";
- } else {
- $change_string = $change_string . ", priority: '$priority'";
- }
+ push(@change_list, "priority: '$priority'");
$priority = undef;
}
if (defined $timeout && $timeout !~ /^\d+\z/) {
- if ($change_string eq "") {
- $change_string = $change_string . "timeout: '$timeout'";
- } else {
- $change_string = $change_string . ", timeout: '$timeout'";
- }
+ push(@change_list, "timeout: '$timeout'");
$timeout = undef;
}
- if ($change_string ne ""){
+ my $change_string = join(", ", @change_list);
+ if ($change_string ne "") {
sendMsg("info",
- "Unknown event items detected {originaly - $change_string} received in $received from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type'; Detected: '$detected']",
+ "Unknown event items detected {originaly - $change_string} received in $received from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type'; Detected: $detected]",
undef);
}
- $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
+ $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
+ sendMsg("err",
+ "Cannot prepare statement in function '$function_name': $DBH->errstr",
+ "Internal 'prepare' server error");
}
- $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
+ $sth->execute(undef, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid, $client{'client_id'});
return 1;
}
} # END of saveNewEvent
@@ -300,8 +270,8 @@ sub saveNewEvent
sub getNewEvents
{
my ($class, $data) = @_;
- my ($sth, @events, $event, @ids, $cidr_list);
- my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
+ my ($sth, @events, $event, @ids);
+ my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $client_id);
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -318,10 +288,10 @@ sub getNewEvents
# comparison of client and server limit - which can be used
my $used_limit;
- if (defined $max_rcv_events_limit && $max_rcv_events_limit < $MAX_EVENTS_LIMIT) {
+ if (defined $max_rcv_events_limit && $max_rcv_events_limit < $WardenCommon::MAX_EVENTS_LIMIT) {
$used_limit = $max_rcv_events_limit;
} else {
- $used_limit = $MAX_EVENTS_LIMIT;
+ $used_limit = $WardenCommon::MAX_EVENTS_LIMIT;
}
my %client = authorizeClient($alt_names, $ip, $requested_type, $client_type, $function_name);
@@ -368,21 +338,25 @@ sub getNewEvents
}
}
- # parse items of events stored in DB
+ # obtain items of events stored in events table
while (my @result = $sth->fetchrow()) {
$id = $result[0];
- $hostname = $result[1];
- $service = $result[2];
- $detected = $result[3];
- $type = $result[5];
- $source_type = $result[6];
- $source = $result[7];
- $target_proto = $result[8];
- $target_port = $result[9];
- $attack_scale = $result[10];
- $note = $result[11];
- $priority = $result[12];
- $timeout = $result[13];
+ $detected = $result[1];
+ $type = $result[3];
+ $source_type = $result[4];
+ $source = $result[5];
+ $target_proto = $result[6];
+ $target_port = $result[7];
+ $attack_scale = $result[8];
+ $note = $result[9];
+ $priority = $result[10];
+ $timeout = $result[11];
+ $client_id = $result[13];
+
+ # obtain hostname and service of events based on client_id from clients table
+ $sth = $DBH->prepare("SELECT hostname, service FROM clients WHERE client_id = ?;");
+ $sth->execute($client_id);
+ ($hostname, $service) = $sth->fetchrow();
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
@@ -408,11 +382,11 @@ sub getNewEvents
if (scalar @events != 0) {
if (scalar @ids == 1) {
sendMsg("info",
- "Sent 1 event [#$ids[0]] to [IP: '$ip'; CN(AN): $alt_names; Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
+ "Sent 1 event [#$ids[0]] to [IP: '$ip'; CN(AN): $alt_names; Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
undef);
} else {
sendMsg("info",
- "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to [IP: '$ip'; CN(AN): $alt_names, Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
+ "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to [IP: '$ip'; CN(AN): $alt_names, Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
undef);
}
}
@@ -427,254 +401,59 @@ sub getNewEvents
sub getLastId
{
my ($class, $arg) = @_;
- my $function_name = 'getLastId';
-
- my $sth = $DBH->prepare("SELECT max(id) FROM events;");
- if ( !defined $sth ) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $result = $sth->fetchrow();
-
- return $result;
-} # END of getLastID
-
-
-#-----------------------------------------------------------------------------
-# registerSender - register new sender
-#-----------------------------------------------------------------------------
-sub registerSender
-{
- my ($class, $data) = @_;
- my $sth;
# client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $ip = $ENV{'REMOTE_ADDR'};
- my $local_ip = $ENV{'SERVER_ADDR'};
-
- my $function_name = 'registerSender';
-
- if ($local_ip ne $ip) {
- sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
- "Access denied - access allowed only from 'localhost'");
- } else {
- # defined variables by method
- my $client_type = "s";
- my $registered = DateTime->now;
- my $type = undef;
- my $receive_own_events = undef;
-
- # parse SOAP data oject
- my $hostname = $data->{'HOSTNAME'};
- my $requestor = $data->{'REQUESTOR'};
- my $service = $data->{'SERVICE'};
- my $description_tags = $data->{'DESCRIPTION_TAGS'};
- my $ip_net_client = $data->{'IP_NET_CLIENT'};
-
- # check if sender has been already registered
- $sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND service = ? AND client_type = ? AND ip_net_client = ? LIMIT 1;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute($hostname, $service, $client_type, $ip_net_client);
- my $result = $sth->fetchrow();
-
- # register new sender
- if (defined $result) {
- sendMsg("err",
- "Attempt to re-register sender [Hostname: '$hostname', Service: '$service', CIDR: '$ip_net_client'] from '$ip'",
- "Sender has been already registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
- } else {
- $sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- sendMsg("info",
- "New sender [Hostname: '$hostname', Requestor: '$requestor', Service: '$service', Description_tags: '$description_tags', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
- undef);
- return 1;
- }
- }
-} # END of registerSender
-
-
-#-----------------------------------------------------------------------------
-# registerReceiver - register new receiver
-#-----------------------------------------------------------------------------
-sub registerReceiver
-{
- my ($class, $data) = @_;
- my $sth;
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $alt_names = getAltNames(undef);
+ my $ip = $ENV{'REMOTE_ADDR'};
- # client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $ip = $ENV{'REMOTE_ADDR'};
- my $local_ip = $ENV{'SERVER_ADDR'};
+ my $service = undef;
+ my $client_type = undef;
- my $function_name = 'registerReceiver';
+ my $function_name = 'getLastId';
- if ($local_ip ne $ip) {
- sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
- "Access denied - access allowed only from 'localhost'");
- } else {
- # variables defined by method
- my $client_type = "r";
- my $registered = DateTime->now;
- my $service = undef;
- my $description_tags = undef;
-
- # parse SOAP data oject
- my $hostname = $data->{'HOSTNAME'};
- my $requestor = $data->{'REQUESTOR'};
- my $type = $data->{'TYPE'};
- my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
- my $ip_net_client = $data->{'IP_NET_CLIENT'};
-
- # check if receiver has been already registered
- $sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND client_type = ? AND type = ? AND ip_net_client = ? LIMIT 1;");
+ my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
+ if (defined %client) {
+ my $sth = $DBH->prepare("SELECT max(id) FROM events;");
if (!defined $sth) {
sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
+ "Cannot prepare statement in function '$function_name': $DBH->errstr",
+ "Internal 'prepare' server error");
}
- $sth->execute($hostname, $client_type, $type, $ip_net_client);
+ $sth->execute;
my $result = $sth->fetchrow();
-
- # register new receiver
- if (defined $result) {
- sendMsg("err",
- "Attempt to re-register receiver [Hostname: '$hostname', Type: '$type', CIDR: '$ip_net_client'] from '$ip'",
- "Receiver has already been registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
- } else {
- $sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
- if (!defined($sth)) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- sendMsg("info",
- "New receiver [Hostname: '$hostname', Requestor: '$requestor' Type: '$type', ROE: '$receive_own_events', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
- undef);
- return 1;
- }
+ return $result;
}
-} # END of registerReceiver
+} # END of getLastID
-#-----------------------------------------------------------------------------
-# unregisterClient - unregister client
-#-----------------------------------------------------------------------------
-sub unregisterClient
+#-------------------------------------------------------------------------------
+# getClientInfo - get list of registered clients on Warden server
+# by Warden client
+#-------------------------------------------------------------------------------
+sub getClientInfo
{
my ($class, $data) = @_;
- my $sth;
+ my (@clients, $client);
+ my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
# client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $ip = $ENV{'REMOTE_ADDR'};
- my $local_ip = $ENV{'SERVER_ADDR'};
-
- my $function_name = 'unregisterClient';
-
- if ($local_ip ne $ip) {
- sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
- "Access denied - access allowed only from 'localhost'");
- } else {
- # parse SOAP data oject
- my $client_id = $data->{'CLIENT_ID'};
-
- # check if receiver has been already registered
- $sth = $DBH->prepare("SELECT client_id, hostname, service, type, client_type FROM clients WHERE client_id = ? LIMIT 1;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute($client_id);
- my ($id, $hostname, $service, $type, $client_type) = $sth->fetchrow();
-
- # delete registered client
- if (!defined $id) {
- sendMsg("err",
- "Attempt to delete unregister client [Client_id: $id, Hostname: '$hostname', Service: '$service', Type: '$type', Client_type: '$client_type']",
- "Client (#$client_id) is not registered at Warden server '$ENV{'SERVER_NAME'}'");
- } else {
- if ($client_type eq 's') {
- $sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute($client_id);
-
- $sth = $DBH->prepare("UPDATE events SET valid = 'f' where hostname = ? AND service = ?;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute($hostname, $service);
- sendMsg("info",
- "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted from Warden server '$ENV{'SERVER_NAME'}' and its data were invalidated",
- undef);
- return 1;
- } else {
- $sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute($client_id);
- sendMsg("info",
- "Receiver [Client_id: '$client_id', Hostname: '$hostname', Type: '$type'] has been deleted from Warden server '$ENV{'SERVER_NAME'}'",
- undef);
- return 1;
- }
- }
- }
-} # END of unregisterClient
-
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $alt_names = getAltNames(undef);
+ my $ip = $ENV{'REMOTE_ADDR'};
-#-----------------------------------------------------------------------------
-# getClients - get list of clients which were registered at warden server
-#-----------------------------------------------------------------------------
-sub getClients
-{
- my ($class, $arg) = @_;
+ my $service = undef;
+ my $client_type = undef;
- # client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $ip = $ENV{'REMOTE_ADDR'};
- my $local_ip = $ENV{'SERVER_ADDR'};
+ my $function_name = 'getClientInfo';
- my $function_name = 'getClients';
-
- if ($local_ip ne $ip) {
- sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
- "Access denied - access allowed only from 'localhost'");
- } else {
- my (@clients, $client);
- my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
+ my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
+ if (defined %client) {
+ my $sth = $DBH->prepare("SELECT * FROM clients WHERE valid = 't' ORDER BY client_id ASC;");
if (!defined $sth) {
sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
+ "Cannot prepare statement in function '$function_name': $DBH->errstr",
+ "Internal 'prepare' server error");
}
$sth->execute;
@@ -684,7 +463,7 @@ sub getClients
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
- $client_type = $result[5];
+ $client_type = $result[5];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
@@ -706,156 +485,10 @@ sub getClients
}
my $sum = scalar @clients;
sendMsg("info",
- "Sent information about $sum registered clients from Warden server '$ENV{'SERVER_NAME'}'",
- undef);
+ "Sent information about $sum registered clients from Warden server '$ENV{'SERVER_NAME'}'",
+ undef);
return @clients;
}
-} # END of getClients
-
-
-#-----------------------------------------------------------------------------
-# getStatus - get list of status items of warden server
-#-----------------------------------------------------------------------------
-sub getStatus
-{
- my ($class, $arg) = @_;
-
- # client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $ip = $ENV{'REMOTE_ADDR'};
- my $local_ip = $ENV{'SERVER_ADDR'};
-
- my $function_name = 'getStatus';
-
- #-----------------------------------------------------------------------------
- # Warden server stats
-
- if ($local_ip ne $ip) {
- sendMsg("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
- "Access denied - access allowed only from 'localhost'");
- } else {
- my ($sth, @status);
-
- # Warden server hostname
- my $hostname = $ENV{'SERVER_NAME'};
-
- # IP address of Warden server
- my $ip_address = $ENV{'REMOTE_ADDR'};
-
- # used port
- my $port = $ENV{'SERVER_PORT'};
-
- # size of database events
- $sth = $DBH->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
- $sth->execute('warden', 'events');
- my $size = $sth->fetchrow();
- my $db_size = (defined $size ? Format::Human::Bytes::base10($size) : "none");
-
- # sum of records in table events
- $sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $events_sum = $sth->fetchrow();
- if (!defined $events_sum) { $events_sum = "none" }
-
- # id of last record in table events
- $sth = $DBH->prepare("SELECT max(id) FROM events;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $events_last_id = $sth->fetchrow();
- if (!defined $events_last_id) { $events_last_id = "none" }
-
- # timestamp of first record in table events
- $sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $events_first_timestamp = $sth->fetchrow();
- if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
-
- # timestamp of last record in table events
- $sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $events_last_timestamp = $sth->fetchrow();
- if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
-
- # sum of records in table clients
- $sth = $DBH->prepare("SELECT count(*) FROM clients;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my $clients_sum = $sth->fetchrow();
- if (!defined $clients_sum) { $clients_sum = "none" }
-
- my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
- SOAP::Data->name(VERSION => $VERSION),
- SOAP::Data->name(HOSTNAME => $hostname),
- SOAP::Data->name(IP_ADDRESS => $ip_address),
- SOAP::Data->name(PORT => $port),
- SOAP::Data->name(SYSLOG => $SYSLOG),
- SOAP::Data->name(SYSLOG_VERBOSE => $SYSLOG_VERBOSE),
- SOAP::Data->name(SYSLOG_FACILITY => $SYSLOG_FACILITY),
- SOAP::Data->name(DB_NAME => $DB_NAME),
- SOAP::Data->name(DB_USER => $DB_USER),
- SOAP::Data->name(DB_HOST => $DB_HOST),
- SOAP::Data->name(DB_SIZE => $db_size),
- SOAP::Data->name(EVENTS_SUM => $events_sum),
- SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
- SOAP::Data->name(EVENTS_FIRST_TIMESTAMP => $events_first_timestamp),
- SOAP::Data->name(EVENTS_LAST_TIMESTAMP => $events_last_timestamp),
- SOAP::Data->name(CLIENTS_SUM => $clients_sum)
- ));
- push(@status, $server_status);
-
- #---------------------------------------------------------------------------
- # Statistics table of senders
-
- if ($clients_sum != 0) {
- $sth = $DBH->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) GROUP BY hostname, service;");
- if (!defined $sth) {
- sendMsg("err",
- "Cannot prepare statement in function '$function_name': $DBH->errstr",
- "Internal 'prepare' server error");
- }
- $sth->execute;
- my ($hash_ref, $client_id, $hostname, $service, $count, $timestamp, $client_status);
- $hash_ref = $sth->fetchall_hashref("client_id");
- foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
- $client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
- SOAP::Data->name(CLIENT_ID => $hash_ref->{$key}->{client_id}),
- SOAP::Data->name(HOSTNAME => $hash_ref->{$key}->{hostname}),
- SOAP::Data->name(SERVICE => $hash_ref->{$key}->{service}),
- SOAP::Data->name(COUNT => $hash_ref->{$key}->{"count(*)"}),
- SOAP::Data->name(TIMESTAMP => $hash_ref->{$key}->{"max(received)"}),
- ));
- push(@status, $client_status);
- }
- }
- sendMsg("info",
- "Server status info sent from Warden server '$ENV{'SERVER_NAME'}'",
- undef);
- return @status;
- }
-} # END of getStatus
+} # END of getClientInfo
1;
diff --git a/src/warden-server/lib/Warden/ApacheDispatch.pm b/src/warden-server/lib/Warden/ApacheDispatch.pm
index 11d1e4f0931f9157398bcb18e26ee6ca26239e93..5db1b8c51e9db2ecfc4f89f1b856d2b3c490d6dd 100644
--- a/src/warden-server/lib/Warden/ApacheDispatch.pm
+++ b/src/warden-server/lib/Warden/ApacheDispatch.pm
@@ -2,7 +2,7 @@
#
# ApacheDispatch.pm
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/lib/WardenCommon.pm b/src/warden-server/lib/WardenCommon.pm
new file mode 100755
index 0000000000000000000000000000000000000000..26e90a4a54ce9b0ac8536c8d7d34fc08bfd5877c
--- /dev/null
+++ b/src/warden-server/lib/WardenCommon.pm
@@ -0,0 +1,124 @@
+#!/usr/bin/perl
+#
+# WardenCommon.pm
+#
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
+package WardenCommon;
+
+use strict;
+use warnings;
+
+use Sys::Syslog qw(:DEFAULT setlogsock);
+Sys::Syslog::setlogsock('unix');
+use Carp;
+
+our $VERSION = "2.2";
+
+#-------------------------------------------------------------------------------
+# succMsg - print message and exit seccessfully
+#-------------------------------------------------------------------------------
+sub succMsg
+{
+ my $msg = shift;
+ $msg = trim($msg);
+ print $msg . "\n";
+ exit 0;
+} # End of succMsg
+
+
+#-------------------------------------------------------------------------------
+# errMsg - print error message and exit unsuccessfully
+#-------------------------------------------------------------------------------
+sub errMsg
+{
+ my $msg = shift;
+ $msg = trim($msg);
+ print $msg . "\n";
+ exit 1;
+} # End of errMsg
+
+
+#-------------------------------------------------------------------------------
+# trim - remove whitespace from the start and end of the string
+#-------------------------------------------------------------------------------
+sub trim
+{
+ my $string = shift;
+ $string =~ s/^\s+//;
+ $string =~ s/\s+$//;
+ return $string;
+} # End of trim
+
+
+#-------------------------------------------------------------------------------
+# sendMsg - sent message via syslog (SYS::Syslog) and to client (SOAP::Fault)
+#-------------------------------------------------------------------------------
+sub sendMsg
+{
+ my $syslog = shift;
+ my $syslog_verbose = shift;
+ my $syslog_facility = shift;
+ my $severity = shift;
+ my $syslog_msg = shift;
+ my $soap_msg = shift;
+ my $filename = shift;
+
+ if ($syslog_verbose == 1 && ($severity eq "err" || $severity eq "debug")) {
+ $syslog_msg .= "\nStack info: " . Carp::longmess();
+ }
+
+ if ($syslog == 1 && defined $severity && defined $syslog_msg) {
+ Sys::Syslog::openlog($filename, "cons,pid", $syslog_facility);
+ Sys::Syslog::syslog("$severity", "$syslog_msg");
+ Sys::Syslog::closelog();
+ }
+
+ if (defined $soap_msg) {
+ die SOAP::Fault->faultstring($soap_msg);
+ }
+} # End of sendMsg
+
+
+#-------------------------------------------------------------------------------
+# loadConf - load configuration file
+#-------------------------------------------------------------------------------
+sub loadConf
+{
+ my $conf_file = shift;
+
+ our $BASEDIR = undef;
+ our $SYSLOG = undef;
+ our $SYSLOG_VERBOSE = undef;
+ our $SYSLOG_FACILITY = undef;
+ our $DB_NAME = undef;
+ our $DB_USER = undef;
+ our $DB_PASS = undef;
+ our $DB_HOST = undef;
+ our $MAX_EVENTS_LIMIT = 1000000;
+ our %VALID_STRINGS = ();
+ unless (do $conf_file) {
+ die("Errors in config file '$conf_file': $@") if $@;
+ die("Can't read config file '$conf_file': $!") unless defined $_;
+ # if $_ defined, it's retvalue of last statement of conf, for which we don't care
+ }
+} # End of loadConf
+
+
+#-------------------------------------------------------------------------------
+# connectDB - connect to database and create DB handler
+#-------------------------------------------------------------------------------
+sub connectDB
+{
+ my $db_name = shift;
+ my $db_host = shift;
+ my $db_user = shift;
+ my $db_pass = shift;
+
+ my $dbh = DBI->connect("DBI:mysql:database=$db_name;host=$db_host",$db_user, $db_pass, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database '$db_name': $DBI::errstr";
+ return $dbh;
+} # End of connectDB
+
+1;
diff --git a/src/warden-server/lib/WardenConf.pm b/src/warden-server/lib/WardenConf.pm
deleted file mode 100755
index db32d5a3f176a9d124ff91b12f2da29bb566a044..0000000000000000000000000000000000000000
--- a/src/warden-server/lib/WardenConf.pm
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/perl -w
-#
-# WardenConf.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.
-
-package WardenConf;
-
-use strict;
-
-our $VERSION = "2.0";
-
-#-------------------------------------------------------------------------------
-# loadConf - load variables from configuration file
-#-------------------------------------------------------------------------------
-sub loadConf
-{
- my $conf_file = shift;
-
- # preset of default variables
- our $URI = undef;
- our $SSL_KEY_FILE = undef;
- our $SSL_CERT_FILE = undef;
- our $SSL_CA_FILE = undef;
-
- # load set variables by user
- unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
- }
-
- return ($URI, $SSL_KEY_FILE, $SSL_CERT_FILE, $SSL_CA_FILE);
-
-} # End of loadConf
-1;
diff --git a/src/warden-server/lib/WardenReg.pm b/src/warden-server/lib/WardenReg.pm
deleted file mode 100755
index 39aa7430adeb8d67cf64d2cfbaae6e709beee6ef..0000000000000000000000000000000000000000
--- a/src/warden-server/lib/WardenReg.pm
+++ /dev/null
@@ -1,170 +0,0 @@
-#!/usr/bin/perl -w
-#
-# WardenReg.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.
-
-package WardenReg;
-
-use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::HTTP;
-
-our $VERSION = "2.0";
-
-
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- die($msg . "\n");
-} # End of errMsg
-
-
-#-------------------------------------------------------------------------------
-# c2s - connect to server, send request and receive response
-#-------------------------------------------------------------------------------
-sub c2s
-{
- my $uri = shift;
- my $ssl_key_file = shift;
- my $ssl_cert_file = shift;
- my $ssl_ca_file = shift;
- my $method = shift;
- my $data = shift;
- my $client;
-
- my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new())) {
- errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
- }
- $client->timeout(10);
- $client->ssl_opts( verify_hostname => 1,
- SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
-
- # set URI and serialize SOAP envelope and data object
- my $soap = SOAP::Lite->uri($service)->proxy($uri);
- my $envelope = $soap->serializer->envelope(method => $method, $data);
-
- # set URI and send serialized SOAP envelope and data
- my $server_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
-
- # check server response
- if (!defined $result) {
- errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
- } else {
- # deserialized response from server -> create SOAP envelope and data object
- my $response = $soap->deserializer->deserialize($result);
- # check SOAP fault status
- $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return 1;
- }
-}
-
-
-#-------------------------------------------------------------------------------
-# registerSender - register new warden sender
-#-------------------------------------------------------------------------------
-sub registerSender
-{
- my $warden_path = shift;
- my $hostname = shift;
- my $requestor = shift;
- my $service = shift;
- my $description_tags = shift;
- my $ip_net_client = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- # read the config file
- require $libdir . "WardenConf.pm";
- my $conf_file = $etcdir . "warden-client.conf";
- my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-
- # create SOAP data obejct
- my $request_data = SOAP::Data->name(client => \SOAP::Data->value(
- SOAP::Data->name(HOSTNAME => $hostname),
- SOAP::Data->name(REQUESTOR => $requestor),
- SOAP::Data->name(SERVICE => $service),
- SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
- SOAP::Data->name(IP_NET_CLIENT => $ip_net_client)
- ));
-
- my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "registerSender", $request_data);
- $result ? return 1 : return 0;
-
-} # End of registerSender
-
-
-#-------------------------------------------------------------------------------
-# registerReceiver - register new warden receiver
-#-------------------------------------------------------------------------------
-sub registerReceiver
-{
- my $warden_path = shift;
- my $hostname = shift;
- my $requestor = shift;
- my $type = shift;
- my $receive_own_events = shift;
- my $ip_net_client = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- # read the config file
- require $libdir . "WardenConf.pm";
- my $conf_file = $etcdir . "warden-client.conf";
- my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-
- # create SOAP data obejct
- my $request_data = SOAP::Data->name(client => \SOAP::Data->value(
- SOAP::Data->name(HOSTNAME => $hostname),
- SOAP::Data->name(REQUESTOR => $requestor),
- SOAP::Data->name(TYPE => $type),
- SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
- SOAP::Data->name(IP_NET_CLIENT => $ip_net_client)
- ));
-
- my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "registerReceiver", $request_data);
- $result ? return 1 : return 0;
-
-} # End of registerReceiver
-
-
-#-------------------------------------------------------------------------------
-# unregisterClient - unregister client from warden server
-#-------------------------------------------------------------------------------
-sub unregisterClient
-{
- my $warden_path = shift;
- my $client_id = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- # read the config file
- require $libdir . "WardenConf.pm";
- my $conf_file = $etcdir . "warden-client.conf";
- my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-
- # create SOAP data obejct
- my $request_data = SOAP::Data->name(client => \SOAP::Data->value(
- SOAP::Data->name(CLIENT_ID => $client_id)
- ));
-
- my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "unregisterClient", $request_data);
- $result ? return 1 : return 0;
-
-} # End of unregisterClient
-
-1;
diff --git a/src/warden-server/lib/WardenStatus.pm b/src/warden-server/lib/WardenStatus.pm
deleted file mode 100755
index 1907ecbfb897efb57c79137f3dd795bc55cb070a..0000000000000000000000000000000000000000
--- a/src/warden-server/lib/WardenStatus.pm
+++ /dev/null
@@ -1,183 +0,0 @@
-#!/usr/bin/perl -w
-#
-# WardenStatus.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.
-
-package WardenStatus;
-
-use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::HTTP;
-
-our $VERSION = "2.0";
-
-
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
- my $msg = shift;
- die($msg . "\n");
-} # End of errMsg
-
-
-#-------------------------------------------------------------------------------
-# c2s - connect to server, send request and receive response
-#-------------------------------------------------------------------------------
-sub c2s
-{
- my $uri = shift;
- my $ssl_key_file = shift;
- my $ssl_cert_file = shift;
- my $ssl_ca_file = shift;
- my $method = shift;
- my $data = shift;
- my $client;
-
- my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new())) {
- errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
- }
- $client->timeout(10);
- $client->ssl_opts(verify_hostname => 1,
- SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
-
- # set URI and serialize SOAP envelope and data object
- my $soap = SOAP::Lite->uri($service)->proxy($uri);
- my $envelope = $soap->serializer->envelope(method => $method);
-
- # setting of TCP URI and send serialized SOAP envelope and data
- my $server_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
-
- # check server response
- if (!defined $result) {
- errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
- } else {
- # deserialized response from server -> create SOAP envelope and data object
- my $response = $soap->deserializer->deserialize($result);
- # check SOAP fault status
- $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
- }
-}
-
-
-#-------------------------------------------------------------------------------
-# getClients - get list of registered clients
-#-------------------------------------------------------------------------------
-sub getClients
-{
- my $warden_path = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- # read the config file
- require $libdir . "WardenConf.pm";
- my $conf_file = $etcdir . "warden-client.conf";
- my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-
- # call method getClients on the Warden server
- my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getClients");
-
- # parse returned SOAP data object with clients
- my @clients;
- my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- my @response_list = $response->valueof('/Envelope/Body/getClientsResponse/client/');
- while (scalar @response_list) {
- my $response_data = shift(@response_list);
- my @client;
-
- $client_id = $response_data->{'CLIENT_ID'} ;
- $hostname = $response_data->{'HOSTNAME'};
- $registered = $response_data->{'REGISTERED'};
- $requestor = $response_data->{'REQUESTOR'};
- $service = defined $response_data->{'SERVICE'} ? $response_data->{'SERVICE'} : "-";
- $client_type = $response_data->{'CLIENT_TYPE'};
- $type = defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "-";
- $receive_own_events = defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "-";
- $description_tags = defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "-";
- $ip_net_client = $response_data->{'IP_NET_CLIENT'};
-
- # push received clients from warden server into @clients which is returned
- @client = ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- push (@clients,\@client);
- }
- return @clients;
-} # End of getClients
-
-
-#-------------------------------------------------------------------------------
-# getStatus - get warden server status
-#-------------------------------------------------------------------------------
-sub getStatus
-{
- my $warden_path = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- # read the config file
- require $libdir . "WardenConf.pm";
- my $conf_file = $etcdir . "warden-client.conf";
- my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-
- # call method getStatus on Warden server
- my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getStatus");
-
- #-----------------------------------------------------------------------------
- # parse returned SOAP object with server status
- my @response_list = $response->valueof('/Envelope/Body/getStatusResponse/server_status/');
- my $response_data = shift(@response_list);
-
- my $version = $response_data->{'VERSION'};
- my $server_hostname = $response_data->{'HOSTNAME'};
- my $ip_address = $response_data->{'IP_ADDRESS'};
- my $port = $response_data->{'PORT'};
- my $db_name = $response_data->{'DB_NAME'};
- my $db_user = $response_data->{'DB_USER'};
- my $db_host = $response_data->{'DB_HOST'};
- my $syslog = $response_data->{'SYSLOG'};
- my $syslog_verbose = $response_data->{'SYSLOG_VERBOSE'};
- my $syslog_facility = $response_data->{'SYSLOG_FACILITY'};
- my $db_size = $response_data->{'DB_SIZE'};
- my $events_sum = $response_data->{'EVENTS_SUM'};
- my $events_last_id = $response_data->{'EVENTS_LAST_ID'};
- my $events_first_timestamp = $response_data->{'EVENTS_FIRST_TIMESTAMP'};
- my $events_last_timestamp = $response_data->{'EVENTS_LAST_TIMESTAMP'};
- my $clients_sum = $response_data->{'CLIENTS_SUM'};
-
- my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $syslog, $syslog_verbose, $syslog_facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
- my @status;
- push(@status, \@server_status);
-
- #-----------------------------------------------------------------------------
- # parse returned SOAP object with client status
- @response_list = $response->valueof('/Envelope/Body/getStatusResponse/client_status/');
- my ($client_id, $hostname, $service, $count, $timestamp);
- while (scalar @response_list) {
- my $response_data = shift(@response_list);
- my @client_status;
-
- my $client_id = $response_data->{'CLIENT_ID'};
- my $hostname = $response_data->{'HOSTNAME'};
- my $service = $response_data->{'SERVICE'};
- my $count = $response_data->{'COUNT'};
- my $timestamp = $response_data->{'TIMESTAMP'};
-
- @client_status = ($client_id, $hostname, $service, $count, $timestamp);
- push(@status, \@client_status);
- }
- return @status;
-} # End of getStatus
-
-1;
diff --git a/src/warden-server/sh/install.sh b/src/warden-server/sh/install.sh
index dbc4844a2dd2fa1aeb3a2d3f3fcdbc031b7199ac..92fdd8bf7b96cfa25a6a16015eab0663d51a1a05 100755
--- a/src/warden-server/sh/install.sh
+++ b/src/warden-server/sh/install.sh
@@ -2,12 +2,12 @@
#
# install.sh
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
-VERSION="2.1"
+VERSION="2.2"
#-------------------------------------------------------------------------------
# FUNCTIONS
@@ -49,7 +49,7 @@ err()
}
-err_clean()
+errClean()
{
echo "FAILED!"
echo " -> Uninstalling server package ... OK"
@@ -62,7 +62,7 @@ err_clean()
}
-root_chck()
+rootChck()
{
if [ $UID -ne 0 ]; then
echo "You must be root for running this script!"
@@ -71,7 +71,7 @@ root_chck()
}
-params_chck()
+paramsChck()
{
if [ -z $prefix ]; then
echo "Parameter -d <directory> is not set!"
@@ -92,7 +92,7 @@ params_chck()
}
-old_package_chck()
+oldPackageChck()
{
old_package_version_file="${etc}/package_version"
if [ -f $old_package_version_file ]; then
@@ -104,7 +104,7 @@ old_package_chck()
}
-perl_chck()
+perlChck()
{
echo -n "Checking Perl interpreter ... "
if which perl 1> /dev/null; then
@@ -116,7 +116,7 @@ perl_chck()
fi
}
-modules_chck()
+modulesChck()
{
for module in ${modules[@]};
do
@@ -130,55 +130,20 @@ modules_chck()
}
-make_warden_dir()
+makeWardenDir()
{
echo -n "Creating Warden server directory ... "
test -d $prefix || mkdir -p $prefix
if cp -R ${dirname}/warden-server $prefix 2> $err; then
echo "OK"
else
- err_clean
+ errClean
fi
cp ${dirname}/uninstall.sh $server_path
}
-make_client_conf()
-{
- echo -n "Creating client configuration file ... "
- echo "#
-# warden-client.conf - configuration file for the warden sender/receiver client
-#
-
-#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
-#-------------------------------------------------------------------------------
-\$URI = \"https://${hostname}:443/Warden\";
-
-#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to client SSL certificate key file
-#-------------------------------------------------------------------------------
-\$SSL_KEY_FILE = \"${key}\";
-
-#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to client SSL certificate file
-#-------------------------------------------------------------------------------
-\$SSL_CERT_FILE = \"${cert}\";
-
-#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
-#-------------------------------------------------------------------------------
-\$SSL_CA_FILE = \"${ca_file}\";" > $client_conf 2> $err; ret_val=`echo $?`
-
- if [ $ret_val -eq 0 ]; then
- echo "OK"
- else
- err_clean
- fi
-}
-
-
-make_server_conf()
+makeServerConf()
{
echo -n "Creating server configuration file ... "
echo "#
@@ -242,11 +207,11 @@ make_server_conf()
if [ $ret_val -eq 0 ]; then
echo "OK"
else
- err_clean
+ errClean
fi
}
-make_apache_conf()
+makeApacheConf()
{
echo -n "Creating Apache configuration file ... "
echo "#
@@ -278,31 +243,12 @@ PerlSwitches -I $lib
if [ $ret_val -eq 0 ]; then
echo "OK"
else
- err_clean
+ errClean
fi
}
-<<<<<<< HEAD
-changeServerPath()
-{
- echo "Update server path ...";
- for file in `ls -1 $bin`
- do
- echo "- update server path: ${bin}/$file"
- perl -pi -e "s#/opt#${prefix}#" ${bin}/$file
- done
-
- echo "- update server path: ${lib}/Warden.pm"
- perl -pi -e "s#/opt#${prefix}#" ${lib}/Warden.pm
-
-}
-
-
-create_symlinks()
-=======
createSymlinks()
->>>>>>> warden-server-2.2
{
echo "Creating symbolic links ..."
for file in `ls -1 $bin`
@@ -334,10 +280,10 @@ while getopts "d:k:c:a:Vh" options; do
done
# root test
-root_chck
+rootChck
# params test
-params_chck
+paramsChck
# create variables
dirname=`dirname $0`
@@ -351,7 +297,6 @@ server_path="${prefix}/warden-server"
bin="${server_path}/bin"
local_bin="/usr/local/bin"
etc="${server_path}/etc"
-client_conf="${etc}/warden-client.conf"
server_conf="${etc}/warden-server.conf"
apache_conf="${etc}/warden-apache.conf"
var="${server_path}/var"
@@ -360,44 +305,34 @@ doc="${server_path}/doc"
err="/tmp/warden-err"
# check if warden-server is installed
-old_package_chck
+oldPackageChck
echo
echo "------------------------- Dependencies check-in -------------------------"
# Perl interpreter test
-perl_chck
+perlChck
# Perl modules test
-modules_chck
+modulesChck
echo
echo "------------------------- Installation process --------------------------"
-# make warden client directory
-make_warden_dir
-
-# create client configuration file
-make_client_conf
+# make warden server directory
+makeWardenDir
# create server configuration file
-make_server_conf
+makeServerConf
# create Apache configuration file
-make_apache_conf
-
-<<<<<<< HEAD
-#update paths in utilities
-changeServerPath
+makeApacheConf
-=======
->>>>>>> warden-server-2.2
# crate symlinks from warden server bin directory to /usr/local/bin
-create_symlinks
+createSymlinks
echo
echo "Please check configuration files:"
-echo " - ${client_conf}"
echo " - ${server_conf}"
echo " - ${apache_conf}"
echo
diff --git a/src/warden-server/sh/uninstall.sh b/src/warden-server/sh/uninstall.sh
index 417ca43889810f1d45c414d9c189a35241f973ea..762b57d27d922eac80afef41fa67af4395bc1f0b 100755
--- a/src/warden-server/sh/uninstall.sh
+++ b/src/warden-server/sh/uninstall.sh
@@ -2,7 +2,7 @@
#
# uninstall.sh
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
VERSION="2.1"
@@ -44,7 +44,7 @@ err()
}
-err_clean()
+errClean()
{
echo "FAILED!"
echo " -> Reverting changes of warden server package ... OK"
@@ -62,7 +62,7 @@ err_clean()
}
-root_chck()
+rootChck()
{
if [ $UID -ne 0 ]; then
echo "You must be root for running this script!"
@@ -71,28 +71,26 @@ root_chck()
}
-params_chck()
+paramsChck()
{
if [ -z $prefix ]; then
- echo "Parameter -d <direcotry> is not set!"
+ echo "Parameter -d <directory> is not set!"
exit 1
fi
}
-obtain_package_version()
+obtainPackageVersion()
{
- echo -n "Obtaing package version ... "
if [ -f $old_package_version_file ]; then
package_version=`cat $old_package_version_file`
else
package_version="unknown"
fi
- echo "OK"
}
-warden_dir_chck()
+wardenDirChck()
{
echo -n "Checking Warden server directory ... "
if [ ! -d $server_path ]; then
@@ -117,7 +115,7 @@ backup()
}
-delete_symlinks()
+deleteSymlinks()
{
echo -n "Deleting symlinks from /usr/local/bin ..."
for file in `ls -1 $bin`
@@ -128,14 +126,14 @@ delete_symlinks()
}
-uninstall_warden_server()
+uninstallWardenServer()
{
echo -n "Uninstalling $package_version package ... "
cp ${doc}/UNINSTALL $uninstall_file
if rm -rf $server_path 2> $err; then
echo "OK"
else
- err_clean
+ errClean
fi
}
@@ -156,10 +154,10 @@ while getopts "d:Vh" options; do
done
# root test
-root_chck
+rootChck
# params test
-params_chck
+paramsChck
# create variables
[[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
@@ -175,22 +173,22 @@ err="/tmp/warden-err"
backup_dir="/tmp/warden-backup"
# obtain version of installed warden-server package
-obtain_package_version
+obtainPackageVersion
echo
echo "------------------------- Uninstallation process --------------------------------"
# check if $prefix/warden-server directory exist
-warden_dir_chck
+wardenDirChck
# make backup of currently installed warden-server package
backup
# delete symbolic links
-delete_symlinks
+deleteSymlinks
# do uninstallation
-uninstall_warden_server
+uninstallWardenServer
echo
echo "Please follow post-uninstallation steps in $uninstall_file!"
diff --git a/src/warden-server/sh/update.sh b/src/warden-server/sh/update.sh
index 2795a390fdd7938eb084ff4a38370477ce7d1d1a..220e7e04e5f5f309f1caaa5f69cd784e7484a420 100755
--- a/src/warden-server/sh/update.sh
+++ b/src/warden-server/sh/update.sh
@@ -2,12 +2,12 @@
#
# update.sh
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
-VERSION="2.1"
+VERSION="2.2"
#-------------------------------------------------------------------------------
# FUNCTIONS
@@ -47,7 +47,7 @@ err()
}
-err_clean()
+errClean()
{
echo "FAILED!"
echo " -> Reverting changes of Warden server package ... OK"
@@ -61,7 +61,7 @@ err_clean()
}
-root_chck()
+rootChck()
{
if [ $UID -ne 0 ]; then
echo "You must be root for running this script!"
@@ -70,16 +70,16 @@ root_chck()
}
-params_chck()
+paramsChck()
{
if [ -z $prefix ]; then
- echo "Parameter -d <direcotry> is not set!"
+ echo "Parameter -d <directory> is not set!"
exit 1
fi
}
-obtain_package_version()
+obtainPackageVersion()
{
if [ -f $old_package_version_file ]; then
old_package_version=`cat $old_package_version_file`
@@ -95,7 +95,7 @@ obtain_package_version()
}
-perl_chck()
+perlChck()
{
echo -n "Checking Perl interpreter ... "
if which perl 1> /dev/null; then
@@ -108,7 +108,20 @@ perl_chck()
}
-modules_chck()
+rsyncChck()
+{
+ echo -n "Checking Rsync ... "
+ if which rsync 1> /dev/null; then
+ echo "OK"
+ else
+ echo "FAILED!"
+ echo "Error: Rsync is not installed!"
+ exit 1
+ fi
+}
+
+
+modulesChck()
{
for module in ${modules[@]};
do
@@ -122,7 +135,7 @@ modules_chck()
}
-warden_dir_chck()
+wardenDirChck()
{
echo -n "Checking Warden server directory ... "
if [ ! -d $server_path ]; then
@@ -147,7 +160,7 @@ backup()
}
-obtain_warden_user()
+obtainWardenUser()
{
echo -n "Obtaining Warden server directory owner ... "
if user=`stat -c %U $server_conf_file` 2> $err; then
@@ -158,20 +171,20 @@ obtain_warden_user()
}
-update_warden_dir()
+updateWardenDir()
{
echo -n "Updating Warden server directory ... "
if rsync -q --recursive --archive --delete --exclude='etc' --exclude='sh' ${dirname}/warden-server $prefix 2> $err; then
echo "OK"
else
- err_clean
+ errClean
fi
cp ${dirname}/warden-server/etc/package_version $etc
cp ${dirname}/uninstall.sh $server_path
}
-update_conf_files()
+updateConfFiles()
{
echo -n "Updating $apache_conf_file ... "
@@ -208,47 +221,9 @@ $perl_switches
if [ $ret_val -eq 0 ]; then
echo "OK"
else
- err_clean
+ errClean
fi
-
-#-------------------------------------------------------------------------------
-
- echo -n "Updating $client_conf_file ... "
-
- uri=`cat $client_conf_file | grep '$URI'`
- ssl_key_file=`cat $client_conf_file | grep '$SSL_KEY_FILE'`
- ssl_cert_file=`cat $client_conf_file | grep '$SSL_CERT_FILE'`
- ssl_ca_file=`cat $client_conf_file | grep '$SSL_CA_FILE'`
-
- echo "#
-# warden-client.conf - configuration file for registration and status clients
-#
-
-#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
-#-------------------------------------------------------------------------------
-$uri
-
-#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to server SSL certificate key file
-#-------------------------------------------------------------------------------
-$ssl_key_file
-
-#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to server SSL certificate file
-#-------------------------------------------------------------------------------
-$ssl_cert_file
-
-#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
-#-------------------------------------------------------------------------------
-$ssl_ca_file" > $client_conf_file 2> $err; ret_val=`echo $?`
-
- if [ $ret_val -eq 0 ]; then
- echo "OK"
- else
- err_clean
- fi
+
#-------------------------------------------------------------------------------
@@ -343,7 +318,7 @@ $valid_strings" > $server_conf_file 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
- err_clean
+ errClean
fi
}
@@ -367,10 +342,10 @@ while getopts "d:Vh" options; do
done
# root test
-root_chck
+rootChck
# params test
-params_chck
+paramsChck
# create variables
dirname=`dirname $0`
@@ -381,46 +356,47 @@ etc="${server_path}/etc"
doc="${server_path}/doc"
old_package_version_file="${etc}/package_version"
apache_conf_file="${etc}/warden-apache.conf"
-client_conf_file="${etc}/warden-client.conf"
server_conf_file="${etc}/warden-server.conf"
err="/tmp/warden-err"
backup_dir="/tmp/warden-server-backup"
# obtain version of old warden server
-obtain_package_version
+obtainPackageVersion
echo
echo "------------------------- Dependencies check-in -------------------------"
# Perl interpreter test
-perl_chck
+perlChck
+
+# Rsync availability test
+rsyncCheck
# Perl modules test
-modules_chck
+modulesChck
echo
echo "------------------------- Update process --------------------------------"
# check warden server directory
-warden_dir_chck
+wardenDirChck
# backup old warden server installation
backup
# obtain current warden server user
-obtain_warden_user
+obtainWardenUser
# make warden server directory
-update_warden_dir
+updateWardenDir
# create conf files
-update_conf_files
+updateConfFiles
echo
echo "Please check updated configuration files:"
echo " - $apache_conf_file"
echo " - $server_conf_file"
-echo " - $client_conf_file"
echo
echo "Warden server directory: $server_path"
echo