zacistovani po prechodu z verze klienta 1.2.0 (TCP) na verzi komunikujici via HTTPS.

src/warden-client/doc/CHANGELOG

-2012-00-00 v1.2.0 stable version and bugfix release of warden-client-1.1.0
+2012-03-30 v1.2.0 stable version and bugfix release of warden-client-1.1.0
 --------------------------------------------------------------------------
 - Fixed SSL certificate/key access privileges security issue
 - Fixed client crash after multiple events download
+- Fixed install.sh crash when warden client installation dictionary doesn't exist
+- Fixed configuration error in permission access to etc directory in update.sh
+- Fixed bug in backup process in update.sh
 - Fixed several small bugs/issues
 
+
 2012-02-06 v1.1.0 stable version and bugfix release of warden-client-1.0.0
 --------------------------------------------------------------------------
 - Fixed bug when receiving of events
@@ -16,6 +20,7 @@
 - Added update script -> update.sh
 - Fixed several small bugs/issues
 
+
 2011-11-16 v1.0.0 stable version
 --------------------------------
 - Initial package of warden client

src/warden-client/doc/README

 +------------------------------+
-| README - Warden Client 1.1.0 |
+| README - Warden Client 1.2.0 |
 +------------------------------+
 
 Content
@@ -30,7 +30,7 @@ A. Overall Information
  
  2. Version
   
-    1.1.0 (2012-02-06)
+    1.2.0 (2012-03-30)
     
  3. Package structure
  
@@ -129,11 +129,11 @@ D. Installation (First installation of the Warden client package)
 
  1. Check SHA1 checksum of corresponding Warden client package archive
 
-    $ sha1sum -c warden-client-1.1.0.tar.gz.sig
+    $ sha1sum -c warden-client-1.2.0.tar.gz.sig
 
  2. Untar it
 
-    $ tar xzvf warden-client-1.1.0.tar.gz
+    $ tar xzvf warden-client-1.2.0.tar.gz
 
  3. Run install.sh 
   
@@ -189,11 +189,11 @@ E. Update (Update of previously installed the Warden client package)
 
  1. Check SHA1 checksum of corresponding the Warden client package archive
 
-    $ sha1sum -c warden-client-1.1.0.tar.gz.sig
+    $ sha1sum -c warden-client-1.2.0.tar.gz.sig
 
  2. Untar it
 
-    $ tar xzvf warden-client-1.1.0.tar.gz
+    $ tar xzvf warden-client-1.2.0.tar.gz
 
  3. Run update.sh 
   

src/warden-client/doc/README.cesnet

 +-------------------------------------+
-| README.cesnet - Warden Client 1.1.0 |
+| README.cesnet - Warden Client 1.2.0 |
 |				      |
 | CESNET Specifics                    |
 +-------------------------------------+
@@ -26,7 +26,7 @@ A. Overall Information
 
  2. Version
 
-    1.1.0 (2012-02-06)
+    1.2.0 (2012-03-30)
 
 --------------------------------------------------------------------------------
 B. Registration

src/warden-client/doc/example-receiver.pl.txt

@@ -33,7 +33,7 @@
 use strict;
 
 #------------------------------------------------------------------------------
-# Warden 1.1.0. Client, Receiver, Example
+# Warden 1.2.0. Client, Receiver, Example
 #
 # Simple use of warden-client receiver functionality to download new events
 # from # Warden server. This code illustrates how to integrate warden-client

src/warden-client/doc/example-sender.pl.txt

@@ -34,7 +34,7 @@ use strict;
 use DateTime;
 
 #-------------------------------------------------------------------------------
-# Warden 1.1.0. Client, Sender, Example 
+# Warden 1.2.0. Client, Sender, Example 
 #
 # Sample script using warden-client sending functionality. This example is not
 # intended to be a standalone script. It only shows how to use warden-client

src/warden-client/etc/package_version

-warden-client-1.2.0
+warden-client-1.3.0

src/warden-client/etc/warden-client.conf

@@ -3,21 +3,22 @@
 #
 
 #-------------------------------------------------------------------------------
-# URI -	URI address of Warden server
+# URI - URI address of Warden server
 #-------------------------------------------------------------------------------
 $URI = "https://warden-dev.cesnet.cz:443/Warden";
 
 #-------------------------------------------------------------------------------
 # SSL_KEY_FILE - path to client SSL certificate key file
 #-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/opt/warden-client/etc/warden-dev.cesnet.cz.key";
+$SSL_KEY_FILE = "/opt/warden-client/etc/barny.ics.muni.cz.key";
 
 #-------------------------------------------------------------------------------
 # SSL_CERT_FILE - path to client SSL certificate file
 #-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/opt/warden-client/etc/warden-dev.cesnet.cz.pem";
+$SSL_CERT_FILE = "/opt/warden-client/etc/barny.ics.muni.cz.pem";
 
 #-------------------------------------------------------------------------------
 # SSL_CA_FILE - path to CA certificate file
 #-------------------------------------------------------------------------------
 $SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
+

src/warden-client/lib/WardenClientReceive.pm

@@ -4,7 +4,7 @@
 #
 # Copyright (C) 2011-2012 Cesnet z.s.p.o
 # Author(s): 	Tomas PLESNIK 	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
+#		          Jan SOUKAL	<soukal@ics.muni.cz>
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -36,11 +36,10 @@ package WardenClientReceive;
 use strict;
 use SOAP::Lite;
 use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
 use SOAP::Transport::HTTP;
 use FindBin;
 
-our $VERSION = "1.1";
+our $VERSION = "1.3"; #first iteration after 'port to Apache'
 
 #-------------------------------------------------------------------------------
 # errMsg - print error message and die
@@ -55,71 +54,26 @@ sub errMsg
 #-------------------------------------------------------------------------------
 # c2s - connect to server, send request and receive response
 #-------------------------------------------------------------------------------
-#sub c2s 
-#{
-#  my $uri		= shift;
-#  my $ssl_key_file	= shift;
-#  my $ssl_cert_file	= shift;
-#  my $ssl_ca_file	= shift;
-#  my $method		= shift;
-#  my $data		= shift;
-#
-#  my $client;
-#  my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-#  if (!($client = SOAP::Transport::TCP::Client->new(
-#    PeerAddr            => $server,
-#    PeerPort            => $port,
-#    Proto               => 'tcp',
-#    SSL_use_cert        => 1,
-#    SSL_verify_mode     => 0x02,
-#    SSL_key_file        => $ssl_key_file,
-#    SSL_cert_file       => $ssl_cert_file,
-#    SSL_ca_file         => $ssl_ca_file,
-#  ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-#
-#  # setting of URI and serialize SOAP envelope and data object
-#  my $soap = SOAP::Lite->uri($uri);
-#  my $envelope;
-#  if (!defined $data) {
-#    $envelope = $soap->serializer->envelope(method => $method);
-#  } else {
-#    $envelope = $soap->serializer->envelope(method => $method, $data);
-#  }
-#
-#  # setting of TCP URI and send serialized SOAP envelope and data
-#  my $tcp_uri = "tcp://$server:$port/$service";
-#  my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-#
-#  # check server response
-#  if (!defined $result) {
-#    errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-#  } else {
-#    # deserialized response from server -> create SOAP envelope and data object
-#    my $response = $soap->deserializer->deserialize($result);
-#    # check SOAP fault status
-#    $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
-#  }
-#}
-
 sub c2s 
 {
-  my $uri		= shift;
+  my $uri		        = shift;
   my $ssl_key_file	= shift;
   my $ssl_cert_file	= shift;
-  my $ssl_ca_file	= shift;
-  my $method		= shift;
-  my $data		= shift;
+  my $ssl_ca_file	  = shift;
+  my $method		    = shift;
+  my $data		      = shift;
 
   my $client;
   my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-  if (!($client = SOAP::Transport::HTTP::Client->new(
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
-  $client->ssl_opts( 	verify_hostname     => 1,
-        		SSL_use_cert        => 1,
-        		SSL_verify_mode     => 0x02,
-        		SSL_key_file        => $ssl_key_file,
-        		SSL_cert_file       => $ssl_cert_file,
-        		SSL_ca_file         => $ssl_ca_file);
+  if (!($client = SOAP::Transport::HTTP::Client->new())) {
+    errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+  }
+  $client->ssl_opts(verify_hostname     => 1,
+        		        SSL_use_cert        => 1,
+        		        SSL_verify_mode     => 0x02,
+        		        SSL_key_file        => $ssl_key_file,
+        		        SSL_cert_file       => $ssl_cert_file,
+        		        SSL_ca_file         => $ssl_ca_file);
 
   # setting of URI and serialize SOAP envelope and data object
   my $soap     = SOAP::Lite->uri($service)->proxy($uri);
@@ -131,8 +85,8 @@ sub c2s
   }
 
   # setting of TCP URI and send serialized SOAP envelope and data
-  my $tcp_uri = "https://$server:$port/$service";
-  my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+  my $server_uri = "https://$server:$port/$service";
+  my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
 
   # check server response
   if (!defined $result) {
@@ -191,61 +145,58 @@ sub getNewEvents
   # get new events from warden server DB based on gathered last ID 
 
   # create SOAP data obejct
-  my $request_data = SOAP::Data->name(request => \SOAP::Data->value(
-    SOAP::Data->name(REQUESTED_TYPE => $requested_type),
-    SOAP::Data->name(LAST_ID => $last_id)
-  ));
+  my $request_data = SOAP::Data->name(
+    request => \SOAP::Data->value(
+      SOAP::Data->name(REQUESTED_TYPE => $requested_type),
+      SOAP::Data->name(LAST_ID        => $last_id)
+    )
+  );
+  
+  # call server method getNewEvents 
   my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getNewEvents", $request_data);
 
-  # match getNewEvents functions response
-  $response->match('/Envelope/Body/getNewEventsResponse/');
+  # parse returned SOAP data object
   my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
   my @events;
-
-  # parse returned SOAP data object
-  my $i = 1;
-  my $response_data = $response->valueof("[$i]");
-  while (defined $response_data) {
+  my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
+  while (scalar @response_list) {
+    my $response_data = shift(@response_list);
     my @event;
 
     # parse items of one event
-    $id			= $response_data->{'ID'};
-    $hostname		= $response_data->{'HOSTNAME'};
-    $service		= $response_data->{'SERVICE'};
-    $detected 		= $response_data->{'DETECTED'};
-    $type		= $response_data->{'TYPE'};
-    $source_type	= $response_data->{'SOURCE_TYPE'};
-    $source		= $response_data->{'SOURCE'};
-    $target_proto	= $response_data->{'TARGET_PROTO'};
-    $target_port	= $response_data->{'TARGET_PORT'};
-    $attack_scale	= $response_data->{'ATTACK_SCALE'};
-    $note		= $response_data->{'NOTE'};
-    $priority		= $response_data->{'PRIORITY'};
-    $timeout		= $response_data->{'TIMEOUT'};
+    $id			       = $response_data->{'ID'};
+    $hostname		   = $response_data->{'HOSTNAME'};
+    $service		   = $response_data->{'SERVICE'};
+    $detected 	   = $response_data->{'DETECTED'};
+    $type		       = $response_data->{'TYPE'};
+    $source_type   = $response_data->{'SOURCE_TYPE'};
+    $source		     = $response_data->{'SOURCE'};
+    $target_proto	 = $response_data->{'TARGET_PROTO'};
+    $target_port	 = $response_data->{'TARGET_PORT'};
+    $attack_scale	 = $response_data->{'ATTACK_SCALE'};
+    $note		       = $response_data->{'NOTE'};
+    $priority		   = $response_data->{'PRIORITY'};
+    $timeout		   = $response_data->{'TIMEOUT'};
 
     # push new event from warden server into @events which is returned
-    @event = ("$id", "$hostname", "$service", "$detected", "$type", "$source_type", "$source", "$target_proto", "$target_port", "$attack_scale", "$note", "$priority", "$timeout");
+    @event = ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
     push (@events, \@event);
 
     # set maximum received ID from current batch
     if ($id > $last_id) {
 	    $last_id = $id;
     }
-
-    # go to the next received event
-    $i++;
-    $response_data = $response->valueof("[$i]");
-  }
+  } #end of while loop
 
   # write last return ID
-  if (defined $last_id) {		# must be defined for first check ID
+  if (defined $last_id) { # must be defined for first check ID
     open(ID, "> $id_file") || die ("Cannot open ID file $id_file: $!");
     print ID $last_id;
     close ID;
   }
 
-  # return event array of arrays 
   return @events;
+
 } # End of getNewEvents
 
 1;

src/warden-client/lib/WardenClientSend.pm

@@ -4,7 +4,7 @@
 #
 # Copyright (C) 2011-2012 Cesnet z.s.p.o
 # Author(s):	Tomas PLESNIK	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
+#		          Jan SOUKAL <soukal@ics.muni.cz>
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -35,11 +35,11 @@ package WardenClientSend;
 
 use strict;
 use SOAP::Lite;
-#use SOAP::Lite 'trace', 'debug';
 use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
 use SOAP::Transport::HTTP;
-our $VERSION = "1.1";
+
+our $VERSION = "1.3"; #first iteration after 'port to Apache'
+
 
 #-------------------------------------------------------------------------------
 # errMsg - print error message and die
@@ -56,31 +56,35 @@ sub errMsg
 #-------------------------------------------------------------------------------
 sub c2s 
 {
-  my $uri		= shift;
+  my $uri		        = shift;
   my $ssl_key_file	= shift;
   my $ssl_cert_file	= shift;
-  my $ssl_ca_file	= shift;
-  my $method		= shift;
-  my $data		= shift;
+  my $ssl_ca_file	  = shift;
+  my $method		    = shift;
+  my $data		      = shift;
 
-  my $client;
   my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-  if (!($client = SOAP::Transport::HTTP::Client->new(
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
-  $client->ssl_opts( 	verify_hostname     => 1,
-        		SSL_use_cert        => 1,
-        		SSL_verify_mode     => 0x02,
-        		SSL_key_file        => $ssl_key_file,
-        		SSL_cert_file       => $ssl_cert_file,
-        		SSL_ca_file         => $ssl_ca_file);
+  
+  my $client;
+  if (!($client = SOAP::Transport::HTTP::Client->new())) {
+    errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+  }
+  $client->ssl_opts(verify_hostname     => 1,
+        		        SSL_use_cert        => 1,
+        		        SSL_verify_mode     => 0x02,
+        		        SSL_key_file        => $ssl_key_file,
+        		        SSL_cert_file       => $ssl_cert_file,
+        		        SSL_ca_file         => $ssl_ca_file);
+
 
   # setting of URI and serialize SOAP envelope and data object
   my $soap     = SOAP::Lite->uri($service)->proxy($uri);
   my $envelope = $soap->serializer->envelope(method => $method, $data);
-  
-# setting of TCP URI and send serialized SOAP envelope and data
-  my $tcp_uri = "https://$server:$port/$service";
-  my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+
+  # setting of TCP URI and send serialized SOAP envelope and data
+  my $server_uri = "https://$server:$port/$service";
+
+  my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
 
   # check server response
   if (!defined $result) {
@@ -111,33 +115,35 @@ sub saveNewEvent
   my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenClientConf::loadConf($conf_file);
 
   # prepare variables of event 
-  my @event = @{$event_ref};
-  my $service		= $event[0];
-  my $detected		= $event[1];
-  my $type		= $event[2];
-  my $source_type	= $event[3];
-  my $source		= $event[4];
+  my @event         = @{$event_ref};
+  my $service		    = $event[0];
+  my $detected		  = $event[1];
+  my $type		      = $event[2];
+  my $source_type	  = $event[3];
+  my $source		    = $event[4];
   my $target_proto	= $event[5];
-  my $target_port	= $event[6];
+  my $target_port	  = $event[6];
   my $attack_scale	= $event[7];
-  my $note		= $event[8];
-  my $priority		= $event[9];
-  my $timeout		= $event[10];
+  my $note		      = $event[8];
+  my $priority		  = $event[9];
+  my $timeout		    = $event[10];
 
   # create SOAP data object
-  my $event = SOAP::Data->name(event => \SOAP::Data->value(
-    SOAP::Data->name(SERVICE		=> $service),
-    SOAP::Data->name(DETECTED		=> $detected),
-    SOAP::Data->name(TYPE		=> $type),
-    SOAP::Data->name(SOURCE_TYPE    	=> $source_type),
-    SOAP::Data->name(SOURCE		=> $source),
-    SOAP::Data->name(TARGET_PROTO	=> $target_proto),
-    SOAP::Data->name(TARGET_PORT	=> $target_port),
-    SOAP::Data->name(ATTACK_SCALE	=> $attack_scale),
-    SOAP::Data->name(NOTE		=> $note),
-    SOAP::Data->name(PRIORITY       	=> $priority),
-    SOAP::Data->name(TIMEOUT		=> $timeout)
-   ));
+  my $event = SOAP::Data->name(
+    event => \SOAP::Data->value(
+      SOAP::Data->name(SERVICE		  => $service),
+      SOAP::Data->name(DETECTED		  => $detected),
+      SOAP::Data->name(TYPE	    	  => $type),
+      SOAP::Data->name(SOURCE_TYPE  => $source_type),
+      SOAP::Data->name(SOURCE		    => $source),
+      SOAP::Data->name(TARGET_PROTO	=> $target_proto),
+      SOAP::Data->name(TARGET_PORT	=> $target_port),
+      SOAP::Data->name(ATTACK_SCALE	=> $attack_scale),
+      SOAP::Data->name(NOTE		      => $note),
+      SOAP::Data->name(PRIORITY     => $priority),
+      SOAP::Data->name(TIMEOUT		  => $timeout)
+    )
+  );
 
   my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "saveNewEvent", $event);
   $result ? return 1 : return 0;