diff --git a/src/warden-client/doc/CHANGELOG b/src/warden-client/doc/CHANGELOG
index 145d6902dd21e13e0720c2906591ff48dcbe3bd8..1de1f5599e6f4290c994042665ca1d4477120c23 100644
--- a/src/warden-client/doc/CHANGELOG
+++ b/src/warden-client/doc/CHANGELOG
@@ -1,9 +1,13 @@
-2012-00-00 v1.2.0 stable version and bugfix release of warden-client-1.1.0
+2012-03-30 v1.2.0 stable version and bugfix release of warden-client-1.1.0
--------------------------------------------------------------------------
- Fixed SSL certificate/key access privileges security issue
- Fixed client crash after multiple events download
+- Fixed install.sh crash when warden client installation dictionary doesn't exist
+- Fixed configuration error in permission access to etc directory in update.sh
+- Fixed bug in backup process in update.sh
- Fixed several small bugs/issues
+
2012-02-06 v1.1.0 stable version and bugfix release of warden-client-1.0.0
--------------------------------------------------------------------------
- Fixed bug when receiving of events
@@ -16,6 +20,7 @@
- Added update script -> update.sh
- Fixed several small bugs/issues
+
2011-11-16 v1.0.0 stable version
--------------------------------
- Initial package of warden client
diff --git a/src/warden-client/doc/README b/src/warden-client/doc/README
index 894c7e683d79c887f94386a08723483edac77f93..777d20399be552d3a2528e33529bc357d18d928f 100644
--- a/src/warden-client/doc/README
+++ b/src/warden-client/doc/README
@@ -1,5 +1,5 @@
+------------------------------+
-| README - Warden Client 1.1.0 |
+| README - Warden Client 1.2.0 |
+------------------------------+
Content
@@ -30,7 +30,7 @@ A. Overall Information
2. Version
- 1.1.0 (2012-02-06)
+ 1.2.0 (2012-03-30)
3. Package structure
@@ -129,11 +129,11 @@ D. Installation (First installation of the Warden client package)
1. Check SHA1 checksum of corresponding Warden client package archive
- $ sha1sum -c warden-client-1.1.0.tar.gz.sig
+ $ sha1sum -c warden-client-1.2.0.tar.gz.sig
2. Untar it
- $ tar xzvf warden-client-1.1.0.tar.gz
+ $ tar xzvf warden-client-1.2.0.tar.gz
3. Run install.sh
@@ -189,11 +189,11 @@ E. Update (Update of previously installed the Warden client package)
1. Check SHA1 checksum of corresponding the Warden client package archive
- $ sha1sum -c warden-client-1.1.0.tar.gz.sig
+ $ sha1sum -c warden-client-1.2.0.tar.gz.sig
2. Untar it
- $ tar xzvf warden-client-1.1.0.tar.gz
+ $ tar xzvf warden-client-1.2.0.tar.gz
3. Run update.sh
diff --git a/src/warden-client/doc/README.cesnet b/src/warden-client/doc/README.cesnet
index 4151f3b2d760849a41cb53d4ce3592fbec8615c7..5a6f61e581bad627f6464521fe8ac23f486c9b50 100644
--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -1,5 +1,5 @@
+-------------------------------------+
-| README.cesnet - Warden Client 1.1.0 |
+| README.cesnet - Warden Client 1.2.0 |
| |
| CESNET Specifics |
+-------------------------------------+
@@ -26,7 +26,7 @@ A. Overall Information
2. Version
- 1.1.0 (2012-02-06)
+ 1.2.0 (2012-03-30)
--------------------------------------------------------------------------------
B. Registration
diff --git a/src/warden-client/doc/example-receiver.pl.txt b/src/warden-client/doc/example-receiver.pl.txt
index 89dc2261fac2ae2b2735d14b3e00ec71a263b6da..2f4f92624c46ff90899f8501f93eb9840b8ee6f6 100644
--- a/src/warden-client/doc/example-receiver.pl.txt
+++ b/src/warden-client/doc/example-receiver.pl.txt
@@ -33,7 +33,7 @@
use strict;
#------------------------------------------------------------------------------
-# Warden 1.1.0. Client, Receiver, Example
+# Warden 1.2.0. Client, Receiver, Example
#
# Simple use of warden-client receiver functionality to download new events
# from # Warden server. This code illustrates how to integrate warden-client
diff --git a/src/warden-client/doc/example-sender.pl.txt b/src/warden-client/doc/example-sender.pl.txt
index 1a2efb7b67992126e3f117ccd5635b972e5939cd..9e1089a380dac5461f96e905070e3c984e543055 100644
--- a/src/warden-client/doc/example-sender.pl.txt
+++ b/src/warden-client/doc/example-sender.pl.txt
@@ -34,7 +34,7 @@ use strict;
use DateTime;
#-------------------------------------------------------------------------------
-# Warden 1.1.0. Client, Sender, Example
+# Warden 1.2.0. Client, Sender, Example
#
# Sample script using warden-client sending functionality. This example is not
# intended to be a standalone script. It only shows how to use warden-client
diff --git a/src/warden-client/etc/package_version b/src/warden-client/etc/package_version
index bb011d5987d805b75cfd45215a9e78b44b2c8620..c7673b58f3ac7b70d71e2ff412fd13800fdf6dee 100644
--- a/src/warden-client/etc/package_version
+++ b/src/warden-client/etc/package_version
@@ -1 +1 @@
-warden-client-1.2.0
+warden-client-1.3.0
diff --git a/src/warden-client/etc/warden-client.conf b/src/warden-client/etc/warden-client.conf
index 3eedc988855e6939db708ad64b3af4d81d4d4928..af9e8decf38211a6707de79c39c0f73afafeba4e 100644
--- a/src/warden-client/etc/warden-client.conf
+++ b/src/warden-client/etc/warden-client.conf
@@ -3,21 +3,22 @@
#
#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
+# URI - URI address of Warden server
#-------------------------------------------------------------------------------
$URI = "https://warden-dev.cesnet.cz:443/Warden";
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to client SSL certificate key file
#-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/opt/warden-client/etc/warden-dev.cesnet.cz.key";
+$SSL_KEY_FILE = "/opt/warden-client/etc/barny.ics.muni.cz.key";
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to client SSL certificate file
#-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/opt/warden-client/etc/warden-dev.cesnet.cz.pem";
+$SSL_CERT_FILE = "/opt/warden-client/etc/barny.ics.muni.cz.pem";
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";
+
diff --git a/src/warden-client/lib/WardenClientReceive.pm b/src/warden-client/lib/WardenClientReceive.pm
index c8f7d456f692a3894e6f822d26d6bbf094252344..4b37851e00847297f04b6a4950e8b680cb9cbfea 100755
--- a/src/warden-client/lib/WardenClientReceive.pm
+++ b/src/warden-client/lib/WardenClientReceive.pm
@@ -4,7 +4,7 @@
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
+# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@@ -36,11 +36,10 @@ package WardenClientReceive;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
use FindBin;
-our $VERSION = "1.1";
+our $VERSION = "1.3"; #first iteration after 'port to Apache'
#-------------------------------------------------------------------------------
# errMsg - print error message and die
@@ -55,71 +54,26 @@ sub errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
-#sub c2s
-#{
-# my $uri = shift;
-# my $ssl_key_file = shift;
-# my $ssl_cert_file = shift;
-# my $ssl_ca_file = shift;
-# my $method = shift;
-# my $data = shift;
-#
-# my $client;
-# my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-# if (!($client = SOAP::Transport::TCP::Client->new(
-# PeerAddr => $server,
-# PeerPort => $port,
-# Proto => 'tcp',
-# SSL_use_cert => 1,
-# SSL_verify_mode => 0x02,
-# SSL_key_file => $ssl_key_file,
-# SSL_cert_file => $ssl_cert_file,
-# SSL_ca_file => $ssl_ca_file,
-# ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-#
-# # setting of URI and serialize SOAP envelope and data object
-# my $soap = SOAP::Lite->uri($uri);
-# my $envelope;
-# if (!defined $data) {
-# $envelope = $soap->serializer->envelope(method => $method);
-# } else {
-# $envelope = $soap->serializer->envelope(method => $method, $data);
-# }
-#
-# # setting of TCP URI and send serialized SOAP envelope and data
-# my $tcp_uri = "tcp://$server:$port/$service";
-# my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-#
-# # check server response
-# if (!defined $result) {
-# errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-# } else {
-# # deserialized response from server -> create SOAP envelope and data object
-# my $response = $soap->deserializer->deserialize($result);
-# # check SOAP fault status
-# $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
-# }
-#}
-
sub c2s
{
- my $uri = shift;
+ my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
- my $ssl_ca_file = shift;
- my $method = shift;
- my $data = shift;
+ my $ssl_ca_file = shift;
+ my $method = shift;
+ my $data = shift;
my $client;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new(
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
- $client->ssl_opts( verify_hostname => 1,
- SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
+ if (!($client = SOAP::Transport::HTTP::Client->new())) {
+ errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+ }
+ $client->ssl_opts(verify_hostname => 1,
+ SSL_use_cert => 1,
+ SSL_verify_mode => 0x02,
+ SSL_key_file => $ssl_key_file,
+ SSL_cert_file => $ssl_cert_file,
+ SSL_ca_file => $ssl_ca_file);
# setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
@@ -131,8 +85,8 @@ sub c2s
}
# setting of TCP URI and send serialized SOAP envelope and data
- my $tcp_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+ my $server_uri = "https://$server:$port/$service";
+ my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
# check server response
if (!defined $result) {
@@ -191,61 +145,58 @@ sub getNewEvents
# get new events from warden server DB based on gathered last ID
# create SOAP data obejct
- my $request_data = SOAP::Data->name(request => \SOAP::Data->value(
- SOAP::Data->name(REQUESTED_TYPE => $requested_type),
- SOAP::Data->name(LAST_ID => $last_id)
- ));
+ my $request_data = SOAP::Data->name(
+ request => \SOAP::Data->value(
+ SOAP::Data->name(REQUESTED_TYPE => $requested_type),
+ SOAP::Data->name(LAST_ID => $last_id)
+ )
+ );
+
+ # call server method getNewEvents
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getNewEvents", $request_data);
- # match getNewEvents functions response
- $response->match('/Envelope/Body/getNewEventsResponse/');
+ # parse returned SOAP data object
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
my @events;
-
- # parse returned SOAP data object
- my $i = 1;
- my $response_data = $response->valueof("[$i]");
- while (defined $response_data) {
+ my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
+ while (scalar @response_list) {
+ my $response_data = shift(@response_list);
my @event;
# parse items of one event
- $id = $response_data->{'ID'};
- $hostname = $response_data->{'HOSTNAME'};
- $service = $response_data->{'SERVICE'};
- $detected = $response_data->{'DETECTED'};
- $type = $response_data->{'TYPE'};
- $source_type = $response_data->{'SOURCE_TYPE'};
- $source = $response_data->{'SOURCE'};
- $target_proto = $response_data->{'TARGET_PROTO'};
- $target_port = $response_data->{'TARGET_PORT'};
- $attack_scale = $response_data->{'ATTACK_SCALE'};
- $note = $response_data->{'NOTE'};
- $priority = $response_data->{'PRIORITY'};
- $timeout = $response_data->{'TIMEOUT'};
+ $id = $response_data->{'ID'};
+ $hostname = $response_data->{'HOSTNAME'};
+ $service = $response_data->{'SERVICE'};
+ $detected = $response_data->{'DETECTED'};
+ $type = $response_data->{'TYPE'};
+ $source_type = $response_data->{'SOURCE_TYPE'};
+ $source = $response_data->{'SOURCE'};
+ $target_proto = $response_data->{'TARGET_PROTO'};
+ $target_port = $response_data->{'TARGET_PORT'};
+ $attack_scale = $response_data->{'ATTACK_SCALE'};
+ $note = $response_data->{'NOTE'};
+ $priority = $response_data->{'PRIORITY'};
+ $timeout = $response_data->{'TIMEOUT'};
# push new event from warden server into @events which is returned
- @event = ("$id", "$hostname", "$service", "$detected", "$type", "$source_type", "$source", "$target_proto", "$target_port", "$attack_scale", "$note", "$priority", "$timeout");
+ @event = ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
push (@events, \@event);
# set maximum received ID from current batch
if ($id > $last_id) {
$last_id = $id;
}
-
- # go to the next received event
- $i++;
- $response_data = $response->valueof("[$i]");
- }
+ } #end of while loop
# write last return ID
- if (defined $last_id) { # must be defined for first check ID
+ if (defined $last_id) { # must be defined for first check ID
open(ID, "> $id_file") || die ("Cannot open ID file $id_file: $!");
print ID $last_id;
close ID;
}
- # return event array of arrays
return @events;
+
} # End of getNewEvents
1;
diff --git a/src/warden-client/lib/WardenClientSend.pm b/src/warden-client/lib/WardenClientSend.pm
index 75d12479f23fa06c3a4b1c086d7f0084c78c04bc..0ed2df4abe9bacd8caf35e6cd931e7c8236d4f32 100755
--- a/src/warden-client/lib/WardenClientSend.pm
+++ b/src/warden-client/lib/WardenClientSend.pm
@@ -4,7 +4,7 @@
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
-# Jan SOUKAL <soukal@ics.muni.cz>
+# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@@ -35,11 +35,11 @@ package WardenClientSend;
use strict;
use SOAP::Lite;
-#use SOAP::Lite 'trace', 'debug';
use IO::Socket::SSL qw(debug1);
-#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
-our $VERSION = "1.1";
+
+our $VERSION = "1.3"; #first iteration after 'port to Apache'
+
#-------------------------------------------------------------------------------
# errMsg - print error message and die
@@ -56,31 +56,35 @@ sub errMsg
#-------------------------------------------------------------------------------
sub c2s
{
- my $uri = shift;
+ my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
- my $ssl_ca_file = shift;
- my $method = shift;
- my $data = shift;
+ my $ssl_ca_file = shift;
+ my $method = shift;
+ my $data = shift;
- my $client;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
- if (!($client = SOAP::Transport::HTTP::Client->new(
-))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
- $client->ssl_opts( verify_hostname => 1,
- SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
+
+ my $client;
+ if (!($client = SOAP::Transport::HTTP::Client->new())) {
+ errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
+ }
+ $client->ssl_opts(verify_hostname => 1,
+ SSL_use_cert => 1,
+ SSL_verify_mode => 0x02,
+ SSL_key_file => $ssl_key_file,
+ SSL_cert_file => $ssl_cert_file,
+ SSL_ca_file => $ssl_ca_file);
+
# setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method, $data);
-
-# setting of TCP URI and send serialized SOAP envelope and data
- my $tcp_uri = "https://$server:$port/$service";
- my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
+
+ # setting of TCP URI and send serialized SOAP envelope and data
+ my $server_uri = "https://$server:$port/$service";
+
+ my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
# check server response
if (!defined $result) {
@@ -111,33 +115,35 @@ sub saveNewEvent
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenClientConf::loadConf($conf_file);
# prepare variables of event
- my @event = @{$event_ref};
- my $service = $event[0];
- my $detected = $event[1];
- my $type = $event[2];
- my $source_type = $event[3];
- my $source = $event[4];
+ my @event = @{$event_ref};
+ my $service = $event[0];
+ my $detected = $event[1];
+ my $type = $event[2];
+ my $source_type = $event[3];
+ my $source = $event[4];
my $target_proto = $event[5];
- my $target_port = $event[6];
+ my $target_port = $event[6];
my $attack_scale = $event[7];
- my $note = $event[8];
- my $priority = $event[9];
- my $timeout = $event[10];
+ my $note = $event[8];
+ my $priority = $event[9];
+ my $timeout = $event[10];
# create SOAP data object
- my $event = SOAP::Data->name(event => \SOAP::Data->value(
- SOAP::Data->name(SERVICE => $service),
- SOAP::Data->name(DETECTED => $detected),
- SOAP::Data->name(TYPE => $type),
- SOAP::Data->name(SOURCE_TYPE => $source_type),
- SOAP::Data->name(SOURCE => $source),
- SOAP::Data->name(TARGET_PROTO => $target_proto),
- SOAP::Data->name(TARGET_PORT => $target_port),
- SOAP::Data->name(ATTACK_SCALE => $attack_scale),
- SOAP::Data->name(NOTE => $note),
- SOAP::Data->name(PRIORITY => $priority),
- SOAP::Data->name(TIMEOUT => $timeout)
- ));
+ my $event = SOAP::Data->name(
+ event => \SOAP::Data->value(
+ SOAP::Data->name(SERVICE => $service),
+ SOAP::Data->name(DETECTED => $detected),
+ SOAP::Data->name(TYPE => $type),
+ SOAP::Data->name(SOURCE_TYPE => $source_type),
+ SOAP::Data->name(SOURCE => $source),
+ SOAP::Data->name(TARGET_PROTO => $target_proto),
+ SOAP::Data->name(TARGET_PORT => $target_port),
+ SOAP::Data->name(ATTACK_SCALE => $attack_scale),
+ SOAP::Data->name(NOTE => $note),
+ SOAP::Data->name(PRIORITY => $priority),
+ SOAP::Data->name(TIMEOUT => $timeout)
+ )
+ );
my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "saveNewEvent", $event);
$result ? return 1 : return 0;