pridano propojeni tabulek events a clients pomoci noveho sloupce client_id v tabulce events

c0d240b1 · Tomáš Plesník · 5d91e61c · c0d240b1 · c0d240b1 · c0d240b1
Commit c0d240b1 authored 11 years ago by Tomáš Plesník
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -200,7 +200,9 @@ if (!defined $clients_sum_invalid) {
 # Statistics of active registered senders
 my $hash_ref;
 if ($clients_sum != 0) {
-  $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+#  $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.client_id=clients.client_id) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+
  $sth->execute or die "Cannot execute statement: " . $sth->errstr;
  my ($client_id, $hostname, $service, $count, $timestamp, $client_status);
  $hash_ref = $sth->fetchall_hashref("client_id");

--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -122,8 +122,8 @@ if (!defined $id) {
    $sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
    my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
    if ($ret_val == 1) {
-      $sth = $dbh->prepare("UPDATE events SET valid = 'o' where hostname = ? AND service = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
-      $sth->execute($hostname, $service) or die "Cannot execute statement: " . $sth->errstr;
+      $sth = $dbh->prepare("UPDATE events SET valid = 'o' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+      $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
      # log message until after invalidate all events
      sendMsg("info", "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted and its data were invalidated from Warden server '$warden_server'");
      WardenCommon::succMsg("Unregistration of sender (#$client_id) was SUCCESSFUL!!!");

--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -108,13 +108,13 @@ sub authorizeClient

  # obtain cidr based on rigth common name and alternate names, service and client_type
  if($function_name eq 'saveNewEvent') {
-    $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
  } elsif($function_name eq 'getNewEvents') {
-    $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
  } elsif($function_name eq 'getClientInfo') {
-    $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
  } elsif($function_name eq 'getLastId') {
-    $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
 }

  # check db handler
@@ -132,18 +132,16 @@ sub authorizeClient
  }

  # obtain registration info about clients
-  my ($client_id, $an, $cidr, $receive_own, $cidr_list);
+  my ($client_id, $ip_net_client, $receive_own, $ip_net_client_list);
  my $correct_ip_source = 0;
  my %ret;
-  while(($client_id, $an, $cidr, $receive_own)  = $sth->fetchrow()) {
-    my $cidr_list = Net::CIDR::Lite->new->add($cidr);
+  while(($client_id, $ip_net_client, $receive_own)  = $sth->fetchrow()) {
+    my $ip_net_client_list = Net::CIDR::Lite->new->add($ip_net_client);

    $ret{'client_id'}	= $client_id;
-    $ret{'dns'}		= $an;
-    $ret{'cidr'}	= $cidr;
    $ret{'receive_own'} = $receive_own;

-    if ($cidr_list->bin_find($ip)) {
+    if ($ip_net_client_list->bin_find($ip)) {
      $correct_ip_source = 1;
      last;
    }
@@ -160,8 +158,8 @@ sub authorizeClient
  # check if client has IP from registered CIDR
  if (!$correct_ip_source) {
    sendMsg ("err",
-             "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access to Warden server '$ENV{'SERVER_NAME'}' from another subnet than '$ret{'cidr'}'",
-             "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet '$ret{'cidr'}'");
+             "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access to Warden server '$ENV{'SERVER_NAME'}' from another subnet than '$ip_net_client'",
+             "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet '$ip_net_client'");
    return undef;
  }

@@ -180,7 +178,7 @@ sub authorizeClient
 sub saveNewEvent
 {
  my ($class, $data) = @_;
-  my ($sth, $cidr_list);
+  my $sth;

  # client network information
  my $cn	= $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -254,13 +252,13 @@ sub saveNewEvent
              undef);
    }

-    $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
+    $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
    if (!defined $sth) {
      sendMsg("err",
              "Cannot prepare statement in function '$function_name': $DBH->errstr",
 	      "Internal 'prepare' server error");
    }
-    $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
+    $sth->execute(undef, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid, $client{'client_id'});
    return 1;
  }
 } # END of saveNewEvent
@@ -272,8 +270,8 @@ sub saveNewEvent
 sub getNewEvents
 {
  my ($class, $data) = @_;
-  my ($sth, @events, $event, @ids, $cidr_list);
-  my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
+  my ($sth, @events, $event, @ids);
+  my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $client_id);

  # client network information
  my $cn	= $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -340,21 +338,25 @@ sub getNewEvents
      }
    }

-    # parse items of events stored in DB
+    # obtain items of events stored in events table
    while (my @result = $sth->fetchrow()) {
      $id 		= $result[0];
-      $hostname		= $result[1];
-      $service		= $result[2];
-      $detected 	= $result[3];
-      $type 		= $result[5];
-      $source_type 	= $result[6];
-      $source	 	= $result[7];
-      $target_proto	= $result[8];
-      $target_port 	= $result[9];
-      $attack_scale	= $result[10];
-      $note 		= $result[11];
-      $priority 	= $result[12];
-      $timeout	 	= $result[13];
+      $detected 	= $result[1];
+      $type 		= $result[3];
+      $source_type 	= $result[4];
+      $source	 	= $result[5];
+      $target_proto	= $result[6];
+      $target_port 	= $result[7];
+      $attack_scale	= $result[8];
+      $note 		= $result[9];
+      $priority 	= $result[10];
+      $timeout	 	= $result[11];
+      $client_id        = $result[13];
+
+      # obtain hostname and service of events based on client_id from clients table
+      $sth = $DBH->prepare("SELECT hostname, service FROM clients WHERE client_id = ?;");
+      $sth->execute($client_id);
+      ($hostname, $service) = $sth->fetchrow();

      # create SOAP data object
      $event = SOAP::Data->name(event => \SOAP::Data->value(
@@ -447,7 +449,7 @@ sub getClientInfo

  my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
  if (defined %client) {
-    my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
+    my $sth = $DBH->prepare("SELECT * FROM clients WHERE valid = 't' ORDER BY client_id ASC;");
    if (!defined $sth) {
      sendMsg("err",
            "Cannot prepare statement in function '$function_name': $DBH->errstr",