Merge remote branch 'origin/master' into wardenweb

src/warden-server/doc/warden.mysql

@@ -33,7 +33,7 @@ SET character_set_client = utf8;
 CREATE TABLE `clients` (
   `client_id` int(11) NOT NULL auto_increment,
   `hostname` varchar(256) default NULL,
-  `registered` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
+  `registered` timestamp NOT NULL default '0000-00-00 00:00:00',
   `requestor` varchar(256) default NULL,
   `service` varchar(64) default NULL,
   `client_type` varchar(1) default NULL,
@@ -56,17 +56,17 @@ CREATE TABLE `events` (
   `id` int(11) NOT NULL auto_increment,
   `hostname` varchar(256) default NULL,
   `service` varchar(64) default NULL,
-  `detected` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
+  `detected` timestamp NOT NULL default '0000-00-00 00:00:00',
   `received` timestamp NOT NULL default '0000-00-00 00:00:00',
   `type` varchar(64) default NULL,
   `source_type` varchar(64) default NULL,
   `source` varchar(256) default NULL,
   `target_proto` varchar(16) default NULL,
-  `target_port` int(2) default NULL,
-  `attack_scale` int(4) default NULL,
+  `target_port` int(2) unsigned default NULL,
+  `attack_scale` int(4) unsigned default NULL,
   `note` text,
-  `priority` int(1) default NULL,
-  `timeout` int(2) default NULL,
+  `priority` int(1) unsigned default NULL,
+  `timeout` int(2) unsigned default NULL,
   `valid` varchar(1) default NULL,
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;

src/warden-server/doc/warden20to21.patch

+ALTER TABLE  `clients` CHANGE  `registered`  `registered` TIMESTAMP NOT NULL DEFAULT  '0000-00-00 00:00:00';
+
+ALTER TABLE  `events` 
+CHANGE  `detected`  `detected` TIMESTAMP NOT NULL DEFAULT  '0000-00-00 00:00:00',
+CHANGE  `target_port`  `target_port` INT( 2 ) UNSIGNED DEFAULT NULL ,
+CHANGE  `attack_scale`  `attack_scale` INT( 4 ) UNSIGNED DEFAULT NULL ,
+CHANGE  `priority`  `priority` INT( 1 ) UNSIGNED DEFAULT NULL ,
+CHANGE  `timeout`  `timeout` INT( 2 ) UNSIGNED DEFAULT NULL;

src/warden-server/etc/package_version

-warden-server-2.0.0
+warden-server-2.1

src/warden-server/etc/warden-apache.conf

@@ -11,7 +11,7 @@ SSLOptions +StdEnvVars +ExportCertData
 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 
 SSLCertificateFile    /etc/ssl/certs/warden-dev.cesnet.cz.pem
-SSLCertificateKeyFile /opt/warden-client/etc/warden-dev.cesnet.cz.key
+SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key
 SSLCACertificateFile  /etc/ssl/certs/tcs-ca-bundle.pem
 
 PerlOptions +Parent

src/warden-server/etc/warden-server.conf

@@ -5,30 +5,53 @@
 #-------------------------------------------------------------------------------
 # BASEDIR - base directory of Warden server
 #-------------------------------------------------------------------------------
-$BASEDIR = "/opt/warden-server";
+$BASEDIR = '/opt/warden-server';
 
 #-------------------------------------------------------------------------------
-# FACILITY - syslog facility
+# SYSLOG - enable/disable syslog logging
 #-------------------------------------------------------------------------------
-$FACILITY = "local7";
+$SYSLOG	= 1;
 
 #-------------------------------------------------------------------------------
-# DB_NAME - database name of Warden server
+# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
 #-------------------------------------------------------------------------------
-$DB_NAME = "warden";
+$SYSLOG_VERBOSE = 1;
 
 #-------------------------------------------------------------------------------
-# DB_USER - user of Warden server database
+# SYSLOG_FACILITY - syslog facility
 #-------------------------------------------------------------------------------
-$DB_USER = "root";
+$SYSLOG_FACILITY = 'local7';
 
 #-------------------------------------------------------------------------------
-# DB_PASS - password of Warden server database
+# DB_NAME - MySQL database name of Warden server
 #-------------------------------------------------------------------------------
-$DB_PASS = "";
+$DB_NAME = 'warden';
 
 #-------------------------------------------------------------------------------
-# DB_HOST - what IP address to listen on of Warden server
+# DB_USER - MySQL database user of Warden server
 #-------------------------------------------------------------------------------
-$DB_HOST = "localhost";
+$DB_USER = 'root';
 
+#-------------------------------------------------------------------------------
+# DB_PASS - MySQL database password of Warden server
+#-------------------------------------------------------------------------------
+$DB_PASS = '';
+
+#-------------------------------------------------------------------------------
+# DB_HOST - MySQL database host
+#-------------------------------------------------------------------------------
+$DB_HOST = 'localhost';
+
+#-------------------------------------------------------------------------------
+# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
+#                    delivered to one client in one batch
+#-------------------------------------------------------------------------------
+$MAX_EVENTS_LIMIT = '1000000';
+
+#-------------------------------------------------------------------------------
+# VALID_STRINGS - validation hash containing allowed event attributes
+#-------------------------------------------------------------------------------
+%VALID_STRINGS = (
+  'type'	=> ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
+  'source_type'	=> ['IP', 'URL', 'Reply-To:']
+);

src/warden-server/lib/Warden.t

+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use DBI;
+use DBD::mysql;
+use Data::Dumper;
+
+use Test::More tests => 18;
+use Test::MockModule;
+use Test::Exception;
+
+use lib '..';
+use Warden;
+
+# Fake $ENV values
+BEGIN {
+  $ENV{'SSL_CLIENT_S_DN_CN'} = 'warden-dev.cesnet.cz';
+  $ENV{'SSL_CLIENT_CERT'}    = '-----BEGIN CERTIFICATE-----
+MIIEZzCCA0+gAwIBAgIRAKV1flST9dLTKDnQZsgWFmQwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0xMTA4MTgwMDAwMDBaFw0xMzA4MTcyMzU5NTlaMD0xCzAJBgNV
+BAYTAkNaMQ8wDQYDVQQKEwZDRVNORVQxHTAbBgNVBAMTFHdhcmRlbi1kZXYuY2Vz
+bmV0LmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIzyexCL/CB6
+COj691JLEWYEVkBLhROqbENk0ka/LbTtS5oNS3WDJVOK7aoHO3yluAdg1VocfFeY
+hTgZGAzC82IuNLc+873XTfO2bzotbJL31CBUwpz2QhEAjGgjdvSx++VZAlbDKIa7
+RnRcp9AsxPgqlUokVZbmR55sRO7QPaFqBUO061rj56uKzZocXy9RB+vVBQFUR5CF
+GKOJhsiRU3GtHpEshKpOGX6jiC5OkUkcVr61Fb4BgKPFFptiiuwTuHUM40PLAdC/
+B2lWdt4qPZqeiDFOVAQJH2tpi0Bhn2dmS1ttU76qpfP4RCPXZFxdxqxWgMjGq7Fp
+ON3G3ySb3QIDAQABo4IBZzCCAWMwHwYDVR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH
+6pDjue0wHQYDVR0OBBYEFMfGqZzdRFP42/ewN/5kPQoI83hxMA4GA1UdDwEB/wQE
+AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQzMDEwL6AtoCuGKWh0
+dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUF
+BwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3MudGVyZW5hLm9yZy9U
+RVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJl
+bmEub3JnMB8GA1UdEQQYMBaCFHdhcmRlbi1kZXYuY2VzbmV0LmN6MA0GCSqGSIb3
+DQEBBQUAA4IBAQC/mZ2bKGj4ysHVB4q/skhYXMiTYBmVD7G7X434YIg70VDBM5IJ
+efNNfx8HNdCprboX5PSPCpxl9n3TPARnEO2cm7XvVvt+wkdjNOys8z7a2DIPaeJ+
+An3sIPzWUtm85UxujghIJ9nPh1ovZ75cQ2HF5C79qCyKzHtfP77Kq61Nm2Ay4aTq
+gWyjFAPRjnB9fczhjdzntVRdjUFVq8z4ifq3Lv+hbN6aOjhfKRt8Ksr3IFlfKJdy
+0sE0lEZdjG+O8rsuHCT/c+90IvGsG5JLT5SPJIxwQ1+fPJDfB37VWmUC9meSe7rt
+iP0EQsnY1ytKuyUylJl0FiF/wG3rB8N7qlua
+-----END CERTIFICATE-----';
+  $ENV{'REMOTE_ADDR'}        = '195.113.161.39';
+  $ENV{'SERVER_NAME'}        = 'warden-dev.cesnet.cz';
+  $ENV{'SERVER_ADDR'}        = '195.113.161.39';
+  $ENV{'SERVER_PORT'}        = '443';
+
+  $Warden::MAX_EVENTS_LIMIT = "1000001";
+  %Warden::VALID_STRINGS = (
+        'type'          => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
+        'source_type'   => ['IP', 'URL', 'Reply-To:']);
+
+  my $correctDBH = DBI->connect("DBI:mysql:database=warden;host=localhost", "root", "w4rd3n&r00t", {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBI::errstr";
+
+  my $failDBH;
+
+  $Warden::DBH = $correctDBH;
+}
+
+
+my $ret;
+
+# Alternate names test
+print "GetAltNames test\n"; 
+
+# 1
+#$alt_names, $ip, $service_type, $client_type, $function_name
+lives_and( sub{ is Warden::getAltNames("warden-dev.cesnet.cz","195.113.161.39","honeyscan","s","someEvent"), "'warden-dev.cesnet.cz','warden-dev.cesnet.cz'"}, 'everything is OK.');
+#print "$@\n";
+
+# Client authorizaton test
+print "AuthorizeClient tests\n";
+
+# 2
+dies_ok( sub{ Warden::authorizeClient("'warden-dev.cesnet.cz','warden-dev.cesnet.cz'","195.113.161.39","honeyscan","s","badAndUglyEvent") }, 'badAndUglyEvent: die (doesn\'t exist)' );
+#print "$@\n";
+
+# 3
+dies_ok( sub{ Warden::authorizeClient("'warden-dev.cesnet.cz','warden-dev.cesnet.cz'","195.113.161.222","badType","s","saveNewEvent")}, 'saveNewEvent: client is not registered');
+#print "$@\n";
+
+# 4
+dies_ok( sub{ Warden::authorizeClient("'warden-dev.cesnet.cz','warden-dev.cesnet.cz'","195.113.161.222","badType","s","getNewEvents")}, 'getNewEvents: client is not registered');
+#print "$@\n";
+
+# 5
+lives_and( sub{ is Warden::authorizeClient("'warden-dev.cesnet.cz','warden-dev.cesnet.cz'","195.113.161.39","honeyscan","s","saveNewEvent"), '3/8'}, 'saveNewEvent: OK.');
+#print "$@\n";
+
+# 6
+lives_and( sub{ is Warden::authorizeClient("'warden-dev.cesnet.cz','warden-dev.cesnet.cz'","195.113.161.39","any","r","getNewEvents"), '3/8'}, 'getNewEvents: OK.');
+#print "$@\n";
+
+# Save event test
+print "SaveNewEvent tests\n";
+# TODO: run database and SELECT error checks
+my %event = ('TYPE' => 'badType', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'bad type');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'BADTYPE', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'bad source type.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => 'XXXX-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'bad date format.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => 'XXX', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'port is not a number.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => 'XXX', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'attack scale is not a number.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => 'XXX', 'TIMEOUT' => '20');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'priority is not a number.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => 'XXX');
+dies_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'timeout is not a number.');
+
+%event = ('TYPE' => 'test', 'DETECTED' => '2012-09-18T06:06:06+01:00', 'SERVICE' => 'test', 'SOURCE_TYPE' => 'IP', 'SOURCE' => '123.123.123.123', 'TARGET_PROTO' => 'TCP', 'TARGET_PORT' => '22', 'ATTACK_SCALE' => '1234567890', 'NOTE' => 'Unit testing event', 'PRIORITY' => '1', 'TIMEOUT' => '20');
+lives_ok( sub{ $ret = Warden::saveNewEvent("test", \%event)}, 'everything is fine.');
+
+# Get new event
+print "GetNewEvents tests\n";
+# TODO: run database and SELECT error checks
+# dies_ok {Warden::getNewEvents()} 'Cannot work with the database.';
+my %getEventHash = ('REQUESTED_TYPE' => 'any', 'LAST_ID' => '1', 'MAX_RCV_EVENTS_LIMIT' => '10');
+lives_ok( sub{ Warden::getNewEvents("test",\%getEventHash)}, 'everything is fine.');
+
+# Get last ID test
+print "GetLastId test\n";
+# TODO: run database and SELECT error checks
+lives_ok( sub{Warden::getLastId() =~ /^\d+$/}, 'getLastID is OK.');
+
+# Get clients test
+print "GetClients\n";
+# TODO: run database and SELECT error checks
+lives_ok( sub{ Warden::getClients()}, 'everything is fine.');
+
+print "GetStatus\n";
+# run database and SELECT error checks
+lives_ok( sub{ Warden::getStatus()}, 'everything is fine.');
+

src/warden-server/lib/WardenConf.pm

@@ -25,15 +25,11 @@ sub loadConf
   our $SSL_CERT_FILE 	= undef;
   our $SSL_CA_FILE 	= undef;
 
-  # read config file
-  if ( ! open( TMP, $conf_file) ) {
-    die "Can't read config file '$conf_file': $!\n";
-  }
-  close TMP;
-
   # load set variables by user
-  if ( !do $conf_file ) {
-    die("Errors in config file '$conf_file': $@");
+  unless (do $conf_file) {
+    die("Errors in config file '$conf_file': $@") if $@;
+    die("Can't read config file '$conf_file': $!") unless defined $_;
+    # if $_ defined, it's retvalue of last statement of conf, for which we don't care
   }
 
   return ($URI, $SSL_KEY_FILE, $SSL_CERT_FILE, $SSL_CA_FILE);

src/warden-server/lib/WardenReg.pm

@@ -43,7 +43,7 @@ sub c2s
   if (!($client = SOAP::Transport::HTTP::Client->new())) {
     errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
   }
-  $client->timeout(60);
+  $client->timeout(10);
   $client->ssl_opts(    verify_hostname     => 1,
                         SSL_use_cert        => 1,
                         SSL_verify_mode     => 0x02,

src/warden-server/lib/WardenStatus.pm

@@ -43,7 +43,7 @@ sub c2s
   if (!($client = SOAP::Transport::HTTP::Client->new())) {
     errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
   }
-  $client->timeout(60);
+  $client->timeout(10);
   $client->ssl_opts(verify_hostname     => 1,
                     SSL_use_cert        => 1,
                     SSL_verify_mode     => 0x02,
@@ -146,7 +146,9 @@ sub getStatus
   my $db_name			= $response_data->{'DB_NAME'};
   my $db_user			= $response_data->{'DB_USER'};
   my $db_host			= $response_data->{'DB_HOST'};
-  my $facility			= $response_data->{'FACILITY'};
+  my $syslog			= $response_data->{'SYSLOG'};
+  my $syslog_verbose		= $response_data->{'SYSLOG_VERBOSE'};
+  my $syslog_facility		= $response_data->{'SYSLOG_FACILITY'};
   my $db_size			= $response_data->{'DB_SIZE'};
   my $events_sum		= $response_data->{'EVENTS_SUM'};
   my $events_last_id		= $response_data->{'EVENTS_LAST_ID'};
@@ -154,7 +156,7 @@ sub getStatus
   my $events_last_timestamp	= $response_data->{'EVENTS_LAST_TIMESTAMP'};
   my $clients_sum	 	= $response_data->{'CLIENTS_SUM'};
 
-  my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
+  my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $syslog, $syslog_verbose, $syslog_facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
   my @status;
   push(@status, \@server_status);
 

src/warden-server/sh/create_tables.sh

-#!/bin/bash
-
-# Pri pouziti Apache + mod_perl se tento soubor nepouziva
-
-#
-# create_table.sh
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s):    Tomas PLESNIK   <plesnik@ics.muni.cz>
-#               Jan SOUKAL      <soukal@ics.muni.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#    this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
-
-VERSION="0.1"
-
-sqlite=`which sqlite3`
-db_file=$1
-
-# create table events
-$sqlite $db_file  "CREATE TABLE events (id INTEGER PRIMARY KEY, hostname VARCHAR(256), service VARCHAR(64), detected TIMESTAMP, received TIMESTAMP, type VARCHAR(64), source_type VARCHAR(64), source VARCHAR(256), target_proto VARCHAR(16), target_port INT(2), attack_scale INT(4), note TEXT, priority INT(1), timeout INT(2), valid VARCHAR(1));"
-
-# create table clients
-$sqlite $db_file  "CREATE TABLE clients (client_id INTEGER PRIMARY KEY, hostname VARCHAR(256), registered TIMESTAMP, requestor VARCHAR(256), service VARCHAR(64), client_type VARCHAR(1), type VARCHAR(64), receive_own_events VARCHAR(1), description_tags VARCHAR(256), ip_net_client VARCHAR(256));"
-
-exit 0

src/warden-server/sh/install.sh

@@ -3,35 +3,11 @@
 # install.sh
 #
 # Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): 	Tomas PLESNIK 	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#     this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
 
-VERSION="0.2"
+VERSION="2.1"
 
 #-------------------------------------------------------------------------------
 #				FUNCTIONS
@@ -86,26 +62,6 @@ err_clean()
 }
 
 
-os_chck()
-{
-	OS=`uname`
-	if [ "$OS" != "Linux" ]; then
-		echo "Sorry, unsupported operating system detected - \"${OS}\"!"
-		exit 1
-	fi
-}
-
-
-shell_chck()
-{
-	SHELL=`echo $SHELL`
-	if [ "$SHELL" != "/bin/bash" ]; then
-		echo "Sorry, this script is usable in Bourne Again Shell (bash) only!"
-		exit 1
-	fi
-}
-
-
 root_chck()
 {
 	if [ $UID -ne 0 ]; then
@@ -176,19 +132,13 @@ modules_chck()
 
 make_warden_dir()
 {
-	echo -n "Creating warden server directory ... "
-	test -d ${prefix} || mkdir -p ${prefix}	
-	if cp -R $dirname/warden-server $prefix 2> $err; then
+	echo -n "Creating Warden server directory ... "
+	test -d $prefix || mkdir -p $prefix
+	if cp -R ${dirname}/warden-server $prefix 2> $err; then
 		echo "OK"
 	else
 		err_clean
 	fi
-
-	files=(CHANGELOG INSTALL LICENSE README)
-	for file in ${files[@]};
-	do
-		cp ${dirname}/$file $server_path/doc
-	done
 	cp ${dirname}/uninstall.sh $server_path
 }
 
@@ -218,8 +168,7 @@ make_client_conf()
 #-------------------------------------------------------------------------------
 # SSL_CA_FILE - path to CA certificate file
 #-------------------------------------------------------------------------------
-\$SSL_CA_FILE = \"${ca_file}\";
-" > $client_conf 2> $err; ret_val=`echo $?`
+\$SSL_CA_FILE = \"${ca_file}\";" > $client_conf 2> $err; ret_val=`echo $?`
 
 	if [ $ret_val -eq 0 ]; then
 		echo "OK"
@@ -242,15 +191,89 @@ make_server_conf()
 \$BASEDIR = \"${server_path}\";
 
 #-------------------------------------------------------------------------------
-# FACILITY - syslog facility
+# SYSLOG - enable/disable syslog logging
 #-------------------------------------------------------------------------------
-\$FACILITY = \"local7\";
+\$SYSLOG = 1;
 
+#-------------------------------------------------------------------------------
+# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
+#-------------------------------------------------------------------------------
+\$SYSLOG_VERBOSE = 1;
+
+#-------------------------------------------------------------------------------
+# SYSLOG_FACILITY - syslog facility
+#-------------------------------------------------------------------------------
+\$SYSLOG_FACILITY = \"local7\";
+
+#-------------------------------------------------------------------------------
+# DB_NAME - MySQL database name of Warden server
+#-------------------------------------------------------------------------------
 \$DB_NAME = \"warden\";
-\$DB_USER            = \"username\";
+
+#-------------------------------------------------------------------------------
+# DB_USER - MySQL database user of Warden server
+#-------------------------------------------------------------------------------
+\$DB_USER = \"warden\";
+
+#-------------------------------------------------------------------------------
+# DB_PASS - MySQL database password of Warden server
+#-------------------------------------------------------------------------------
 \$DB_PASS = \"\";
+
+#-------------------------------------------------------------------------------
+# DB_HOST - MySQL database host
+#-------------------------------------------------------------------------------
 \$DB_HOST = \"localhost\";
-" > $server_conf 2> $err; ret_val=`echo $?`
+
+#-------------------------------------------------------------------------------
+# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
+#                    delivered to one client in one batch
+#-------------------------------------------------------------------------------
+\$MAX_EVENTS_LIMIT = 1000000;
+
+#-------------------------------------------------------------------------------
+# VALID_STRINGS - validation hash containing allowed event attributes
+#-------------------------------------------------------------------------------
+%VALID_STRINGS = (
+  \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
+  \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
+);" > $server_conf 2> $err; ret_val=`echo $?`
+
+	if [ $ret_val -eq 0 ]; then
+		echo "OK"
+	else
+		err_clean
+	fi
+}
+
+make_apache_conf()
+{
+	echo -n "Creating Apache configuration file ... "
+	echo "#
+#
+# warden-apache.conf - configuration file for the Apache server
+#
+
+SSLEngine on
+
+SSLVerifyDepth 3
+SSLVerifyClient require
+SSLOptions +StdEnvVars +ExportCertData
+
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+
+SSLCertificateFile    $cert
+SSLCertificateKeyFile $key
+SSLCACertificateFile  $ca_file
+
+PerlOptions +Parent
+PerlSwitches -I $lib
+
+<Location /Warden>
+        SetHandler perl-script
+        PerlHandler Warden::ApacheDispatch
+        SSLOptions +StdEnvVars
+</Location>" > $apache_conf 2> $err; ret_val=`echo $?`
 
 	if [ $ret_val -eq 0 ]; then
 		echo "OK"
@@ -263,53 +286,26 @@ make_server_conf()
 changeServerPath()
 {
 	echo "Update server path ...";
-	for file in `ls -1 $bin | grep -v warden-alive | grep -v create_tables.sh | grep -v wardend`
+	for file in `ls -1 $bin`
 	do
 		echo "- update server path: ${bin}/$file"
 		perl -pi -e "s#/opt#${prefix}#" ${bin}/$file
 	done
 
-	echo "- update server path: ${apache_conf}"
-	perl -pi -e "s#/opt#${prefix}#" ${apache_conf}
-
 	echo "- update server path: ${lib}/Warden.pm"
 	perl -pi -e "s#/opt#${prefix}#" ${lib}/Warden.pm
 	
 }
 
 
-updateCertsPath()
-{
-
-	echo "- update certs path: ${apache_conf}"
-	perl -pi -e "s#server-cert.pem#${cert}#" ${apache_conf}
-	perl -pi -e "s#server-key.pem#${key}#" ${apache_conf}
-	perl -pi -e "s#ca-cert.pem#${ca_file}#" ${apache_conf}
-}
-
-#create_db()
-#{
-#	echo -n "Creating warden server database ... "
-#	$create_tables $db_file 2> $err || err_clean
-#	if chmod 600 $db_file 2> $err; then
-#		echo "OK"
-#	else
-#		err_clean
-#	fi
-#}
-
-
-
 create_symlinks()
 {
 	echo "Creating symbolic links ..."
-	for file in `ls -1 $bin | grep -v warden-alive | grep -v create_tables.sh | grep -v wardend`
+	for file in `ls -1 $bin`
 	do
 		echo "- making symlink: ${local_bin}/$file -> ${bin}/$file"
 		ln -s ${bin}/$file ${local_bin}/$file
 	done
-#	echo "- making symlink: ${bin}/wardend -> $init"
-#	ln -s ${bin}/wardend $init
 }
 
 
@@ -318,14 +314,7 @@ create_symlinks()
 #-------------------------------------------------------------------------------
 
 # list of used Perl modules
-#modules=(SOAP::Lite SOAP::Transport::TCP File::Pid POSIX DBI DBD::SQLite Format::Human::Bytes Sys::Syslog File::Basename FindBin Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL)
-modules=(DBI DBD::mysql Format::Human::Bytes Sys::Syslog File::Basename FindBin Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL MIME::Base64 Crypt::X509)
-
-# OS test
-os_chck
-
-# Shell test
-shell_chck
+modules=(SOAP::Lite SOAP::Transport::HTTP DBI DBD::mysql Format::Human::Bytes Sys::Syslog File::Basename Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL MIME::Base64 Crypt::X509 Carp)
 
 # read input
 while getopts "d:k:c:a:Vh" options; do
@@ -348,11 +337,10 @@ params_chck
 
 # create variables
 dirname=`dirname $0`
-hostname=`hostname`
+hostname=`hostname -f`
 key_file=`basename $key`
 cert_file=`basename $cert`
 package_version=`cat ${dirname}/warden-server/etc/package_version`
-create_tables="${dirname}/warden-server/bin/create_tables.sh"
 
 [[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
 server_path="${prefix}/warden-server"
@@ -364,9 +352,8 @@ server_conf="${etc}/warden-server.conf"
 apache_conf="${etc}/warden-apache.conf"
 var="${server_path}/var"
 lib="${server_path}/lib"
-db_file="${var}/warden.db"
+doc="${server_path}/doc"
 err="/tmp/warden-err"
-init="/etc/init.d/wardend"
 
 # check if warden-server is installed
 old_package_chck
@@ -377,9 +364,6 @@ echo "------------------------- Dependencies check-in -------------------------"
 # Perl interpreter test
 perl_chck
 
-## SQLite database engine test
-#sqlite_chck
-
 # Perl modules test
 modules_chck
 
@@ -395,27 +379,27 @@ make_client_conf
 # create server configuration file
 make_server_conf
 
-## create warden server database
-#create_db
+# create Apache configuration file
+make_apache_conf
 
 #update paths in utilities
 changeServerPath
 
-#update paths in apachefile
-updateCertsPath
-
 # crate symlinks from warden server bin directory to /usr/local/bin
 create_symlinks
 
 echo
-echo "Please check client configuration file in ${client_conf}!"
-echo "Please check server configuration file in ${server_conf}!"
+echo "Please check configuration files:"
+echo " - ${client_conf}"
+echo " - ${server_conf}"
+echo " - ${apache_conf}"
 echo
 echo "Warden server directory: $server_path"
-#echo "Warden server daemon: $init [start|stop|status|restart|force-stop]"
+echo
+echo "Please follow post-installation steps in ${doc}/INSTALL!"
 echo
 echo "Installation of $package_version package was SUCCESSFUL!!!"
-
+echo
 # cleanup section
 rm -rf $err