diff --git a/packages/build-client.sh b/packages/build-client.sh
index f2f3f1db295a2f63669655d7f2f3770b857f5627..89214629983fa861fcf39926b94e488bff1f17ce 100755
--- a/packages/build-client.sh
+++ b/packages/build-client.sh
@@ -2,20 +2,18 @@
#
# build-client.sh
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
-VERSION="1.2"
+VERSION="2.2"
-#-------------------------------------------------------------------------------
-# FUNCTIONS
-#-------------------------------------------------------------------------------
err()
{
echo "FAILED!"
- cat $err
- rm -rf $err $package $tar $sig
+ echo -n "Error: " && cat "$err"
+ rm -f "$err" "$tar" "$sig"
+ rm -rf "$package"
echo
echo "Build of $package package FAILED!!!"
exit 1
@@ -26,73 +24,86 @@ err()
# MAIN
#-------------------------------------------------------------------------------
-# edit when you build new package
-version="2.2-beta"
+if [ -z "$1" ]; then
+ echo "Usage: ${0##*/} <package_version_number>"
+ echo
+ echo "Example: ${0##*/} \"2.2\""
+ exit 1
+fi
package_name="warden-client"
-package="${package_name}-${version}"
-doc="${package}/${package_name}/doc"
-etc="${package}/${package_name}/etc"
-lib="${package}/${package_name}/lib"
-var="${package}/${package_name}/var"
+package="${package_name}-$1"
+bin="${package}/bin"
+doc="${package}/doc"
+etc="${package}/etc"
+lib="${package}/lib"
+sh="${package}/sh"
tar="${package}.tar.gz"
sig="${tar}.sig"
err="/tmp/${package}-err"
# make directory structure
-echo "Building $package_name package version $version ..."
+echo "Building $package package..."
echo
echo -n "Building 'base' directory ... "
-mkdir -p $package 2> $err || err
-cp -R ../src/${package_name}/sh/* $package 2> $err || err
-cp ../src/${package_name}/doc/CHANGELOG $package 2> $err || err
-cp ../src/${package_name}/doc/INSTALL $package 2> $err || err
-cp ../src/${package_name}/doc/LICENSE $package 2> $err || err
-cp ../src/${package_name}/doc/README $package 2> $err || err
-cp ../src/${package_name}/doc/README.cesnet $package 2> $err || err
+mkdir -p "$package" 2> "$err" || err
+cp "../src/${package_name}/sh/install.sh" "$package" 2> "$err" || err
+cp "../src/${package_name}/sh/update.sh" "$package" 2> "$err" || err
+#cp "../src/${package_name}/sh/updateCommon.pm" "$package" 2> "$err" || err
+cp "../src/${package_name}/doc/INSTALL" "$package" 2> "$err" || err
+cp "../src/${package_name}/doc/README" "$package" 2> "$err" || err
+cp "../src/${package_name}/doc/UPDATE" "$package" 2> "$err" || err
echo "OK"
+echo -n "Building '${bin}' directory ... "
+mkdir -p "$bin" 2> "$err" || err
+cp -R "../src/${package_name}/bin/"* "$bin" 2> "$err" || err
+echo "OK"
echo -n "Building '${doc}' directory ... "
-mkdir -p $doc 2> $err || err
-cp -R ../src/${package_name}/doc/* $doc 2> $err || err
+mkdir -p "$doc" 2> "$err" || err
+cp -R "../src/${package_name}/doc/"* "$doc" 2> "$err" || err
echo "OK"
-
echo -n "Building '${etc}' directory ... "
-mkdir -p $etc 2> $err || err
-cp ../src/${package_name}/etc/package_version $etc 2> $err || err
+mkdir -p "$etc" 2> "$err" || err
+cp "../src/${package_name}/etc/"* "$etc" 2> "$err" || err
+rm -f "${etc}/"*.conf 2> "$err" || err
echo "OK"
-
echo -n "Building '${lib}' directory ... "
-mkdir -p $lib 2> $err || err
-cp -R ../src/${package_name}/lib/*.pm $lib 2> $err || err
+mkdir -p "$lib" 2> "$err" || err
+cp -R "../src/${package_name}/lib/"* "$lib" 2> "$err" || err
+rm -f "${lib}/"*.t 2> "$err" || err
echo "OK"
+echo -n "Building '${sh}' directory ... "
+mkdir -p "$sh" 2> "$err" || err
+cp "../src/${package_name}/sh/uninstall.sh" "$sh" 2> "$err" || err
+echo "OK"
-echo -n "Building '${var}' directory ... "
-mkdir -p $var 2> $err || err
+echo -n "Creating MANIFEST file ... "
+cd "$package" && find . -mindepth 2 -type f | grep -v tmpl | sed 's/.\///' | uniq > "doc/MANIFEST" && cd $OLDPWD || err
echo "OK"
# create tarball
echo -n "Creating $tar tarball ... "
-tar czf $tar $package 2> $err || err
+tar czf "$tar" "$package" 2> "$err" || err
echo "OK"
-# create sign of tarball
+# create sign of tarball
echo -n "Creating $sig file ... "
-sha1sum $tar > $sig 2> $err || err
+sha1sum "$tar" > "$sig" 2> "$err" || err
echo "OK"
echo
-echo "Building of $package package was SUCCESSFULL"
+echo "Building of $package package was SUCCESSFULL!!!"
# cleanup section
-rm -rf $package $err
+rm -rf "$package" "$err"
exit 0
diff --git a/packages/build-server.sh b/packages/build-server.sh
index e6a2f9103c03e1ac42ff6382c66e5407efff6c86..f84e92f31e33e450ce811a440d9d4a90ae0ac6cc 100755
--- a/packages/build-server.sh
+++ b/packages/build-server.sh
@@ -2,7 +2,7 @@
#
# build-server.sh
#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
@@ -11,7 +11,7 @@ VERSION="2.2"
err()
{
echo "FAILED!"
- cat "$err"
+ echo -n "Error: " && cat "$err"
rm -f "$err" "$tar" "$sig"
rm -rf "$package"
echo
@@ -84,7 +84,7 @@ cp "../src/${package_name}/sh/uninstall.sh" "$sh" 2> "$err" || err
echo "OK"
echo -n "Creating MANIFEST file ... "
-cd "$package" && find . -mindepth 2 -type f | sed 's/.tmpl*//' | sed 's/.\///' | uniq > "doc/MANIFEST" && cd $OLDPWD || err
+cd "$package" && find . -mindepth 2 -type f | grep -v tmpl | sed 's/.\///' | uniq > "doc/MANIFEST" && cd $OLDPWD || err
echo "OK"
diff --git a/packages/warden-server-2.2-beta4.tar.gz b/packages/warden-server-2.2-beta4.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..d2119b40f7f3ce5f66a1098559fb4180f58d1620
Binary files /dev/null and b/packages/warden-server-2.2-beta4.tar.gz differ
diff --git a/packages/warden-server-2.2-beta4.tar.gz.sig b/packages/warden-server-2.2-beta4.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000..07abbc78e4650121e0ce704b2671a49259292993
--- /dev/null
+++ b/packages/warden-server-2.2-beta4.tar.gz.sig
@@ -0,0 +1 @@
+03c3a2f95cec4b27b083e839c14d7efe5edc514f warden-server-2.2-beta4.tar.gz
diff --git a/packages/warden-server-2.2.tar.gz b/packages/warden-server-2.2.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..cc0b81295bb4d674931a57b7a34bc37e81698d4d
Binary files /dev/null and b/packages/warden-server-2.2.tar.gz differ
diff --git a/packages/warden-server-2.2.tar.gz.sig b/packages/warden-server-2.2.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000..6faf60dd9b4cdc5d14d2ca025bc6d998aa73fe92
--- /dev/null
+++ b/packages/warden-server-2.2.tar.gz.sig
@@ -0,0 +1 @@
+e445ed5a225695c14f487b9f74fd4ea8b514e2e9 warden-server-2.2.tar.gz
diff --git a/src/warden-client/doc/example-info.pl.txt b/src/warden-client/bin/info.pl
similarity index 86%
rename from src/warden-client/doc/example-info.pl.txt
rename to src/warden-client/bin/info.pl
index 3a9d29422bd2a98ab9a713eba180694b8c65e803..c466f2ed34c42b2be9e8de10e9890568da3beebf 100755
--- a/src/warden-client/doc/example-info.pl.txt
+++ b/src/warden-client/bin/info.pl
@@ -1,10 +1,14 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
+use FindBin qw($RealBin);
+FindBin::again();
#------------------------------------------------------------------------------
# Warden 2.2 Client, Info, Example
@@ -17,13 +21,12 @@ use strict;
#------------------------------------------------------------------------------
# This code should developer add into his/her application.
-# Path to warden-client directory
-my $warden_path = '/opt/warden-client/';
-
-# Inclusion of warden-client receiving functionality
-require $warden_path . '/lib/WardenClientCommon.pm';
+# Load Warden client library and use main module
+use lib "$RealBin/../lib";
+use WardenClient;
-my @clients = WardenClientCommon::getClientsInfo($warden_path) or exit 1; # receive data or exit
+# obtain information about already registered clients
+my @clients = WardenClient::getClientInfo() or exit 1; # receive data or exit
print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Registered | Requestor | Service | CT | Type | ROE | Description tags | IP Net Client |\n";
diff --git a/src/warden-client/doc/example-receiver.pl.txt b/src/warden-client/bin/receiver.pl
similarity index 85%
rename from src/warden-client/doc/example-receiver.pl.txt
rename to src/warden-client/bin/receiver.pl
index b5d1b3e366b41613db2917d6eb188ce5675a332c..f80afbeb5f1a0e87798e45b7b3bec4d5b29704a8 100755
--- a/src/warden-client/doc/example-receiver.pl.txt
+++ b/src/warden-client/bin/receiver.pl
@@ -1,10 +1,14 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
+use FindBin qw($RealBin $RealScript);
+FindBin::again();
#------------------------------------------------------------------------------
# Warden 2.2 Client, Receiver, Example
@@ -17,11 +21,9 @@ use strict;
#------------------------------------------------------------------------------
# This code should developer add into his/her application.
-# Path to warden-client directory
-my $warden_path = '/opt/warden-client/';
-
-# Inclusion of warden-client receiving functionality
-require $warden_path . '/lib/WardenClientReceive.pm';
+# Load Warden client library and use main module
+use lib "$RealBin/../lib";
+use WardenClient;
# Definition of requested event type. This attributes is also set on server
# and must not change.
@@ -35,7 +37,7 @@ print "| id | hostname | service | detected | type | source_type | source | targ
print "+------------------------------------------------------------------------------------------------------------------------------------------+\n";
# Download of new evetns from Warden server
-while (my @new_events = WardenClientReceive::getNewEvents($warden_path, $requested_type)) {
+while (my @new_events = WardenClient::getNewEvents($requested_type)) {
foreach my $event_ref (@new_events) {
my @event = @$event_ref;
print "| " . join(' | ', map { $_ || '' } @event) . " |" . "\n";
diff --git a/src/warden-client/doc/command-line-sender.pl b/src/warden-client/bin/sender-cli.pl
similarity index 60%
rename from src/warden-client/doc/command-line-sender.pl
rename to src/warden-client/bin/sender-cli.pl
index 75fce01dd9b0c5a99a47571bed8d8bab4ffc4385..46582985a0e5319ecc593dd41970eebb4ed6ea6e 100755
--- a/src/warden-client/doc/command-line-sender.pl
+++ b/src/warden-client/bin/sender-cli.pl
@@ -1,12 +1,16 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use DateTime;
use Getopt::Long;
+use FindBin qw($RealBin $RealScript);
+FindBin::again;
#-------------------------------------------------------------------------------
# Warden 2.2. Command-line Client, Sender
@@ -32,7 +36,6 @@ my $opt_a = ""; # attack scale
my $opt_n = ""; # note
# Other attributes
-my $opt_w = "../../warden-client"; # path to warden directory
my $opt_h; # display help
# Check whether mandatory fields are given. Otherwise print help and exit.
@@ -45,13 +48,10 @@ if (!GetOptions("service|s=s" => \$opt_s,
"port|r=i" => \$opt_r,
"attack-scale|a=i" => \$opt_a,
"note|n=s" => \$opt_n,
- "warden-dir|w=s" => \$opt_w,
- "help|h" => \$opt_h) ||
- !defined($opt_s) || !defined($opt_e) || !defined($opt_o) ||
+ "help|h" => \$opt_h) ||
+ !defined($opt_s) || !defined($opt_e) || !defined($opt_o) ||
$opt_h) {
- print "\nAbout command-line-sender.pl\n";
- print "\n Script is supposed to be used as a simple command-line warden client that can send one event to the warden server at a time. For more information about the Warden system and it's events' structure, please see warden-client/doc/README file.\n";
- print "\nUsage:\n\n ./command-line-sender.pl -s <service> -e <event_type> -o <source_type> [-t <timestamp_of_detection>] [-v <source>] [-p <protocol>] [-r <port>] [-a <attack_scale>] [-n <note>] [-w <warden_directory>] [-h]\n";
+ print "Usage: ./$RealScript -s <service> -e <event_type> -o <source_type> [-t <timestamp_of_detection>] [-v <source>] [-p <protocol>] [-r <port>] [-a <attack_scale>] [-n <note>] [-w <warden_directory>] [-h]\n";
print "\nArguments:\n\n";
print " -s SERVICE, --service=SERVICE - Name of detection service\n\n";
print " -e EVENT_TYPE, --event-type=EVENT_TYPE - Type of detected event\n\n";
@@ -65,31 +65,27 @@ if (!GetOptions("service|s=s" => \$opt_s,
print " -r PORT, --port=PORT - Port\n\n";
print " -a ATTACK_SCALE, --attack-scale=ATTACK_SCALE - Scale of detected event\n\n";
print " -n NOTE, --note=NOTE - Note, comment or other data\n\n";
- print " -w WARDEN_DIR, --warden-dir=WARDEN_DIR - Path to the warden-client directory. Default is \'../../warden-client\'\n\n";
print " -h, --help - Print help\n\n";
- print "\nExample #1: ./command-line-sender.pl -s PhishTracker -e webattack -o URL -v 123.123.098.098 -p TCP -r 443 -a 100 -n \"important notice\"\n";
- print "\nExample #2: ./command-line-sender.pl --service=ScanGuardian --event-type=portscan --source-type=IP --timestamp=\"2013-04-25T13:36:31\" --source-value=\"123.123.1.23\" --proto=TCP --port=25 --attack-scale=1234 --note=\"The very first run of ScanGuardian :)\" --warden-dir \"/opt/warden/warden-client\"\n";
+ print "\nExample: ./$RealScript -s PhishTracker -e webattack -o URL -v 123.123.098.098 -p TCP -r 443 -a 100 -n \"important notice\"\n";
+ print "\nExample: ./$RealScript --service=ScanGuardian --event-type=portscan --source-type=IP --timestamp=\"2013-04-25T13:36:31\" --source-value=\"123.123.1.23\" --proto=TCP --port=25 --attack-scale=1234 --note=\"The very first run of ScanGuardian :)\"\n";
- print "\nNOTE: For more information how to use particular values see warden-client/doc/README file.\n\n";
+ print "\nNOTE: For more information see <warden-client_path>/doc/README file.\n\n";
exit 0;
}
-my @event = ($opt_s, $opt_t, $opt_e, $opt_o, $opt_v,
- $opt_p, $opt_r, $opt_a, $opt_n);
+my @event = ($opt_s, $opt_t, $opt_e, $opt_o, $opt_v, $opt_p, $opt_r, $opt_a, $opt_n);
#-------------------------------------------------------------------------------
# Use of warden-client sender.
-# Path to warden-client folder
-my $warden_path = $opt_w;
-
-# Inclusion of warden-client sender module
-require $warden_path . '/lib/WardenClientSend.pm';
+# Load Warden client library and use main module
+use lib "$RealBin/../lib";
+use WardenClient;
# Sending event to Warden server
-WardenClientSend::saveNewEvent($warden_path, \@event);
+WardenClient::saveNewEvent(\@event);
exit 0;
diff --git a/src/warden-client/doc/example-sender-random.pl.txt b/src/warden-client/bin/sender-random.pl
similarity index 59%
rename from src/warden-client/doc/example-sender-random.pl.txt
rename to src/warden-client/bin/sender-random.pl
index fa15f8a5a93d914f2cb537598de6ab180f802325..fc83e490f47994ffe9252c7f5f9a06adce082fd2 100755
--- a/src/warden-client/doc/example-sender-random.pl.txt
+++ b/src/warden-client/bin/sender-random.pl
@@ -1,24 +1,21 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
-use Switch;
use strict;
+use warnings;
+
+use Switch;
use DateTime;
+use FindBin qw($RealBin);
+FindBin::again();
-my $warden_path = '/opt/warden-client';
-require $warden_path . '/lib/WardenClientSend.pm';
+use lib "$RealBin/../lib";
+use WardenClient;
my $service = "test";
-# service is needed in authorization process of the client,
-# therefore it can not be set randomly
-#switch (int(rand(3) + 0.5)) {
-# case 1 { $service = 'ScanDetector'; }
-# case 2 { $service = 'PhiGaro'; }
-# case 3 { $service = 'HoneyScan'; }
-# }
my $detected = DateTime->from_epoch(epoch => time());
@@ -35,7 +32,7 @@ switch (int(rand(10) + 0.5)) {
case 9 { $type = 'webattack'; }
case 10 { $type = 'other'; }
}
-
+
my $source_type = "";
switch (int(rand(3) + 0.5)) {
case 1 { $source_type = 'IP'; }
@@ -63,29 +60,26 @@ switch (int(rand(6) + 0.5)) {
my $attack_scale = (int(rand(100000) + 0.5) + 1000);
-my $note = "tohle je takova normalni jednoducha poznamka";
+my $note = "This is simple note only.";
+
+my $priority = undef;
-my $priority = int(rand(255) + 0.5);
-
-my $timeout = int(rand(255) + 0.5);
-
+my $timeout = undef;
my @event = (
- $service, # $service
- "$detected", # $detected
- $type, # $type
- $source_type, # $source_type
- $source, # $source
- $target_proto, # $target_proto
- $target_port, # $target_port
- $attack_scale, # $attack_scale
- $note, # $note
- $priority, # $priority
- $timeout, # $timeout
+ $service,
+ $detected,
+ $type,
+ $source_type,
+ $source,
+ $target_proto,
+ $target_port,
+ $attack_scale,
+ $note,
+ $priority,
+ $timeout,
);
-WardenClientSend::saveNewEvent($warden_path, \@event);
+WardenClient::saveNewEvent(\@event);
-#foreach (@event) {
-# print "$_\n";
-#}
+exit 0;
diff --git a/src/warden-client/doc/example-sender.pl.txt b/src/warden-client/bin/sender.pl
similarity index 82%
rename from src/warden-client/doc/example-sender.pl.txt
rename to src/warden-client/bin/sender.pl
index 75a5e6726d94463a11c6ab71bce65d0b17c92c9f..00de60332258513b8299b9132f17d498a7951cab 100755
--- a/src/warden-client/doc/example-sender.pl.txt
+++ b/src/warden-client/bin/sender.pl
@@ -1,11 +1,15 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
+use warnings;
+
use DateTime;
+use FindBin qw($RealBin);
+FindBin::again();
#-------------------------------------------------------------------------------
# Warden 2.2. Client, Sender, Example
@@ -32,8 +36,8 @@ my $target_proto = "TCP";
my $target_port = "22";
my $attack_scale = "1234567890";
my $note = "important note or comment";
-my $priority = 1;
-my $timeout = 20;
+my $priority = undef;
+my $timeout = undef;
my @event = ($service, $detected, $type, $source_type, $source,
$target_proto, $target_port, $attack_scale, $note,
@@ -44,16 +48,14 @@ my @event = ($service, $detected, $type, $source_type, $source,
# This code should developer add to his/her detection application
# (with corresponding paths appropriately changed).
-# Path to warden-client folder
-my $warden_path = '/opt/warden-client';
-
-# Inclusion of warden-client sender module
-require $warden_path . '/lib/WardenClientSend.pm';
+# load Warden client library and main module
+use lib "$RealBin/../lib";
+use WardenClient;
# Sending event to Warden server
for (my $i = 0; $i < 10; $i++) {
print "Sending $i-st event on server\n";
- WardenClientSend::saveNewEvent($warden_path, \@event);
+ WardenClient::saveNewEvent(\@event);
}
exit 0;
diff --git a/src/warden-client/doc/AUTHORS b/src/warden-client/doc/AUTHORS
index 836f0d9a222692f572df8525bc3abed999f9cd0d..6728a2670f3e7272e31138369b83746a9ee7a5a3 100644
--- a/src/warden-client/doc/AUTHORS
+++ b/src/warden-client/doc/AUTHORS
@@ -23,3 +23,8 @@ Radomir Orkac <orkac@cesnet.cz>
Daniel Studeny <Daniel.Studeny@cesnet.cz>
Pavel Vachek <Pavel.Vachek@cesnet.cz>
Martin Zadnik <izadnik@fit.vutbr.cz>
+
+
+--------------------------------------------------------------------------------
+
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/doc/CHANGELOG b/src/warden-client/doc/CHANGELOG
index e70b8163d0e953e2408634d5e8abbcd7dfcf3b23..bc36c390558f06417ebc757912191301cca0c097 100644
--- a/src/warden-client/doc/CHANGELOG
+++ b/src/warden-client/doc/CHANGELOG
@@ -1,31 +1,33 @@
-2012-12-?? v.2.2-beta version
+2015-??-?? v.2.2 stable
--------------------------------------------------------------------------------
-- Added support of connection timeout interval (#925)
-- Added new getClientInfo() function allowing the client to see (#609)
- information regarding other involved clients
-- Enhanced handling of errors. Die() functions are removed from (#599)
- the code, errors are handled using return values.
+- Added support of connection timeout interval
+- Added new getClientInfo() function allowing the client to see information
+ regarding other involved clients
+- Enhanced handling of errors. Die() functions are removed from the code, errors
+ are handled using return values.
+
2013-02-05 v.2.1 stable
------------------------
+--------------------------------------------------------------------------------
- Minor changes in documentation
+
2012-11-05 v.2.1-beta version
--------------------------------------------------------------------------------
- Added WardenClientCommon.pm package containing error-handling and
connect-to-server functions
- Installation of Warden client does not require copying of certificates
- and keys (#553)
-- Enhanced error messages (#552)
-- Reading of configuration file enhanced (#533)
+ and keys
+- Enhanced error messages
+- Reading of configuration file enhanced
- Added protection from unexpected results in XML data returned from
- server (#532)
-- Added support for error (debug) logging via STDERR and/or Syslog (#520,#522)
+ server
+- Added support for error (debug) logging via STDERR and/or Syslog
- Receiving of all types of messages now supported
-- Unexpected errors does not crush the client application (#519)
+- Unexpected errors does not crush the client application
- Maximum number of events received ($MAX_RCV_EVENTS_LIMIT) in one
- batch can be set in etc/warden-client.conf. Default is 6000. (#504)
-- Added support for batch processing (#504)
+ batch can be set in etc/warden-client.conf. Default is 6000
+- Added support for batch processing
2012-07-27 v.2.0 stable version and bugfix release of warden-client-2.0.0-beta
@@ -70,3 +72,8 @@
- Initial package of warden client
- SSL certificate authentication/authorization supported
- Automatized installation process
+
+
+--------------------------------------------------------------------------------
+
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/doc/INSTALL b/src/warden-client/doc/INSTALL
index 3c4826ce1a689f8bcda70d23d512db530b8f5dd1..4a7c7678ee4e8118a4a84e63c0f8decd04754068 100644
--- a/src/warden-client/doc/INSTALL
+++ b/src/warden-client/doc/INSTALL
@@ -1,22 +1,50 @@
Installation process
---------------------
+====================
+
+Content
+
+ A. Overview
+ B. Pre-installation step
+ C. Installation step
+ D. Post-installation steps
+
+--------------------------------------------------------------------------------
+
+A. Overview
+-----------
For installation of warden-client package on local machine use install.sh.
-
-Default destination directory is /opt/warden-client/.
-
+
For more information about install.sh options run install.sh -h.
-You must be root for running this script.
+B. Pre-installation step
+------------------------
+
+1) Install necessary packages
+
+ # aptitude install
+
+
+C. Installation step
+--------------------
+
+1) Install Warden client package (example)
+
+ $ tar xzvf warden-client-2.2.tar.gz
+ $ cd warden-client-2.2
+
+ $ ./install.sh -d /opt/warden-client -k /etc/ssl/private/client.key -c /etc/ssl/certs/client.pem -a /etc/ssl/certs/bundle.pem
+
+
+D. Post-installation steps
+--------------------------
+
+1) Warden client configuration
+
+ - configure warden-client.conf placed in <warden-client_path>/etc directory
-Uninstallation process
-----------------------
-For uninstallation of warden-client package from local machine use uninstall.sh.
-
-Default uninstallation directory is /opt/warden-client/.
-
-For more information about uninstall.sh options run uninstall.sh -h.
+--------------------------------------------------------------------------------
-You must be root for running this script.
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/doc/LICENSE b/src/warden-client/doc/LICENSE
index 637e108da406945bad1f52542e2b4306e9ba373c..98a203e0493bacf1fea857bef636826a3bd45aec 100644
--- a/src/warden-client/doc/LICENSE
+++ b/src/warden-client/doc/LICENSE
@@ -1,6 +1,6 @@
BSD License
-Copyright © 2011-2013 Cesnet z.s.p.o
+Copyright © 2011-2015 Cesnet z.s.p.o
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -25,3 +25,8 @@ OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+--------------------------------------------------------------------------------
+
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/doc/README b/src/warden-client/doc/README
index 038a9a3da8c4a2a8427ac97c1da33f719110fb0d..21eb78eadb350e1fa915a6fc046b4f8fac0df921 100644
--- a/src/warden-client/doc/README
+++ b/src/warden-client/doc/README
@@ -285,7 +285,10 @@ G. Registration
of requested events, receiving of own events, description tags and CIDR
this client is allowed to communicate from.
- Hostname hostname of client to be registered
+ Hostname Hostname of client to be registered
+
+ Requestor E-mail address of organization or authorized person
+ who demands new client registration.
Service name Text string. Unique name of the service the client
is integrated in.
diff --git a/src/warden-client/doc/README.cesnet b/src/warden-client/doc/README.cesnet
index 52cb24b056b5d4c1e82bdcf520127eaf90a8bafc..e18a83fbfc0c39e7ca1c1d4a23598f8a018cd89a 100644
--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -37,6 +37,8 @@ B. Registration
* For sender client:
- hostname of the machine, where client runs,
+ - e-mail address of organization or authorized person who demands
+ new client registration,
- client type = sender,
- name of the detection service (for example 'ScanDetector'),
- description tags of sent events (see below)
@@ -44,6 +46,8 @@ B. Registration
* For receiver client:
- hostname of the machine, where client runs,
+ - e-mail address of organization or authorized person who demands
+ new client registration,
- client type = receiver,
- whether client should receive all events, or type of requested
events (for example 'portscan', see below) otherwise
diff --git a/src/warden-client/doc/UNINSTALL b/src/warden-client/doc/UNINSTALL
new file mode 100644
index 0000000000000000000000000000000000000000..0baa9ef351fce50ee9fbdbd1d8fdef4604d61a29
--- /dev/null
+++ b/src/warden-client/doc/UNINSTALL
@@ -0,0 +1,31 @@
+Uninstallation process
+======================
+
+Content
+
+ A. Overview
+ B. Uninstallation step
+
+--------------------------------------------------------------------------------
+
+A. Overview
+-----------
+
+For uninstallation of warden-client package from local machine use uninstall.sh.
+
+For more information about uninstall.sh options run uninstall.sh -h.
+
+
+B. Uninstallation step
+----------------------
+
+Uninstall Warden client package (example)
+
+ $ cd /opt/warden-client/
+
+ $ ./uninstall.sh -d /opt/warden-client
+
+
+--------------------------------------------------------------------------------
+
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/doc/UPDATE b/src/warden-client/doc/UPDATE
new file mode 100644
index 0000000000000000000000000000000000000000..41ed345d6fcbb615d2391b7fc750f9528abfb99c
--- /dev/null
+++ b/src/warden-client/doc/UPDATE
@@ -0,0 +1,32 @@
+Update process
+==============
+
+Content
+
+ A. Overview
+ B. Update steps
+
+--------------------------------------------------------------------------------
+
+A. Overview
+-----------
+
+For update of warden-client package from local machine use update.sh.
+
+For more information about update.sh options run update.sh -h.
+
+
+B. Update steps
+---------------
+
+Update Warden client package (default destination path)
+
+ $ tar xzvf warden-client-2.2.tar.gz
+ $ cd warden-client-2.2
+
+ $ ./update.sh -d /opt/warden-client
+
+
+--------------------------------------------------------------------------------
+
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-client/etc/warden-client.conf b/src/warden-client/etc/warden-client.conf
index 8e2569380c0babcdac35cd69e6f5111b5a29d771..fb571e344a52fc4d3da3692c0fcf6bba8801cd15 100644
--- a/src/warden-client/etc/warden-client.conf
+++ b/src/warden-client/etc/warden-client.conf
@@ -1,33 +1,37 @@
#
-# warden-client.conf - configuration file for the warden sender/receiver client
+# warden-client.conf - configuration file for the Warden client
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
-$URI = "https://warden-c.cesnet.cz:443/Warden";
+$URI = "https://warden.cesnet.cz:443/Warden";
#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to client SSL certificate key file
+# SSL_KEY - path to client SSL key
#-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/opt/warden-client/etc/warden-client-key.pem";
+$SSL_KEY = "/etc/ssl/private/warden.cesnet.cz.key";
#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to client SSL certificate file
+# SSL_CERT - path to client SSL certificate
#-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/opt/warden-client/etc/warden-client-cert.pem";
+$SSL_CERT = "/etc/ssl/certs/warden.cesnet.cz.pem";
#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
+# SSL_CA_CERT - path to CA certificate
#-------------------------------------------------------------------------------
-$SSL_CA_FILE = "/opt/warden-client/etc/tcs-ca-bundle.pem";
+$SSL_CA_CERT = "/etc/ssl/certs/tcs-ca-bundle.pem";
#-------------------------------------------------------------------------------
# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
-# from the Warden server in one batch
+# from the Warden server in one batch. 6000 events
+# consumes app. 250 MB of memory
#-------------------------------------------------------------------------------
-$MAX_RCV_EVENTS_LIMIT = 6000; #consumes app. 250 MB of memory
-
+$MAX_RCV_EVENTS_LIMIT = 6000;
+
#-------------------------------------------------------------------------------
# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
# server. If your client timeouts, consider using higher
@@ -37,23 +41,21 @@ $MAX_RCV_EVENTS_LIMIT = 6000; #consumes app. 250 MB of memory
$CONNECTION_TIMEOUT = 60;
#-------------------------------------------------------------------------------
-# Log options
-#
-# LOG_STDERR, LOG_SYSLOG - hide (0) or allow (1) error reporting on STDERR
-# and/or to Syslog
-# LOG_STDERR_VERBOSE, LOG_SYSLOG_VERBOSE - print only error message without
-# a stack (0) or print debug info
-# including err. message and stack (1)
+# LOG_STDERR - enable/disable error reporting to stderr
#-------------------------------------------------------------------------------
$LOG_STDERR = 1;
-$LOG_SYSLOG = 0;
-$LOG_SYSLOG_FACILITY = "local7";
-
+#-------------------------------------------------------------------------------
+# LOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
+#-------------------------------------------------------------------------------
$LOG_VERBOSE = 1;
+#-------------------------------------------------------------------------------
+# SYSLOG - enable/disable syslog logging
+#-------------------------------------------------------------------------------
+$SYSLOG = 1;
-
-1;
-
-
+#-------------------------------------------------------------------------------
+# SYSLOG_FACILITY - syslog facility
+#-------------------------------------------------------------------------------
+$SYSLOG_FACILITY = "local7";
diff --git a/src/warden-client/etc/warden-client.conf.tmpl b/src/warden-client/etc/warden-client.conf.tmpl
new file mode 100644
index 0000000000000000000000000000000000000000..f31fe2a751f499660a7ee76cdefd9f06ae13e0d2
--- /dev/null
+++ b/src/warden-client/etc/warden-client.conf.tmpl
@@ -0,0 +1,61 @@
+#
+# warden-client.conf - configuration file for the Warden client
+#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
+#-------------------------------------------------------------------------------
+# URI - URI address of Warden server
+#-------------------------------------------------------------------------------
+$URI = "https://warden.cesnet.cz:443/Warden";
+
+#-------------------------------------------------------------------------------
+# SSL_KEY - path to client SSL key
+#-------------------------------------------------------------------------------
+$SSL_KEY = "_KEYFILE_";
+
+#-------------------------------------------------------------------------------
+# SSL_CERT - path to client SSL certificate
+#-------------------------------------------------------------------------------
+$SSL_CERT = "_CERTFILE_";
+
+#-------------------------------------------------------------------------------
+# SSL_CA_CERT - path to CA certificate
+#-------------------------------------------------------------------------------
+$SSL_CA_CERT = "_CAFILE_";
+
+#-------------------------------------------------------------------------------
+# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
+# from the Warden server in one batch. 6000 events
+# consumes app. 250 MB of memory
+#-------------------------------------------------------------------------------
+$MAX_RCV_EVENTS_LIMIT = 6000;
+
+#-------------------------------------------------------------------------------
+# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
+# server. If your client timeouts, consider using higher
+# timeout number. Also, in case of receiving clients, you
+# can optimize the MAX_RCV_EVENTS_LIMIT value.
+#-------------------------------------------------------------------------------
+$CONNECTION_TIMEOUT = 60;
+
+#-------------------------------------------------------------------------------
+# LOG_STDERR - enable/disable error reporting to stderr
+#-------------------------------------------------------------------------------
+$LOG_STDERR = 1;
+
+#-------------------------------------------------------------------------------
+# LOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
+#-------------------------------------------------------------------------------
+$LOG_VERBOSE = 1;
+
+#-------------------------------------------------------------------------------
+# SYSLOG - enable/disable syslog logging
+#-------------------------------------------------------------------------------
+$SYSLOG = 1;
+
+#-------------------------------------------------------------------------------
+# SYSLOG_FACILITY - syslog facility
+#-------------------------------------------------------------------------------
+$SYSLOG_FACILITY = "local7";
diff --git a/src/warden-client/etc/warden-client.conf.tmpl.update b/src/warden-client/etc/warden-client.conf.tmpl.update
new file mode 100644
index 0000000000000000000000000000000000000000..113b751203226ca61d1954720a38d034fb48234c
--- /dev/null
+++ b/src/warden-client/etc/warden-client.conf.tmpl.update
@@ -0,0 +1,61 @@
+#
+# warden-client.conf - configuration file for the Warden client
+#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
+#-------------------------------------------------------------------------------
+# URI - URI address of Warden server
+#-------------------------------------------------------------------------------
+$URI = "_URI_";
+
+#-------------------------------------------------------------------------------
+# SSL_KEY - path to client SSL key
+#-------------------------------------------------------------------------------
+$SSL_KEY = "_KEYFILE_";
+
+#-------------------------------------------------------------------------------
+# SSL_CERT - path to client SSL certificate
+#-------------------------------------------------------------------------------
+$SSL_CERT = "_CERTFILE_";
+
+#-------------------------------------------------------------------------------
+# SSL_CA_CERT - path to CA certificate
+#-------------------------------------------------------------------------------
+$SSL_CA_CERT = "_CAFILE_";
+
+#-------------------------------------------------------------------------------
+# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
+# from the Warden server in one batch. 6000 events
+# consumes app. 250 MB of memory
+#-------------------------------------------------------------------------------
+$MAX_RCV_EVENTS_LIMIT = _MAXRCVEVENTSLIMIT_;
+
+#-------------------------------------------------------------------------------
+# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
+# server. If your client timeouts, consider using higher
+# timeout number. Also, in case of receiving clients, you
+# can optimize the MAX_RCV_EVENTS_LIMIT value.
+#-------------------------------------------------------------------------------
+$CONNECTION_TIMEOUT = _CONNECTIONTIMEOUT_;
+
+#-------------------------------------------------------------------------------
+# LOG_STDERR - enable/disable error reporting to stderr
+#-------------------------------------------------------------------------------
+$LOG_STDERR = _LOGSTDERR_;
+
+#-------------------------------------------------------------------------------
+# LOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
+#-------------------------------------------------------------------------------
+$LOG_VERBOSE = _LOGVERBOSE_;
+
+#-------------------------------------------------------------------------------
+# SYSLOG - enable/disable syslog logging
+#-------------------------------------------------------------------------------
+$SYSLOG = _SYSLOG_;
+
+#-------------------------------------------------------------------------------
+# SYSLOG_FACILITY - syslog facility
+#-------------------------------------------------------------------------------
+$SYSLOG_FACILITY = "_SYSLOGFACILITY_";
diff --git a/src/warden-client/lib/WardenClient.pm b/src/warden-client/lib/WardenClient.pm
new file mode 100755
index 0000000000000000000000000000000000000000..4c86c0ad70eff26ba43e53c026a5e81236c95ce1
--- /dev/null
+++ b/src/warden-client/lib/WardenClient.pm
@@ -0,0 +1,217 @@
+# WardenClient.pm
+#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
+
+package WardenClient;
+
+use strict;
+use warnings;
+
+use SOAP::Lite;
+use File::Basename;
+my $lib = File::Basename::dirname(__FILE__);
+use WardenClientCommon;
+
+
+################################################################################
+# VARIABLES
+################################################################################
+our $VERSION = "2.2";
+our $VAR = "$lib/../var";
+
+
+################################################################################
+# READING OF CONFIGURATION FILE
+################################################################################
+# load server configuration
+my $etc = "$lib/../etc";
+my $conf_file = "$etc/warden-client.conf";
+WardenClientCommon::loadConf($conf_file);
+
+
+################################################################################
+# FUNCTIONS
+################################################################################
+
+
+#-------------------------------------------------------------------------------
+# saveNewEvent - send new event from detection scripts to warden server
+#-------------------------------------------------------------------------------
+sub saveNewEvent
+{
+ my $event_ref = shift;
+
+ # prepare variables of event
+ my @event = @{$event_ref};
+ my $service = $event[0];
+ my $detected = $event[1];
+ my $type = $event[2];
+ my $source_type = $event[3];
+ my $source = $event[4];
+ my $target_proto = $event[5];
+ my $target_port = $event[6];
+ my $attack_scale = $event[7];
+ my $note = $event[8];
+ my $priority = $event[9];
+ my $timeout = $event[10];
+
+ # Issue #596 - Should be removed in Warden client 3.0.
+ # check if obsolete event attribute 'Priority' is used
+ if ((defined $priority) && ($priority >= 0)) {
+ WardenClientCommon::errMsg("Event attribute 'Priority' is now obsolete and will be removed in Warden client v.3.0", "warn");
+ }
+ # check if obsolete event attribute 'Timeout' is used
+ if ((defined $timeout) && ($timeout >= 0)) {
+ WardenClientCommon::errMsg("Event attribute 'Timeout' is now obsolete and will be removed in Warden client v.3.0", "warn");
+ }
+ # end of Issue #596
+
+ # create SOAP data object
+ my $event;
+ eval {
+ $event = SOAP::Data->name(
+ event => \SOAP::Data->value(
+ SOAP::Data->name(SERVICE => $service),
+ SOAP::Data->name(DETECTED => $detected),
+ SOAP::Data->name(TYPE => $type),
+ SOAP::Data->name(SOURCE_TYPE => $source_type),
+ SOAP::Data->name(SOURCE => $source),
+ SOAP::Data->name(TARGET_PROTO => $target_proto),
+ SOAP::Data->name(TARGET_PORT => $target_port),
+ SOAP::Data->name(ATTACK_SCALE => $attack_scale),
+ SOAP::Data->name(NOTE => $note),
+ SOAP::Data->name(PRIORITY => $priority),
+ SOAP::Data->name(TIMEOUT => $timeout)
+ )
+ );
+ } or WardenClientCommon::errMsg("Error when creating SOAP data object: " . $@);
+
+ my $result = WardenClientCommon::c2s("saveNewEvent", $event);
+
+ defined $result ? return 1 : return 0;
+
+} # End of saveNewEvent
+
+
+#-------------------------------------------------------------------------------
+# getNewEvents - get new events from warden server greater than last received ID
+#-------------------------------------------------------------------------------
+sub getNewEvents
+{
+ my $requested_type = shift;
+
+ # set name of ID file based on caller name (each client application)
+ my ($caller_name) = ($FindBin::Script =~ /^(.*)$/); # untaint
+ my $id_file = $VAR . $caller_name . "-". ($requested_type || "any") . ".id";
+
+ # get last event ID
+ my $last_id;
+ if (-e $id_file) { # get ID from ID file
+ open(FILE, "< $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
+ foreach(<FILE>) {
+ $last_id = $_;
+ }
+ close FILE;
+ } else { # get ID from Warden server database and print it into the ID file
+ my $response = WardenClientCommon::c2s("getLastId");
+ defined $response or return;
+ $last_id = $response->result;
+ open(FILE, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
+ print FILE $last_id;
+ close FILE;
+ }
+
+ # prepare SOAP data object for Warden server
+ my $request_data;
+ eval {
+ $request_data = SOAP::Data->name(
+ request => \SOAP::Data->value(
+ SOAP::Data->name(REQUESTED_TYPE => $requested_type),
+ SOAP::Data->name(LAST_ID => $last_id),
+ SOAP::Data->name(MAX_RCV_EVENTS_LIMIT => $WardenClientCommon::MAX_RCV_EVENTS_LIMIT)
+ )
+ )
+ } or return WardenClientCommon::errMsg('Unknown error when creating SOAP data object, ' . $@);
+
+ # call server method getNewEvents
+ my $response = WardenClientCommon::c2s("getNewEvents", $request_data);
+ defined $response or return;
+
+ # parse server response (SOAP data object)
+ my @events;
+ my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
+ my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
+ while (scalar @response_list) {
+ my $response_data = shift(@response_list);
+ my @event;
+
+ $id = $response_data->{'ID'};
+ $hostname = $response_data->{'HOSTNAME'};
+ $service = $response_data->{'SERVICE'};
+ $detected = $response_data->{'DETECTED'};
+ $type = $response_data->{'TYPE'};
+ $source_type = $response_data->{'SOURCE_TYPE'};
+ $source = $response_data->{'SOURCE'};
+ $target_proto = $response_data->{'TARGET_PROTO'};
+ $target_port = $response_data->{'TARGET_PORT'};
+ $attack_scale = $response_data->{'ATTACK_SCALE'};
+ $note = $response_data->{'NOTE'};
+ $priority = $response_data->{'PRIORITY'};
+ $timeout = $response_data->{'TIMEOUT'};
+
+ @event = ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
+ push (@events, \@event);
+
+ # set maximum received ID from current batch
+ if ($id > $last_id) {
+ $last_id = $id;
+ }
+ }
+
+ # print last returned event ID into ID file
+ if (defined $last_id) {
+ open(FILE, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
+ print FILE $last_id;
+ close FILE;
+ }
+
+ return @events;
+} # End of getNewEvents
+
+
+#-------------------------------------------------------------------------------
+# getClientInfo - retrieve information about other clients from Warden server
+#-------------------------------------------------------------------------------
+sub getClientInfo
+{
+ # obtain information about clients on Warden server
+ my $response = WardenClientCommon::c2s("getClientInfo");
+ defined $response or return; # receive data or return undef
+
+ # parse server response (SOAP data object)
+ my @clients;
+ my @response_list = $response->valueof('/Envelope/Body/getClientInfoResponse/client/');
+ while (scalar @response_list) {
+ my $response_data = shift(@response_list);
+ my %client;
+
+ $client{'client_id'} = $response_data->{'CLIENT_ID'} ;
+ $client{'hostname'} = $response_data->{'HOSTNAME'};
+ $client{'registered'} = $response_data->{'REGISTERED'};
+ $client{'requestor'} = $response_data->{'REQUESTOR'};
+ $client{'service'} = $response_data->{'SERVICE'};
+ $client{'client_type'} = $response_data->{'CLIENT_TYPE'};
+ $client{'type'} = $response_data->{'TYPE'};
+ $client{'receive_own_events'} = $response_data->{'RECEIVE_OWN_EVENTS'};
+ $client{'description_tags'} = $response_data->{'DESCRIPTION_TAGS'};
+ $client{'ip_net_client'} = $response_data->{'IP_NET_CLIENT'};
+
+ push (@clients,\%client);
+ }
+
+ return @clients;
+} # End of getClientInfo
+
+1;
diff --git a/src/warden-client/lib/WardenClientCommon.pm b/src/warden-client/lib/WardenClientCommon.pm
index 2f4f64c72b13e639515dc485fc3c674c44ec2328..03775b6df7c6213ce693420192b186e90f2008d7 100755
--- a/src/warden-client/lib/WardenClientCommon.pm
+++ b/src/warden-client/lib/WardenClientCommon.pm
@@ -1,54 +1,55 @@
-#!/usr/bin/perl -w
-#
# WardenClientCommon.pm
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
package WardenClientCommon;
use strict;
-use Carp;
+use warnings;
+
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
use SOAP::Transport::HTTP;
-use Sys::Syslog;
+use Sys::Syslog qw(:DEFAULT setlogsock);
+Sys::Syslog::setlogsock('unix');
+use Carp;
our $VERSION = "2.2";
+
#-------------------------------------------------------------------------------
# errMsg - prints error msg and returns undef or prints warning and returns 1
#-------------------------------------------------------------------------------
sub errMsg
{
- my $msg = shift;
- my $type = shift;
+ my $msg = shift;
+ my $type = shift;
defined $type or $type = "err"; # default type is err. Other: warn
-
- # is this error report and is Verbose logging mode enabled?
- if (($type eq "err") && ($WardenClientConf::LOG_VERBOSE)) { # user wants to log debug information
+
+ # check verbose logging
+ if (($type eq "err") && ($WardenClientCommon::LOG_VERBOSE)) {
$msg .= "\nStack info: " . Carp::longmess();
}
- # log into STDERR?
- if ($WardenClientConf::LOG_STDERR) {
+ # check logging into STDERR
+ if ($WardenClientCommon::LOG_STDERR) {
print STDERR $msg . "\n";
}
- # log into Syslog?
- if ($WardenClientConf::LOG_SYSLOG) {
- openlog("Warden-client:", "pid", "$WardenClientConf::LOG_SYSLOG_FACILITY");
- syslog("$type|$WardenClientConf::LOG_SYSLOG_FACILITY", $msg . "\n");
+ # check logging into Syslog
+ if ($WardenClientCommon::SYSLOG) {
+ openlog("Warden-client:", "pid", "$WardenClientCommon::SYSLOG_FACILITY");
+ syslog("$type|$WardenClientCommon::SYSLOG_FACILITY", $msg . "\n");
closelog();
}
- if ($type eq 'warn') { # case of 'warn'
+ if ($type eq 'warn') {
return 1;
- } else { # case of 'err'
+ } else {
return;
}
-
} # End of errMsg
@@ -57,119 +58,96 @@ sub errMsg
#-------------------------------------------------------------------------------
sub c2s
{
- my $uri = shift;
- my $ssl_key_file = shift;
- my $ssl_cert_file = shift;
- my $ssl_ca_file = shift;
- my $method = shift;
- my $data = shift;
+ my $method = shift;
+ my $data = shift;
my $client;
- my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
+ # parse service URI
+ my ($server, $port, $service) = $WardenClientCommon::URI =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
+
+ # create SOAP::Transport::HTTP:Client object
eval {
$client = SOAP::Transport::HTTP::Client->new();
- } or return errMsg('Unknown error in c2s() when creating socket, SOAP::Transport::HTTP::Client->new(), ' . $@);
-
- eval {$client->timeout($WardenClientConf::CONNECTION_TIMEOUT);}
- or return errMsg('Unknown error in c2s() when setting socket timeout, ' . $@);
+ } or return errMsg("Error in function 'c2s()' when creating SOAP::Transport::HTTP::Client object: " . $@);
+
+ # setting of connection timeout
+ eval {$client->timeout($WardenClientCommon::CONNECTION_TIMEOUT);}
+ or return errMsg("Error in function 'c2s()' when setting connection timeout: " . $@);
+ # setting of SSL options
eval {
$client->ssl_opts(verify_hostname => 1,
SSL_use_cert => 1,
- SSL_verify_mode => 0x02,
- SSL_key_file => $ssl_key_file,
- SSL_cert_file => $ssl_cert_file,
- SSL_ca_file => $ssl_ca_file);
+ SSL_verify_mode => 0x03,
+ SSL_key_file => $WardenClientCommon::SSL_KEY,
+ SSL_cert_file => $WardenClientCommon::SSL_CERT,
+ SSL_ca_file => $WardenClientCommon::SSL_CA_CERT);
return 1; # fix of eval triggering 'or' statement
- } or return errMsg('Unknown error in c2s() when setting socket SSL options, ' . $@);
+ } or return errMsg("Ă‹rror in function 'c2s()' when setting SSL options: " . $@);
- # setting of URI and serialize SOAP envelope and data object
-
+ # setting of service URI
my $soap;
eval {
- $soap = SOAP::Lite->uri($service)->proxy($uri);
- } or return errMsg('Unknown error in c2s() when serializing SOAP object, ' . $@);
-
+ $soap = SOAP::Lite->uri($service)->proxy($WardenClientCommon::URI);
+ } or return errMsg("Error in function 'c2s()' when setting service URI: " . $@);
+
+ # serialize SOAP envelope or SOAP envelope and data object
my $envelope;
if (!defined $data) {
eval {
$envelope = $soap->serializer->envelope(method => $method);
- } or return errMsg('Unknown error in c2s() when setting enevelope, ' . $@);
+ } or return errMsg("Error in function 'c2s()' when serializing envelope: " . $@);
} else {
eval {
$envelope = $soap->serializer->envelope(method => $method, $data);
- } or return errMsg('Unknown error in c2s() when setting envelope, ' . $@);
+ } or return errMsg("Error in function 'c2s()' when serializing envelope and data: " . $@);
}
- # setting of TCP URI and send serialized SOAP envelope and data
+ # setting of complete HTTPs URI and send serialized SOAP envelope and data
my $server_uri = "https://$server:$port/$service";
my $result;
eval {
$result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
- } or return errMsg('Unknown error in c2s() sending SOAP data, ' . $@);
+ } or return errMsg("Error in function 'c2s()' when sending SOAP envelope and data: " . $@);
# check server response
if (!defined $result) {
- errMsg("Server returned empty response. Problem with used SSL ceritificates or Warden server at $server:$port is down.");
+ errMsg("Server returned empty response. Problem with used SSL ceritificate/key or Warden server at $server:$port is down.");
} else {
- # deserialized response from server -> create SOAP envelope and data object
-
+ # deserialized response from server to SOAP data object
my $response;
-
eval {
$response = $soap->deserializer->deserialize($result);
- } or return errMsg('Unknown error in SOAP data deserialization. Received data: ' . $result . ', ' . $@);
+ } or return errMsg("Error in deserialization of server response:" . $@ . "\nReceived response: " . $result);
# check SOAP fault status
- $response->fault ? return errMsg("Server sent error message:: " . $response->faultstring) : return $response;
+ $response->fault ? return errMsg("Server sent error message: " . $response->faultstring) : return $response;
}
}
+
#-------------------------------------------------------------------------------
-# getClientsInfo - retrieve information about other clients from Warden server
+# loadConf - load configuration file
#-------------------------------------------------------------------------------
-sub getClientsInfo
+sub loadConf
{
- my $warden_path = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- require $libdir . "WardenClientConf.pm";
-
- # read the config file
- my $conf_file = $etcdir . "warden-client.conf";
- WardenClientConf::loadConf($conf_file);
-
- # c2s() returns undef on fail
- my $response = c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getClientInfo");
-
- defined $response or return; # receive data or return undef
-
- # parse returned SOAP data object with clients
- my @clients;
- my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- my @response_list = $response->valueof('/Envelope/Body/getClientInfoResponse/client/');
-
- while (scalar @response_list) {
- my $response_data = shift(@response_list);
- my %client;
-
- $client{'client_id'} = $response_data->{'CLIENT_ID'} ;
- $client{'hostname'} = $response_data->{'HOSTNAME'};
- $client{'registered'} = $response_data->{'REGISTERED'};
- $client{'requestor'} = $response_data->{'REQUESTOR'};
- $client{'service'} = $response_data->{'SERVICE'};
- $client{'client_type'} = $response_data->{'CLIENT_TYPE'};
- $client{'type'} = $response_data->{'TYPE'};
- $client{'receive_own_events'} = $response_data->{'RECEIVE_OWN_EVENTS'};
- $client{'description_tags'} = $response_data->{'DESCRIPTION_TAGS'};
- $client{'ip_net_client'} = $response_data->{'IP_NET_CLIENT'};
-
- # push received clients from warden server into @clients which is returned
- push (@clients,\%client);
+ my $conf_file = shift;
+
+ our $URI = undef;
+ our $SSL_KEY = undef;
+ our $SSL_CERT = undef;
+ our $SSL_CA_CERT = undef;
+ our $MAX_RCV_EVENTS_LIMIT = undef;
+ our $CONNECTION_TIMEOUT = undef;
+ our $LOG_STDERR = undef;
+ our $LOG_VERBOSE = undef;
+ our $SYSLOG = undef;
+ our $SYSLOG_FACILITY = undef;
+
+ unless (do $conf_file) {
+ die("Errors in config file '$conf_file': $@") if $@;
+ die("Can't read config file '$conf_file': $!") unless defined $_;
+ # if $_ defined, it's retvalue of last statement of conf, for which we don't care
}
-
- return @clients;
-}
+} # End of loadConf
1;
diff --git a/src/warden-client/lib/WardenClientConf.pm b/src/warden-client/lib/WardenClientConf.pm
deleted file mode 100755
index 2085d309437cee223b5388b120facb8481e20515..0000000000000000000000000000000000000000
--- a/src/warden-client/lib/WardenClientConf.pm
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/usr/bin/perl -w
-#
-# WardenClientConf.pm
-#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.
-
-package WardenClientConf;
-
-use strict;
-
-# preset of default variables
-our $URI = undef;
-our $SSL_KEY_FILE = undef;
-our $SSL_CERT_FILE = undef;
-our $SSL_CA_FILE = undef;
-our $MAX_RCV_EVENTS_LIMIT = undef;
-our $LOG_STDERR = 1;
-our $LOG_SYSLOG = 0;
-our $LOG_SYSLOG_FACILITY = "local7";
-our $LOG_VERBOSE = 0;
-our $CONNECTION_TIMEOUT = 60;
-
-
-our $VERSION = "2.2";
-
-sub loadConf
-{
- my $conf_file = shift;
-
- # load configuration variables set by user
- unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
- }
-}
-
-1;
diff --git a/src/warden-client/lib/WardenClientReceive.pm b/src/warden-client/lib/WardenClientReceive.pm
index 6718d1359ccc1cdb05c4ebfb0c9d151c4a0fd13b..3689d75c2add27d56a68f9d18e89b0bfaec10e64 100755
--- a/src/warden-client/lib/WardenClientReceive.pm
+++ b/src/warden-client/lib/WardenClientReceive.pm
@@ -1,19 +1,22 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
#
# WardenClientReceive.pm
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
+################################################################################
+# DO NOT USE THIS MODULE!!!
+#
+# THIS MODULE IS INTENDED ONLY FOR THE WARDEN CLIENT 2.2 UPDATED
+# FROM WARDEN CLIENT 2.1!!!
+################################################################################
+
package WardenClientReceive;
use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::HTTP;
-use FindBin;
-use Sys::Syslog;
+use warnings;
our $VERSION = "2.2";
@@ -22,108 +25,14 @@ our $VERSION = "2.2";
#-------------------------------------------------------------------------------
sub getNewEvents
{
- my @events;
-
- my $warden_path = shift;
- my $requested_type = shift;
-
- my $vardir = $warden_path . "/var/";
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- require $libdir . "WardenClientConf.pm";
- require $libdir . "WardenClientCommon.pm";
-
- # read the config file
- my $conf_file = $etcdir . "warden-client.conf";
- WardenClientConf::loadConf($conf_file);
-
- # set name of ID file for each client aplication
- my ($caller_name) = ($FindBin::Script =~ /^(.*)$/); # untaint
- my $id_file = $vardir . $caller_name . "-". ($requested_type || "any") . ".id";
-
- #-----------------------------------------------------------------------------
- # get last ID from ID file (if exist) or
- # get last ID from warden server DB and save it into ID file
- my $last_id;
- if (-e $id_file) {
- open(ID, "< $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
- foreach(<ID>) {
- $last_id = $_;
- }
- close ID;
- } else {
- # c2s() returns undef on fail
- my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getLastId");
- defined $response or return; # receive data or return undef
-
- $last_id = $response->result;
- open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
- print ID $last_id;
- close ID;
- }
-
- #-----------------------------------------------------------------------------
- # get new events from warden server DB based on gathered last ID
-
- my $request_data;
- eval {
- # create SOAP data object
- $request_data = SOAP::Data->name(
- request => \SOAP::Data->value(
- SOAP::Data->name(REQUESTED_TYPE => $requested_type),
- SOAP::Data->name(LAST_ID => $last_id),
- SOAP::Data->name(MAX_RCV_EVENTS_LIMIT => $WardenClientConf::MAX_RCV_EVENTS_LIMIT)
- )
- )
- } or return errMsg('Unknown error when creating SOAP data object, ' . $@);
-
- # call server method getNewEvents
- my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getNewEvents", $request_data);
- defined $response or return; # connect to warden server or return undef
-
- # parse returned SOAP data object
- my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
-
- my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
-
- while (scalar @response_list) {
- my $response_data = shift(@response_list);
- my @event;
-
- # parse items of one event
- $id = $response_data->{'ID'};
- $hostname = $response_data->{'HOSTNAME'};
- $service = $response_data->{'SERVICE'};
- $detected = $response_data->{'DETECTED'};
- $type = $response_data->{'TYPE'};
- $source_type = $response_data->{'SOURCE_TYPE'};
- $source = $response_data->{'SOURCE'};
- $target_proto = $response_data->{'TARGET_PROTO'};
- $target_port = $response_data->{'TARGET_PORT'};
- $attack_scale = $response_data->{'ATTACK_SCALE'};
- $note = $response_data->{'NOTE'};
- $priority = $response_data->{'PRIORITY'};
- $timeout = $response_data->{'TIMEOUT'};
- # push new event from warden server into @events which is returned
- @event = ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
- push (@events, \@event);
-
- # set maximum received ID from current batch
- if ($id > $last_id) {
- $last_id = $id;
- }
- } #end of while loop
+ my $warden_path = shift;
+ my $requested_type = shift;
- # write last return ID
- if (defined $last_id) { # must be defined for first check ID
- open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
- print ID $last_id;
- close ID;
- }
+ use lib $warden_path;
+ use WardenClient;
- return @events;
+ return WardenClient::getNewEvents($requested_type);
} # End of getNewEvents
diff --git a/src/warden-client/lib/WardenClientSend.pm b/src/warden-client/lib/WardenClientSend.pm
index 793095ec39546bacfbdd2b7ccd7ba0e3c3792754..409dad2cfb0868dd27805ff7125be2cc65efc1ca 100755
--- a/src/warden-client/lib/WardenClientSend.pm
+++ b/src/warden-client/lib/WardenClientSend.pm
@@ -1,18 +1,22 @@
-#!/usr/bin/perl -w
-#
+#!/usr/bin/perl
+#
# WardenClientSend.pm
#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
+################################################################################
+# DO NOT USE THIS MODULE!!!
+#
+# THIS MODULE IS INTENDED ONLY FOR THE WARDEN CLIENT 2.2 UPDATED
+# FROM WARDEN CLIENT 2.1!!!
+################################################################################
+
package WardenClientSend;
use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::HTTP;
-use Sys::Syslog;
+use warnings;
our $VERSION = "2.2";
@@ -21,79 +25,15 @@ our $VERSION = "2.2";
#-------------------------------------------------------------------------------
sub saveNewEvent
{
- my $result;
-
- my $warden_path = shift;
- my $event_ref = shift;
-
- my $etcdir = $warden_path . "/etc/";
- my $libdir = $warden_path . "/lib/";
-
- require $libdir . "WardenClientConf.pm";
- require $libdir . "WardenClientCommon.pm";
-
- # read the config file
- my $conf_file = $etcdir . "warden-client.conf";
- WardenClientConf::loadConf($conf_file);
-
- # prepare variables of event
- my @event = @{$event_ref};
- my $service = $event[0];
- my $detected = $event[1];
- my $type = $event[2];
- my $source_type = $event[3];
- my $source = $event[4];
- my $target_proto = $event[5];
- my $target_port = $event[6];
- my $attack_scale = $event[7];
- my $note = $event[8];
- my $priority = $event[9];
- my $timeout = $event[10];
-
- # Issue #596 - Should be removed in Warden client 3.0.
- # Checking for obsolete attributes priority or timeout. If not default or 'undef' values are found, print out warning.
-
- # check if obsolete event attribute Priority is used
- if ((defined $priority) && ($priority >= 1)) {
- # print warning
- WardenClientCommon::errMsg('Event attribute "Priority" is now obsolete and will be removed in Warden client 3.0', 'warn');
- }
- # check if obsolete event attribute Timeout is used
- if ((defined $timeout) && ($timeout >= 0)) {
- # print warning
- WardenClientCommon::errMsg('Event attribute "Timeout" is now obsolete and will be removed in Warden client 3.0', 'warn');
- }
-
- # end of Issue #596
-
+ my $warden_path = shift;
+ my $event_ref = shift;
- my $event;
- eval {
- # create SOAP data object
- $event = SOAP::Data->name(
- event => \SOAP::Data->value(
- SOAP::Data->name(SERVICE => $service),
- SOAP::Data->name(DETECTED => $detected),
- SOAP::Data->name(TYPE => $type),
- SOAP::Data->name(SOURCE_TYPE => $source_type),
- SOAP::Data->name(SOURCE => $source),
- SOAP::Data->name(TARGET_PROTO => $target_proto),
- SOAP::Data->name(TARGET_PORT => $target_port),
- SOAP::Data->name(ATTACK_SCALE => $attack_scale),
- SOAP::Data->name(NOTE => $note),
- SOAP::Data->name(PRIORITY => $priority),
- SOAP::Data->name(TIMEOUT => $timeout)
- )
- );
- } # end of eval
- or WardenClientCommon::errMsg('Unknown error when creating SOAP data object, ' . $@);
+ use lib $warden_path;
+ use WardenClient;
- # c2s() returns undef on fail.
- $result = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "saveNewEvent", $event);
+ return WardenClient::saveNewEvent($event_ref);
- defined $result ? return 1 : return 0;
-
} # End of saveNewEvent
1;
diff --git a/src/warden-server/bin/getClients.pl b/src/warden-server/bin/getClients.pl
index 8fec450ecaaa0747220bc40740ea3b54593fb553..ff64ec2eabf7891ae940357bbdd639223330f8d2 100755
--- a/src/warden-server/bin/getClients.pl
+++ b/src/warden-server/bin/getClients.pl
@@ -2,7 +2,7 @@
#
# getClients.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/bin/getStatus.pl b/src/warden-server/bin/getStatus.pl
index e70cda03811a308778c0af19393ab33274ef1380..9eec8a7f02972f329b4bb94633fb19d1319fe8a3 100755
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -2,7 +2,7 @@
#
# getStatus.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/bin/registerReceiver.pl b/src/warden-server/bin/registerReceiver.pl
index 3da44c19590e6276b1736dece9284a01556ee082..bcf56a05359fe93cbccbdc3d8cb46e85f364b41a 100755
--- a/src/warden-server/bin/registerReceiver.pl
+++ b/src/warden-server/bin/registerReceiver.pl
@@ -2,7 +2,7 @@
#
# registerReceiver.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/bin/registerSender.pl b/src/warden-server/bin/registerSender.pl
index 083333a8c1771d8284cef2930bdde5c73fac8d7e..2a605b2ab34387ef9e136c3824e5511cc7502fdd 100755
--- a/src/warden-server/bin/registerSender.pl
+++ b/src/warden-server/bin/registerSender.pl
@@ -2,7 +2,7 @@
#
# registerSender.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/bin/unregisterClient.pl b/src/warden-server/bin/unregisterClient.pl
index db4d62b64a0f2346bd95a7f48f98b658ca52fcd5..df2fcfc381eaf4c0c434e4bd49bfea64c67183e3 100755
--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -2,7 +2,7 @@
#
# unregisterClient.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/bin/wardenWatchdog.pl b/src/warden-server/bin/wardenWatchdog.pl
index fb1aa6ea80c1d1fd07625f16b7b215503aa62c39..3ce091bb5094e6251f897cfed99a21a5d41a15a1 100755
--- a/src/warden-server/bin/wardenWatchdog.pl
+++ b/src/warden-server/bin/wardenWatchdog.pl
@@ -2,7 +2,7 @@
#
# wardenWatchdog.pl
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/doc/AUTHORS b/src/warden-server/doc/AUTHORS
index b0c9bfbfd1aea60c199b608c2684d678fcdf0988..6728a2670f3e7272e31138369b83746a9ee7a5a3 100644
--- a/src/warden-server/doc/AUTHORS
+++ b/src/warden-server/doc/AUTHORS
@@ -27,4 +27,4 @@ Martin Zadnik <izadnik@fit.vutbr.cz>
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/CHANGELOG b/src/warden-server/doc/CHANGELOG
index a4597dc558cc69215e7833190ef13eb9e401d5e8..c75b91d354cdab7bf7c03312e72575b8d6eb558c 100644
--- a/src/warden-server/doc/CHANGELOG
+++ b/src/warden-server/doc/CHANGELOG
@@ -1,18 +1,24 @@
-2014-??-?? v2.2 stable version
+2015-01-05 v2.2 stable version
------------------------------
- fixed bug of re-activation of invalid clients
+- fixed bug of events sending process
- fixed bug of disabling of validation hash
- fixed bug of registerSender and registerReceiver scripts
+- fixed bug of SSL authentication process
+- fixed bug of event ID managment
+- fixed bugs of installation shell scripts
- added user specified client ID
- added Warden Watchdog system
- added validity system of events and clients
- added logging of incoming events
- added API to send information about registered clients to Warden client
-- deleted obsolete items of evens
+- added controle of correct client's event type
+- deleted obsolete items of events
- enhanced getClients and getStatus scripts
- enhanced client's managment system
- enhanced database schema and indexes
- enhanced installation scripts
+- enhanced error and warning message system
- other minor bugs and issues fixed
@@ -58,4 +64,4 @@
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/INSTALL b/src/warden-server/doc/INSTALL
index 8055bc4939b523b78dddb3d84d825fd5452ce119..1e411abc28b96cb2e22aa41ee39ee79abe615b97 100644
--- a/src/warden-server/doc/INSTALL
+++ b/src/warden-server/doc/INSTALL
@@ -31,11 +31,14 @@ C. Installation step
1) Install Warden server package (examples)
- $ ./warden-server-2.2/install.sh -d /opt/warden-server -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/bundle.pem -e admin@domain.com
+ $ tar xzvf warden-server-2.2.tar.gz
+ $ cd warden-server-2.2
+
+ $ ./install.sh -d /opt/warden-server -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/bundle.pem -e admin@domain.com
or (if you want to create symlinks to Warden server control scripts during the installation process - optional)
- $ ./warden-server-2.2/install.sh -d /opt/warden-server -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/bundle.pem -e admin@domain.com -s /usr/local/bin
+ $ ./install.sh -d /opt/warden-server -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/bundle.pem -e admin@domain.com -s /usr/local/bin
D. Post-installation steps
@@ -104,4 +107,4 @@ D. Post-installation steps
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/LICENSE b/src/warden-server/doc/LICENSE
index 7b1325f23c3efafba7ee93cacb106757cdf51f30..98a203e0493bacf1fea857bef636826a3bd45aec 100644
--- a/src/warden-server/doc/LICENSE
+++ b/src/warden-server/doc/LICENSE
@@ -1,6 +1,6 @@
BSD License
-Copyright © 2011-2014 Cesnet z.s.p.o
+Copyright © 2011-2015 Cesnet z.s.p.o
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -29,4 +29,4 @@ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index e37150649caa08ab82c1b825b8b9ce3c54f601f8..8077c15b64b1ebc4142f6a5361a04c161a9fb86e 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -26,7 +26,7 @@ A. Overall Information
2. Version
- 2.2 (2014-??-??)
+ 2.2 (2015-01-05)
3. Installed package structure
@@ -109,24 +109,26 @@ C. Installation
For more information about install.sh options run install.sh -h
- Usage: $ ./install.sh -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> -e <email_address> [-s <directory>] [-hV]"
- -d <directory> installation directory
- -k <ssl_key_file> SSL certificate key file path
- -c <ssl_cert_file> SSL certificate file path
- -a <ssl_ca_file> CA certificate file path
+ Usage: $ ./install.sh -d <directory> -k <ssl_key> -c <ssl_cert> -a <ssl_ca_cert> -e <email_address> [-s <directory>] [-hV]
+ -d <directory> Warden server installation directory
+ -k <ssl_key> path to SSL key
+ -c <ssl_cert> path to SSL certificate
+ -a <ssl_ca_cert> path to CA certificate
-e <e-mail address> e-mail address to Warden server administrator
- -s <directory> directory for symlinks to Warden server control scripts (optional)
+ -s <directory> directory of symlinks to system control scripts (optional)
-h print this help
-V print script version number and exit
- Example: # ./install.sh -d /opt/warden-server
+ Example: $ ./install.sh -d /opt/warden-server
-k /etc/ssl/private/server.key
-c /etc/ssl/certs/server.pem
-a /etc/ssl/certs/bundle.pem
- -e admin@domain.com
+ -e admin@domain.com
-s /usr/local/bin
+ For more information about post-installation steps see UPDATE file.
+
4. Configuration files
You are advised to check configuration file warden-apache.conf and
@@ -163,7 +165,7 @@ C. Installation
e.g. warden
DB_USER - MySQL database user of Warden server
- e.g. warden
+ e.g. root
DB_PASS - MySQL database password of Warden server
@@ -176,11 +178,24 @@ C. Installation
VALID_STRINGS - validation hash containing allowed event attributes
e.g.
-
- %VALID_STRINGS = (
- 'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'vulnerability', 'test', 'other'],
- 'source_type' => ['IP', 'URL', 'Reply-To:']
- );
+ 'type'=> ['portscan',\
+ 'bruteforce',\
+ 'probe',\
+ 'spam',\
+ 'phishing',\
+ 'botnet_c_c',\
+ 'dos',\
+ 'malware',\
+ 'copyright',\
+ 'webattack',\
+ 'vulnerability',\
+ 'test',\
+ 'other'\
+ ],
+ 'source_type' => ['IP',\
+ 'URL',\
+ 'Reply-To:'\
+ ]
b) warden-apache.conf
@@ -193,7 +208,7 @@ C. Installation
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
- SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+ SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLCertificateFile <path_to_server_certificate>
SSLCertificateKeyFile <path_to_server_certificate_key>
@@ -216,15 +231,15 @@ D. Update
For more information about update.sh options run update.sh -h
- Usage: $ ./update.sh -d <directory> [-hV]
- -d <directory> destination directory
- -h print this help
- -V print script version number and exit
+ Usage: update.sh -d <directory> [-s <directory>] [-hV]
+ -d <directory> Warden server to update
+ -s <directory> directory of symlinks to system control scripts (optional)
+ -h print this help
+ -V print script version number and exit
- Example: # ./update.sh -d /opt/warden-server
+ Example: $ ./update.sh -d /opt/warden-server -s /usr/local/bin
- For more information about post-update steps see UPDATE file in 'doc'
- directory.
+ For more information about post-update steps see UPDATE file.
--------------------------------------------------------------------------------
@@ -235,14 +250,14 @@ E. Uninstallation
For more information about uninstall.sh options run uninstall.sh -h
Usage: uninstall.sh -d <directory> [-s <directory>] [-hV]
- -d <directory> uninstallation directory of Warden server
- -s <directory> directory for symlinks to Warden server control scripts (optional)
+ -d <directory> Warden server to uninstall
+ -s <directory> directory of symlinks to system control scripts (optional)
-h print this help
-V print script version number and exit
- Example: $ uninstall.sh -d /opt/warden-server -s /usr/local/bin
+ Example: $ ./uninstall.sh -d /opt/warden-server -s /usr/local/bin
- For more information about uninstallation process, see README file (section Uninstallation).
+ For more information about post-uninstallation steps see UNINSTALL file.
--------------------------------------------------------------------------------
@@ -258,19 +273,15 @@ F. Miscellaneous
Make sure that the TCP port listed in /etc/apache2/sites-enables/default(-ssl)
is allowed on your firewall.
- 3. Privileges
-
- The Warden server runs only under root privileges.
-
- 4. Known Issues
+ 3. Known Issues
No issues are known.
- 5. Database checks
+ 4. Database checks
If you want apply an offline checks to your received data health, you can use
- the wardenWatchdog.pl script. You can found the documentation in a separate
- README.wardenWatchdog file.
+ the wardenWatchdog.pl script. You can found the documentation in chapter
+ I. Warden Watchdog in this document.
--------------------------------------------------------------------------------
@@ -312,8 +323,8 @@ G. Registration of Clients
successfully:
hostname - hostname of the client,
- requestor - organization or authorized person who demands new
- client registration,
+ requestor - e-mail address of organization or authorized person
+ who demands new client registration,
type - the type of events the client wish to receive or '_any_'
for receiving of all types of events,
receive_own_events - boolean value describing if events originating from
@@ -412,4 +423,4 @@ I. Warden Watchdog
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/UNINSTALL b/src/warden-server/doc/UNINSTALL
index a1c06397e643f48c2438bbece328b362711030ca..c24249c190f17c740b3328ba9a84ee173d784eb3 100644
--- a/src/warden-server/doc/UNINSTALL
+++ b/src/warden-server/doc/UNINSTALL
@@ -27,11 +27,13 @@ B. Uninstallation step
2) Uninstall Warden server package (example)
- $ /opt/warden-server/uninstall.sh -d /opt/warden-server
+ $ cd /opt/warden-server/
+
+ $ ./uninstall.sh -d /opt/warden-server
or (if you wanted to create symlinks to Warden server control scripts during the installation process - optional)
- $ /opt/warden-server/uninstall.sh -d /opt/warden-server -s /usr/local/bin
+ $ ./uninstall.sh -d /opt/warden-server -s /usr/local/bin
C. Post-uninstallation steps
@@ -96,4 +98,4 @@ C. Post-uninstallation steps
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/doc/UPDATE b/src/warden-server/doc/UPDATE
index 3e4fe49f4363f947fe088d73f8cfae480ffdb016..f40621db823cab52cdf5dc03384e36f260b8f2cd 100644
--- a/src/warden-server/doc/UPDATE
+++ b/src/warden-server/doc/UPDATE
@@ -22,11 +22,14 @@ B. Update steps
1) Update Warden server package (default destination path)
- $ ./warden-server-2.2/update.sh -d /opt/warden-server
+ $ tar xzvf warden-server-2.2.tar.gz
+ $ cd warden-server-2.2
+
+ $ ./update.sh -d /opt/warden-server
or (if you want to create symlinks to Warden server control scripts during the installation process - optional)
- $ ./warden-server-2.2/update.sh -d /opt/warden-server -s /usr/local/bin
+ $ ./update.sh -d /opt/warden-server -s /usr/local/bin
C. Post-update steps
@@ -48,4 +51,4 @@ During this process the database will be not available!
--------------------------------------------------------------------------------
-Copyright (C) 2011-2014 Cesnet z.s.p.o
+Copyright (C) 2011-2015 Cesnet z.s.p.o
diff --git a/src/warden-server/etc/warden-apache.conf b/src/warden-server/etc/warden-apache.conf
index ded4b095e96734ee3db71fe27a6c31ee3cd8214a..b5159b7014d64dfbbe2ac24039d52e1f6cd25554 100644
--- a/src/warden-server/etc/warden-apache.conf
+++ b/src/warden-server/etc/warden-apache.conf
@@ -1,7 +1,9 @@
#
-#
# warden-apache.conf - configuration file for the Apache server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
SSLEngine on
@@ -9,7 +11,7 @@ SSLVerifyDepth 3
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/warden-dev.cesnet.cz.pem
SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key
diff --git a/src/warden-server/etc/warden-apache.conf.tmpl b/src/warden-server/etc/warden-apache.conf.tmpl
index 12c07de6c84d7af1998c6e15bcf4a28feebf15af..e5a71dc6a39d4c7e72e0eb00edd79348de797bb3 100644
--- a/src/warden-server/etc/warden-apache.conf.tmpl
+++ b/src/warden-server/etc/warden-apache.conf.tmpl
@@ -1,7 +1,9 @@
#
-#
# warden-apache.conf - configuration file for the Apache server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
SSLEngine on
@@ -9,11 +11,11 @@ SSLVerifyDepth 3
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
-SSLCertificateFile _CERT_FILE_
-SSLCertificateKeyFile _KEY_FILE_
-SSLCACertificateFile _CA_FILE_
+SSLCertificateFile _CERTFILE_
+SSLCertificateKeyFile _KEYFILE_
+SSLCACertificateFile _CAFILE_
PerlOptions +Parent
PerlSwitches -I _LIB_
diff --git a/src/warden-server/etc/warden-apache.conf.tmpl.update b/src/warden-server/etc/warden-apache.conf.tmpl.update
index 12c07de6c84d7af1998c6e15bcf4a28feebf15af..e5a71dc6a39d4c7e72e0eb00edd79348de797bb3 100644
--- a/src/warden-server/etc/warden-apache.conf.tmpl.update
+++ b/src/warden-server/etc/warden-apache.conf.tmpl.update
@@ -1,7 +1,9 @@
#
-#
# warden-apache.conf - configuration file for the Apache server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
SSLEngine on
@@ -9,11 +11,11 @@ SSLVerifyDepth 3
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
-SSLCertificateFile _CERT_FILE_
-SSLCertificateKeyFile _KEY_FILE_
-SSLCACertificateFile _CA_FILE_
+SSLCertificateFile _CERTFILE_
+SSLCertificateKeyFile _KEYFILE_
+SSLCACertificateFile _CAFILE_
PerlOptions +Parent
PerlSwitches -I _LIB_
diff --git a/src/warden-server/etc/warden-server.conf b/src/warden-server/etc/warden-server.conf
index 6c3588ac128ab98aaac4ae83494f9287c7c67d65..3a82882461d63d7dbd6e45d87afd29023dd0b75a 100644
--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -1,6 +1,9 @@
#
# warden-server.conf - configuration file for Warden server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
diff --git a/src/warden-server/etc/warden-server.conf.tmpl b/src/warden-server/etc/warden-server.conf.tmpl
index 964cf4dfd391e67813fec2dbd132f65c3507acc2..cb9aed6d8cf81977d07d3fcde5fc966113f6f02d 100644
--- a/src/warden-server/etc/warden-server.conf.tmpl
+++ b/src/warden-server/etc/warden-server.conf.tmpl
@@ -1,6 +1,9 @@
#
# warden-server.conf - configuration file for Warden server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
diff --git a/src/warden-server/etc/warden-server.conf.tmpl.update b/src/warden-server/etc/warden-server.conf.tmpl.update
index 878cd71b710bd4bbbaed697f6b193fa8ac0ec679..3567d791e8c907cb8e27dd1ec2e87fdf56e843a6 100644
--- a/src/warden-server/etc/warden-server.conf.tmpl.update
+++ b/src/warden-server/etc/warden-server.conf.tmpl.update
@@ -1,6 +1,9 @@
#
# warden-server.conf - configuration file for Warden server
#
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
+#
+# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server
@@ -15,42 +18,42 @@ $SYSLOG = "_SYSLOG_";
#-------------------------------------------------------------------------------
# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
#-------------------------------------------------------------------------------
-$SYSLOG_VERBOSE = "_SYSLOG_VERBOSE_";
+$SYSLOG_VERBOSE = "_SYSLOGVERBOSE_";
#-------------------------------------------------------------------------------
# SYSLOG_FACILITY - syslog facility
#-------------------------------------------------------------------------------
-$SYSLOG_FACILITY = "_SYSLOG_FACILITY_";
+$SYSLOG_FACILITY = "_SYSLOGFACILITY_";
#-------------------------------------------------------------------------------
# DB_NAME - MySQL database name of Warden server
#-------------------------------------------------------------------------------
-$DB_NAME = "_DB_NAME_";
+$DB_NAME = "_DBNAME_";
#-------------------------------------------------------------------------------
# DB_USER - MySQL database user of Warden server
#-------------------------------------------------------------------------------
-$DB_USER = "_DB_USER_";
+$DB_USER = "_DBUSER_";
#-------------------------------------------------------------------------------
# DB_PASS - MySQL database password of Warden server
#-------------------------------------------------------------------------------
-$DB_PASS = "_DB_PASS_";
+$DB_PASS = "_DBPASS_";
#-------------------------------------------------------------------------------
# DB_HOST - MySQL database host
#-------------------------------------------------------------------------------
-$DB_HOST = "_DB_HOST_";
+$DB_HOST = "_DBHOST_";
#-------------------------------------------------------------------------------
# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
# delivered to one client in one batch
#-------------------------------------------------------------------------------
-$MAX_EVENTS_LIMIT = "_MAX_EVENTS_LIMIT_";
+$MAX_EVENTS_LIMIT = "_MAXEVENTSLIMIT_";
#-------------------------------------------------------------------------------
# VALID_STRINGS - validation hash containing allowed event attributes
#-------------------------------------------------------------------------------
%VALID_STRINGS = (
-_VALID_STRINGS_
+_VALIDSTRINGS_
);
diff --git a/src/warden-server/etc/warden-watchdog.conf b/src/warden-server/etc/warden-watchdog.conf
index 0a355b21aac6081586e7c89e958d70b9fc74cddd..8d2dd45ca258ba5034d937ec5a6b57d3752e6b1b 100644
--- a/src/warden-server/etc/warden-watchdog.conf
+++ b/src/warden-server/etc/warden-watchdog.conf
@@ -1,7 +1,7 @@
#
# warden-watchdog.conf - configuration file for Wachdog script
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/etc/warden-watchdog.conf.tmpl b/src/warden-server/etc/warden-watchdog.conf.tmpl
index 54303e5cf30a917a6e7f91941c557c520a2f111d..baa4894dfa9049f14de58305b0caa4d2a1c1403a 100644
--- a/src/warden-server/etc/warden-watchdog.conf.tmpl
+++ b/src/warden-server/etc/warden-watchdog.conf.tmpl
@@ -1,14 +1,14 @@
#
# warden-watchdog.conf - configuration file for Wachdog script
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# DOMAIN_NAME - server full domain name
#-------------------------------------------------------------------------------
-$DOMAIN_NAME = "_DOMAIN_NAME_";
+$DOMAIN_NAME = "_DOMAINNAME_";
#-------------------------------------------------------------------------------
# EMAIL_SUBJECT - subject of an report for Warden watchdog script
diff --git a/src/warden-server/etc/warden-watchdog.conf.tmpl.update b/src/warden-server/etc/warden-watchdog.conf.tmpl.update
index 32ac9dbc60067ef506c83ece09be89630fd076cf..42d3f54e5f8c46dcbe28272808d2dc1a24dda7c3 100644
--- a/src/warden-server/etc/warden-watchdog.conf.tmpl.update
+++ b/src/warden-server/etc/warden-watchdog.conf.tmpl.update
@@ -1,29 +1,29 @@
#
# warden-watchdog.conf - configuration file for Wachdog script
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
#-------------------------------------------------------------------------------
# DOMAIN_NAME - server full domain name
#-------------------------------------------------------------------------------
-$DOMAIN_NAME = "_DOMAIN_NAME_";
+$DOMAIN_NAME = "_DOMAINNAME_";
#-------------------------------------------------------------------------------
# EMAIL_SUBJECT - subject of an report for Warden watchdog script
#-------------------------------------------------------------------------------
-$EMAIL_SUBJECT = "_EMAIL_SUBJECT_";
+$EMAIL_SUBJECT = "_EMAILSUBJECT_";
#-------------------------------------------------------------------------------
# EMAIL_SERVER_CONF - path and params of an email server for reports sending
#-------------------------------------------------------------------------------
-$EMAIL_SERVER_CONF = '_EMAIL_SERVER_CONF_';
+$EMAIL_SERVER_CONF = '_EMAILSERVERCONF_';
#-------------------------------------------------------------------------------
# SQL_PRECONDITION - array of procedures which are executed "before" main action
#-------------------------------------------------------------------------------
-@SQL_PRECONDITION = (_SQL_PRECONDITION_);
+@SQL_PRECONDITION = (_SQLPRECONDITION_);
#-------------------------------------------------------------------------------
# SQL_QUERIES - array of hashes of actions for the WardenWatchdog script.
@@ -35,9 +35,9 @@ $EMAIL_SERVER_CONF = '_EMAIL_SERVER_CONF_';
# in a database table.
#-------------------------------------------------------------------------------
@SQL_QUERIES = (
-_SQL_QUERIES_);
+_SQLQUERIES_);
#-------------------------------------------------------------------------------
# SQL_POSTCONDITION - array of procedures which are executed "after" main action
#-------------------------------------------------------------------------------
-@SQL_POSTCONDITION = (_SQL_POSTCONDITION_);
+@SQL_POSTCONDITION = (_SQLPOSTCONDITION_);
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index c7d1b71c362b8cfbfc2aac6be003366a1c02427a..3c148126342692b74b1ee4009d3317aa8a2137a7 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -1,6 +1,6 @@
# Warden.pm
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/lib/Warden/ApacheDispatch.pm b/src/warden-server/lib/Warden/ApacheDispatch.pm
index 436ffc7226c614a8d1872bb969bb591678a2a393..e8542fddf1c279bf12f7ef55ea14b9993721281f 100644
--- a/src/warden-server/lib/Warden/ApacheDispatch.pm
+++ b/src/warden-server/lib/Warden/ApacheDispatch.pm
@@ -1,6 +1,6 @@
# ApacheDispatch.pm
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/lib/WardenCommon.pm b/src/warden-server/lib/WardenCommon.pm
index 0f6f90d3baca1b87f07d5436ed85fa5123ec1a84..09d8cbb54f4ceaff4f08f5ef16bce8d99315ae08 100755
--- a/src/warden-server/lib/WardenCommon.pm
+++ b/src/warden-server/lib/WardenCommon.pm
@@ -1,6 +1,6 @@
# WardenCommon.pm
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/lib/WardenWatchdog.pm b/src/warden-server/lib/WardenWatchdog.pm
index 539d824b01ce0564f79acd80ae19f129a7960d22..a2618127b26393601dfaff4ba0c8c8d969282868 100755
--- a/src/warden-server/lib/WardenWatchdog.pm
+++ b/src/warden-server/lib/WardenWatchdog.pm
@@ -1,6 +1,6 @@
# WardenWatchdog.pm
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/lib/WardenWatchdog.t b/src/warden-server/lib/WardenWatchdog.t
index 4853373cfd7afddaee2594e31873dc3c199130af..0562203cdfb5ae95739ac63ac28c94720c7e1f39 100644
--- a/src/warden-server/lib/WardenWatchdog.t
+++ b/src/warden-server/lib/WardenWatchdog.t
@@ -2,7 +2,7 @@
#
# WardenWatchdog.t
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
diff --git a/src/warden-server/sh/install.sh b/src/warden-server/sh/install.sh
index 2fed15c32f0ff63435de483e31d782cd60761634..8549fc3583998b32cc18570e133f7c346d6ba083 100755
--- a/src/warden-server/sh/install.sh
+++ b/src/warden-server/sh/install.sh
@@ -2,7 +2,7 @@
#
# install.sh
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
@@ -14,13 +14,13 @@ VERSION="2.2"
#-------------------------------------------------------------------------------
usage()
{
- echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> -e <email_address> [-s <directory>] [-hV]"
- echo "-d <directory> installation directory of Warden server"
- echo "-k <ssl_key_file> path to SSL certificate key file"
- echo "-c <ssl_cert_file> path to SSL certificate file"
- echo "-a <ssl_ca_file> path to CA certificate file"
+ echo "Usage: ${0##*/} -d <directory> -k <ssl_key> -c <ssl_cert> -a <ssl_ca_cert> -e <email_address> [-s <directory>] [-hV]"
+ echo "-d <directory> Warden server installation directory"
+ echo "-k <ssl_key> path to SSL key"
+ echo "-c <ssl_cert> path to SSL certificate"
+ echo "-a <ssl_ca_cert> path to SSL CA certificate"
echo "-e <e-mail address> e-mail address to Warden server administrator"
- echo "-s <directory> directory for symlinks to Warden server control scripts (optional)"
+ echo "-s <directory> directory of symlinks to system control scripts (optional)"
echo "-h print this help"
echo "-V print script version number and exit"
echo
@@ -42,8 +42,7 @@ version()
err()
{
echo "FAILED!"
- echo
- cat "$err"
+ echo -n "Error: " && cat "$err"
rm -f "$err"
echo
echo "Installation of $package_version package FAILED!!!"
@@ -54,17 +53,15 @@ err()
errClean()
{
echo "FAILED!"
- echo " -> Uninstalling server package ... OK"
+ echo -n "Error: " && cat "$err"
+ echo " -> Uninstalling server package ..."
for file in $(<"$manifest")
do
+ rm -f "${basedir}/$file" 2> /dev/null
directory="${file%/*}"
- rm -f "${basedir}/$file"
- rmdir --ignore-fail-on-non-empty "${basedir}/$directory"
- rm -f "${basedir}/uninstall.sh"
-
+ rmdir --ignore-fail-on-non-empty "${basedir}/$directory" 2> /dev/null
done
- echo
- cat "$err"
+ rm -f "${basedir}/uninstall.sh" 2> /dev/null
rm -f "$err"
echo
echo "Installation of $package_version package FAILED!!!"
@@ -109,8 +106,8 @@ oldPackageChck()
old_package_version=$(<"$old_package_version_file")
echo "FAILED!"
echo
- echo "Package $old_package_version is installed!"
- echo "For update of warden server package please use update.sh"
+ echo "Package $old_package_version has been already installed!"
+ echo "For update of Warden server package please use update.sh."
exit 1
fi
echo "OK"
@@ -146,13 +143,12 @@ createWardenDir()
{
echo -n "Creating Warden server directory ... "
test -d "$basedir" && test -w "$basedir" || mkdir -p "$basedir" 2> "$err" || err
- for dir in "${dirname}/"*
- do
- if [ -d "$dir" ]; then
- cp -R "$dir" "$basedir" 2> "$err" || errClean
- fi
- done
- rm -f "${etc}/"*.tmpl*
+ for file in $(<"$manifest")
+ do
+ dir="$basedir/${file%/*}"
+ [[ ! -d "$dir" ]] && mkdir -p "$dir"
+ cp "$file" "${basedir}/$file" 2> "$err" || errClean
+ done
ln -s "${sh}/uninstall.sh" "$basedir"
echo "OK"
}
@@ -179,12 +175,18 @@ createManifest()
createSymlinks()
{
- echo "Creating symbolic links to $symbin ..."
- for file in "${bin}/"*
- do
- echo "- making symlink: ${symbin}/${file##*/} -> $file"
- ln -s "$file" "${symbin}/${file##*/}"
- done
+ echo -n "Checking symlinks directory $symbin ... "
+ if [[ -d $symbin && -w $symbin ]]; then
+ echo "OK"
+ for file in "${bin}/"*
+ do
+ echo "- creating symlink: ${symbin}/${file##*/} -> $file"
+ ln -s "$file" "${symbin}/${file##*/}" 2>/dev/null
+ done
+ else
+ echo "FAILED!"
+ fi
+
}
@@ -228,10 +230,11 @@ watchdog_conf="${etc}/warden-watchdog.conf"
server_conf_tmpl="${dirname}/etc/warden-server.conf.tmpl"
apache_conf_tmpl="${dirname}/etc/warden-apache.conf.tmpl"
watchdog_conf_tmpl="${dirname}/etc/warden-watchdog.conf.tmpl"
-package_version=$(<"${dirname}/etc/package_version")
+package_version=$(<"${dirname}/etc/package_version") 2> "$err" || err
manifest="${dirname}/doc/MANIFEST"
+echo "Installation of Warden server package ($package_version) ..."
echo
echo "----------------------- Checking for Dependencies -----------------------"
@@ -242,13 +245,13 @@ echo "----------------------- Checking for Dependencies -----------------------"
perlChck
# Perl modules test
-modulesChck
+modulesChck || exit 1
echo
echo "------------------------- Installation process --------------------------"
# make warden server directory
-createWardenDir
+createWardenDir || exit 1
# create server configuration file
echo -n "Creating Warden server configuration file ... "
@@ -260,9 +263,9 @@ doTemplate \
# create Apache configuration file
echo -n "Creating Apache configuration file ... "
doTemplate \
- _CERT_FILE_ "$cert_file" \
- _KEY_FILE_ "$key_file" \
- _CA_FILE_ "$ca_file" \
+ _CERTFILE_ "$cert_file" \
+ _KEYFILE_ "$key_file" \
+ _CAFILE_ "$ca_file" \
_LIB_ "$lib" \
< $apache_conf_tmpl \
> $apache_conf && echo "OK" || errClean
@@ -270,7 +273,7 @@ doTemplate \
# create wardenWatchdog configuration file
echo -n "Creating Warden Watchdog configuration file ... "
doTemplate \
- _DOMAIN_NAME_ "$domain_name" \
+ _DOMAINNAME_ "$domain_name" \
_CONTACT_ "$contact" \
< $watchdog_conf_tmpl \
> $watchdog_conf && echo "OK" || errClean
@@ -279,9 +282,11 @@ doTemplate \
createManifest
# crate symlinks from warden server bin to user path (if -s option is set)
-[[ ! -z "$symbin" ]] && [[ -d "$symbin" ]] && [[ -w "$symbin" ]] && createSymlinks
+[[ ! -z "$symbin" ]] && createSymlinks
echo
+echo "------------------------- Summary ---------------------------------------"
+
echo "Please check configuration files:"
echo " - $server_conf"
echo " - $server_conf"
@@ -289,7 +294,7 @@ echo " - $watchdog_conf"
echo
echo "Warden server directory: $basedir"
echo
-echo "Please follow post-installation steps in ${doc}/INSTALL!"
+echo "Please follow post-installation steps in ${doc}/INSTALL."
echo
echo "Installation of $package_version package was SUCCESSFUL!!!"
echo
diff --git a/src/warden-server/sh/uninstall.sh b/src/warden-server/sh/uninstall.sh
index 2f2f47ecfefa4fa55a1ff21b86a7a3757790b8a6..72a3e0c242f2f11070752041dd481b40763377b9 100755
--- a/src/warden-server/sh/uninstall.sh
+++ b/src/warden-server/sh/uninstall.sh
@@ -2,7 +2,7 @@
#
# uninstall.sh
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
@@ -15,12 +15,12 @@ VERSION="2.2"
usage()
{
echo "Usage: ${0##*/} -d <directory> [-s <directory>] [-hV]"
- echo "-d <directory> uninstallation directory of Warden server"
- echo "-s <directory> directory for symlinks to Warden server control scripts (optional)"
+ echo "-d <directory> Warden server to uninstall"
+ echo "-s <directory> directory of symlinks to system control scripts (optional)"
echo "-h print this help"
echo "-V print script version number and exit"
echo
- echo "Example: $ ${0##*/} -d /opt/warden-server -s /usr/local/bin"
+ echo "Example: $ ./${0##*/} -d /opt/warden-server -s /usr/local/bin"
echo
echo "For more information about uninstallation process, see README file (section Uninstallation)."
echo
@@ -38,8 +38,7 @@ version()
err()
{
echo "FAILED!"
- echo
- cat "$err"
+ echo -n "Error: " && cat "$err"
rm -f "$err"
rm -rf "$backup"
echo
@@ -51,6 +50,7 @@ err()
errClean()
{
echo "FAILED!"
+ echo -n "Error: " && cat "$err"
echo " -> Reverting changes of warden server package ... "
rm -rf "${basedir}/"* > /dev/null 2>&1
cp -R "${backup}/"* "$basedir"
@@ -60,8 +60,6 @@ errClean()
ln -s "${bin}/${file##*/}" "${symbin}/${file##*/}"
done
fi
- echo
- cat "$err"
rm -f "$err"
rm -rf "$backup"
echo
@@ -86,9 +84,13 @@ paramsChck()
wardenDirChck()
{
echo -n "Checking Warden server directory ... "
- if [[ ! -d "$basedir" ]] && [[ ! -w "$basedir" ]]; then
+ if [[ ! -d "$basedir" ]]; then
+ echo "FAILED!"
+ echo "Warden server package is not installed!"
+ exit 1
+ elif [[ ! -w "$basedir" ]]; then
echo "FAILED!"
- echo "No version of Warden server is not installed!"
+ echo "You don't have permission to Warden server directory!"
exit 1
else
echo "OK"
@@ -102,10 +104,12 @@ getPackageVersion()
old_package_version_file=$(find "$basedir" -name package_version)
if [ -f "$old_package_version_file" ]; then
package_version=$(<"$old_package_version_file")
+ echo "OK"
else
- package_version="unknown"
+ echo "FAILED!"
+ echo "Warden server is not installed in this directory!"
+ exit 1
fi
- echo "OK"
}
@@ -121,30 +125,37 @@ createBackup()
}
+removeSymlinks()
+{
+ echo -n "Checking symlinks directory $symbin ... "
+ if [[ -d $symbin && -w $symbin ]]; then
+ echo "OK"
+ for file in "$bin/"*
+ do
+ if [[ -f "${symbin}/${file##*/}" ]]; then
+ echo "- removing symlink: ${symbin}/${file##*/} -> $file"
+ rm -f "${symbin}/${file##*/}" 2> /dev/null
+ fi
+ done
+ else
+ echo "FAILED!"
+ fi
+}
+
+
uninstallWardenServer()
{
echo -n "Uninstalling $package_version package ... "
- cp "${doc}/UNINSTALL" "$uninstall"
+ cp "${doc}/UNINSTALL" "$uninstall" 2> /dev/null
manifest=$(find "$basedir" -name MANIFEST) || err
for file in $(<"$manifest")
do
+ rm -f "${basedir}/$file" 2> "$err" || errClean
directory="${file%/*}"
- rm -f "${basedir}/$file"
- rmdir --ignore-fail-on-non-empty "${basedir}/$directory"
+ rmdir --ignore-fail-on-non-empty "${basedir}/$directory" 2> "$err" || errClean
done
rm -f "${basedir}/uninstall.sh"
- rmdir --ignore-fail-on-non-empty "$basedir"
- echo "OK"
-}
-
-
-deleteSymlinks()
-{
- echo -n "Deleting symlinks from $symbin ..."
- for file in "$symbin/"*
- do
- rm -f "${symbin}/${file##*/}" 2> /dev/null
- done
+ rmdir --ignore-fail-on-non-empty "$basedir" 2> /dev/null
echo "OK"
}
@@ -165,6 +176,7 @@ done
# remove last char (slash) from name of directories
[[ "$basedir" == */ ]] && basedir="${basedir%?}"
+[[ "$symbin" == */ ]] && symbin="${symbin%?}"
# params test
paramsChck
@@ -177,9 +189,9 @@ err="/tmp/warden-err"
uninstall="/tmp/UNINSTALL.warden"
backup="/tmp/warden-backup"
-
+echo "Uninstallation of Warden server package ..."
echo
-echo "------------------------- Uninstallation process --------------------------------"
+echo "------------------------- Uninstallation process ------------------------"
# check Warden server directory if exists
wardenDirChck
@@ -190,14 +202,17 @@ getPackageVersion
# make backup of currently installed warden-server package
createBackup
+# remove symlinks from $symbin (if -s option is set)
+[[ ! -z "$symbin" ]] && removeSymlinks
+
# uninstall Warden server
-uninstallWardenServer
+uninstallWardenServer || exit 1
-# delete symlinks from $symbin (if -s option is set)
-[[ ! -z "$symbin" ]] && [[ -d "$symbin" ]] && [[ -w "$symbin" ]] && deleteSymlinks
echo
-echo "Please follow post-uninstallation steps in $uninstall!"
+echo "------------------------- Summary ---------------------------------------"
+
+echo "Please follow post-uninstallation steps in ${uninstall}."
echo
echo "Uninstallation of $package_version package was SUCCESSFUL!!!"
echo
diff --git a/src/warden-server/sh/update.sh b/src/warden-server/sh/update.sh
index 8e5328da276a615336acb9ba1696b0fdcf11bcd3..47b2c099c1becd55cae84b0a666b71ed61020ba0 100755
--- a/src/warden-server/sh/update.sh
+++ b/src/warden-server/sh/update.sh
@@ -2,7 +2,7 @@
#
# update.sh
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
@@ -14,13 +14,13 @@ VERSION="2.2"
#-------------------------------------------------------------------------------
usage()
{
- echo "Usage: ${0##*/} -d <directory> [-hV]"
- echo "-d <directory> destination directory of Warden server"
- echo "-s <directory> directory for symlinks to Warden server control scripts (optional)"
+ echo "Usage: ${0##*/} -d <directory> [-s <directory>] [-hV]"
+ echo "-d <directory> Warden server to update"
+ echo "-s <directory> directory of symlinks to system control scripts (optional)"
echo "-h print this help"
echo "-V print script version number and exit"
echo
- echo "Example: $ ./${0##*/} -d /opt/warden-server"
+ echo "Example: $ ./${0##*/} -d /opt/warden-server -s /usr/local/bin"
echo
echo "For more information about update process, see README file (section Update)."
echo
@@ -38,8 +38,7 @@ version()
err()
{
echo "FAILED!"
- echo
- cat "$err"
+ echo -n "Error: " && cat "$err"
rm -f "$backup" 2>/dev/null
rm -f "$err"
echo
@@ -51,11 +50,11 @@ err()
errClean()
{
echo "FAILED!"
+ echo -n "Error: " && cat "$err"
echo " -> Reverting changes of Warden server package ... OK"
rm -r "${basedir}/"* > /dev/null 2>&1
cp -R "${backup}/"* "$basedir"
echo
- cat "$err"
rm -r "$err" "$backup"
echo
echo "Update from $old_package_version to $package_version package FAILED!!!"
@@ -103,7 +102,7 @@ oldPackageChck()
if [ "$old_package_version" == "$package_version" ]; then
echo "FAILED!"
echo
- echo "Package $package_version is already installed!"
+ echo "Package $package_version has been already installed!"
exit 1
elif [ "$old_package_version" == "warden-server-2.0" ]; then
echo "FAILED!"
@@ -115,7 +114,7 @@ oldPackageChck()
echo "FAILED!"
echo
echo "Warden server package is not yet installed!"
- echo "For installation of Warden server package please use install.sh"
+ echo "For installation of Warden server package please use install.sh."
exit 1
fi
echo "OK"
@@ -150,7 +149,7 @@ modulesChck()
backup()
{
echo -n "Making Warden server backup ... "
- mkdir "$backup"
+ mkdir "$backup" 2> "$err" || err
if cp -R "${basedir}/"* "$backup" 2> "$err"; then
echo "OK"
else
@@ -168,6 +167,8 @@ updateWardenDir()
[[ ! -d "$dir" ]] && mkdir -p "$dir"
cp "$file" "${basedir}/$file" 2> "$err" || errClean
done
+ rm -f "${basedir}/uninstall.sh" 2> /dev/null
+ ln -s "${sh}/uninstall.sh" "$basedir"
echo "OK"
}
@@ -188,9 +189,20 @@ doTemplate()
}
+removeOldFiles()
+{
+ echo -n "Removing old package files ... "
+ rm -f "${etc}/warden-client.conf" 2> /dev/null
+ rm -f "${doc}/warden20to21.patch" 2> /dev/null
+ rm -f "${lib}/WardenConf.pm" 2> /dev/null
+ rm -f "${lib}/WardenStatus.pm" 2> /dev/null
+ rm -f "${lib}/WardenReg.pm" 2> /dev/null
+ echo "OK"
+}
+
createManifest()
{
- echo -n "Creating MANIFEST file ... "
+ echo -n "Creating new MANIFEST file ... "
cd "$basedir" && find . -mindepth 2 -type f | sed 's/.\///' | sort > "${doc}/MANIFEST" && cd $OLDPWD 2> "$err" || errClean
echo "OK"
}
@@ -198,12 +210,17 @@ createManifest()
createSymlinks()
{
- echo "Creating symbolic links to $symbin ..."
- for file in "${bin}/"*
- do
- echo "- making symlink: ${symbin}/${file##*/} -> $file"
- ln -s "$file" "${symbin}/${file##*/}"
- done
+ echo -n "Checking symlinks directory $symbin ... "
+ if [[ -d $symbin && -w $symbin ]]; then
+ echo "OK"
+ for file in "${bin}/"*
+ do
+ echo "- updating symlink: ${symbin}/${file##*/} -> $file"
+ ln -s "$file" "${symbin}/${file##*/}"
+ done
+ else
+ echo "FAILED!"
+ fi
}
@@ -236,15 +253,20 @@ hostname=$(hostname -f || echo "unspecified.server")
dirname=${0%/*}
doc="${basedir}/doc"
etc="${basedir}/etc"
+sh="${basedir}/sh"
server_conf="${etc}/warden-server.conf"
apache_conf="${etc}/warden-apache.conf"
watchdog_conf="${etc}/warden-watchdog.conf"
-server_conf_tmpl="${dirname}/etc/warden-server.conf.tmpl.update"
-apache_conf_tmpl="${dirname}/etc/warden-apache.conf.tmpl.update"
-watchdog_conf_tmpl="${dirname}/etc/warden-watchdog.conf.tmpl.update"
+server_conf_tmpl="${dirname}/etc/warden-server.conf.tmpl"
+server_conf_tmpl_update="${dirname}/etc/warden-server.conf.tmpl.update"
+apache_conf_tmpl="${dirname}/etc/warden-apache.conf.tmpl"
+apache_conf_tmpl_update="${dirname}/etc/warden-apache.conf.tmpl.update"
+watchdog_conf_tmpl="${dirname}/etc/warden-watchdog.conf.tmpl"
+watchdog_conf_tmpl_update="${dirname}/etc/warden-watchdog.conf.tmpl.update"
package_version=$(<"${dirname}/etc/package_version")
manifest="${dirname}/doc/MANIFEST"
+echo "Update of Warden server package to $package_version ..."
echo
echo "------------------------- Dependencies check-in -------------------------"
@@ -258,7 +280,7 @@ oldPackageChck
perlChck
# Perl modules test
-modulesChck
+modulesChck || exit 1
echo
echo "------------------------- Update process --------------------------------"
@@ -267,77 +289,126 @@ echo "------------------------- Update process --------------------------------"
backup
# make warden server directory
-updateWardenDir
+updateWardenDir || exit 1
# update server configuration file
-echo -n "Updating Warden server configuration file ... "
-syslog=$(getConfValue "$server_conf" SYSLOG)
-syslog_verbose=$(getConfValue "$server_conf" SYSLOG_VERBOSE)
-syslog_facility=$(getConfValue "$server_conf" SYSLOG_FACILITY)
-db_name=$(getConfValue "$server_conf" DB_NAME)
-db_user=$(getConfValue "$server_conf" DB_USER)
-db_pass=$(getConfValue "$server_conf" DB_PASS)
-db_host=$(getConfValue "$server_conf" DB_HOST)
-max_events_limit=$(getConfValue "$server_conf" MAX_EVENTS_LIMIT)
-valid_strings=$(perl -e "use updateCommon; updateCommon::getConfHash(\"$server_conf\");")
-doTemplate \
- _BASEDIR_ "$basedir" \
- _SYSLOG_ "$syslog" \
- _SYSLOG_VERBOSE_ "$syslog_verbose" \
- _SYSLOG_FACILITY_ "$syslog_facility" \
- _DB_NAME_ "$db_name" \
- _DB_USER_ "$db_user" \
- _DB_PASS_ "$db_pass" \
- _DB_HOST_ "$db_host" \
- _MAX_EVENTS_LIMIT_ "$max_events_limit" \
- _VALID_STRINGS_ "$valid_strings" \
- < $server_conf_tmpl \
- > $server_conf && echo "OK" || errClean
+echo -n "Checking Warden server configuration file ... "
+if [[ -r "$server_conf" ]]; then
+ echo "OK"
+ echo -n " -> Updating Warden server configuration file ... "
+ syslog=$(getConfValue "$server_conf" SYSLOG)
+ syslog_verbose=$(getConfValue "$server_conf" SYSLOG_VERBOSE)
+ syslog_facility=$(getConfValue "$server_conf" SYSLOG_FACILITY)
+ db_name=$(getConfValue "$server_conf" DB_NAME)
+ db_user=$(getConfValue "$server_conf" DB_USER)
+ db_pass=$(getConfValue "$server_conf" DB_PASS)
+ db_host=$(getConfValue "$server_conf" DB_HOST)
+ max_events_limit=$(getConfValue "$server_conf" MAX_EVENTS_LIMIT)
+ valid_strings=$(perl -e "use updateCommon; updateCommon::getConfHash(\"$server_conf\");")
+ doTemplate \
+ _BASEDIR_ "$basedir" \
+ _SYSLOG_ "$syslog" \
+ _SYSLOGVERBOSE_ "$syslog_verbose" \
+ _SYSLOGFACILITY_ "$syslog_facility" \
+ _DBNAME_ "$db_name" \
+ _DBUSER_ "$db_user" \
+ _DBPASS_ "$db_pass" \
+ _DBHOST_ "$db_host" \
+ _MAXEVENTSLIMIT_ "$max_events_limit" \
+ _VALIDSTRINGS_ "$valid_strings" \
+ < $server_conf_tmpl_update \
+ > $server_conf && echo "OK" || errClean
+else
+ echo "FAILED!"
+ echo -n " -> Creating Warden server configuration file ... "
+ doTemplate \
+ _BASEDIR_ "$basedir" \
+ < $server_conf_tmpl \
+ > $server_conf && echo "OK" || errClean
+fi
+
# update Apache configuration file
-echo -n "Updating Apache configuration file ... "
-cert_file_tmp=`fgrep SSLCertificateFile $apache_conf`
-key_file_tmp=`fgrep SSLCertificateKeyFile $apache_conf`
-ca_file_tmp=`fgrep SSLCACertificateFile $apache_conf`
-lib_tmp=`fgrep PerlSwitches $apache_conf`
-cert_file=${cert_file_tmp##*" "}
-key_file=${key_file_tmp##*" "}
-ca_file=${ca_file_tmp##*" "}
-lib=${lib_tmp##*" "}
-doTemplate \
- _CERT_FILE_ "$cert_file" \
- _KEY_FILE_ "$key_file" \
- _CA_FILE_ "$ca_file" \
- _LIB_ "$lib" \
- < $apache_conf_tmpl \
- > $apache_conf && echo "OK" || errClean
+echo -n "Checking Apache configuration file ... "
+if [[ -r "$apache_conf" ]]; then
+ echo "OK"
+ echo -n " -> Updating Apache configuration file ... "
+ cert_file_tmp=`fgrep SSLCertificateFile $apache_conf`
+ key_file_tmp=`fgrep SSLCertificateKeyFile $apache_conf`
+ ca_file_tmp=`fgrep SSLCACertificateFile $apache_conf`
+ lib_tmp=`fgrep PerlSwitches $apache_conf`
+ cert_file=${cert_file_tmp##*" "}
+ key_file=${key_file_tmp##*" "}
+ ca_file=${ca_file_tmp##*" "}
+ lib=${lib_tmp##*" "}
+ doTemplate \
+ _CERTFILE_ "$cert_file" \
+ _KEYFILE_ "$key_file" \
+ _CAFILE_ "$ca_file" \
+ _LIB_ "$lib" \
+ < $apache_conf_tmpl_update \
+ > $apache_conf && echo "OK" || errClean
+else
+ echo "FAILED!"
+ echo -n " -> Creating Apache configuration file ... "
+ cert_file="unspecified.cert"
+ key_file="unspecified.key"
+ ca_file="unspecified.ca_cert"
+ lib="unspecified.lib_path"
+ doTemplate \
+ _CERTFILE_ "$cert_file" \
+ _KEYFILE_ "$key_file" \
+ _CAFILE_ "$ca_file" \
+ _LIB_ "$lib" \
+ < $apache_conf_tmpl \
+ > $apache_conf && echo "OK" || errClean
+fi
# update wardenWatchdog configuration file
-echo -n "Updating Warden Watchdog configuration file ... "
-domain_name=$(getConfValue "$watchdog_conf" DOMAIN_NAME)
-email_subject=$(getConfValue "$warden_conf" EMAIL_SUBJECT)
-email_server_conf=$(getConfValue "$warden_conf" EMAIL_SERVER_CONF)
-sql_precondition=$(perl -e "use updateCommon; updateCommon::getConfArrayPre(\"$watchdog_conf\");")
-sql_queries=$(perl -e "use updateCommon; updateCommon::getConfArrayQueries(\"$watchdog_conf\");")
-sql_postcondition=$(perl -e "use updateCommon; updateCommon::getConfArrayPost(\"$watchdog_conf\");")
-doTemplate \
- _DOMAIN_NAME_ "$domain_name" \
- _EMAIL_SUBJECT_ "$email_subject" \
- _EMAIL_SERVER_CONF_ "$email_server_conf" \
- _SQL_PRECONDITION_ "$sql_precondition" \
- _SQL_QUERIES_ "$sql_queries" \
- _SQL_POSTCONDITION_ "$sql_postcondition" \
- < $watchdog_conf_tmpl \
- > $watchdog_conf && echo "OK" || errClean
+echo -n "Checking Warden Watchdog configuration file ... "
+if [[ -r "$watchdog_conf" ]]; then
+ echo "OK"
+ echo -n " -> Updating Warden Watchdog configuration file ... "
+ domain_name=$(getConfValue "$watchdog_conf" DOMAIN_NAME)
+ email_subject=$(getConfValue "$warden_conf" EMAIL_SUBJECT)
+ email_server_conf=$(getConfValue "$warden_conf" EMAIL_SERVER_CONF)
+ sql_precondition=$(perl -e "use updateCommon; updateCommon::getConfArrayPre(\"$watchdog_conf\");")
+ sql_queries=$(perl -e "use updateCommon; updateCommon::getConfArrayQueries(\"$watchdog_conf\");")
+ sql_postcondition=$(perl -e "use updateCommon; updateCommon::getConfArrayPost(\"$watchdog_conf\");")
+ doTemplate \
+ _DOMAINNAME_ "$domain_name" \
+ _EMAILSUBJECT_ "$email_subject" \
+ _EMAILSERVER_CONF_ "$email_server_conf" \
+ _SQLPRECONDITION_ "$sql_precondition" \
+ _SQLQUERIES_ "$sql_queries" \
+ _SQLPOSTCONDITION_ "$sql_postcondition" \
+ < $watchdog_conf_tmpl_update \
+ > $watchdog_conf && echo "OK" || errClean
+else
+ echo "FAILED!"
+ echo -n " -> Creating Warden Watchdog configuration file ... "
+ domain_name=$(hostname -f || echo "unspecified.server")
+ contact="unspecified.contact"
+ doTemplate \
+ _DOMAINNAME_ "$domain_name" \
+ _CONTACT_ "$contact" \
+ < $watchdog_conf_tmpl \
+ > $watchdog_conf && echo "OK" || errClean
+fi
+
+# remove files of old packages - file list depend on package version
+removeOldFiles
# create MANIFEST file
createManifest
# crate symlinks from warden server bin to user path (if -s option is set)
-[[ ! -z "$symbin" ]] && [[ -d "$symbin" ]] && [[ -w "$symbin" ]] && createSymlinks
+[[ ! -z "$symbin" ]] && createSymlinks
echo
-echo "Please check updated configuration files:"
+echo "------------------------- Summary ---------------------------------------"
+
+echo "Please check updated/created configuration files:"
echo " - $server_conf"
echo " - $server_conf"
echo " - $watchdog_conf"
@@ -350,6 +421,7 @@ echo "Please follow post-update steps in ${doc}/UPDATE!"
echo
# cleanup section
-rm -f "$err" "$backup"
+rm -f "$err"
+rm -rf "$backup"
exit 0
diff --git a/src/warden-server/sh/updateCommon.pm b/src/warden-server/sh/updateCommon.pm
index f54e33661b717cd7ed769f0a80990e4dc5fa806e..265426037e9b4db38781901fcb4c02d1323bbe6e 100755
--- a/src/warden-server/sh/updateCommon.pm
+++ b/src/warden-server/sh/updateCommon.pm
@@ -1,6 +1,6 @@
# updateCommon.pm
#
-# Copyright (C) 2011-2014 Cesnet z.s.p.o
+# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.