WardenClientReceive.pm sloucen do WardenClient.pm

src/warden-client/lib/WardenClientReceive.pm

-#!/usr/bin/perl -w
-#                                                                    
-# WardenClientReceive.pm
-#
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.  
-
-package WardenClientReceive;
-
-use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::HTTP;
-use FindBin;
-use Sys::Syslog;
-
-our $VERSION = "2.2";
-
-#-------------------------------------------------------------------------------
-# getNewEvents - get new events from warden server greater than last received ID
-#-------------------------------------------------------------------------------
-sub getNewEvents
-{
-  my @events;  
-
-    my $warden_path = shift;
-    my $requested_type = shift;
-
-    my $vardir = $warden_path . "/var/";
-    my $etcdir = $warden_path . "/etc/";
-    my $libdir = $warden_path . "/lib/";
-
-    require $libdir . "WardenClientConf.pm";
-    require $libdir . "WardenClientCommon.pm";
-
-    # read the config file
-    my $conf_file = $etcdir . "warden-client.conf";
-    WardenClientConf::loadConf($conf_file);
-
-    # set name of ID file for each client aplication 
-    my ($caller_name) = ($FindBin::Script =~ /^(.*)$/);	# untaint
-    my $id_file = $vardir . $caller_name . "-". ($requested_type || "any") . ".id";
-
-    #-----------------------------------------------------------------------------
-    # get last ID from ID file (if exist) or
-    # get last ID from warden server DB and save it into ID file
-    my $last_id;
-    if (-e $id_file) {
-      open(ID, "< $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
-      foreach(<ID>) {
-        $last_id = $_;
-      }
-      close ID;
-    } else {
-      # c2s() returns undef on fail
-      my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getLastId");
-      defined $response or return; # receive data or return undef      
- 
-      $last_id = $response->result;
-      open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
-      print ID $last_id;
-      close ID;
-    }
-
-    #-----------------------------------------------------------------------------
-    # get new events from warden server DB based on gathered last ID 
-
-    my $request_data;
-    eval {
-      # create SOAP data object
-      $request_data = SOAP::Data->name(
-        request => \SOAP::Data->value(
-          SOAP::Data->name(REQUESTED_TYPE        => $requested_type),
-          SOAP::Data->name(LAST_ID               => $last_id),
-          SOAP::Data->name(MAX_RCV_EVENTS_LIMIT  => $WardenClientConf::MAX_RCV_EVENTS_LIMIT)
-        )
-      )
-    } or return errMsg('Unknown error when creating SOAP data object, ' . $@);
-  
-    # call server method getNewEvents
-    my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getNewEvents", $request_data);
-    defined $response or return; # connect to warden server or return undef
-    
-    # parse returned SOAP data object
-    my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
-    
-    my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
-    
-    while (scalar @response_list) {
-      my $response_data = shift(@response_list);
-      my @event;
-
-      # parse items of one event
-      $id		= $response_data->{'ID'};
-      $hostname		= $response_data->{'HOSTNAME'};
-      $service		= $response_data->{'SERVICE'};
-      $detected		= $response_data->{'DETECTED'};
-      $type		= $response_data->{'TYPE'};
-      $source_type	= $response_data->{'SOURCE_TYPE'};
-      $source		= $response_data->{'SOURCE'};
-      $target_proto	= $response_data->{'TARGET_PROTO'};
-      $target_port	= $response_data->{'TARGET_PORT'};
-      $attack_scale	= $response_data->{'ATTACK_SCALE'};
-      $note		= $response_data->{'NOTE'};
-      $priority		= $response_data->{'PRIORITY'};
-      $timeout		= $response_data->{'TIMEOUT'};
-
-      # push new event from warden server into @events which is returned
-      @event = ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
-      push (@events, \@event);
- 
-      # set maximum received ID from current batch
-      if ($id > $last_id) {
-  	    $last_id = $id;
-      }
-    } #end of while loop
-
-    # write last return ID
-    if (defined $last_id) { # must be defined for first check ID
-      open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
-      print ID $last_id;
-      close ID;
-    }
-
-  return @events;
-
-} # End of getNewEvents
-
-1;