src/warden-client/lib/WardenClientConf.pm

-#!/usr/bin/perl -w
-#
-# WardenClientConf.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): 	Tomas PLESNIK 	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#    this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
-#
-
-package WardenClientConf;
-
-use strict;
-
-our $VERSION = "1.0";
-
-#-------------------------------------------------------------------------------
-# loadConf - load variables from configuration file
-#-------------------------------------------------------------------------------
-sub loadConf
-{
-  my $conf_file = shift;
-
-  # preset of default variables
-  our $URI = undef;
-  our $SSL_KEY_FILE = undef;
-  our $SSL_CERT_FILE = undef;
-  our $SSL_CA_FILE = undef;
-
-  # read config file
-  if ( ! open( TMP, $conf_file) ) {
-    die("Can't read config file '$conf_file': $!\n");
-  }
-  close TMP;
-
-  # load set variables by user
-  if ( !do $conf_file ) {
-    die("Errors in config file '$conf_file': $@");
-  }
-
-  return ($URI, $SSL_KEY_FILE, $SSL_CERT_FILE, $SSL_CA_FILE);
-
-} # End of loadConf
-1;

src/warden-client/lib/WardenClientReceive.pm

-#!/usr/bin/perl -w
-#
-# WardenClientReceive.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s): 	Tomas PLESNIK 	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#    this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
-
-package WardenClientReceive;
-
-use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::TCP;
-use FindBin;
-
-our $VERSION = "1.1";
-
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
-  my $msg = shift;
-  die($msg . "\n");
-} # End of errMsg
-
-
-#-------------------------------------------------------------------------------
-# c2s - connect to server, send request and receive response
-#-------------------------------------------------------------------------------
-sub c2s 
-{
-  my $uri		= shift;
-  my $ssl_key_file	= shift;
-  my $ssl_cert_file	= shift;
-  my $ssl_ca_file	= shift;
-  my $method		= shift;
-  my $data		= shift;
-
-  my $client;
-  my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-  if (!($client = SOAP::Transport::TCP::Client->new(
-    PeerAddr            => $server,
-    PeerPort            => $port,
-    Proto               => 'tcp',
-    SSL_use_cert        => 1,
-    SSL_verify_mode     => 0x02,
-    SSL_key_file        => $ssl_key_file,
-    SSL_cert_file       => $ssl_cert_file,
-    SSL_ca_file         => $ssl_ca_file,
-  ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-
-  # setting of URI and serialize SOAP envelope and data object
-  my $soap = SOAP::Lite->uri($uri);
-  my $envelope;
-  if (!defined $data) {
-    $envelope = $soap->serializer->envelope(method => $method);
-  } else {
-    $envelope = $soap->serializer->envelope(method => $method, $data);
-  }
-
-  # setting of TCP URI and send serialized SOAP envelope and data
-  my $tcp_uri = "tcp://$server:$port/$service";
-  my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-
-  # check server response
-  if (!defined $result) {
-    errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-  } else {
-    # deserialized response from server -> create SOAP envelope and data object
-    my $response = $soap->deserializer->deserialize($result);
-    # check SOAP fault status
-    $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
-  }
-}
-
-
-#-------------------------------------------------------------------------------
-# getNewEvents - get new events from warden server greater than last received ID
-#-------------------------------------------------------------------------------
-sub getNewEvents
-{
-  my $warden_path = shift;
-  my $requested_type = shift;
-
-  my $vardir = $warden_path . "/var/";
-  my $etcdir = $warden_path . "/etc/";
-  my $libdir = $warden_path . "/lib/";
-
-  # read the config file
-  require $libdir .  "WardenClientConf.pm";
-  my $conf_file = $etcdir . "warden-client.conf";
-  my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenClientConf::loadConf($conf_file);
-
-  # set name of ID file for each client aplication 
-  my $caller_name = $FindBin::Script;
-  my $id_file = $vardir . $caller_name . ".id";
-
-  #-----------------------------------------------------------------------------
-  # get last ID from ID file (if exist) or
-  # get last ID from warden server DB and save it into ID file
-  my $last_id;
-  if (-e $id_file) {
-    open(ID, "< $id_file") || errMsg("Cannot open ID file $id_file: $!");
-    foreach(<ID>) {
-      $last_id = $_;
-    }
-    close ID;
-  } else {
-    my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getLastId");
-    $last_id = $response->result;
-    open(ID, "> $id_file") || die ("Cannot open ID file $id_file: $!");
-    print ID $last_id;
-    close ID;
-  }
-
-  #-----------------------------------------------------------------------------
-  # get new events from warden server DB based on gathered last ID 
-
-  # create SOAP data obejct
-  my $request_data = SOAP::Data->name(request => \SOAP::Data->value(
-    SOAP::Data->name(REQUESTED_TYPE => $requested_type),
-    SOAP::Data->name(LAST_ID => $last_id)
-  ));
-  my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getNewEvents", $request_data);
-
-  # match getNewEvents functions response
-  $response->match('/Envelope/Body/getNewEventsResponse/');
-  my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
-  my @events;
-
-  # parse returned SOAP data object
-  my $i = 1;
-  my $response_data = $response->valueof("[$i]");
-  while (defined $response_data) {
-    my @event;
-
-    # parse items of one event
-    $id			= $response_data->{'ID'};
-    $hostname		= $response_data->{'HOSTNAME'};
-    $service		= $response_data->{'SERVICE'};
-    $detected 		= $response_data->{'DETECTED'};
-    $type		= $response_data->{'TYPE'};
-    $source_type	= $response_data->{'SOURCE_TYPE'};
-    $source		= $response_data->{'SOURCE'};
-    $target_proto	= $response_data->{'TARGET_PROTO'};
-    $target_port	= $response_data->{'TARGET_PORT'};
-    $attack_scale	= $response_data->{'ATTACK_SCALE'};
-    $note		= $response_data->{'NOTE'};
-    $priority		= $response_data->{'PRIORITY'};
-    $timeout		= $response_data->{'TIMEOUT'};
-
-    # push new event from warden server into @events which is returned
-    @event = ("$id", "$hostname", "$service", "$detected", "$type", "$source_type", "$source", "$target_proto", "$target_port", "$attack_scale", "$note", "$priority", "$timeout");
-    push (@events, \@event);
-
-    # set maximum received ID from current batch
-    if ($id > $last_id) {
-	    $last_id = $id;
-    }
-
-    # go to the next received event
-    $i++;
-    $response_data = $response->valueof("[$i]");
-  }
-
-  # write last return ID
-  if (defined $last_id) {		# must be defined for first check ID
-    open(ID, "> $id_file") || die ("Cannot open ID file $id_file: $!");
-    print ID $last_id;
-    close ID;
-  }
-
-  # return event array of arrays 
-  return @events;
-} # End of getNewEvents
-
-1;

src/warden-client/lib/WardenClientSend.pm

-#!/usr/bin/perl -w
-#
-# WardenClientSend.pm
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s):	Tomas PLESNIK	<plesnik@ics.muni.cz>
-#		Jan SOUKAL	<soukal@ics.muni.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#    this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
-
-package WardenClientSend;
-
-use strict;
-use SOAP::Lite;
-use IO::Socket::SSL qw(debug1);
-use SOAP::Transport::TCP;
-
-our $VERSION = "1.1";
-
-
-#-------------------------------------------------------------------------------
-# errMsg - print error message and die
-#-------------------------------------------------------------------------------
-sub errMsg
-{
-  my $msg = shift;
-  die($msg . "\n");
-} # End of errMsg
-
-
-#-------------------------------------------------------------------------------
-# c2s - connect to server, send request and receive response
-#-------------------------------------------------------------------------------
-sub c2s 
-{
-  my $uri		= shift;
-  my $ssl_key_file	= shift;
-  my $ssl_cert_file	= shift;
-  my $ssl_ca_file	= shift;
-  my $method		= shift;
-  my $data		= shift;
-
-  my $client;
-  my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
-  if (!($client = SOAP::Transport::TCP::Client->new(
-    PeerAddr            => $server,
-    PeerPort            => $port,
-    Proto               => 'tcp',
-    SSL_use_cert        => 1,
-    SSL_verify_mode     => 0x02,
-    SSL_key_file        => $ssl_key_file,
-    SSL_cert_file       => $ssl_cert_file,
-    SSL_ca_file         => $ssl_ca_file,
-  ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
-
-  # setting of URI and serialize SOAP envelope and data object
-  my $soap     = SOAP::Lite->uri($uri);
-  my $envelope = $soap->serializer->envelope(method => $method, $data);
-
-  # setting of TCP URI and send serialized SOAP envelope and data
-  my $tcp_uri = "tcp://$server:$port/$service";
-  my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
-
-  # check server response
-  if (!defined $result) {
-    errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
-  } else {
-    # deserialized response from server -> create SOAP envelope and data object
-    my $response = $soap->deserializer->deserialize($result);
-    # check SOAP fault status
-    $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return 1;
-  }
-}
-
-
-#-------------------------------------------------------------------------------
-# saveNewEvent - send new event from detection scripts to warden server
-#-------------------------------------------------------------------------------
-sub saveNewEvent
-{
-  my $warden_path = shift;
-  my $event_ref = shift;
-
-  my $etcdir = $warden_path . "/etc/";
-  my $libdir = $warden_path . "/lib/";
-
-  # read the config file
-  require $libdir .  "WardenClientConf.pm";
-  my $conf_file = $etcdir . "warden-client.conf";
-  my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenClientConf::loadConf($conf_file);
-
-  # prepare variables of event 
-  my @event = @{$event_ref};
-  my $service		= $event[0];
-  my $detected		= $event[1];
-  my $type		= $event[2];
-  my $source_type	= $event[3];
-  my $source		= $event[4];
-  my $target_proto	= $event[5];
-  my $target_port	= $event[6];
-  my $attack_scale	= $event[7];
-  my $note		= $event[8];
-  my $priority		= $event[9];
-  my $timeout		= $event[10];
-
-  # create SOAP data object
-  my $event = SOAP::Data->name(event => \SOAP::Data->value(
-    SOAP::Data->name(SERVICE		=> $service),
-    SOAP::Data->name(DETECTED		=> $detected),
-    SOAP::Data->name(TYPE		=> $type),
-    SOAP::Data->name(SOURCE_TYPE    	=> $source_type),
-    SOAP::Data->name(SOURCE		=> $source),
-    SOAP::Data->name(TARGET_PROTO	=> $target_proto),
-    SOAP::Data->name(TARGET_PORT	=> $target_port),
-    SOAP::Data->name(ATTACK_SCALE	=> $attack_scale),
-    SOAP::Data->name(NOTE		=> $note),
-    SOAP::Data->name(PRIORITY       	=> $priority),
-    SOAP::Data->name(TIMEOUT		=> $timeout)
-   ));
-
-  my $result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "saveNewEvent", $event);
-  $result ? return 1 : return 0;
-
-} # End of saveNewEvent
-
-1;

src/warden-server/bin/warden-alive

-#!/usr/bin/perl
-#
-# warden-alive
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-# Author(s):    Jan Mach  <jan.mach@cesnet.cz>
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
-#    contributors may be used to endorse or promote products derived from
-#    this software without specific prior written permission.
-#
-# This software is provided ``as is'', and any express or implied
-# warranties, including, but not limited to, the implied warranties of
-# merchantability and fitness for a particular purpose are disclaimed.
-# In no event shall the Cesnet z.s.p.o or contributors be liable for
-# any direct, indirect, incidental, special, exemplary, or consequential
-# damages (including, but not limited to, procurement of substitute
-# goods or services; loss of use, data, or profits; or business
-# interruption) however caused and on any theory of liability, whether
-# in contract, strict liability, or tort (including negligence or
-# otherwise) arising in any way out of the use of this software, even
-# if advised of the possibility of such damage.
-
-our $VERSION = "0.1";
-
-my $rv =  `ps aux | grep "/usr/bin/perl -w /opt/warden-server/bin/warden-server.pl" | grep -v grep | grep -v process-alive | wc -l`;
-if ($rv) {
-	print "WARDEN OK: Warden server is running\n";
-}
-else {
-	print "WARDEN CRITICAL: Warden server is not running\n";
-};

src/warden-server/doc/CHANGELOG

-2012-03-02 v0.1.0 stable version
---------------------------------
-- initial package of warden server
-- SSL certificate authentication/authorization supported
-- Subject Alternative Names from SSL cert supported
-- SQLite database engine supported
-- Syslog logging supporte
-- automatized installation and uninstallation process

src/warden-server/doc/INSTALL

-Installation process
---------------------
-
-For installation of warden-server package on local machine use install.sh.
-  
-Default destination directory is /opt/warden-server/.
-          
-For more information about install.sh options run install.sh -h.
-
-You must be root for running this script.
-
-
-Uninstallation process
-----------------------
-
-For uninstallation of warden-server package from local machine use uninstall.sh.
-  
-Default uninstallation directory is /opt/warden-server/.
-          
-For more information about uninstall.sh options run uninstall.sh -h.
-
-You must be root for running this script.

src/warden-server/etc/package_version

-warden-server-0.1.0

src/warden-server/etc/warden-client.conf

-#
-# warden-client.conf - configuration file for registration and status clients
-#
-
-#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
-#-------------------------------------------------------------------------------
-$URI = "https://warden-dev.cesnet.cz:443/Warden";
-
-#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to server SSL certificate key file
-#-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
-
-#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path toserver SSL certificate file
-#-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
-
-#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
-#-------------------------------------------------------------------------------
-$SSL_CA_FILE = "/etc/ssl/certs/tcs-ca-bundle.pem";