Newer
Older
Tomáš Plesník
committed
# Warden.pm
Tomáš Plesník
committed
# Use of this source is governed by a BSD-style license, see LICENSE file.
package Warden;
use strict;
use DBI;
use DBD::mysql;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use Net::CIDR::Lite;
use DateTime;
use MIME::Base64;
use Crypt::X509;
Tomáš Plesník
committed
use SOAP::Lite;
Tomáš Plesník
committed
use Carp;
<<<<<<< HEAD
=======
use File::Basename;
Tomáš Plesník
committed
my $lib = File::Basename::dirname(__FILE__);
use lib $lib;
Tomáš Plesník
committed
use WardenCommon;
################################################################################
# VARIABLES
################################################################################
Tomáš Plesník
committed
our $FILENAME = File::Basename::basename(__FILE__);
my $etc = "$lib/../etc";
>>>>>>> warden-server-2.2
Tomáš Plesník
committed
################################################################################
Tomáš Plesník
committed
# READING OF CONFIGURATION VARIABLES
################################################################################
my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
Tomáš Plesník
committed
our $SYSLOG = undef;
our $SYSLOG_VERBOSE = undef;
our $SYSLOG_FACILITY = undef;
our $DB_NAME = undef;
our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
our $MAX_EVENTS_LIMIT = 1000000; # default value
our %VALID_STRINGS = (); # inicialization of empty hash
Tomáš Plesník
committed
unless (do $conf_file) {
Tomáš Plesník
committed
die("Errors in config file '$conf_file': $@") if $@;
die("Can't read config file '$conf_file': $!") unless defined $_;
# if $_ defined, it's retvalue of last statement of conf, for which we don't care
Tomáš Plesník
committed
################################################################################
################################################################################
our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBH->errstr";
Tomáš Plesník
committed
################################################################################
################################################################################
#-------------------------------------------------------------------------------
# sendMsg - sent message to syslog (SYS::Syslog) and to client (SOAP::Fault)
#
# Args: (SYSLOG severity, SYSLOG msg, SOAP msg)
#-------------------------------------------------------------------------------
Tomáš Plesník
committed
sub sendMsg
my $severity = shift;
my $syslog_msg = shift;
my $soap_msg = shift;
my $filename = File::Basename::basename($0);
if ($SYSLOG_VERBOSE == 1 && ($severity eq "err" || $severity eq "debug")) {
$syslog_msg .= "\nStack info: " . Carp::longmess();
}
if ($SYSLOG == 1 && defined $severity && defined $syslog_msg) {
Sys::Syslog::openlog($filename, "cons,pid", $SYSLOG_FACILITY);
Sys::Syslog::syslog("$severity", "$syslog_msg");
Sys::Syslog::closelog();
}
if (defined $soap_msg) {
die SOAP::Fault->faultstring($soap_msg);
}
} # End of sendMsg
#-------------------------------------------------------------------------------
Tomáš Plesník
committed
# getAltNames - parse Alternate names from SSL certifiate
#-------------------------------------------------------------------------------
Tomáš Plesník
committed
sub getAltNames
Tomáš Plesník
committed
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
Tomáš Plesník
committed
push(@an_array, $DBH->quote($cn));
my @a = split("\n", $ENV{'SSL_CLIENT_CERT'});
pop @a;
shift @a;
my $der = decode_base64(join("", @a));
my $decoded= Crypt::X509->new(cert => $der);
foreach my $tmp (@{$decoded->SubjectAltName}) {
Tomáš Plesník
committed
if($tmp =~ s/dNSName=//){
push(@an_array, $DBH->quote($tmp));
}
}
my $alt_names = join(',', @an_array);
return $alt_names;
#-------------------------------------------------------------------------------
# authorizeClient - authorize client by CN,AN and source IP range
#-------------------------------------------------------------------------------
sub authorizeClient
{
Tomáš Plesník
committed
my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
my $sth;
# obtain cidr based on rigth common name and alternate names, service and client_type
if($function_name eq 'saveNewEvent') {
$sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
Tomáš Plesník
committed
} elsif($function_name eq 'getNewEvents') {
$sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
Tomáš Plesník
committed
}
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare authorization statement in '$function_name': $DBH->errstr",
Tomáš Plesník
committed
"Internal 'prepare' server error")
}
Tomáš Plesník
committed
Tomáš Plesník
committed
my $correct_ip_source = 0;
my %ret;
while(($an, $cidr, $receive_own) = $sth->fetchrow()) {
my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
Tomáš Plesník
committed
$ret{'receive_own'} = $receive_own;
Tomáš Plesník
committed
$correct_ip_source = 1;
last;
Tomáš Plesník
committed
}
Tomáš Plesník
committed
# check if client is registered
if ($sth->rows == 0) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - client is not registered",
"Access denied - client is not registered at Warden server '$ENV{'SERVER_NAME'}'");
Tomáš Plesník
committed
return undef;
}
# check if client has IP from registered CIDR
if (!$correct_ip_source) {
Tomáš Plesník
committed
sendMsg ("err",
"Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access from another subnet than '$ret{'cidr'}'",
"Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet");
Tomáš Plesník
committed
return undef;
}
return %ret;
} # END of authorizeClient
################################################################################
# SOAP Functions
################################################################################
#-----------------------------------------------------------------------------
# saveNewEvent - save new received event into database
#-----------------------------------------------------------------------------
sub saveNewEvent
{
my ($class, $data) = @_;
Tomáš Plesník
committed
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $alt_names = getAltNames(undef);
my $ip = $ENV{'REMOTE_ADDR'};
my $function_name = 'saveNewEvent';
my $client_type = 's'; # incoming client MUST be sender
my $valid = 't'; # registered sender has valid events
my $received = DateTime->now; # time of event delivery (UTC)
Tomáš Plesník
committed
# parse object (event) parameters
my $service = $data->{'SERVICE'};
my $detected = $data->{'DETECTED'};
Tomáš Plesník
committed
my $type = $data->{'TYPE'};
my $source_type = $data->{'SOURCE_TYPE'};
my $source = $data->{'SOURCE'};
my $target_proto = $data->{'TARGET_PROTO'};
my $target_port = $data->{'TARGET_PORT'};
my $attack_scale = $data->{'ATTACK_SCALE'};
Tomáš Plesník
committed
my $note = $data->{'NOTE'};
my $priority = $data->{'PRIORITY'};
my $timeout = $data->{'TIMEOUT'};
my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
if (defined %client) {
sendMsg("info",
"Incoming event: [service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
undef);
if (%VALID_STRINGS) { # check if hash is not empty - use VALIDATION HASH
if (!(exists $VALID_STRINGS{'type'} && grep $type eq $_, @{$VALID_STRINGS{'type'}})) {
sendMsg("err",
"Unknown event type from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type']",
"Unknown event type: '$type'");
} elsif (!(exists $VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$VALID_STRINGS{'source_type'}})) {
sendMsg("err",
"Unknown source type from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Source_type: '$source_type']",
"Unknown source type: '$source_type'");
}
}
Tomáš Plesník
committed
Tomáš Plesník
committed
# http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571
if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
Tomáš Plesník
committed
sendMsg("err",
"Unknown detected time format from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Detected: '$detected']",
"Unknown detected time format: '$detected'");
}
Tomáš Plesník
committed
my $change_string = "";
if (defined $target_port && $target_port !~ /^\d+\z/) {
$change_string = $change_string . "target_port: '$target_port'";
Tomáš Plesník
committed
$target_port = undef;
}
if (defined $attack_scale && $attack_scale !~ /^\d+\z/) {
Tomáš Plesník
committed
if ($change_string eq "") {
$change_string = $change_string . "attack_scale: '$attack_scale'";
Tomáš Plesník
committed
} else {
$change_string = $change_string . ", attack_scale: '$attack_scale'";
Tomáš Plesník
committed
}
$attack_scale = undef;
}
if (defined $priority && $priority !~ /^\d+\z/) {
Tomáš Plesník
committed
if ($change_string eq "") {
$change_string = $change_string . "priority: '$priority'";
Tomáš Plesník
committed
} else {
$change_string = $change_string . ", priority: '$priority'";
Tomáš Plesník
committed
}
$priority = undef;
}
if (defined $timeout && $timeout !~ /^\d+\z/) {
Tomáš Plesník
committed
if ($change_string eq "") {
$change_string = $change_string . "timeout: '$timeout'";
Tomáš Plesník
committed
} else {
$change_string = $change_string . ", timeout: '$timeout'";
Tomáš Plesník
committed
}
$timeout = undef;
}
if ($change_string ne ""){
sendMsg("info",
"Unknown event items detected {originaly - $change_string} received in $received from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type'; Detected: '$detected']",
undef);
}
$sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) {
Tomáš Plesník
committed
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
return 1;
Tomáš Plesník
committed
}
} # END of saveNewEvent
#-----------------------------------------------------------------------------
# getNewEvents - get new events from the DB greater than received ID
#-----------------------------------------------------------------------------
sub getNewEvents
{
my ($class, $data) = @_;
my ($sth, @events, $event, @ids, $cidr_list);
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
Tomáš Plesník
committed
# client network information
Tomáš Plesník
committed
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $alt_names = getAltNames(undef);
my $ip = $ENV{'REMOTE_ADDR'};
my $client_type = 'r'; # incoming client MUST be sender
my $function_name = 'getNewEvents';
my $requested_type = $data->{'REQUESTED_TYPE'} || '_any_';
my $last_id = $data->{'LAST_ID'};
Tomáš Plesník
committed
my $max_rcv_events_limit = $data->{'MAX_RCV_EVENTS_LIMIT'}; # client events limit
# comparison of client and server limit - which can be used
Tomáš Plesník
committed
my $used_limit;
if (defined $max_rcv_events_limit && $max_rcv_events_limit < $MAX_EVENTS_LIMIT) {
Tomáš Plesník
committed
$used_limit = $max_rcv_events_limit;
} else {
Tomáš Plesník
committed
}
my %client = authorizeClient($alt_names, $ip, $requested_type, $client_type, $function_name);
Tomáš Plesník
committed
if ($client{'receive_own'} eq 't') {
if ($requested_type eq '_any_') {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' ORDER BY id ASC LIMIT ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare ROE-ANY statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($last_id, $used_limit);
Tomáš Plesník
committed
} else {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC LIMIT ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare ROE statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($last_id, $requested_type, $used_limit);
Tomáš Plesník
committed
}
Tomáš Plesník
committed
if ($requested_type eq '_any_') {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC LIMIT ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare ANY statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
$domain = '\%' . $domain;
Tomáš Plesník
committed
$sth->execute($last_id, $domain, $used_limit);
Tomáš Plesník
committed
} else {
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC LIMIT ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr\n",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
$domain = '\%' . $domain;
Tomáš Plesník
committed
$sth->execute($last_id, $requested_type, $domain, $used_limit);
Tomáš Plesník
committed
}
while (my @result = $sth->fetchrow()) {
$id = $result[0];
$hostname = $result[1];
$service = $result[2];
$detected = $result[3];
$type = $result[5];
$source_type = $result[6];
$source = $result[7];
$target_proto = $result[8];
$target_port = $result[9];
$attack_scale = $result[10];
$note = $result[11];
$priority = $result[12];
$timeout = $result[13];
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
Tomáš Plesník
committed
SOAP::Data->name(ID => $id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
Tomáš Plesník
committed
SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),
SOAP::Data->name(ATTACK_SCALE => $attack_scale),
SOAP::Data->name(NOTE => $note),
SOAP::Data->name(PRIORITY => $priority),
SOAP::Data->name(TIMEOUT => $timeout)
));
push(@events, $event);
push(@ids, $id);
}
# log sent ID of events
Tomáš Plesník
committed
if (scalar @events != 0) {
if (scalar @ids == 1) {
Tomáš Plesník
committed
sendMsg("info",
"Sent 1 event [#$ids[0]] to [IP: '$ip'; CN(AN): $alt_names; Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
Tomáš Plesník
committed
undef);
Tomáš Plesník
committed
} else {
Tomáš Plesník
committed
sendMsg("info",
"Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to [IP: '$ip'; CN(AN): $alt_names, Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
Tomáš Plesník
committed
undef);
Tomáš Plesník
committed
}
}
return @events;
}
} # END of getNewEvents
Tomáš Plesník
committed
#-----------------------------------------------------------------------------
# getLastId - get lastest saved event ID
#-----------------------------------------------------------------------------
sub getLastId
{
my ($class, $arg) = @_;
my $function_name = 'getLastId';
my $sth = $DBH->prepare("SELECT max(id) FROM events;");
if ( !defined $sth ) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $result = $sth->fetchrow();
return $result;
} # END of getLastID
#-----------------------------------------------------------------------------
# registerSender - register new sender
#-----------------------------------------------------------------------------
sub registerSender
{
my ($class, $data) = @_;
my $sth;
Tomáš Plesník
committed
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
my $function_name = 'registerSender';
Tomáš Plesník
committed
if ($local_ip ne $ip) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
"Access denied - access allowed only from 'localhost'");
Tomáš Plesník
committed
# defined variables by method
my $client_type = "s";
my $registered = DateTime->now;
Tomáš Plesník
committed
my $type = undef;
my $receive_own_events = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $requestor = $data->{'REQUESTOR'};
my $service = $data->{'SERVICE'};
my $description_tags = $data->{'DESCRIPTION_TAGS'};
my $ip_net_client = $data->{'IP_NET_CLIENT'};
# check if sender has been already registered
Tomáš Plesník
committed
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND service = ? AND client_type = ? AND ip_net_client = ? LIMIT 1;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($hostname, $service, $client_type, $ip_net_client);
my $result = $sth->fetchrow();
# register new sender
if (defined $result) {
Tomáš Plesník
committed
sendMsg("err",
"Attempt to re-register sender [Hostname: '$hostname', Service: '$service', CIDR: '$ip_net_client'] from '$ip'",
"Sender has been already registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
Tomáš Plesník
committed
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
Tomáš Plesník
committed
sendMsg("info",
Tomáš Plesník
committed
"New sender [Hostname: '$hostname', Requestor: '$requestor', Service: '$service', Description_tags: '$description_tags', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
Tomáš Plesník
committed
undef);
return 1;
}
}
} # END of registerSender
Tomáš Plesník
committed
#-----------------------------------------------------------------------------
# registerReceiver - register new receiver
#-----------------------------------------------------------------------------
sub registerReceiver
{
my ($class, $data) = @_;
my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
Tomáš Plesník
committed
if ($local_ip ne $ip) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
"Access denied - access allowed only from 'localhost'");
Tomáš Plesník
committed
# variables defined by method
my $client_type = "r";
my $registered = DateTime->now;
Tomáš Plesník
committed
my $service = undef;
my $description_tags = undef;
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $requestor = $data->{'REQUESTOR'};
my $type = $data->{'TYPE'};
my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
my $ip_net_client = $data->{'IP_NET_CLIENT'};
# check if receiver has been already registered
Tomáš Plesník
committed
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND client_type = ? AND type = ? AND ip_net_client = ? LIMIT 1;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
Tomáš Plesník
committed
}
$sth->execute($hostname, $client_type, $type, $ip_net_client);
my $result = $sth->fetchrow();
# register new receiver
if (defined $result) {
Tomáš Plesník
committed
sendMsg("err",
"Attempt to re-register receiver [Hostname: '$hostname', Type: '$type', CIDR: '$ip_net_client'] from '$ip'",
"Receiver has already been registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
Tomáš Plesník
committed
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
Tomáš Plesník
committed
if (!defined($sth)) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
Tomáš Plesník
committed
sendMsg("info",
Tomáš Plesník
committed
"New receiver [Hostname: '$hostname', Requestor: '$requestor' Type: '$type', ROE: '$receive_own_events', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
Tomáš Plesník
committed
undef);
#-----------------------------------------------------------------------------
# unregisterClient - unregister client
#-----------------------------------------------------------------------------
sub unregisterClient
Tomáš Plesník
committed
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
my $function_name = 'unregisterClient';
Tomáš Plesník
committed
if ($local_ip ne $ip) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
"Access denied - access allowed only from 'localhost'");
} else {
# parse SOAP data oject
my $client_id = $data->{'CLIENT_ID'};
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT client_id, hostname, service, type, client_type FROM clients WHERE client_id = ? LIMIT 1;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($client_id);
my ($id, $hostname, $service, $type, $client_type) = $sth->fetchrow();
# delete registered client
if (!defined $id) {
Tomáš Plesník
committed
sendMsg("err",
"Attempt to delete unregister client [Client_id: $id, Hostname: '$hostname', Service: '$service', Type: '$type', Client_type: '$client_type']",
"Client (#$client_id) is not registered at Warden server '$ENV{'SERVER_NAME'}'");
Tomáš Plesník
committed
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($client_id);
Tomáš Plesník
committed
$sth = $DBH->prepare("UPDATE events SET valid = 'f' where hostname = ? AND service = ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($hostname, $service);
Tomáš Plesník
committed
sendMsg("info",
"Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted from Warden server '$ENV{'SERVER_NAME'}' and its data were invalidated",
Tomáš Plesník
committed
undef);
Tomáš Plesník
committed
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
$sth->execute($client_id);
Tomáš Plesník
committed
sendMsg("info",
"Receiver [Client_id: '$client_id', Hostname: '$hostname', Type: '$type'] has been deleted from Warden server '$ENV{'SERVER_NAME'}'",
Tomáš Plesník
committed
undef);
return 1;
}
}
}
} # END of unregisterClient
#-----------------------------------------------------------------------------
# getClients - get list of clients which were registered at warden server
#-----------------------------------------------------------------------------
sub getClients
{
my ($class, $arg) = @_;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
Tomáš Plesník
committed
if ($local_ip ne $ip) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
"Access denied - access allowed only from 'localhost'");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
Tomáš Plesník
committed
my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
Tomáš Plesník
committed
}
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
$client_id = $result[0];
$hostname = $result[1];
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
$ip_net_client = $result[9];
$client = SOAP::Data->name(client => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(REGISTERED => $registered),
SOAP::Data->name(REQUESTOR => $requestor),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(CLIENT_TYPE => $client_type),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
SOAP::Data->name(IP_NET_CLIENT => $ip_net_client),
));
push(@clients, $client);
}
my $sum = scalar @clients;
Tomáš Plesník
committed
sendMsg("info",
"Sent information about $sum registered clients from Warden server '$ENV{'SERVER_NAME'}'",
Tomáš Plesník
committed
undef);
return @clients;
}
} # END of getClients
#-----------------------------------------------------------------------------
# getStatus - get list of status items of warden server
#-----------------------------------------------------------------------------
sub getStatus
{
my ($class, $arg) = @_;
Tomáš Plesník
committed
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
my $ip = $ENV{'REMOTE_ADDR'};
my $local_ip = $ENV{'SERVER_ADDR'};
my $function_name = 'getStatus';
Tomáš Plesník
committed
#-----------------------------------------------------------------------------
# Warden server stats
Tomáš Plesník
committed
if ($local_ip ne $ip) {
Tomáš Plesník
committed
sendMsg("err",
"Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
"Access denied - access allowed only from 'localhost'");
Tomáš Plesník
committed
# Warden server hostname
my $hostname = $ENV{'SERVER_NAME'};
# IP address of Warden server
my $ip_address = $ENV{'REMOTE_ADDR'};
# used port
my $port = $ENV{'SERVER_PORT'};
Tomáš Plesník
committed
$sth = $DBH->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
Tomáš Plesník
committed
$sth->execute('warden', 'events');
my $size = $sth->fetchrow();
my $db_size = (defined $size ? Format::Human::Bytes::base10($size) : "none");
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) { $events_sum = "none" }
# id of last record in table events
$sth = $DBH->prepare("SELECT max(id) FROM events;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
# timestamp of last record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
# sum of records in table clients
$sth = $DBH->prepare("SELECT count(*) FROM clients;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
$sth->execute;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) { $clients_sum = "none" }
my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
SOAP::Data->name(VERSION => $VERSION),
Tomáš Plesník
committed
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(IP_ADDRESS => $ip_address),
SOAP::Data->name(PORT => $port),
Tomáš Plesník
committed
SOAP::Data->name(SYSLOG => $SYSLOG),
SOAP::Data->name(SYSLOG_VERBOSE => $SYSLOG_VERBOSE),
SOAP::Data->name(SYSLOG_FACILITY => $SYSLOG_FACILITY),
Tomáš Plesník
committed
SOAP::Data->name(DB_NAME => $DB_NAME),
SOAP::Data->name(DB_USER => $DB_USER),
SOAP::Data->name(DB_HOST => $DB_HOST),
SOAP::Data->name(DB_SIZE => $db_size),
SOAP::Data->name(EVENTS_SUM => $events_sum),
SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
SOAP::Data->name(EVENTS_FIRST_TIMESTAMP => $events_first_timestamp),
SOAP::Data->name(EVENTS_LAST_TIMESTAMP => $events_last_timestamp),
SOAP::Data->name(CLIENTS_SUM => $clients_sum)
));
push(@status, $server_status);
Tomáš Plesník
committed
#---------------------------------------------------------------------------
# Statistics table of senders
$sth = $DBH->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) GROUP BY hostname, service;");
Tomáš Plesník
committed
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
Tomáš Plesník
committed
my ($hash_ref, $client_id, $hostname, $service, $count, $timestamp, $client_status);
$hash_ref = $sth->fetchall_hashref("client_id");
foreach my $key (sort {$a<=>$b} keys %$hash_ref) {
$client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
Tomáš Plesník
committed
SOAP::Data->name(CLIENT_ID => $hash_ref->{$key}->{client_id}),
SOAP::Data->name(HOSTNAME => $hash_ref->{$key}->{hostname}),
SOAP::Data->name(SERVICE => $hash_ref->{$key}->{service}),
SOAP::Data->name(COUNT => $hash_ref->{$key}->{"count(*)"}),
SOAP::Data->name(TIMESTAMP => $hash_ref->{$key}->{"max(received)"}),
Tomáš Plesník
committed
push(@status, $client_status);
Tomáš Plesník
committed
sendMsg("info",
"Server status info sent from Warden server '$ENV{'SERVER_NAME'}'",
Tomáš Plesník
committed
undef);