Newer
Older
soukal
committed
# Use of this source is governed by a BSD-style license, see LICENSE file.
package WardenClientSend;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
soukal
committed
our $VERSION = "2.0";
soukal
committed
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
die($msg . "\n");
} # End of errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
sub c2s
{
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
soukal
committed
my $client;
if (!($client = SOAP::Transport::HTTP::Client->new())) {
errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)
}
soukal
committed
$client->ssl_opts(verify_hostname => 1,
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file);
soukal
committed
# setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method, $data);
soukal
committed
# setting of TCP URI and send serialized SOAP envelope and data
my $server_uri = "https://$server:$port/$service";
my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
} else {
# deserialized response from server -> create SOAP envelope and data object
my $response = $soap->deserializer->deserialize($result);
# check SOAP fault status
$response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return 1;
}
}
#-------------------------------------------------------------------------------
# saveNewEvent - send new event from detection scripts to warden server
#-------------------------------------------------------------------------------
sub saveNewEvent
{
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
my $result;
eval {
my $warden_path = shift;
my $event_ref = shift;
my $etcdir = $warden_path . "/etc/";
my $libdir = $warden_path . "/lib/";
# read the config file
require $libdir . "WardenClientConf.pm";
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenClientConf::loadConf($conf_file);
# prepare variables of event
my @event = @{$event_ref};
my $service = $event[0];
my $detected = $event[1];
my $type = $event[2];
my $source_type = $event[3];
my $source = $event[4];
my $target_proto = $event[5];
my $target_port = $event[6];
my $attack_scale = $event[7];
my $note = $event[8];
my $priority = $event[9];
my $timeout = $event[10];
# create SOAP data object
my $event = SOAP::Data->name(
event => \SOAP::Data->value(
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),
SOAP::Data->name(ATTACK_SCALE => $attack_scale),
SOAP::Data->name(NOTE => $note),
SOAP::Data->name(PRIORITY => $priority),
SOAP::Data->name(TIMEOUT => $timeout)
)
);
$result = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "saveNewEvent", $event);
#$result ? return 1 : return 0;
}; #end of eval block
if ($@) {
print STDERR "Warden-client unexpected end in eval block: " . $@ . "\n";
return 0;
}
else {
$result ? return 1 : return 0;
}