Skip to content
Snippets Groups Projects
Commit 03080a62 authored by Jan Soukal's avatar Jan Soukal
Browse files

eliminace die uvnitr klientskych funkci, tiket 599

parent 0c631172
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/warden-client/lib/WardenClientCommon.pm
+ 47
15
View file @ 03080a62
...@@ -14,20 +14,33 @@ use SOAP::Lite; ...@@ -14,20 +14,33 @@ use SOAP::Lite;
use IO::Socket::SSL qw(debug1); use IO::Socket::SSL qw(debug1);
use SOAP::Transport::HTTP; use SOAP::Transport::HTTP;
our $VERSION = "2.1"; our $VERSION = "2.2";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# errMsg - print error message and die # errMsg - print error message and returns undef
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
sub errMsg sub errMsg
{ {
my $msg = shift; my $msg = shift;
# is Verbose logging mode enabled?
if ($WardenClientConf::LOG_VERBOSE) { # user wants to log debug information if ($WardenClientConf::LOG_VERBOSE) { # user wants to log debug information
$msg .= "\nStack info: " . Carp::longmess(); $msg .= "\nStack info: " . Carp::longmess();
} }
die($msg . "\n"); # log into STDERR?
if ($WardenClientConf::LOG_STDERR) {
print STDERR $msg . "\n";
}
# log into Syslog?
if ($WardenClientConf::LOG_SYSLOG) {
openlog("Warden-client:", "pid", "$WardenClientConf::LOG_SYSLOG_FACILITY");
syslog("err|$WardenClientConf::LOG_SYSLOG_FACILITY", $msg . "\n");
closelog();
}
return;
} # End of errMsg } # End of errMsg
...@@ -45,42 +58,61 @@ sub c2s ...@@ -45,42 +58,61 @@ sub c2s
my $client; my $client;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/; my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
if (!($client = SOAP::Transport::HTTP::Client->new())) { eval {
errMsg("Unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr) $client = SOAP::Transport::HTTP::Client->new();
} } or return errMsg('Unknown error in c2s() when creating socket, SOAP::Transport::HTTP::Client->new(), ' . $@);
$client->timeout(10);
$client->ssl_opts(verify_hostname => 1, eval {$client->timeout(10);}
or return errMsg('Unknown error in c2s() when setting socket timeout, ' . $@);
eval {
$client->ssl_opts(verify_hostname => 1,
SSL_use_cert => 1, SSL_use_cert => 1,
SSL_verify_mode => 0x02, SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file, SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file, SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file); SSL_ca_file => $ssl_ca_file);
return 1; # fix of eval triggering 'or' statement
} or return errMsg('Unknown error in c2s() when setting socket SSL options, ' . $@);
# setting of URI and serialize SOAP envelope and data object # setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $soap;
eval {
$soap = SOAP::Lite->uri($service)->proxy($uri);
} or return errMsg('Unknown error in c2s() when serializing SOAP object, ' . $@);
my $envelope; my $envelope;
if (!defined $data) { if (!defined $data) {
$envelope = $soap->serializer->envelope(method => $method); eval {
$envelope = $soap->serializer->envelope(method => $method);
} or return errMsg('Unknown error in c2s() when setting enevelope, ' . $@);
} else { } else {
$envelope = $soap->serializer->envelope(method => $method, $data); eval {
$envelope = $soap->serializer->envelope(method => $method, $data);
} or return errMsg('Unknown error in c2s() when setting envelope, ' . $@);
} }
# setting of TCP URI and send serialized SOAP envelope and data # setting of TCP URI and send serialized SOAP envelope and data
my $server_uri = "https://$server:$port/$service"; my $server_uri = "https://$server:$port/$service";
my $result = $client->send_receive(envelope => $envelope, endpoint => $server_uri); my $result;
eval {
$result = $client->send_receive(envelope => $envelope, endpoint => $server_uri);
} or return errMsg('Unknown error in c2s() sending SOAP data, ' . $@);
# check server response # check server response
if (!defined $result) { if (!defined $result) {
errMsg("Server returned empty response. Problem with used SSL ceritificates or Warden server at $server:$port is down."); errMsg("Server returned empty response. Problem with used SSL ceritificates or Warden server at $server:$port is down.");
} else { } else {
# deserialized response from server -> create SOAP envelope and data object # deserialized response from server -> create SOAP envelope and data object
my $response; my $response;
eval { eval {
$response = $soap->deserializer->deserialize($result); $response = $soap->deserializer->deserialize($result);
} or errMsg($@ . "Received data: " . $result); } or return errMsg('Unknown error in SOAP data deserialization. Received data: ' . $result . ', ' . $@);
# check SOAP fault status # check SOAP fault status
$response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response; $response->fault ? return errMsg("Server sent error message:: " . $response->faultstring) : return $response;
} }
} }
src/warden-client/lib/WardenClientReceive.pm
+ 23
30
View file @ 03080a62
...@@ -15,7 +15,7 @@ use SOAP::Transport::HTTP; ...@@ -15,7 +15,7 @@ use SOAP::Transport::HTTP;
use FindBin; use FindBin;
use Sys::Syslog; use Sys::Syslog;
our $VERSION = "2.1"; our $VERSION = "2.2";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# getNewEvents - get new events from warden server greater than last received ID # getNewEvents - get new events from warden server greater than last received ID
...@@ -24,8 +24,6 @@ sub getNewEvents ...@@ -24,8 +24,6 @@ sub getNewEvents
{ {
my @events; my @events;
eval {
my $warden_path = shift; my $warden_path = shift;
my $requested_type = shift; my $requested_type = shift;
...@@ -49,15 +47,18 @@ sub getNewEvents ...@@ -49,15 +47,18 @@ sub getNewEvents
# get last ID from warden server DB and save it into ID file # get last ID from warden server DB and save it into ID file
my $last_id; my $last_id;
if (-e $id_file) { if (-e $id_file) {
open(ID, "< $id_file") || WardenClientCommon::errMsg("Cannot open ID file $id_file: $!"); open(ID, "< $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
foreach(<ID>) { foreach(<ID>) {
$last_id = $_; $last_id = $_;
} }
close ID; close ID;
} else { } else {
# c2s() returns undef on fail
my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getLastId"); my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getLastId");
defined $response or return; # receive data or return undef
$last_id = $response->result; $last_id = $response->result;
open(ID, "> $id_file") || WardenClientCommon::errMsg("Cannot open ID file $id_file: $!"); open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
print ID $last_id; print ID $last_id;
close ID; close ID;
} }
...@@ -65,27 +66,33 @@ sub getNewEvents ...@@ -65,27 +66,33 @@ sub getNewEvents
#----------------------------------------------------------------------------- #-----------------------------------------------------------------------------
# get new events from warden server DB based on gathered last ID # get new events from warden server DB based on gathered last ID
# create SOAP data obejct my $request_data;
my $request_data = SOAP::Data->name( eval {
request => \SOAP::Data->value( # create SOAP data object
SOAP::Data->name(REQUESTED_TYPE => $requested_type), $request_data = SOAP::Data->name(
SOAP::Data->name(LAST_ID => $last_id), request => \SOAP::Data->value(
SOAP::Data->name(MAX_RCV_EVENTS_LIMIT => $WardenClientConf::MAX_RCV_EVENTS_LIMIT) SOAP::Data->name(REQUESTED_TYPE => $requested_type),
SOAP::Data->name(LAST_ID => $last_id),
SOAP::Data->name(MAX_RCV_EVENTS_LIMIT => $WardenClientConf::MAX_RCV_EVENTS_LIMIT)
)
) )
); } or return errMsg('Unknown error when creating SOAP data object, ' . $@);
# call server method getNewEvents # call server method getNewEvents
my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getNewEvents", $request_data); my $response = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "getNewEvents", $request_data);
defined $response or return; # connect to warden server or return undef
# parse returned SOAP data object # parse returned SOAP data object
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout); my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/'); my @response_list = $response->valueof('/Envelope/Body/getNewEventsResponse/event/');
while (scalar @response_list) { while (scalar @response_list) {
my $response_data = shift(@response_list); my $response_data = shift(@response_list);
my @event; my @event;
# parse items of one event # parse items of one event
$id = $response_data->{'ID'}; $id = $response_data->{'ID'};
$hostname = $response_data->{'HOSTNAME'}; $hostname = $response_data->{'HOSTNAME'};
$service = $response_data->{'SERVICE'}; $service = $response_data->{'SERVICE'};
$detected = $response_data->{'DETECTED'}; $detected = $response_data->{'DETECTED'};
...@@ -111,24 +118,10 @@ sub getNewEvents ...@@ -111,24 +118,10 @@ sub getNewEvents
# write last return ID # write last return ID
if (defined $last_id) { # must be defined for first check ID if (defined $last_id) { # must be defined for first check ID
open(ID, "> $id_file") || WardenClientCommon::errMsg("Cannot open ID file $id_file: $!"); open(ID, "> $id_file") or return WardenClientCommon::errMsg("Cannot open ID file $id_file: $!");
print ID $last_id; print ID $last_id;
close ID; close ID;
} }
} # End of eval block
or do {
if ($WardenClientConf::LOG_STDERR) {
print STDERR $@ . "\n";
}
if ($WardenClientConf::LOG_SYSLOG) {
openlog("Warden:", "pid", "WardenClientConf::LOG_SYSLOG_FACILITY");
syslog("err|WardenClientConf::LOG_SYSLOG_FACILITY", $@ . "\n");
closelog();
}
return;
};
return @events; return @events;
......
src/warden-client/lib/WardenClientSend.pm
+ 10
21
View file @ 03080a62
...@@ -14,7 +14,7 @@ use IO::Socket::SSL qw(debug1); ...@@ -14,7 +14,7 @@ use IO::Socket::SSL qw(debug1);
use SOAP::Transport::HTTP; use SOAP::Transport::HTTP;
use Sys::Syslog; use Sys::Syslog;
our $VERSION = "2.1"; our $VERSION = "2.2";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# saveNewEvent - send new event from detection scripts to warden server # saveNewEvent - send new event from detection scripts to warden server
...@@ -23,7 +23,6 @@ sub saveNewEvent ...@@ -23,7 +23,6 @@ sub saveNewEvent
{ {
my $result; my $result;
eval {
my $warden_path = shift; my $warden_path = shift;
my $event_ref = shift; my $event_ref = shift;
...@@ -51,8 +50,10 @@ sub saveNewEvent ...@@ -51,8 +50,10 @@ sub saveNewEvent
my $priority = $event[9]; my $priority = $event[9];
my $timeout = $event[10]; my $timeout = $event[10];
my $event;
eval {
# create SOAP data object # create SOAP data object
my $event = SOAP::Data->name( $event = SOAP::Data->name(
event => \SOAP::Data->value( event => \SOAP::Data->value(
SOAP::Data->name(SERVICE => $service), SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected), SOAP::Data->name(DETECTED => $detected),
...@@ -67,26 +68,14 @@ sub saveNewEvent ...@@ -67,26 +68,14 @@ sub saveNewEvent
SOAP::Data->name(TIMEOUT => $timeout) SOAP::Data->name(TIMEOUT => $timeout)
) )
); );
} # end of eval
or WardenClientCommon::errMsg('Unknown error when creating SOAP data object, ' . $@);
$result = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "saveNewEvent", $event); # c2s() returns undef on fail.
} # End of eval block $result = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "saveNewEvent", $event);
or do {
if ($WardenClientConf::LOG_STDERR) {
print STDERR $@ . "\n";
}
if ($WardenClientConf::LOG_SYSLOG) {
openlog("Warden-client:", "pid", "$WardenClientConf::LOG_SYSLOG_FACILITY");
syslog("err|$WardenClientConf::LOG_SYSLOG_FACILITY", $@ . "\n");
closelog();
}
return 0; defined $result ? return 1 : return 0;
};
$result ? return 1 : return 0;
} # End of saveNewEvent } # End of saveNewEvent
1; 1;
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment