diff --git a/src/warden-client/doc/CHANGELOG b/src/warden-client/doc/CHANGELOG
index 582b9c0f56d461e6686f7ca8e5ec2fb0f9cf817a..a2fdab2d402286a797e36718b017c2039be69a6b 100644
--- a/src/warden-client/doc/CHANGELOG
+++ b/src/warden-client/doc/CHANGELOG
@@ -1,3 +1,8 @@
+2012-00-00 v.2.1 stable version
+-------------------------------
+- receiving of all types of messages now supported
+
+
2012-07-27 v.2.0 stable version and bugfix release of warden-client-2.0.0-beta
------------------------------------------------------------------------------
- Sender client code fixed, so that it will not terminate "parent"
diff --git a/src/warden-client/doc/README.cesnet b/src/warden-client/doc/README.cesnet
index f4e69c1da5a4ab871d3c9b21333b88dbc957634a..b72568cab688bb3c5e516c37c6847f677460be33 100644
--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -138,6 +138,7 @@ D. Types of events
* test - clients can use these at will when debugging/testing, these
messages will be processed and stored, but ignored later
* other - the rest, uncategorizable yet
+ * _any_ - clients can use these for receiving of all types of messages
In case of complex scenarios with structured info more events with
particular parts of information can be created.
diff --git a/src/warden-server/doc/CHANGELOG b/src/warden-server/doc/CHANGELOG
index 859ea60529cb2941651c3920687370347c0da9f2..7d07ced897d49e4fdeed2e8639394f7be2184ef3 100644
--- a/src/warden-server/doc/CHANGELOG
+++ b/src/warden-server/doc/CHANGELOG
@@ -1,3 +1,8 @@
+2012-00-00 v2.1 stable version
+------------------------------
+- receiving of all types of messages now supported
+
+
2012-07-27 v2.0 stable version
------------------------------
- MySQL database engine used
@@ -7,6 +12,7 @@
- added automatic reconnect to DB
- other minor bugs and issues fixed
+
2012-03-02 v0.1.0 beta version
------------------------------
- initial release of the Warden server
diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index 0f36bcc613d2903b4dddf2b11875a0e007b56cc1..c6bad8ae16d16e28fcf424b377a819fc308062f2 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -1,5 +1,5 @@
+----------------------------+
-| README - Warden Server 2.0 |
+| README - Warden Server 2.1 |
+----------------------------+
Content
@@ -23,7 +23,7 @@ A. Overall Information
2. Version
- 2.0 (2012-07-27)
+ 2.1 (2012-00-00)
3. Package structure
@@ -87,11 +87,11 @@ C. Installation
1. Check SHA1 checksum of the Warden server package archive.
- $ sha1sum -c warden-server-2.0.tar.gz.sig
+ $ sha1sum -c warden-server-2.1.tar.gz.sig
2. Untar it.
- $ tar xzvf warden-server-2.0.tar.gz
+ $ tar xzvf warden-server-2.1.tar.gz
3. Run install.sh.
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index 5d07ae3da7a5591e734b0607da423b3150ebc14a..f56150f19704bc77b99aaf7e6fda82994e6299af 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -20,7 +20,7 @@ use DateTime;
use MIME::Base64;
use Crypt::X509;
-our $VERSION = "2.0";
+our $VERSION = "2.1";
################################################################################
@@ -127,57 +127,56 @@ sub getAltNames
sub authorizeClient
{
- my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
-
- my $sth;
- # obtain cidr based on rigth common name and alternate names, service and client_type
- if($function_name eq 'saveNewEvent') {
- $sth = $DBH->prepare( "SELECT hostname, ip_net_client, receive_own_events
- FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ?
- ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
- }
- elsif($function_name eq 'getNewEvents') {
- $sth = $DBH->prepare( "SELECT hostname, ip_net_client, receive_own_events
- FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ?
- ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
- }
+ my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
+ my $sth;
- if (!defined $sth) { die("Cannot prepare authorization statement in $function_name: $DBI::errstr\n")}
- $sth->execute($service_type, $client_type);
-
- my ($an, $cidr, $receive_own, $cidr_list);
- my $correct_ip_source = 0;
- my %ret;
-
- while(($an, $cidr, $receive_own) = $sth->fetchrow()) {
- my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
-
- $ret{'dns'} = $an;
- $ret{'cidr'} = $cidr;
- $ret{'receive_own'} = $receive_own;
-
- if ($cidr_list->bin_find($ip)) {
- $correct_ip_source = 1;
- last;
- }
- };
-
- # check if client is registered
- if ($sth->rows == 0) {
- write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - client is not registered");
- die("Access denied - client is not registered at warden server!");
- return undef;
- }
+ # obtain cidr based on rigth common name and alternate names, service and client_type
+ if($function_name eq 'saveNewEvent') {
+ $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events
+ FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ?
+ ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ } elsif($function_name eq 'getNewEvents') {
+ $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events
+ FROM clients WHERE hostname IN ($alt_names) AND type = ? AND client_type = ?
+ ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ }
+
+ if (!defined $sth) { die("Cannot prepare authorization statement in $function_name: $DBI::errstr\n")}
+ $sth->execute($service_type, $client_type);
+
+ my ($an, $cidr, $receive_own, $cidr_list);
+ my $correct_ip_source = 0;
+ my %ret;
+
+ while(($an, $cidr, $receive_own) = $sth->fetchrow()) {
+ my $cidr_list = Net::CIDR::Lite-> new -> add($cidr);
- # check if client has IP from registered CIDR
- if (!$correct_ip_source) {
- write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
- die("Access denied - access from unauthorized subnet!");
- return undef;
+ $ret{'dns'} = $an;
+ $ret{'cidr'} = $cidr;
+ $ret{'receive_own'} = $receive_own;
+
+ if ($cidr_list->bin_find($ip)) {
+ $correct_ip_source = 1;
+ last;
}
+ }
- return %ret;
-}
+ # check if client is registered
+ if ($sth->rows == 0) {
+ write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - client is not registered");
+ die("Access denied - client is not registered at warden server!");
+ return undef;
+ }
+
+ # check if client has IP from registered CIDR
+ if (!$correct_ip_source) {
+ write2log ("err", "Unauthorized access to $function_name from: $ip (CN(AN): $alt_names), used service '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
+ die("Access denied - access from unauthorized subnet!");
+ return undef;
+ }
+
+ return %ret;
+} # END of authorizeClient
################################################################################
@@ -205,26 +204,23 @@ sub saveNewEvent
# parse object (event) parameters
my $service = $data->{'SERVICE'};
my $detected = $data->{'DETECTED'};
- my $type = $data->{'TYPE'};
+ my $type = $data->{'TYPE'};
my $source_type = $data->{'SOURCE_TYPE'};
my $source = $data->{'SOURCE'};
my $target_proto = $data->{'TARGET_PROTO'};
my $target_port = $data->{'TARGET_PORT'};
my $attack_scale = $data->{'ATTACK_SCALE'};
- my $note = $data->{'NOTE'};
+ my $note = $data->{'NOTE'};
my $priority = $data->{'PRIORITY'};
my $timeout = $data->{'TIMEOUT'};
-
- my %client = authorizeClient($alt_names, $ip, $service, $client_type, 'saveNewEvent');
- if(defined %client) {
+ my %client = authorizeClient($alt_names, $ip, $service, $client_type, 'saveNewEvent');
+ if(defined %client) {
# insert new events into DB
$sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) { die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n") }
-
$sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
-
- return 1;
+ return 1;
}
} # END of saveNewEvent
@@ -239,30 +235,41 @@ sub getNewEvents
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
# client network information
- my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
- my $alt_names = getAltNames(undef);
- my $ip = $ENV{'REMOTE_ADDR'};
-
- my $client_type = "r"; # incoming client MUST be sender
+ my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
+ my $alt_names = getAltNames(undef);
+ my $ip = $ENV{'REMOTE_ADDR'};
+ my $client_type = "r"; # incoming client MUST be sender
# parse SOAP data object
my $requested_type = $data->{'REQUESTED_TYPE'};
- my $last_id = $data->{'LAST_ID'};
-
+ my $last_id = $data->{'LAST_ID'};
my %client = authorizeClient($alt_names, $ip, $requested_type, $client_type, 'getNewEvents');
if(defined %client) {
- # check if client want your own events or not
- if ($client{'receive_own'} eq 't') {
- $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
- if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
- $sth->execute($last_id, $requested_type);
+ if ($client{'receive_own'} eq 't') { # check if client want your own events or not
+ if ($requested_type eq '_any_') { # check if client want each or only one type of messages
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare ROE-ANY statement in getNewEvents: $DBI::errstr\n")}
+ $sth->execute($last_id);
+ } else {
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare ROE statement in getNewEvents: $DBI::errstr\n")}
+ $sth->execute($last_id, $requested_type);
+ }
} else {
- $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
- if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
- my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
- $domain = '\%' . $domain;
- $sth->execute($last_id, $requested_type, $domain);
+ if ($requested_type eq '_any_') {
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare ANY statement in getNewEvents: $DBI::errstr\n")}
+ my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
+ $domain = '\%' . $domain;
+ $sth->execute($last_id, $domain);
+ } else {
+ $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' AND hostname NOT LIKE ? ORDER BY id ASC;");
+ if (!defined $sth) {die("Cannot prepare statement in getNewEvents: $DBI::errstr\n")}
+ my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
+ $domain = '\%' . $domain;
+ $sth->execute($last_id, $requested_type, $domain);
+ }
}
# parse items of events stored in DB
@@ -276,19 +283,19 @@ sub getNewEvents
$source = $result[7];
$target_proto = $result[8];
$target_port = $result[9];
- $attack_scale = $result[10];
+ $attack_scale = $result[10];
$note = $result[11];
$priority = $result[12];
$timeout = $result[13];
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
- SOAP::Data->name(ID => $id),
+ SOAP::Data->name(ID => $id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
- SOAP::Data->name(SOURCE_TYPE=> $source_type),
+ SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),