Skip to content
Snippets Groups Projects
Commit 295c7383 authored by root's avatar root
Browse files

Prvni import upravy Wardenu pro Apache

parent 05e7b0bd
No related branches found
No related tags found
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 1426 additions and 127 deletions
src/warden-server/bin/getStatus.pl
+ 6
6
View file @ 295c7383
......@@ -102,14 +102,14 @@ my @server_status = @$server_status_ref;
print "Warden server variables:\n";
print "========================\n";
print "SERVER_VERSION:\t\t$server_status[0]\n";
print "ADDRESS:\t\t$server_status[1]\n";
print "PORT:\t\t\t$server_status[2]\n";
#print "ADDRESS:\t\t$server_status[1]\n";
#print "PORT:\t\t\t$server_status[2]\n";
print "LOGDIR:\t\t\t$server_status[3]\n";
print "PIDDIR:\t\t\t$server_status[4]\n";
#print "PIDDIR:\t\t\t$server_status[4]\n";
print "VARDIR:\t\t\t$server_status[5]\n";
print "SSL_KEY_FILE:\t\t$server_status[6]\n";
print "SSL_CERT_FILE:\t\t$server_status[7]\n";
print "SSLCA_FILE:\t\t$server_status[8]\n";
#print "SSL_KEY_FILE:\t\t$server_status[6]\n";
#print "SSL_CERT_FILE:\t\t$server_status[7]\n";
#print "SSLCA_FILE:\t\t$server_status[8]\n";
print "SYSLOG_FACILITY:\t$server_status[9]\n";
print "\n";
......
src/warden-server/bin/warden-server.pl
+ 26
26
View file @ 295c7383
......@@ -96,7 +96,7 @@ my $db = $VARDIR . $db_file;
# connect to DB - DBH is GLOBAL variable
my $dbargs = {AutoCommit => 0, PrintError => 1};
our $DBH = DBI->connect("dbi:SQLite:dbname=$db","","",$dbargs) or die errMsg("Can't connect to DB: $!");
#our $DBH = DBI->connect("DBI:mysql:database=warden;host=localhost", "root", "", {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBI::errstr";
################################################################################
......@@ -246,38 +246,38 @@ sub saveNewEvent
#-----------------------------------------------------------------------------
# obtain cidr based on rigth common name and alternate names, service and client_type
$sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db limit 1;");
if ( !defined $sth ) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my ($an, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# $sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db limit 1;");
# if ( !defined $sth ) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
# $sth->execute;
# my ($an, $cidr) = $sth->fetchrow();
# # check if client is registered
# if (!defined $cidr) {
# write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
# die("Access denied - client is not registered at warden server!");
# } else {
# $cidr_list = Net::CIDR::Lite
# -> new
# -> add($cidr);
# }
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($IP)) {
write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from bad subnet!");
} else {
# if (!$cidr_list->bin_find($IP)) {
# write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
# die("Access denied - access from bad subnet!");
# } else {
{
# insert new event
$DBH->do("INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
if ($DBH->err()) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
$DBH->commit();
#$DBH->commit();
# log last inserted ID
$sth = $DBH->prepare("SELECT last_insert_rowid();");
$sth = $DBH->prepare("SELECT last_insert_rowid()");
if ( !defined $sth ) {die("Cannot prepare last ID statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my $id= $sth->fetchrow();
write2log ("info", "Stored new event (#$id) from $IP (CN: $CN; AN: $an)");
write2log ("info", "Stored new event (#$id) from $IP (CN: $CN; AN: )");
if (! defined $id) {
write2log ("err", "Event from $IP ($CN) was not save: INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
......@@ -285,7 +285,7 @@ sub saveNewEvent
} else {
return 1;
}
}
}
} # END of saveNewEvent
......@@ -810,12 +810,12 @@ write2log("info", "Size of DB file ($db_file) is: $db_size_human");
# start TCP server
my $server = SOAP::Transport::TCP::Server
->new(
Listen => 5,
Listen => 20,
LocalAddr => $ADDRESS,
LocalPort => $PORT,
Proto => "tcp",
ReuseAddr => 1,
SSL_verify_mode => 0x03,
SSL_verify_mode => 0x02,
SSL_use_cert => 1,
SSL_server => 1,
SSL_key_file => $SSL_KEY_FILE,
......
src/warden-server/doc/warden-apache.readme 0 → 100644
+ 46
0
View file @ 295c7383
apache2
mysql-server
a2enmod ssl
libapache2-mod-perl2
mysql -u root -p < warden.sql
libcrypt-x509-perl
libmime-base64-perl
apache2-mpm-prefork
<IfModule mpm_prefork_module>
StartServers 2
MinSpareServers 4
MaxSpareServers 8
ServerLimit 700
MaxClients 700
MaxRequestsPerChild 0
</IfModule>
Timeout 10
KeepAlive Off
Instalace Apache
Povoleni SSL
Instalace mod_perl
Apache - Virtual Host <*:443> - pro jine jeste povolit port
Include cesty do Apache
Nastaveni spravnych Adres - klient, server
Nastaveni db na serveru
Pouziti jineho cert server/client
Instalace 2 balicku
Instalace prefork
nastavni apache2.conf
================
Instalace DB
restore db z adr. etc/warden.sql
====
Instalace serveru do jine cesty nez /opt -> nevytvari adresar, nemaze pri odinstalaci
src/warden-server/doc/warden.mysql 0 → 100644
+ 84
0
View file @ 295c7383
-- MySQL dump 10.11
--
-- Host: localhost Database: warden
-- ------------------------------------------------------
-- Server version 5.0.51a-24+lenny3
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Current Database: `warden`
--
CREATE DATABASE /*!32312 IF NOT EXISTS*/ `warden` /*!40100 DEFAULT CHARACTER SET latin1 */;
USE `warden`;
--
-- Table structure for table `clients`
--
DROP TABLE IF EXISTS `clients`;
SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
CREATE TABLE `clients` (
`client_id` int(11) NOT NULL auto_increment,
`hostname` varchar(256) default NULL,
`registered` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`requestor` varchar(256) default NULL,
`service` varchar(64) default NULL,
`client_type` varchar(1) default NULL,
`type` varchar(64) default NULL,
`receive_own_events` varchar(1) default NULL,
`description_tags` varchar(256) default NULL,
`ip_net_client` varchar(256) default NULL,
PRIMARY KEY (`client_id`)
) ENGINE=MyISAM AUTO_INCREMENT=16 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
--
-- Table structure for table `events`
--
DROP TABLE IF EXISTS `events`;
SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
CREATE TABLE `events` (
`id` int(11) NOT NULL auto_increment,
`hostname` varchar(256) default NULL,
`service` varchar(64) default NULL,
`detected` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`received` timestamp NOT NULL default '0000-00-00 00:00:00',
`type` varchar(64) default NULL,
`source_type` varchar(64) default NULL,
`source` varchar(256) default NULL,
`target_proto` varchar(16) default NULL,
`target_port` int(2) default NULL,
`attack_scale` int(4) default NULL,
`note` text,
`priority` int(1) default NULL,
`timeout` int(2) default NULL,
`valid` varchar(1) default NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=31 DEFAULT CHARSET=latin1;
SET character_set_client = @saved_cs_client;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2012-03-22 15:29:35
src/warden-server/etc/warden-apache.conf 0 → 100644
+ 25
0
View file @ 295c7383
SSLEngine on
SSLVerifyDepth 3
SSLVerifyClient require
SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile server-cert.pem
SSLCertificateKeyFile server-key.pem
SSLCACertificateFile ca-cert.pem
#Mozno umistit jeste pred samotny <VirtualHost>
#http://perl.apache.org/docs/2.0/user/config/config.html#C_Parent_
#Create a new parent Perl interpreter for the given VirtualHost and give it its own interpreter pool
PerlOptions +Parent
PerlSwitches -I/opt/warden-server/lib
<Location /Warden>
SetHandler perl-script
PerlHandler Warden::ApacheDispatch
SSLOptions +StdEnvVars
</Location>
src/warden-server/lib/Warden.pm 0 → 100755
+ 998
0
View file @ 295c7383
This diff is collapsed.
src/warden-server/lib/Warden/ApacheDispatch.pm 0 → 100644
+ 7
0
View file @ 295c7383
package Warden::ApacheDispatch;
use SOAP::Transport::HTTP;
my $server = SOAP::Transport::HTTP::Apache->dispatch_to('.','Warden');
sub handler {
$server->handler(@_)
}
1;
src/warden-server/lib/WardenReg.pm
+ 71
20
View file @ 295c7383
......@@ -36,7 +36,8 @@ package WardenReg;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
use SOAP::Transport::TCP;
#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
our $VERSION = "0.1";
......@@ -54,34 +55,81 @@ sub errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
#sub c2s
#{
# my $uri = shift;
# my $ssl_key_file = shift;
# my $ssl_cert_file = shift;
# my $ssl_ca_file = shift;
# my $method = shift;
# my $data = shift;
#
# my $client;
# my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
# if (!($client = SOAP::Transport::TCP::Client->new(
# PeerAddr => $server,
# PeerPort => $port,
# Proto => 'tcp',
# SSL_use_cert => 1,
# SSL_verify_mode => 0x02,
# SSL_key_file => $ssl_key_file,
# SSL_cert_file => $ssl_cert_file,
# SSL_ca_file => $ssl_ca_file,
# ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
#
# # setting of URI and serialize SOAP envelope and data object
# my $soap = SOAP::Lite->uri($uri);
# my $envelope = $soap->serializer->envelope(method => $method, $data);
#
# # setting of TCP URI and send serialized SOAP envelope and data
# my $tcp_uri = "tcp://$server:$port/$service";
# my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
#
# # check server response
# if (!defined $result) {
# errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
# } else {
# # deserialized response from server -> create SOAP envelope and data object
# my $response = $soap->deserializer->deserialize($result);
# # check SOAP fault status
# $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return 1;
# }
#}
#
sub c2s
{
my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
my $client;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
if (!($client = SOAP::Transport::TCP::Client->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file,
))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
if (!($client = SOAP::Transport::HTTP::Client->new(
# ssl_opts => {
# verify_hostname => 0,
# SSL_use_cert => 1,
# SSL_verify_mode => 0x02,
# SSL_key_file => $ssl_key_file,
# SSL_cert_file => $ssl_cert_file,
# SSL_ca_file => $ssl_ca_file
#}
))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
$client->ssl_opts( verify_hostname => 1,
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file);
# setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($uri);
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method, $data);
# setting of TCP URI and send serialized SOAP envelope and data
my $tcp_uri = "tcp://$server:$port/$service";
# setting of TCP URI and send serialized SOAP envelope and data
my $tcp_uri = "https://$server:$port/$service";
my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
# check server response
......@@ -95,6 +143,9 @@ sub c2s
}
}
#-------------------------------------------------------------------------------
# registerSender - register new warden sender
#-------------------------------------------------------------------------------
......
src/warden-server/lib/WardenStatus.pm
+ 104
47
View file @ 295c7383
......@@ -36,9 +36,11 @@ package WardenStatus;
use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
use SOAP::Transport::TCP
#use SOAP::Transport::TCP;
use SOAP::Transport::HTTP;
#use Data::Dumper;
our $VERSION = "0.1";
our $VERSION = "0.2";
#-------------------------------------------------------------------------------
# errMsg - print error message and die
......@@ -53,33 +55,79 @@ sub errMsg
#-------------------------------------------------------------------------------
# c2s - connect to server, send request and receive response
#-------------------------------------------------------------------------------
#sub c2s
#{
# my $uri = shift;
# my $ssl_key_file = shift;
# my $ssl_cert_file = shift;
# my $ssl_ca_file = shift;
# my $method = shift;
#
# my $client;
# my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
# if (!($client = SOAP::Transport::TCP::Client->new(
# PeerAddr => $server,
# PeerPort => $port,
# Proto => 'tcp',
# SSL_use_cert => 1,
# SSL_verify_mode => 0x02,
# SSL_key_file => $ssl_key_file,
# SSL_cert_file => $ssl_cert_file,
# SSL_ca_file => $ssl_ca_file,
# ))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
#
# # setting of URI and serialize SOAP envelope and data object
# my $soap = SOAP::Lite->uri($uri);
# my $envelope = $soap->serializer->envelope(method => $method);
#
# # setting of TCP URI and send serialized SOAP envelope and data
# my $tcp_uri = "tcp://$server:$port/$service";
# my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
#
# # check server response
# if (!defined $result) {
# errMsg("Error: server returned empty response." . "\n" . "Problem with used SSL ceritificates or Warden server at $server:$port is down.");
# } else {
# # deserialized response from server -> create SOAP envelope and data object
# my $response = $soap->deserializer->deserialize($result);
# # check SOAP fault status
# $response->fault ? errMsg("Server sent error message:: " . $response->faultstring) : return $response;
# }
#}
sub c2s
{
my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
my $ssl_ca_file = shift;
my $method = shift;
my $uri = shift;
my $ssl_key_file = shift;
my $ssl_cert_file = shift;
my $ssl_ca_file = shift;
my $method = shift;
my $data = shift;
my $client;
my ($server, $port, $service) = $uri =~ /https:\/\/(.+)\:(\d+)\/(.+)/;
if (!($client = SOAP::Transport::TCP::Client->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file,
))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::TCP::Client::errstr)}
if (!($client = SOAP::Transport::HTTP::Client->new(
# ssl_opts => {
# verify_hostname => 0,
# SSL_use_cert => 1,
# SSL_verify_mode => 0x02,
# SSL_key_file => $ssl_key_file,
# SSL_cert_file => $ssl_cert_file,
# SSL_ca_file => $ssl_ca_file
#}
))) {errMsg("Sorry, unable to create socket: " . &SOAP::Transport::HTTP::Client::errstr)}
$client->ssl_opts( verify_hostname => 1,
SSL_use_cert => 1,
SSL_verify_mode => 0x02,
SSL_key_file => $ssl_key_file,
SSL_cert_file => $ssl_cert_file,
SSL_ca_file => $ssl_ca_file);
# setting of URI and serialize SOAP envelope and data object
my $soap = SOAP::Lite->uri($uri);
my $soap = SOAP::Lite->uri($service)->proxy($uri);
my $envelope = $soap->serializer->envelope(method => $method);
# setting of TCP URI and send serialized SOAP envelope and data
my $tcp_uri = "tcp://$server:$port/$service";
# setting of TCP URI and send serialized SOAP envelope and data
my $tcp_uri = "https://$server:$port/$service";
my $result = $client->send_receive(envelope => $envelope, endpoint => $tcp_uri);
# check server response
......@@ -109,33 +157,39 @@ sub getClients
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
# call server method getClients
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getClients");
# match getClients functions response
$response->match('/Envelope/Body/getClientsResponse/');
my $i = 1;
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my @clients;
my $response_data = $response->valueof("[$i]");
# parse returned SOAP data object
my @response_list = $response->valueof('/Envelope/Body/getClientsResponse/');
while (scalar @response_list) {
my $response_data = shift(@response_list);
# parse returned data object
while (defined $response_data) {
# inicialization of temporal client array
my @client;
# parse items of one client
$client_id = $response_data->{'CLIENT_ID'};
$client_id = $response_data->{'CLIENT_ID'} ;
$hostname = $response_data->{'HOSTNAME'};
$registered = $response_data->{'REGISTERED'};
$requestor = $response_data->{'REQUESTOR'};
$service = $response_data->{'SERVICE'};
$client_type = $response_data->{'CLIENT_TYPE'};
$type = $response_data->{'TYPE'};
$receive_own_events = $response_data->{'RECEIVE_OWN_EVENTS'};
$description_tags = $response_data->{'DESCRIPTION_TAGS'};
$type = defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "";
$receive_own_events = defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "";
$description_tags = defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "";
$ip_net_client = $response_data->{'IP_NET_CLIENT'};
# push received clients from warden server into @clients which is returned
@client = ("$client_id", "$hostname", "$registered", "$requestor", "$service", "$client_type", "$type", "$receive_own_events", "$description_tags", "$ip_net_client");
push (@clients,\@client);
# go to the next received client
$i++;
$response_data = $response->valueof("[$i]");
}
return @clients;
} # End of getClients
......@@ -156,23 +210,25 @@ sub getStatus
my $conf_file = $etcdir . "warden-client.conf";
my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
# call server method getStatus
my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getStatus");
# parse returned SOAP data object
my @response_list = $response->valueof('/Envelope/Body/getStatusResponse/');
my $response_data = shift(@response_list);
# match getStatus functions response
$response->match('/Envelope/Body/getStatusResponse/');
my @status;
my $i = 1;
# get first value from SOAP data object
my $response_data = $response->valueof("[$i]");
# parse items of server status
my $version = $response_data->{'VERSION'};
my $address = $response_data->{'ADDRESS'};
my $port = $response_data->{'PORT'};
#my $address = $response_data->{'ADDRESS'};
#my $port = $response_data->{'PORT'};
my $logdir = $response_data->{'LOGDIR'};
my $piddir = $response_data->{'PIDDIR'};
#my $piddir = $response_data->{'PIDDIR'};
my $vardir = $response_data->{'VARDIR'};
my $ssl_key_file_server = $response_data->{'SSL_KEY_FILE'};
my $ssl_cert_file_server = $response_data->{'SSL_CERT_FILE'};
my $ssl_ca_file_server = $response_data->{'SSL_CA_FILE'};
#my $ssl_key_file_server = $response_data->{'SSL_KEY_FILE'};
#my $ssl_cert_file_server = $response_data->{'SSL_CERT_FILE'};
#my $ssl_ca_file_server = $response_data->{'SSL_CA_FILE'};
my $facility = $response_data->{'FACILITY'};
my $db_size = $response_data->{'DB_SIZE'};
my $events_sum = $response_data->{'EVENTS_SUM'};
......@@ -181,23 +237,24 @@ sub getStatus
my $events_last_timestamp = $response_data->{'EVENTS_LAST_TIMESTAMP'};
my $clients_sum = $response_data->{'CLIENTS_SUM'};
my @status;
my @server_status = ("$version", "$address", "$port", "$logdir", "$piddir", "$vardir", "$ssl_key_file_server", "$ssl_cert_file_server", "$ssl_ca_file_server", "$facility", "$db_size", "$events_sum", "$events_last_id", "$events_first_timestamp", "$events_last_timestamp", "$clients_sum");
#my @server_status = ("$version", "$address", "$port", "$logdir", "$piddir", "$vardir", "$ssl_key_file_server", "$ssl_cert_file_server", "$ssl_ca_file_server", "$facility", "$db_size", "$events_sum", "$events_last_id", "$events_first_timestamp", "$events_last_timestamp", "$clients_sum");
my @server_status = ("$version", undef, undef, "$logdir", undef, "$vardir", undef, undef, undef, "$facility", "$db_size", "$events_sum", "$events_last_id", "$events_first_timestamp", "$events_last_timestamp", "$clients_sum");
push(@status, \@server_status);
while (scalar @response_list) {
my $response_data = shift(@response_list);
$i++;
$response_data = $response->valueof("[$i]");
while (defined $response_data) {
my @client_status;
# parse item of client status
# parse SOAP data object
my $client_id = $response_data->{'CLIENT_ID'};
my $hostname = $response_data->{'HOSTNAME'};
my $service = $response_data->{'SERVICE'};
my $count = $response_data->{'COUNT'};
my $timestamp = $response_data->{'TIMESTAMP'};
@client_status = ("$client_id", "$hostname", "$service", "$count", "$timestamp");
push(@status, \@client_status);
$i++;
$response_data = $response->valueof("[$i]");
}
return @status;
} # End of getStatus
......
src/warden-server/sh/install.sh
+ 59
28
View file @ 295c7383
......@@ -160,18 +160,6 @@ perl_chck()
fi
}
sqlite_chck()
{
echo -n "Checking SQLite database engine ... "
if which sqlite3 1> /dev/null; then
echo "OK"
else
echo "FAILED!"
echo "Error: SQLite3 database engine is not installed!"
exit 1
fi
}
modules_chck()
{
for module in ${modules[@]};
......@@ -189,6 +177,7 @@ modules_chck()
make_warden_dir()
{
echo -n "Creating warden server directory ... "
test -d ${prefix} || mkdir -p ${prefix}
if cp -R $dirname/warden-server $prefix 2> $err; then
echo "OK"
else
......@@ -296,6 +285,11 @@ make_server_conf()
# FACILITY - syslog facility
#-------------------------------------------------------------------------------
\$FACILITY = \"local7\";
\$DB_NAME = \"warden\";
\$DB_USER = \"username\";
\$DB_PASS = \"\";
\$DB_HOST = \"localhost\";
" > $server_conf 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
......@@ -306,18 +300,46 @@ make_server_conf()
}
create_db()
changeServerPath()
{
echo -n "Creating warden server database ... "
$create_tables $db_file 2> $err || err_clean
if chmod 600 $db_file 2> $err; then
echo "OK"
else
err_clean
fi
echo "Update server path ...";
for file in `ls -1 $bin | grep -v warden-alive | grep -v create_tables.sh | grep -v wardend`
do
echo "- update server path: ${bin}/$file"
perl -pi -e "s#/opt#${prefix}#" ${bin}/$file
done
echo "- update server path: ${apache_conf}"
perl -pi -e "s#/opt#${prefix}#" ${apache_conf}
echo "- update server path: ${lib}/Warden.pm"
perl -pi -e "s#/opt#${prefix}#" ${lib}/Warden.pm
}
updateCertsPath()
{
echo "- update certs path: ${apache_conf}"
perl -pi -e "s#server-cert.pem#${cert}#" ${apache_conf}
perl -pi -e "s#server-key.pem#${key}#" ${apache_conf}
perl -pi -e "s#ca-cert.pem#${ca_file}#" ${apache_conf}
}
#create_db()
#{
# echo -n "Creating warden server database ... "
# $create_tables $db_file 2> $err || err_clean
# if chmod 600 $db_file 2> $err; then
# echo "OK"
# else
# err_clean
# fi
#}
create_symlinks()
{
echo "Creating symbolic links ..."
......@@ -326,8 +348,8 @@ create_symlinks()
echo "- making symlink: ${local_bin}/$file -> ${bin}/$file"
ln -s ${bin}/$file ${local_bin}/$file
done
echo "- making symlink: ${bin}/wardend -> $init"
ln -s ${bin}/wardend $init
# echo "- making symlink: ${bin}/wardend -> $init"
# ln -s ${bin}/wardend $init
}
......@@ -336,7 +358,8 @@ create_symlinks()
#-------------------------------------------------------------------------------
# list of used Perl modules
modules=(SOAP::Lite SOAP::Transport::TCP File::Pid POSIX DBI DBD::SQLite Format::Human::Bytes Sys::Syslog File::Basename FindBin Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL)
#modules=(SOAP::Lite SOAP::Transport::TCP File::Pid POSIX DBI DBD::SQLite Format::Human::Bytes Sys::Syslog File::Basename FindBin Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL)
modules=(DBI DBD::mysql Format::Human::Bytes Sys::Syslog File::Basename FindBin Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL MIME::Base64 Crypt::X509)
# OS test
os_chck
......@@ -378,7 +401,9 @@ local_bin="/usr/local/bin"
etc="${server_path}/etc"
client_conf="${etc}/warden-client.conf"
server_conf="${etc}/warden-server.conf"
apache_conf="${etc}/warden-apache.conf"
var="${server_path}/var"
lib="${server_path}/lib"
db_file="${var}/warden.db"
err="/tmp/warden-err"
init="/etc/init.d/wardend"
......@@ -392,8 +417,8 @@ echo "------------------------- Dependencies check-in -------------------------"
# Perl interpreter test
perl_chck
# SQLite database engine test
sqlite_chck
## SQLite database engine test
#sqlite_chck
# Perl modules test
modules_chck
......@@ -410,8 +435,14 @@ make_client_conf
# create server configuration file
make_server_conf
# create warden server database
create_db
## create warden server database
#create_db
#update paths in utilities
changeServerPath
#update paths in apachefile
updateCertsPath
# crate symlinks from warden server bin directory to /usr/local/bin
create_symlinks
......@@ -421,7 +452,7 @@ echo "Please check client configuration file in $client_conf!"
echo "Please check server configuration file in $server_conf!"
echo
echo "Warden server directory: $server_path"
echo "Warden server daemon: $init [start|stop|status|restart|force-stop]"
#echo "Warden server daemon: $init [start|stop|status|restart|force-stop]"
echo
echo "Installation of $package_version package was SUCCESSFUL!!!"
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment