odstranen SOAP z volani getClients.pl

4dc80ef4 · Tomáš Plesník · d2cffbe6 · 4dc80ef4 · 4dc80ef4 · 4dc80ef4
Commit 4dc80ef4 authored Jan 16, 2013 by Tomáš Plesník
--- a/src/warden-server/bin/getClients.pl
+++ b/src/warden-server/bin/getClients.pl
@@ -9,17 +9,21 @@
 use strict;
 use Getopt::Std;
 use File::Basename;
+use DBI;
+use DBD::mysql;
-our $VERSION = "2.1";
-my $warden_path = '/opt/warden-server';
+################################################################################
-require $warden_path . '/lib/WardenStatus.pm';
+#				GLOBAL VARIABLES
+################################################################################
+our $VERSION = "2.2";
 my $filename = basename($0);
-#-------------------------------------------------------------------------------
+################################################################################
 #                               Functions
-#-------------------------------------------------------------------------------
+################################################################################
 sub usage {
  print "Usage: $filename [without parameters]\n";
  exit 1;
@@ -50,9 +54,10 @@ sub trim
 } # End of trim
-#-------------------------------------------------------------------------------
+################################################################################
 #                               MAIN
-#-------------------------------------------------------------------------------
+################################################################################
 our ($opt_h);
 die usage unless getopts("h");
@@ -69,23 +74,45 @@ if ($UID != 0) {
  die errMsg("You must be root for running this script!")
 }
+# read config file
+my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
+our $DB_NAME            = undef;
+our $DB_USER            = undef;
+our $DB_PASS            = undef;
+our $DB_HOST            = undef;
+unless (do $conf_file) {
+  die("Errors in config file '$conf_file': $@") if $@;
+  die("Can't read config file '$conf_file': $!") unless defined $_;
+  # if $_ defined, it's retvalue of last statement of conf, for which we don't care
+}
+# connect to DB
+our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1}) || die "Could not connect to database: $DBH->errstr";
-my @clients = WardenStatus::getClients($warden_path);
+# obtain data from DB
+my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;") or die "Cannot prepare statement: " . $DBH->errstr;
+$sth->execute or die "Couldn't execute statement: " . $sth->errstr;
+my @clients = $sth->fetchall_arrayref();
+# print table of clients
 print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
 print "| Client ID  | Hostname                       | Registered          | Requestor               | Service                   | CT | Type            | ROE  | Description tags                                   | IP Net Client      |\n";
 print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
 foreach (@clients) {
+  my @client = @$_;
+  foreach (@client) {
    printf("| %-10s ", @$_[0] || "unknown");
    printf("| %-30s ", @$_[1] || "unknown");
    printf("| %19s ", @$_[2]  || "unknown");
    printf("| %-23s ", @$_[3] || "unknown");
-  printf("| %-25s ", @$_[4] || "unknown");
+    printf("| %-25s ", @$_[4] || "-");
    printf("| %-2s ", @$_[5]  || "unknown");
-  printf("| %-15s ", @$_[6] || "unknown");
+    printf("| %-15s ", @$_[6] || "-");
-  printf("| %-4s ", @$_[7]  || "unknown");
+    printf("| %-4s ", @$_[7]  || "-");
-  printf("| %-50s ", @$_[8] || "unknown");
+    printf("| %-50s ", @$_[8] || "-");
    printf("| %-18s |\n", @$_[9] || "unknown");
  }
+}
 print "+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n";
 print "\n";
 print "Current registered clients in: " . scalar localtime(time) . "\n";

--- a/src/warden-server/etc/warden-apache.conf
+++ b/src/warden-server/etc/warden-apache.conf
 #
+#
 # warden-apache.conf - configuration file for the Apache server
 #
@@ -10,8 +11,8 @@ SSLOptions +StdEnvVars +ExportCertData
 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile    /etc/ssl/certs/warden-dev.cesnet.cz.pem
+SSLCertificateFile    /etc/ssl/certs/warden-c.cesnet.cz.pem
-SSLCertificateKeyFile /etc/ssl/private/warden-dev.cesnet.cz.key
+SSLCertificateKeyFile /etc/ssl/private/warden-c.cesnet.cz.key
 SSLCACertificateFile  /etc/ssl/certs/tcs-ca-bundle.pem
 PerlOptions +Parent

--- a/src/warden-server/etc/warden-client.conf
+++ b/src/warden-server/etc/warden-client.conf
 #
-# warden-client.conf - configuration file for registration and status clients
+# warden-client.conf - configuration file for the warden sender/receiver client
 #
 #-------------------------------------------------------------------------------
 # URI - URI address of Warden server
 #-------------------------------------------------------------------------------
-$URI = "https://warden-dev.cesnet.cz:443/Warden";
+$URI = "https://warden-c.cesnet.cz:443/Warden";
 #-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to server SSL certificate key file
+# SSL_KEY_FILE - path to client SSL certificate key file
 #-------------------------------------------------------------------------------
-$SSL_KEY_FILE = "/etc/ssl/private/warden-dev.cesnet.cz.key";
+$SSL_KEY_FILE = "/etc/ssl/private/warden-c.cesnet.cz.key";
 #-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to server SSL certificate file
+# SSL_CERT_FILE - path to client SSL certificate file
 #-------------------------------------------------------------------------------
-$SSL_CERT_FILE = "/etc/ssl/certs/warden-dev.cesnet.cz.pem";
+$SSL_CERT_FILE = "/etc/ssl/certs/warden-c.cesnet.cz.pem";
 #-------------------------------------------------------------------------------
 # SSL_CA_FILE - path to CA certificate file

--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -5,7 +5,7 @@
 #-------------------------------------------------------------------------------
 # BASEDIR - base directory of Warden server
 #-------------------------------------------------------------------------------
-$BASEDIR = '/opt/warden-server';
+$BASEDIR = "/opt/warden-server";
 #-------------------------------------------------------------------------------
 # SYSLOG - enable/disable syslog logging
@@ -20,38 +20,38 @@ $SYSLOG_VERBOSE = 1;
 #-------------------------------------------------------------------------------
 # SYSLOG_FACILITY - syslog facility
 #-------------------------------------------------------------------------------
-$SYSLOG_FACILITY = 'local7';
+$SYSLOG_FACILITY = "local7";
 #-------------------------------------------------------------------------------
 # DB_NAME - MySQL database name of Warden server
 #-------------------------------------------------------------------------------
-$DB_NAME = 'warden';
+$DB_NAME = "warden";
 #-------------------------------------------------------------------------------
 # DB_USER - MySQL database user of Warden server
 #-------------------------------------------------------------------------------
-$DB_USER = 'root';
+$DB_USER = "root";
 #-------------------------------------------------------------------------------
 # DB_PASS - MySQL database password of Warden server
 #-------------------------------------------------------------------------------
-$DB_PASS = '';
+$DB_PASS = "";
 #-------------------------------------------------------------------------------
 # DB_HOST - MySQL database host
 #-------------------------------------------------------------------------------
-$DB_HOST = 'localhost';
+$DB_HOST = "localhost";
 #-------------------------------------------------------------------------------
 # MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
 #                    delivered to one client in one batch
 #-------------------------------------------------------------------------------
-$MAX_EVENTS_LIMIT = '1000000';
+$MAX_EVENTS_LIMIT = 1000000;
 #-------------------------------------------------------------------------------
 # VALID_STRINGS - validation hash containing allowed event attributes
 #-------------------------------------------------------------------------------
 %VALID_STRINGS = (
-  'type'	=> ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
+  "type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
-  'source_type'	=> ['IP', 'URL', 'Reply-To:']
+  "source_type" => ["IP", "URL", "Reply-To:"]
 );
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -22,7 +22,7 @@ use Crypt::X509;
 use SOAP::Lite;
 use Carp;
-our $VERSION = "2.2";
+our $VERSION = "2.2-devel";
 ################################################################################
@@ -631,70 +631,6 @@ sub unregisterClient
 } # END of unregisterClient
-#-----------------------------------------------------------------------------
-# getClients -  get list of clients which were registered at warden server
-#-----------------------------------------------------------------------------
-sub getClients
-{
-  my ($class, $arg) = @_;
-  # client network information
-  my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
-  my $ip = $ENV{'REMOTE_ADDR'};
-  my $local_ip = $ENV{'SERVER_ADDR'};
-  my $function_name = 'getClients';
-  if ($local_ip ne $ip) {
-    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
-           "Access denied - access allowed only from localhost");
-  } else {
-    my (@clients, $client);
-    my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
-    my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
-    if (!defined $sth) {
-      sendMsg("err",
-             "Cannot prepare statement in function '$function_name': $DBH->errstr",
-	     "Internal 'prepare' server error");
-    }
-    $sth->execute;
-    while ( my @result = $sth->fetchrow() ) {
-      $client_id		= $result[0];
-      $hostname			= $result[1];
-      $registered		= $result[2];
-      $requestor		= $result[3];
-      $service			= $result[4];
-      $client_type 		= $result[5];
-      $type 			= $result[6];
-      $receive_own_events	= $result[7];
-      $description_tags		= $result[8];
-      $ip_net_client		= $result[9];
-      $client = SOAP::Data->name(client => \SOAP::Data->value(
-      SOAP::Data->name(CLIENT_ID		=> $client_id),
-      SOAP::Data->name(HOSTNAME			=> $hostname),
-      SOAP::Data->name(REGISTERED		=> $registered),
-      SOAP::Data->name(REQUESTOR		=> $requestor),
-      SOAP::Data->name(SERVICE			=> $service),
-      SOAP::Data->name(CLIENT_TYPE		=> $client_type),
-      SOAP::Data->name(TYPE			=> $type),
-      SOAP::Data->name(RECEIVE_OWN_EVENTS	=> $receive_own_events),
-      SOAP::Data->name(DESCRIPTION_TAGS		=> $description_tags),
-      SOAP::Data->name(IP_NET_CLIENT		=> $ip_net_client),
-      ));
-      push(@clients, $client);
-    }
-    my $sum = scalar @clients;
-    sendMsg("info",
-           "Sending information about '$sum' registered clients from $ENV{'SERVER_NAME'}",
-	    undef);
-    return @clients;
-  }
-} # END of getClients
 #-----------------------------------------------------------------------------
 # getStatus - get list of status items of warden server
 #-----------------------------------------------------------------------------
@@ -842,7 +778,8 @@ sub getStatus
 #-------------------------------------------------------------------------------
-# getClientInfo
+# getClientInfo - get list of registered clients on Warden server
+#		  by Warden client
 #-------------------------------------------------------------------------------
 sub getClientInfo
 {

--- a/src/warden-server/lib/WardenStatus.pm
+++ b/src/warden-server/lib/WardenStatus.pm
@@ -71,51 +71,6 @@ sub c2s
 }
-#-------------------------------------------------------------------------------
-# getClients - get list of registered clients
-#-------------------------------------------------------------------------------
-sub getClients
-{
-  my $warden_path = shift;
-  my $etcdir = $warden_path . "/etc/";
-  my $libdir = $warden_path . "/lib/";
-  # read the config file
-  require $libdir .  "WardenConf.pm";
-  my $conf_file = $etcdir . "warden-client.conf";
-  my ($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file) = WardenConf::loadConf($conf_file);
-  # call method getClients on the Warden server
-  my $response = c2s($uri, $ssl_key_file, $ssl_cert_file, $ssl_ca_file, "getClients");
-  # parse returned SOAP data object with clients
-  my @clients;
-  my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
-  my @response_list = $response->valueof('/Envelope/Body/getClientsResponse/client/');
-  while (scalar @response_list) {
-    my $response_data = shift(@response_list);
-    my @client;
-    $client_id		= $response_data->{'CLIENT_ID'} ;
-    $hostname		= $response_data->{'HOSTNAME'};
-    $registered		= $response_data->{'REGISTERED'};
-    $requestor 		= $response_data->{'REQUESTOR'};
-    $service	 	= defined $response_data->{'SERVICE'} ? $response_data->{'SERVICE'} : "-";
-    $client_type	= $response_data->{'CLIENT_TYPE'};
-    $type		= defined $response_data->{'TYPE'} ? $response_data->{'TYPE'} : "-";
-    $receive_own_events	= defined $response_data->{'RECEIVE_OWN_EVENTS'} ? $response_data->{'RECEIVE_OWN_EVENTS'} : "-";
-    $description_tags	= defined $response_data->{'DESCRIPTION_TAGS'} ? $response_data->{'DESCRIPTION_TAGS'} : "-";
-    $ip_net_client	= $response_data->{'IP_NET_CLIENT'};
-    # push received clients from warden server into @clients which is returned
-    @client = ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
-    push (@clients,\@client);
-  }
-  return @clients;
-} # End of getClients
 #-------------------------------------------------------------------------------
 # getStatus - get warden server status
 #-------------------------------------------------------------------------------