From 59c16480cb31d60d9e1ae968d07afb06f3982361 Mon Sep 17 00:00:00 2001
From: Tomas Plesnik <plesnik@ics.muni.cz>
Date: Mon, 11 Feb 2013 11:19:41 +0100
Subject: [PATCH] nacitani konfiguracniho souboru presunuto do
WardenCommon::loadConf; opraveno odebirani klientu pomoci
unregisterClient.pl, lze odebrat pouze validni klienty
---
src/warden-server/bin/getClients.pl | 12 ++-------
src/warden-server/bin/getStatus.pl | 33 +++++++----------------
src/warden-server/bin/registerReceiver.pl | 17 +++---------
src/warden-server/bin/registerSender.pl | 17 +++---------
src/warden-server/bin/unregisterClient.pl | 21 ++++-----------
src/warden-server/lib/Warden.pm | 31 ++++++---------------
src/warden-server/lib/WardenCommon.pm | 26 ++++++++++++++++++
7 files changed, 57 insertions(+), 100 deletions(-)
diff --git a/src/warden-server/bin/getClients.pl b/src/warden-server/bin/getClients.pl
index e95b98b..dbc9334 100755
--- a/src/warden-server/bin/getClients.pl
+++ b/src/warden-server/bin/getClients.pl
@@ -24,15 +24,7 @@ my $etc = "$FindBin::RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
@@ -66,7 +58,7 @@ if ($UID != 0) {
}
# connect to DB
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
# obtain data from DB
diff --git a/src/warden-server/bin/getStatus.pl b/src/warden-server/bin/getStatus.pl
index 400c7b5..1121b5a 100755
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -25,20 +25,7 @@ my $etc = "$FindBin::RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
-our $BASEDIR = undef
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-our $MAX_EVENTS_LIMIT = undef;
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
@@ -72,7 +59,7 @@ if ($UID != 0) {
}
# connect to DB
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
#-----------------------------------------------------------------------------
@@ -83,12 +70,12 @@ my $hostname = WardenCommon::trim(`hostname -f`);
my $ip_address = WardenCommon::trim(`hostname -i`);
my $port = WardenCommon::trim(`netstat -pln | grep apache | cut -f 4 -d ":"`);
my ($syslog, $syslog_verbose);
-if ($SYSLOG == 1) {
+if ($WardenCommon::SYSLOG == 1) {
$syslog = "enabled";
} else {
$syslog = "disabled";
}
-if ($SYSLOG_VERBOSE == 1) {
+if ($WardenCommon::SYSLOG_VERBOSE == 1) {
$syslog_verbose = "enabled";
} else {
$syslog_verbose = "disabled";
@@ -202,14 +189,14 @@ print "SERVER_VERSION:\t\t$version\n";
print "HOSTNAME:\t\t$hostname\n";
print "IP_ADDRESS:\t\t$ip_address\n";
print "PORT:\t\t\t$port\n";
-print "BASEDIR:\t\t$BASEDIR\n";
-print "DB_NAME:\t\t$DB_NAME\n";
-print "DB_USER:\t\t$DB_USER\n";
-print "DB_HOST:\t\t$DB_HOST\n";
+print "BASEDIR:\t\t$WardenCommon::BASEDIR\n";
+print "DB_NAME:\t\t$WardenCommon::DB_NAME\n";
+print "DB_USER:\t\t$WardenCommon::DB_USER\n";
+print "DB_HOST:\t\t$WardenCommon::DB_HOST\n";
print "SYSLOG:\t\t\t$syslog\n";
print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n";
-print "SYSLOG_FACILITY:\t$SYSLOG_FACILITY\n";
-print "MAX_EVENTS_LIMIT:\t$MAX_EVENTS_LIMIT\n";
+print "SYSLOG_FACILITY:\t$WardenCommon::SYSLOG_FACILITY\n";
+print "MAX_EVENTS_LIMIT:\t$WardenCommon::MAX_EVENTS_LIMIT\n";
print "\n";
print "Warden server status:\n";
diff --git a/src/warden-server/bin/registerReceiver.pl b/src/warden-server/bin/registerReceiver.pl
index b464466..9ffe158 100755
--- a/src/warden-server/bin/registerReceiver.pl
+++ b/src/warden-server/bin/registerReceiver.pl
@@ -29,18 +29,7 @@ my $etc = "$FindBin::RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
@@ -73,7 +62,7 @@ sub sendMsg
my $severity = shift;
my $syslog_msg = shift;
- WardenCommon::sendMsg($SYSLOG, $SYSLOG_VERBOSE, $SYSLOG_FACILITY, $severity,
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, undef, $RealScript);
}
@@ -130,7 +119,7 @@ my $service = undef;
my $description_tags = undef;
# connect to DB
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
# check if receiver has been already registered or register it
diff --git a/src/warden-server/bin/registerSender.pl b/src/warden-server/bin/registerSender.pl
index 1726959..f5ab0d8 100755
--- a/src/warden-server/bin/registerSender.pl
+++ b/src/warden-server/bin/registerSender.pl
@@ -29,18 +29,7 @@ my $etc = "$FindBin::RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
@@ -73,7 +62,7 @@ sub sendMsg
my $severity = shift;
my $syslog_msg = shift;
- WardenCommon::sendMsg($SYSLOG, $SYSLOG_VERBOSE, $SYSLOG_FACILITY, $severity,
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, undef, $RealScript);
}
@@ -129,7 +118,7 @@ my $type = undef;
my $receive_own_events = undef;
# connect to DB
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
# check if receiver has been already registered or register it
diff --git a/src/warden-server/bin/unregisterClient.pl b/src/warden-server/bin/unregisterClient.pl
index 5fb40b8..5d3c602 100755
--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -29,18 +29,7 @@ my $etc = "$FindBin::RealBin/../etc";
# read config file
my $conf_file = "$etc/warden-server.conf";
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
@@ -69,7 +58,7 @@ sub sendMsg
my $severity = shift;
my $syslog_msg = shift;
- WardenCommon::sendMsg($SYSLOG, $SYSLOG_VERBOSE, $SYSLOG_FACILITY, $severity,
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, undef, $RealScript);
}
@@ -105,18 +94,18 @@ if (!defined $client_id) {
}
# connect to DB
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
# check if receiver has been already registered
-my $sth = $DBH->prepare("SELECT client_id, hostname, service, client_type, type FROM clients WHERE client_id = ? LIMIT 1;") or die "Cannot prepare statement: " . $DBH->errstr;
+my $sth = $DBH->prepare("SELECT client_id, hostname, service, client_type, type FROM clients WHERE client_id = ? AND valid = 't' LIMIT 1;") or die "Cannot prepare statement: " . $DBH->errstr;
$sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
my ($id, $hostname, $service, $client_type, $type) = $sth->fetchrow();
my $warden_server = WardenCommon::trim(`hostname -f`);
# delete registered client
if (!defined $id) {
- sendMsg("err", "Attempt to delete unregister client [Client_id: '$client_id', Hostname: '$hostname', Client_type: '$client_type', Service: '$service', Type: '$type'] from Warden server '$warden_server'");
+ sendMsg("err", "Attempt to delete unregister client [Client_id: '$client_id'] from Warden server '$warden_server'");
WardenCommon::errMsg("Client (#$client_id) is not registered at Warden server '$warden_server'");
} else {
if ($client_type eq 's') {
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index 9e370d5..08051bc 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -40,29 +40,14 @@ our $FILENAME = File::Basename::basename($0);
# READING OF CONFIGURATION VARIABLES
################################################################################
my $conf_file = "$etc/warden-server.conf";
-our $SYSLOG = undef;
-our $SYSLOG_VERBOSE = undef;
-our $SYSLOG_FACILITY = undef;
-our $DB_NAME = undef;
-our $DB_USER = undef;
-our $DB_PASS = undef;
-our $DB_HOST = undef;
-our $MAX_EVENTS_LIMIT = 1000000; # default value
-our %VALID_STRINGS = (); # inicialization of empty hash
-
-# load set variables by user
-unless (do $conf_file) {
- die("Errors in config file '$conf_file': $@") if $@;
- die("Can't read config file '$conf_file': $!") unless defined $_;
- # if $_ defined, it's retvalue of last statement of conf, for which we don't care
-}
+WardenCommon::loadConf($conf_file);
################################################################################
# DB CONNECT
################################################################################
-our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
+our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
|| die "Could not connect to database: $DBI::errstr";
@@ -80,7 +65,7 @@ sub sendMsg
my $syslog_msg = shift;
my $soap_msg = shift;
- WardenCommon::sendMsg($SYSLOG, $SYSLOG_VERBOSE, $SYSLOG_FACILITY, $severity,
+ WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
$syslog_msg, $soap_msg, $FILENAME);
}
@@ -224,12 +209,12 @@ sub saveNewEvent
sendMsg("debug",
"Incoming event: [service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
undef);
- if (%VALID_STRINGS) { # check if hash is not empty - use VALIDATION HASH
- if (!(exists $VALID_STRINGS{'type'} && grep $type eq $_, @{$VALID_STRINGS{'type'}})) {
+ if (%WardenCommon::VALID_STRINGS) { # check if hash is not empty - use VALIDATION HASH
+ if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) {
sendMsg("err",
"Unknown event type from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type']",
"Unknown event type: '$type'");
- } elsif (!(exists $VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$VALID_STRINGS{'source_type'}})) {
+ } elsif (!(exists $WardenCommon::VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$WardenCommon::VALID_STRINGS{'source_type'}})) {
sendMsg("err",
"Unknown source type from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Source_type: '$source_type']",
"Unknown source type: '$source_type'");
@@ -303,10 +288,10 @@ sub getNewEvents
# comparison of client and server limit - which can be used
my $used_limit;
- if (defined $max_rcv_events_limit && $max_rcv_events_limit < $MAX_EVENTS_LIMIT) {
+ if (defined $max_rcv_events_limit && $max_rcv_events_limit < $WardenCommon::MAX_EVENTS_LIMIT) {
$used_limit = $max_rcv_events_limit;
} else {
- $used_limit = $MAX_EVENTS_LIMIT;
+ $used_limit = $WardenCommon::MAX_EVENTS_LIMIT;
}
my %client = authorizeClient($alt_names, $ip, $requested_type, $client_type, $function_name);
diff --git a/src/warden-server/lib/WardenCommon.pm b/src/warden-server/lib/WardenCommon.pm
index 6d939ad..6aff81e 100755
--- a/src/warden-server/lib/WardenCommon.pm
+++ b/src/warden-server/lib/WardenCommon.pm
@@ -80,4 +80,30 @@ sub sendMsg
}
} # End of sendMsg
+
+#-------------------------------------------------------------------------------
+# loadConf - load configuration file
+#-------------------------------------------------------------------------------
+sub loadConf
+{
+ my $conf_file = shift;
+
+ our $BASEDIR = undef;
+ our $SYSLOG = undef;
+ our $SYSLOG_VERBOSE = undef;
+ our $SYSLOG_FACILITY = undef;
+ our $DB_NAME = undef;
+ our $DB_USER = undef;
+ our $DB_PASS = undef;
+ our $DB_HOST = undef;
+ our $MAX_EVENTS_LIMIT = 1000000;
+ our %VALID_STRINGS = ();
+ unless (do $conf_file) {
+ die("Errors in config file '$conf_file': $@") if $@;
+ die("Can't read config file '$conf_file': $!") unless defined $_;
+ # if $_ defined, it's retvalue of last statement of conf, for which we don't care
+ }
+} # End of loadConf
+
+
1;
--
GitLab