diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index 742c15e74aa5bd58aebfd9f69c7a9c472f683a88..2214a057c1e07f1ebf22970c9e765852f3f1a2f0 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -161,14 +161,14 @@ sub authorizeClient
# check if client is registered
if ($sth->rows == 0) {
- write2log ("err", "Unauthorized access to $function_name from: $ip; CN(AN): $alt_names; used service: '$service_type' - client is not registered");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip'; CN(AN): $alt_names; used service: '$service_type' - client is not registered");
die("Access denied - client is not registered at warden server!");
return undef;
}
# check if client has IP from registered CIDR
if (!$correct_ip_source) {
- write2log ("err", "Unauthorized access to $function_name from: $ip; CN(AN): $alt_names; used service: '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip'; CN(AN): $alt_names; used service: '$service_type' - access from bad subnet: Registered subnet '" . $ret{'cidr'} . "'");
die("Access denied - access from unauthorized subnet!");
return undef;
}
@@ -223,7 +223,7 @@ sub saveNewEvent
$sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
return 1;
} else {
- write2log ("err", "Unknown event type - client from: $ip; CN(AN): $alt_names; used type: '$type'");
+ write2log ("err", "Unknown event type - client from: '$ip'; CN(AN): $alt_names; used type: '$type'");
die("Unknown event type - client sent event with unknown type '$type'!");
}
}
@@ -248,7 +248,7 @@ sub getNewEvents
my $function_name = 'getNewEvents';
# parse SOAP data object
- my $requested_type = $data->{'REQUESTED_TYPE'};
+ my $requested_type = $data->{'REQUESTED_TYPE'} or '_any_';
my $last_id = $data->{'LAST_ID'};
my $max_rcv_events_limit = $data->{'MAX_RCV_EVENTS_LIMIT'};
@@ -319,9 +319,9 @@ sub getNewEvents
# log sent ID of events
if (scalar @events != 0) {
if (scalar @ids == 1) {
- write2log("info", "Sent 1 event [#$ids[0]] to $ip (CN(AN): $alt_names) with client limit $max_rcv_events_limit events");
+ write2log("info", "Sent 1 event [#$ids[0]] to '$ip' (CN(AN): $alt_names) with client limit '$max_rcv_events_limit' events");
} else {
- write2log("info", "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to $ip (CN(AN): $alt_names) with client limit $max_rcv_events_limit events");
+ write2log("info", "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to '$ip' (CN(AN): $alt_names) with client limit '$max_rcv_events_limit' events");
}
}
return @events;
@@ -338,7 +338,7 @@ sub getLastId
my $function_name = 'getLastId';
my $sth = $DBH->prepare("SELECT max(id) FROM events;");
- if ( !defined $sth ) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if ( !defined $sth ) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $result = $sth->fetchrow();
@@ -362,7 +362,7 @@ sub registerSender
my $function_name = 'registerSender';
if ($local_ip ne $ip) {
- write2log ("err", "Unauthorized access to $function_name from: $ip ($cn) - access allowed only from localhost");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip' ('$cn') - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# defined variables by method
@@ -380,19 +380,19 @@ sub registerSender
# check if sender has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
- if (!defined $sth) {die("Cannot prepare check statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot prepare check statement in '$function_name': $DBI::errstr\n")}
$sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new sender
if (defined $result) {
write2log ("err", "Attempt to re-register the sender");
- die("Error - sender has already been registered at $result");
+ die("Error - sender has already been registered at '$result'");
} else {
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
- if (!defined $sth) {die("Cannot do statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot do statement in '$function_name': $DBI::errstr\n")}
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- write2log("info", "New sender $hostname (service: $service, cidr: $ip_net_client) was registered");
+ write2log("info", "New sender '$hostname' (service: '$service', cidr: '$ip_net_client') was registered");
return 1;
}
}
@@ -415,7 +415,7 @@ sub registerReceiver
my $function_name = 'registerReceiver';
if ($local_ip ne $ip) {
- write2log ("err", "Unauthorized access to $function_name from: $ip ($cn) - access allowed only from localhost");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip' ('$cn') - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# variables defined by method
@@ -433,19 +433,19 @@ sub registerReceiver
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = ? AND requestor = ? AND service = ? AND client_type = ? AND type = ? AND receive_own_events = ? AND description_tags = ? AND ip_net_client = ? LIMIT 1;");
- if (!defined $sth) {die("Cannot prepare check statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot prepare check statement in '$function_name': $DBI::errstr\n")}
$sth->execute($hostname, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $result = $sth->fetchrow();
# register new receiver
if (defined $result) {
write2log ("err", "Attempt to re-register the receiver");
- die("Error - receiver has already been registered at $result");
+ die("Error - receiver has already been registered at '$result'");
} else {
$sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
- if (!defined($sth)) {die("Cannot do statement in $function_name: $DBI::errstr\n")}
+ if (!defined($sth)) {die("Cannot do statement in '$function_name': $DBI::errstr\n")}
$sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
- write2log("info", "New receiver $hostname (type: $type, cidr: $ip_net_client: receive_own_events: $receive_own_events) was registered");
+ write2log("info", "New receiver '$hostname' (type: '$type', cidr: '$ip_net_client', receive_own_events: '$receive_own_events') was registered");
return 1;
}
}
@@ -468,7 +468,7 @@ sub unregisterClient
my $function_name = 'unregisterClient';
if ($local_ip ne $ip) {
- write2log ("err", "Unauthorized access to $function_name from: $ip ($cn) - access allowed only from localhost");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip' ('$cn') - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# parse SOAP data oject
@@ -476,7 +476,7 @@ sub unregisterClient
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = ? LIMIT 1;");
- if (!defined $sth) {die("Cannot prepare check statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot prepare check statement in '$function_name': $DBI::errstr\n")}
$sth->execute($client_id);
my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
@@ -487,21 +487,21 @@ sub unregisterClient
} else {
if ($client_type eq 's') {
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
- if (!defined $sth) {die("Cannot do delete statement of sender in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot do delete statement of sender in '$function_name': $DBI::errstr\n")}
$sth->execute($client_id);
$sth = $DBH->prepare("UPDATE events SET valid = 'f' where hostname = ? AND service = ?;");
- if (!defined $sth) {die("Cannot do unvalidation statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot do unvalidation statement in '$function_name': $DBI::errstr\n")}
$sth->execute($hostname, $service);
- write2log("info", "Sender $hostname (client_id: $client_id, service: $service) was deleted and its data were invalidated" );
+ write2log("info", "Sender '$hostname' (client_id: '$client_id', service: '$service') was deleted and its data were invalidated" );
return 1;
} else {
$sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
- if (!defined $sth) {die("Cannot do delete statement of receiver in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot do delete statement of receiver in '$function_name': $DBI::errstr\n")}
$sth->execute($client_id);
- write2log("info", "Receiver $hostname (client_id: $client_id) was deleted" );
+ write2log("info", "Receiver '$hostname' (client_id: '$client_id') was deleted" );
return 1;
}
}
@@ -524,13 +524,13 @@ sub getClients
my $function_name = 'getClients';
if ($local_ip ne $ip) {
- write2log ("err", "Unauthorized access to $function_name from: $ip ($cn) - access allowed only from localhost");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip' ('$cn') - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
@@ -560,7 +560,7 @@ sub getClients
push(@clients, $client);
}
my $sum = scalar @clients;
- write2log("info", "Sending information about $sum registered clients");
+ write2log("info", "Sending information about '$sum' registered clients");
return @clients;
}
} # END of getClients
@@ -581,7 +581,7 @@ sub getStatus
my $function_name = 'getStatus';
if ($local_ip ne $ip) {
- write2log ("err", "Unauthorized access to $function_name from: $ip ($cn) - access allowed only from localhost");
+ write2log ("err", "Unauthorized access to '$function_name' from: '$ip' ('$cn') - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my ($sth, @status);
@@ -603,35 +603,35 @@ sub getStatus
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) { $events_sum = "none" }
# id of last record in table events
$sth = $DBH->prepare("SELECT max(id) FROM events;");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
# timestamp of last record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
# sum of records in table clients
$sth = $DBH->prepare("SELECT count(*) FROM clients;");
- if (!defined $sth) { die("Cannot prepare statement in $function_name: $DBI::errstr\n") }
+ if (!defined $sth) { die("Cannot prepare statement in '$function_name': $DBI::errstr\n") }
$sth->execute;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) { $clients_sum = "none" }
@@ -657,7 +657,7 @@ sub getStatus
# statistics of senders
if ($clients_sum != 0) {
$sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's' ORDER BY client_id ASC;");
- if (!defined $sth) {die("Cannot prepare statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth) {die("Cannot prepare statement in '$function_name': $DBI::errstr\n")}
$sth->execute;
my ($client_id, $hostname, $service);
my $client_status;
@@ -665,13 +665,13 @@ sub getStatus
my $sth2;
# sum of stored events
$sth2 = $DBH->prepare("SELECT count(*) FROM events WHERE hostname = ? AND service = ?;");
- if (!defined $sth2) {die("Cannot prepare statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth2) {die("Cannot prepare statement in '$function_name': $DBI::errstr\n")}
$sth2->execute($hostname, $service);
my $count = $sth2->fetchrow();
if (!defined $count) {$count = "none"}
# timestamp of last stored event
$sth2 = $DBH->prepare("SELECT max(received) FROM events WHERE hostname = ? AND service = ?;");
- if (!defined $sth2) {die("Cannot prepare statement in $function_name: $DBI::errstr\n")}
+ if (!defined $sth2) {die("Cannot prepare statement in '$function_name': $DBI::errstr\n")}
$sth2->execute($hostname, $service);
my $timestamp = $sth2->fetchrow();
if (!defined $timestamp) {$timestamp = "none"}