pridana moznost zakomentovani hashe VALID_STRINGS pomoci zakomentovani v...

pridana moznost zakomentovani hashe VALID_STRINGS pomoci zakomentovani v warden-server.conf; automaticke nastavani undef u , , , pokud jsou nastavene jinak nez cele cislo; uprava logovacich a chybovych hlasek

pridana moznost zakomentovani hashe VALID_STRINGS pomoci zakomentovani v...
a971c475 · Tomáš Plesník · 40773877 · a971c475
Commit a971c475 authored 12 years ago by Tomáš Plesník
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -37,8 +37,8 @@ our $DB_NAME		= undef;
 our $DB_USER		= undef;
 our $DB_PASS		= undef;
 our $DB_HOST		= undef;
-our $MAX_EVENTS_LIMIT	= 1000000; # default value
+our $MAX_EVENTS_LIMIT	= 1000000; 	# default value
-our %VALID_STRINGS	= undef;
+our %VALID_STRINGS	= ();		# inicialization of empty hash
 # load set variables by user
 unless (do $conf_file) {
@@ -127,10 +127,9 @@ sub authorizeClient
  } elsif($function_name eq 'getNewEvents') {
    $sth = $DBH->prepare("SELECT hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
  }
  if (!defined $sth) {
    sendMsg("err",
-           "Cannot prepare authorization statement in $function_name: $DBH->errstr",
+           "Cannot prepare authorization statement in '$function_name': $DBH->errstr",
 	   "Internal 'prepare' server error")
  }
  $sth->execute($service_type, $client_type);
@@ -154,16 +153,16 @@ sub authorizeClient
  # check if client is registered
  if ($sth->rows == 0) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip'; CN(AN): $alt_names; used service: '$service_type' - client is not registered",
+           "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - client is not registered",
-           "Access denied - client is not registered at warden server $ENV{'SERVER_NAME'}");
+           "Access denied - client is not registered at Warden server '$ENV{'SERVER_NAME'}'");
    return undef;
  }
  # check if client has IP from registered CIDR
  if (!$correct_ip_source) {
    sendMsg ("err",
-            "Unauthorized access to function '$function_name' from: '$ip'; CN(AN): $alt_names; used service: '$service_type' - access from bad subnet: Registered subnet '$ret{'cidr'}'",
+            "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access from another subnet than '$ret{'cidr'}'",
-            "Access denied - access to $ENV{'SERVER_NAME'} from unauthorized subnet");
+            "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet");
    return undef;
  }
@@ -208,46 +207,36 @@ sub saveNewEvent
  my $timeout		= $data->{'TIMEOUT'};
  my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
-  if(defined %client) {
+  if (defined %client) {
-    if (!(exists $VALID_STRINGS{'type'} && grep $type eq $_, @{$VALID_STRINGS{'type'}})) {
+    if (%VALID_STRINGS) {	# check if hash is not empty - use VALIDATION HASH
-      sendMsg("err",
+      if (!(exists $VALID_STRINGS{'type'} && grep $type eq $_, @{$VALID_STRINGS{'type'}})) {
-             "Unknown event type - client from: '$ip'; CN(AN): $alt_names; used type: '$type'",
+        sendMsg("err",
-             "Unknown event type '$type'");
+                "Unknown event type from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Type: '$type']",
-    } elsif (!(exists $VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$VALID_STRINGS{'source_type'}})) {
+                "Unknown event type: '$type'");
-      sendMsg("err",
+      } elsif (!(exists $VALID_STRINGS{'source_type'} && grep $source_type eq $_, @{$VALID_STRINGS{'source_type'}})) {
-             "Unknown source type - client from: '$ip'; CN(AN): $alt_names; used source_type: '$source_type'",
+        sendMsg("err",
-             "Unknown source type '$source_type'");
+                "Unknown source type from [IP '$ip'; CN(AN): $alt_names; Service: '$service'; Source_type: '$source_type']",
+                "Unknown source type: '$source_type'");
+      }
+    }
    # http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571
-    } elsif ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
+    if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
-      sendMsg("err",
-             "Unknown detected time format - client from: '$ip'; CN(AN): $alt_names; used detected: '$detected'",
-             "Unknown detected time format '$detected'");
-    } elsif ($target_port !~ /^\d+\z/ && defined $target_port) {
-      sendMsg("err",
-             "Unknown target port - client from: '$ip'; CN(AN): $alt_names; used target_port: '$target_port'",
-             "Unknown target port '$target_port'");
-    } elsif ($attack_scale !~ /^\d+\z/ && defined $attack_scale) {
      sendMsg("err",
-             "Unknown attack scale - client from: '$ip'; CN(AN): $alt_names; used attack_scale: '$attack_scale'",
+              "Unknown detected time format from [IP: '$ip'; CN(AN): $alt_names; Service: '$service'; Detected: '$detected']",
-             "Unknown attack scale '$attack_scale'");
+              "Unknown detected time format: '$detected'");
-    } elsif ($priority !~ /^\d+\z/ && defined $priority) {
+    }
-      sendMsg("err",
+    if ($target_port !~ /^\d+\z/) { $target_port = undef }
-             "Unknown priority - client from: '$ip'; CN(AN): $alt_names; used priority: '$priority'",
+    if ($attack_scale !~ /^\d+\z/) { $attack_scale = undef }
-             "Unknown priority '$priority'");
+    if ($priority !~ /^\d+\z/) { $priority = undef }
-    } elsif ($timeout !~ /^\d+\z/ && defined $timeout) {
+    if ($timeout !~ /^\d+\z/) { $timeout = undef }
-      sendMsg("err",
+    $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
-             "Unknown timeout - client from: '$ip'; CN(AN): $alt_names; used timeout: '$timeout'",
+    if (!defined $sth) {
-             "Unknown timeout '$timeout'");
-    } else {
-      $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
-      if (!defined $sth) {
        sendMsg("err",
-	       "Cannot prepare statement in function '$function_name': $DBH->errstr",
+                "Cannot prepare statement in function '$function_name': $DBH->errstr",
-	       "Internal 'prepare' server error");
+                "Internal 'prepare' server error");
-      }
-      $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
-      return 1;
    }
+    $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
+    return 1;
  }
 } # END of saveNewEvent
@@ -366,11 +355,11 @@ sub getNewEvents
    if (scalar @events != 0) {
      if (scalar @ids == 1) {
        sendMsg("info",
-	       "Sent 1 event [#$ids[0]] to '$ip' [CN(AN): $alt_names], client_limit: '$max_rcv_events_limit', requested_type: '$requested_type'",
+	       "Sent 1 event [#$ids[0]] to [IP: '$ip'; CN(AN): $alt_names; Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
 	        undef);
      } else {
        sendMsg("info",
-	       "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to '$ip' [CN(AN): $alt_names], client_limit: '$max_rcv_events_limit', requested_type: '$requested_type'",
+	       "Sent " . scalar @ids . " events [#$ids[0] - #$ids[-1]] to [IP: '$ip'; CN(AN): $alt_names, Client_limit: '$max_rcv_events_limit', Requested_type: '$requested_type']",
 	        undef);
      }
    }
@@ -417,8 +406,8 @@ sub registerSender
  if ($local_ip ne $ip) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
+           "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
-           "Access denied - access allowed only from localhost");
+           "Access denied - access allowed only from 'localhost'");
  } else {
    # defined variables by method
    my $client_type 		= "s";
@@ -446,8 +435,8 @@ sub registerSender
    # register new sender
    if (defined $result) {
      sendMsg("err",
-             "Attempt to re-register the sender: {hostname: '$hostname', service: '$service', cidr: '$ip_net_client'}",
+             "Attempt to re-register sender [Hostname: '$hostname', Service: '$service', CIDR: '$ip_net_client'] from '$ip'",
-             "Sender has been already registered at $ENV{'SERVER_NAME'} in '$result'");
+             "Sender has been already registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
    } else {
      $sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
      if (!defined $sth) {
@@ -457,7 +446,7 @@ sub registerSender
      }
      $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
        sendMsg("info",
-	       "New sender '$hostname' {service: '$service', cidr: '$ip_net_client'} was registered at $ENV{'SERVER_NAME'}",
+	       "New sender [Hostname: '$hostname', Service: '$service', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
 	        undef);
      return 1;
    }
@@ -482,8 +471,8 @@ sub registerReceiver
  if ($local_ip ne $ip) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
+           "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): '$cn'] - access allowed only from 'localhost'",
-           "Access denied - access allowed only from localhost");
+           "Access denied - access allowed only from 'localhost'");
  } else {
    # variables defined by method
    my $client_type		= "r";
@@ -511,8 +500,8 @@ sub registerReceiver
    # register new receiver
    if (defined $result) {
      sendMsg("err",
-             "Attempt to re-register the receiver: {hostname: '$hostname', type: '$type', cidr: '$ip_net_client'}",
+             "Attempt to re-register receiver [Hostname: '$hostname', Type: '$type', CIDR: '$ip_net_client'] from '$ip'",
-             "Receiver has already been registered at $ENV{'SERVER_NAME'} in '$result'");
+             "Receiver has already been registered at Warden server '$ENV{'SERVER_NAME'}' in '$result'");
    } else {
      $sth = $DBH->prepare("INSERT INTO clients VALUES (?,?,?,?,?,?,?,?,?,?);");
      if (!defined($sth)) {
@@ -522,7 +511,7 @@ sub registerReceiver
      }
      $sth->execute(undef, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
      sendMsg("info",
-             "New receiver '$hostname' {type: '$type', cidr: '$ip_net_client'} was registered at $ENV{'SERVER_NAME'}",
+             "New receiver [Hostname: '$hostname', Type: '$type', CIDR: '$ip_net_client'] has been registered at Warden server '$ENV{'SERVER_NAME'}'",
 	      undef);
      return 1;
    }
@@ -547,27 +536,27 @@ sub unregisterClient
  if ($local_ip ne $ip) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
+           "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
-           "Access denied - access allowed only from localhost");
+           "Access denied - access allowed only from 'localhost'");
  } else {
    # parse SOAP data oject
    my $client_id	= $data->{'CLIENT_ID'};
    # check if receiver has been already registered
-    $sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = ? LIMIT 1;");
+    $sth = $DBH->prepare("SELECT client_id, hostname, service, type, client_type FROM clients WHERE client_id = ? LIMIT 1;");
    if (!defined $sth) {
      sendMsg("err",
             "Cannot prepare statement in function '$function_name': $DBH->errstr",
 	     "Internal 'prepare' server error");
    }
    $sth->execute($client_id);
-    my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
+    my ($id, $hostname, $service, $type, $client_type) = $sth->fetchrow();
    # delete registered client
    if (!defined $id) {
      sendMsg("err",
-             "Attempt to delete unregister client '$id', '$hostname', '$service', '$client_type'",
+             "Attempt to delete unregister client [Client_id: $id, Hostname: '$hostname', Service: '$service', Type: '$type', Client_type: '$client_type']",
-             "Client (#$client_id) is not registered at $ENV{'SERVER_NAME'}");
+             "Client (#$client_id) is not registered at Warden server '$ENV{'SERVER_NAME'}'");
    } else {
      if ($client_type eq 's') {
        $sth = $DBH->prepare("DELETE FROM clients WHERE client_id = ?;");
@@ -586,7 +575,7 @@ sub unregisterClient
 	}
 	$sth->execute($hostname, $service);
        sendMsg("info",
-	       "Sender '$hostname' (client_id: '$client_id', service: '$service') was deleted and its data were invalidated",
+	       "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted from Warden server '$ENV{'SERVER_NAME'}' and its data were invalidated",
 	       undef);
        return 1;
      } else {
@@ -598,7 +587,7 @@ sub unregisterClient
 	}
 	$sth->execute($client_id);
        sendMsg("info",
-	       "Receiver '$hostname' (client_id: '$client_id') was deleted from $ENV{'SERVER_NAME'}",
+	       "Receiver [Client_id: '$client_id', Hostname: '$hostname', Type: '$type'] has been deleted from Warden server '$ENV{'SERVER_NAME'}'",
 	        undef);
        return 1;
      }
@@ -623,8 +612,8 @@ sub getClients
  if ($local_ip ne $ip) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
+           "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
-           "Access denied - access allowed only from localhost");
+           "Access denied - access allowed only from 'localhost'");
  } else {
    my (@clients, $client);
    my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
@@ -664,7 +653,7 @@ sub getClients
    }
    my $sum = scalar @clients;
    sendMsg("info",
-           "Sending information about '$sum' registered clients from $ENV{'SERVER_NAME'}",
+           "Sent information about $sum registered clients from Warden server '$ENV{'SERVER_NAME'}'",
 	    undef);
    return @clients;
  }
@@ -690,8 +679,8 @@ sub getStatus
  if ($local_ip ne $ip) {
    sendMsg("err",
-           "Unauthorized access to function '$function_name' from: '$ip' ('$cn') - access allowed only from localhost",
+           "Unauthorized access to function '$function_name' from [IP: '$ip', CN(AN): '$cn'] - access allowed only from 'localhost'",
-           "Access denied - access allowed only from localhost");
+           "Access denied - access allowed only from 'localhost'");
  } else {
    my ($sth, @status);
@@ -810,7 +799,7 @@ sub getStatus
      }
    }
    sendMsg("info",
-           "Sent warden server status info from $ENV{'SERVER_NAME'}",
+           "Server status info sent from Warden server '$ENV{'SERVER_NAME'}'",
 	    undef);
    return @status;
  }