diff --git a/src/warden-server/bin/getStatus.pl b/src/warden-server/bin/getStatus.pl
index 7dd8afbbaee3bd9e14988cf3d896c626e9d295fd..51f1dcebdd2300781ac13db5f112d6d6406d631d 100755
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -200,7 +200,9 @@ if (!defined $clients_sum_invalid) {
# Statistics of active registered senders
my $hash_ref;
if ($clients_sum != 0) {
- $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+# $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.hostname=clients.hostname AND events.service=clients.service) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth = $dbh->prepare("SELECT clients.client_id, clients.hostname, clients.service, count(*), max(received) FROM events LEFT JOIN clients ON (events.client_id=clients.client_id) WHERE clients.valid='t' AND events.valid='t' GROUP BY client_id;") or die "Cannot prepare statement: " . $dbh->errstr;
+
$sth->execute or die "Cannot execute statement: " . $sth->errstr;
my ($client_id, $hostname, $service, $count, $timestamp, $client_status);
$hash_ref = $sth->fetchall_hashref("client_id");
diff --git a/src/warden-server/bin/unregisterClient.pl b/src/warden-server/bin/unregisterClient.pl
index aeb0d53036e6198f9675f6c97d3dfb3a6f2eac20..25876ab437f9a6d690b3fff73f94374f2576e2d1 100755
--- a/src/warden-server/bin/unregisterClient.pl
+++ b/src/warden-server/bin/unregisterClient.pl
@@ -122,8 +122,8 @@ if (!defined $id) {
$sth = $dbh->prepare("UPDATE clients SET valid = 'f' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
my $ret_val = $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
if ($ret_val == 1) {
- $sth = $dbh->prepare("UPDATE events SET valid = 'o' where hostname = ? AND service = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
- $sth->execute($hostname, $service) or die "Cannot execute statement: " . $sth->errstr;
+ $sth = $dbh->prepare("UPDATE events SET valid = 'o' WHERE client_id = ?;") or die "Cannot prepare statement: " . $dbh->errstr;
+ $sth->execute($client_id) or die "Cannot execute statement: " . $sth->errstr;
# log message until after invalidate all events
sendMsg("info", "Sender [Client_id: '$client_id', Hostname: '$hostname', Service: '$service'] has been deleted and its data were invalidated from Warden server '$warden_server'");
WardenCommon::succMsg("Unregistration of sender (#$client_id) was SUCCESSFUL!!!");
diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index 37593b132d847794b33a9f091a70a90b0154adf4..a0569698da3bda5ec3144adc90f86749d225dc28 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -108,13 +108,13 @@ sub authorizeClient
# obtain cidr based on rigth common name and alternate names, service and client_type
if($function_name eq 'saveNewEvent') {
- $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
} elsif($function_name eq 'getNewEvents') {
- $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
} elsif($function_name eq 'getClientInfo') {
- $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
} elsif($function_name eq 'getLastId') {
- $sth = $DBH->prepare("SELECT client_id, hostname, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
+ $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
}
# check db handler
@@ -132,18 +132,16 @@ sub authorizeClient
}
# obtain registration info about clients
- my ($client_id, $an, $cidr, $receive_own, $cidr_list);
+ my ($client_id, $ip_net_client, $receive_own, $ip_net_client_list);
my $correct_ip_source = 0;
my %ret;
- while(($client_id, $an, $cidr, $receive_own) = $sth->fetchrow()) {
- my $cidr_list = Net::CIDR::Lite->new->add($cidr);
+ while(($client_id, $ip_net_client, $receive_own) = $sth->fetchrow()) {
+ my $ip_net_client_list = Net::CIDR::Lite->new->add($ip_net_client);
$ret{'client_id'} = $client_id;
- $ret{'dns'} = $an;
- $ret{'cidr'} = $cidr;
$ret{'receive_own'} = $receive_own;
- if ($cidr_list->bin_find($ip)) {
+ if ($ip_net_client_list->bin_find($ip)) {
$correct_ip_source = 1;
last;
}
@@ -160,8 +158,8 @@ sub authorizeClient
# check if client has IP from registered CIDR
if (!$correct_ip_source) {
sendMsg ("err",
- "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access to Warden server '$ENV{'SERVER_NAME'}' from another subnet than '$ret{'cidr'}'",
- "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet '$ret{'cidr'}'");
+ "Unauthorized access to function '$function_name' from [IP: '$ip'; CN(AN): $alt_names; Client_type: '$client_type'; Service/Type: '$service_type'] - access to Warden server '$ENV{'SERVER_NAME'}' from another subnet than '$ip_net_client'",
+ "Access denied - access to Warden server '$ENV{'SERVER_NAME'}' from unauthorized subnet '$ip_net_client'");
return undef;
}
@@ -180,7 +178,7 @@ sub authorizeClient
sub saveNewEvent
{
my ($class, $data) = @_;
- my ($sth, $cidr_list);
+ my $sth;
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -254,13 +252,13 @@ sub saveNewEvent
undef);
}
- $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
+ $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",
"Internal 'prepare' server error");
}
- $sth->execute(undef, $client{'dns'}, $service, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid);
+ $sth->execute(undef, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid, $client{'client_id'});
return 1;
}
} # END of saveNewEvent
@@ -272,8 +270,8 @@ sub saveNewEvent
sub getNewEvents
{
my ($class, $data) = @_;
- my ($sth, @events, $event, @ids, $cidr_list);
- my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
+ my ($sth, @events, $event, @ids);
+ my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $client_id);
# client network information
my $cn = $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -340,21 +338,25 @@ sub getNewEvents
}
}
- # parse items of events stored in DB
+ # obtain items of events stored in events table
while (my @result = $sth->fetchrow()) {
$id = $result[0];
- $hostname = $result[1];
- $service = $result[2];
- $detected = $result[3];
- $type = $result[5];
- $source_type = $result[6];
- $source = $result[7];
- $target_proto = $result[8];
- $target_port = $result[9];
- $attack_scale = $result[10];
- $note = $result[11];
- $priority = $result[12];
- $timeout = $result[13];
+ $detected = $result[1];
+ $type = $result[3];
+ $source_type = $result[4];
+ $source = $result[5];
+ $target_proto = $result[6];
+ $target_port = $result[7];
+ $attack_scale = $result[8];
+ $note = $result[9];
+ $priority = $result[10];
+ $timeout = $result[11];
+ $client_id = $result[13];
+
+ # obtain hostname and service of events based on client_id from clients table
+ $sth = $DBH->prepare("SELECT hostname, service FROM clients WHERE client_id = ?;");
+ $sth->execute($client_id);
+ ($hostname, $service) = $sth->fetchrow();
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
@@ -447,7 +449,7 @@ sub getClientInfo
my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
if (defined %client) {
- my $sth = $DBH->prepare("SELECT * FROM clients ORDER BY client_id ASC;");
+ my $sth = $DBH->prepare("SELECT * FROM clients WHERE valid = 't' ORDER BY client_id ASC;");
if (!defined $sth) {
sendMsg("err",
"Cannot prepare statement in function '$function_name': $DBH->errstr",