#!/usr/bin/perl -w
#
# warden-server.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the Cesnet z.s.p.o nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# This software is provided ``as is'', and any express or implied
# warranties, including, but not limited to, the implied warranties of
# merchantability and fitness for a particular purpose are disclaimed.
# In no event shall the Cesnet z.s.p.o or contributors be liable for
# any direct, indirect, incidental, special, exemplary, or consequential
# damages (including, but not limited to, procurement of substitute
# goods or services; loss of use, data, or profits; or business
# interruption) however caused and on any theory of liability, whether
# in contract, strict liability, or tort (including negligence or
# otherwise) arising in any way out of the use of this software, even
# if advised of the possibility of such damage.
package Warden;
use strict;
#use SOAP::Lite;
#use SOAP::Transport::TCP;
#use SOAP::Transport::HTTP;
#use File::Pid;
#use POSIX;
use DBI;
use DBD::mysql;
use Format::Human::Bytes;
use Sys::Syslog qw(:DEFAULT setlogsock);
Sys::Syslog::setlogsock('unix');
use File::Basename;
#use FindBin;
#use Data::Dumper;
use Net::CIDR::Lite;
use DateTime;
#use Crypt::OpenSSL::X509;
use MIME::Base64;
use Crypt::X509;
our $VERSION = "0.1";
################################################################################
# CONFIG FILE VARIABLES
################################################################################
#my $script_name = $FindBin::Script;
my $conf_file = "/opt/warden-server/etc/warden-server.conf";
#
## first declaration of globa variables from config file
#our $ADDRESS = undef;
#our $PORT = undef;
#our $LOGDIR = undef;
#our $PIDDIR = undef;
#our $VARDIR = undef;
#our $SSL_KEY_FILE = undef;
#our $SSL_CERT_FILE = undef;
#our $SSL_CA_FILE = undef;
our $FACILITY = undef;
#DB options
our $DB_NAME = undef;
our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
#
#$ADDRESS = "147.228.52.72";
##
###-------------------------------------------------------------------------------
### PORT - used TCP port for Warden server
###-------------------------------------------------------------------------------
#$PORT = "8889";
##
###-------------------------------------------------------------------------------
### BASEDIR - base directory of Warden server
###-------------------------------------------------------------------------------
#our $BASEDIR = "/opt/warden-server/";
##
###-------------------------------------------------------------------------------
### VARDIR - var directory
###-------------------------------------------------------------------------------
#$VARDIR = "$BASEDIR/var/";
##
###-------------------------------------------------------------------------------
### LOGDIR - logging directory
###-------------------------------------------------------------------------------
#$LOGDIR = "/var/log/";
##
###-------------------------------------------------------------------------------
### PIDDIR - process ID directory
###-------------------------------------------------------------------------------
#$PIDDIR = "/var/run/";
##
##
##
## read config file
if ( ! open( TMP, $conf_file) ) {
die errMsg("Can't read config file '$conf_file': $!\n");
}
close TMP;
# load set variables by user
if ( !do $conf_file ) {
die errMsg("Errors in config file '$conf_file': $@");
}
#
################################################################################
# VARIABLES
################################################################################
#my $die_now = 0;
# PID path
#my $pid_file = $PIDDIR . $script_name . ".pid";
# DB file
#my $db_file = "warden.db";
#my $db = $VARDIR . $db_file;
# connect to DB - DBH is GLOBAL variable
#my $dbargs = {AutoCommit => 0, PrintError => 1};
#our $DBH = DBI->connect("dbi:SQLite:dbname=$db","","",$dbargs) or die errMsg("Can't connect to DB: $!");
our $DBH = DBI->connect("DBI:mysql:database=$DB_NAME;host=$DB_HOST", $DB_USER, $DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 0}) || die "Could not connect to database: $DBI::errstr";
#our $DBH;
################################################################################
# LOCAL FUNCTIONS
################################################################################
#-------------------------------------------------------------------------------
# errMsg - print error message and die
#-------------------------------------------------------------------------------
sub errMsg
{
my $msg = shift;
$msg = trim($msg);
print $msg . "\n";
exit 1;
} # End of errMsg
#-------------------------------------------------------------------------------
# trim - remove whitespace from the start and end of the string
#-------------------------------------------------------------------------------
sub trim
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
} # End of trim
#-------------------------------------------------------------------------------
# write2log - writing message to syslog
#-------------------------------------------------------------------------------
sub write2log
{
my $priority = shift;
my $msg = shift;
my $filename = File::Basename::basename($0);
Sys::Syslog::openlog($filename, "cons,pid", $FACILITY);
Sys::Syslog::syslog("$priority", "$msg");
Sys::Syslog::closelog();
} # End of write2log
#-------------------------------------------------------------------------------
# signalHandler - catch signals and end the program if one is caught.
#-------------------------------------------------------------------------------
#sub signalHandler
#{
# $die_now = 1; # this will cause the "infinite loop" to exit
#} # End of signalHandler
#
#
#-------------------------------------------------------------------------------
# sslErrorHandler - handle errors in SSL negitiation
#-------------------------------------------------------------------------------
#sub sslErrorHandler
#{
# my $socket = shift;
# my $msg = shift;
#
# my $ip = $socket->peerhost;
# print $socket $msg;
# $socket->close;
# write2log ("err", "Caught SSL handshake error from $ip: $msg");
# return 1;
#} # End of sslErrorHandler
#
#
#-------------------------------------------------------------------------------
# altNamesFilter - parse hostnames from subjectAltNames array for SQL
# IN operator in database query
#-------------------------------------------------------------------------------
sub altNamesFilter
{
# my $alt_names_array_ref = shift;
# my @alt_names_array = @$alt_names_array_ref;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my @an_array;
#push @an_array, $DBH->quote($CN);
# my $i = 1;
# while ($i <= scalar @alt_names_array) {
# push @an_array, $DBH->quote($alt_names_array[$i]);
# $i+=2;
# }
# my $an_filter = join(',', @an_array);
# return $an_filter;
push @an_array, "'$CN'";
my @a = split("\n", $ENV{'SSL_CLIENT_CERT'});
pop @a;
shift @a;
my $der = decode_base64(join("", @a));
my $decoded= Crypt::X509->new(cert => $der);
foreach my $tmp (@{$decoded->SubjectAltName}){
if($tmp =~ s/dNSName=//){
push @an_array, "'$tmp'";
}
}
my $an_filter = join(',', @an_array);
return $an_filter;
}
################################################################################
# SOAP Functions
################################################################################
#-----------------------------------------------------------------------------
# saveNewEvent - save new received event into database
#-----------------------------------------------------------------------------
sub saveNewEvent
{
my ($class, $data) = @_;
my ($sth, $cidr_list);
# variables defined by server
#our $IP; # IP address of sender
#our $CN; # common name of sender
#our $AN_FILTER; # alternate names of sender
# my @alt_names_array = $socket->peer_certificate("subjectAltNames");
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $AN_FILTER = altNamesFilter(undef);
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
my $cn_db = $DBH->quote($CN);
# variables defined by server
my $client_type = "s"; # incoming client MUST be sender
my $client_type_db = $DBH->quote($client_type);
my $valid = "t"; # registered sender has valid events
my $valid_db = $DBH->quote($valid);
my $received = DateTime->now; # time of event delivery (UTC)
my $received_db = $DBH->quote($received);
## parse object (event) parameters
my $service = $data->{'SERVICE'};
my $service_db = $DBH->quote($service);
my $detected = $data->{'DETECTED'};
my $detected_db = $DBH->quote($detected);
my $type = $data->{'TYPE'};
my $type_db = $DBH->quote($type);
my $source_type = $data->{'SOURCE_TYPE'};
my $source_type_db = $DBH->quote($source_type);
my $source = $data->{'SOURCE'};
my $source_db = $DBH->quote($source);
my $target_proto = $data->{'TARGET_PROTO'};
my $target_proto_db = $DBH->quote($target_proto);
my $target_port = $data->{'TARGET_PORT'};
my $target_port_db = $DBH->quote($target_port);
my $attack_scale = $data->{'ATTACK_SCALE'};
my $attack_scale_db = $DBH->quote($attack_scale);
my $note = $data->{'NOTE'};
my $note_db = $DBH->quote($note);
my $priority = $data->{'PRIORITY'};
my $priority_db = $DBH->quote($priority);
my $timeout = $data->{'TIMEOUT'};
my $timeout_db = $DBH->quote($timeout);
# Authorization of incomming client
#-----------------------------------------------------------------------------
# obtain cidr based on rigth common name and alternate names, service and client_type
$sth = $DBH->prepare("SELECT hostname, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND service = $service_db AND client_type = $client_type_db LIMIT 1;");
if ( !defined $sth ) {die("Cannot prepare authorization statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my ($an, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($IP)) {
write2log ("err", "Unauthorized access to saveNewEvent from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from bad subnet!");
} else {
# insert new event
$DBH->do("INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
if ($DBH->err()) {die("Cannot do insert statement in saveNewEvent: $DBI::errstr\n")}
#$DBH->commit();
# log last inserted ID
$sth = $DBH->prepare("SELECT last_insert_id()");
if ( !defined $sth ) {die("Cannot prepare last ID statement in saveNewEvent: $DBI::errstr\n")}
$sth->execute;
my $id= $sth->fetchrow();
write2log ("info", "Stored new event (#$id) from $IP (CN: $CN; AN: )");
if (! defined $id) {
write2log ("err", "Event from $IP ($CN) was not save: INSERT INTO events VALUES (null,$cn_db,$service_db,$detected_db,$received_db,$type_db,$source_type_db,$source_db,$target_proto_db,$target_port_db,$attack_scale_db,$note_db,$priority_db,$timeout_db,$valid_db);");
die("Event was not save at warden server - database return empty ID!");
return 0;
} else {
return 1;
}
}
#$DBH->disconnect();
} # END of saveNewEvent
#-----------------------------------------------------------------------------
# getNewEvents - get new events from the DB greater than received ID
#-----------------------------------------------------------------------------
sub getNewEvents
{
my ($class, $data) = @_;
my ($sth, @events, $event, @ids);
my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout);
# variables defined by server
#our $IP; # IP address of receiver
#our $CN; # common name of receiver
#our $AN_FILTER; # alternate name of receiver
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $AN_FILTER = altNamesFilter(undef);
my $IP = $ENV{'REMOTE_ADDR'};
my $cn_db = $DBH->quote($CN);
my $client_type = "r"; # incoming client MUST be sender
my $client_type_db = $DBH->quote($client_type);
my $cidr_list;
# parse SOAP data object
my $requested_type = $data->{'REQUESTED_TYPE'};
my $requested_type_db = $DBH->quote($requested_type);
my $last_id = $data->{'LAST_ID'};
my $last_id_db = $DBH->quote($last_id);
# Authorization of incomming client
#-----------------------------------------------------------------------------
# obtain cidr based on rigth common name, service and client_type
$sth = $DBH->prepare("SELECT hostname, receive_own_events, ip_net_client FROM clients WHERE hostname IN ($AN_FILTER) AND type = $requested_type_db AND client_type = $client_type_db limit 1;");
if ( !defined $sth ) {die("Cannot prepare authorization statement in getNewEvents: $DBI::errstr\n")}
$sth->execute;
my ($an, $receive_own_events, $cidr) = $sth->fetchrow();
# check if client is registered
if (!defined $cidr) {
write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - client is not registered");
die("Access denied - client is not registered at warden server!");
} else {
$cidr_list = Net::CIDR::Lite
-> new
-> add($cidr);
}
# check if client has IP from registered CIDR
if (!$cidr_list->bin_find($IP)) {
write2log ("err", "Unauthorized access to getNewEvents from: $IP (CN: $CN; AN: $an) - access from bad subnet: $cidr");
die("Access denied - access from bad subnet!");
} else {
# check if client want your own events or not
if ($receive_own_events eq 't') {
write2log("info", "SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' ORDER BY id ASC;");
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' ORDER BY id ASC;");
} else {
my ($domain) = $CN =~ /([^\.]+\.[^\.]+)$/;
my $domain_db = $DBH->quote("%$domain");
write2log("info", "SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' AND hostname NOT LIKE $domain_db ORDER BY id ASC;");
$sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > $last_id_db AND type = $requested_type_db AND valid = 't' AND hostname NOT LIKE $domain_db ORDER BY id ASC;");
}
if ( !defined $sth ) { die("Cannot prepare statement in getNewEvents: $DBI::errstr\n") }
$sth->execute;
# parse items of events stored in DB
while (my @result = $sth->fetchrow()) {
$id = $result[0];
$hostname = $result[1];
$service = $result[2];
$detected = $result[3];
$type = $result[5];
$source_type = $result[6];
$source = $result[7];
$target_proto = $result[8];
$target_port = $result[9];
$attack_scale = $result[10];
$note = $result[11];
$priority = $result[12];
$timeout = $result[13];
# create SOAP data object
$event = SOAP::Data->name(event => \SOAP::Data->value(
SOAP::Data->name(ID => $id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(DETECTED => $detected),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(SOURCE_TYPE => $source_type),
SOAP::Data->name(SOURCE => $source),
SOAP::Data->name(TARGET_PROTO => $target_proto),
SOAP::Data->name(TARGET_PORT => $target_port),
SOAP::Data->name(ATTACK_SCALE => $attack_scale),
SOAP::Data->name(NOTE => $note),
SOAP::Data->name(PRIORITY => $priority),
SOAP::Data->name(TIMEOUT => $timeout)
));
push(@events, $event);
push(@ids, $id);
}
# log sent ID of events
if (scalar(@events) != 0) {
write2log("info", "Sent events with ID: [@ids] to $IP (CN: $CN; AN: $an)");
}
return @events;
}
} # END of getNewEvents
#
##-----------------------------------------------------------------------------
## getLastId - get lastest saved event ID
##-----------------------------------------------------------------------------
sub getLastId
{
my ($class, $arg) = @_;
my $sth = $DBH->prepare("SELECT max(id) FROM events;");
if ( !defined $sth ) { die("Cannot prepare statement in getLastId: $DBI::errstr\n") }
$sth->execute;
my $result = $sth->fetchrow();
return $result;
} # END of getLastID
##-----------------------------------------------------------------------------
## registerSender - register new sender
##-----------------------------------------------------------------------------
sub registerSender
{
my ($class, $data) = @_;
my $sth;
#our $IP;
#our $LOCAL_IP;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to registerSender from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# defined variables by server
my $client_type = "s";
my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
my $registered_db = $DBH->quote($registered);
my $type = "null";
my $type_db = $DBH->quote($type);
my $receive_own_events = "null";
my $receive_own_events_db = $DBH->quote($receive_own_events);
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
my $requestor_db = $DBH->quote($requestor);
my $service = $data->{'SERVICE'};
my $service_db = $DBH->quote($service);
my $description_tags = $data->{'DESCRIPTION_TAGS'};
my $description_tags_db = $DBH->quote($description_tags);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if sender has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in registerSender: $DBI::errstr\n")}
$sth->execute;
my $result = $sth->fetchrow();
# register new sender
if (defined $result) {
write2log ("err", "Attempt to re-register the sender");
die("Error - sender has already been registered at $result");
} else {
$DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
if ($DBH->err()) {die("Cannot do statement in registerSender: $DBI::errstr\n")}
#$DBH->commit();
write2log("info", "New sender $hostname (service: $service, cidr: $ip_net_client) was registered");
return 1;
}
}
} # END of registerSender
##-----------------------------------------------------------------------------
## registerReceiver - register new receiver
##-----------------------------------------------------------------------------
sub registerReceiver
{
my ($class, $data) = @_;
my $sth;
#our $IP;
#our $LOCAL_IP;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to registerReceiver from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# variables defined by server
my $client_type = "r";
my $client_type_db = $DBH->quote($client_type);
my $registered = DateTime->now;
my $registered_db = $DBH->quote($registered);
my $service = "null";
my $service_db = $DBH->quote($service);
my $description_tags = "null";
my $description_tags_db = $DBH->quote($description_tags);
# parse SOAP data oject
my $hostname = $data->{'HOSTNAME'};
my $hostname_db = $DBH->quote($hostname);
my $requestor = $data->{'REQUESTOR'};
my $requestor_db = $DBH->quote($requestor);
my $type = $data->{'TYPE'};
my $type_db = $DBH->quote($type);
my $receive_own_events = $data->{'RECEIVE_OWN_EVENTS'};
my $receive_own_events_db = $DBH->quote($receive_own_events);
my $ip_net_client = $data->{'IP_NET_CLIENT'};
my $ip_net_client_db = $DBH->quote($ip_net_client);
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT registered FROM clients WHERE hostname = $hostname_db AND requestor = $requestor_db AND service = $service_db AND client_type = $client_type_db AND type = $type_db AND receive_own_events = $receive_own_events_db AND description_tags = $description_tags_db AND ip_net_client = $ip_net_client_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in registerReceiver: $DBI::errstr\n")}
$sth->execute;
my $result = $sth->fetchrow();
# register new receiver
if (defined $result) {
write2log ("err", "Attempt to re-register the receiver");
die("Error - receiver has already been registered at $result");
} else {
$DBH->do("INSERT INTO clients VALUES (null,$hostname_db,$registered_db,$requestor_db,$service_db,$client_type_db,$type_db,$receive_own_events_db,$description_tags_db,$ip_net_client_db);");
if ($DBH->err()) {die("Cannot do statement in registerReceiver: $DBI::errstr\n")}
#$DBH->commit();
write2log("info", "New receiver $hostname (type: $type, cidr: $ip_net_client: receive_own_events: $receive_own_events) was registered");
return 1;
}
}
} # END of registerReceiver
#-----------------------------------------------------------------------------
# unregisterClient - unregister client
#-----------------------------------------------------------------------------
sub unregisterClient
{
my ($class, $data) = @_;
my $sth;
#our $IP;
#our $LOCAL_IP;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to unregisterClients from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
# parse SOAP data oject
my $client_id = $data->{'CLIENT_ID'};
my $client_id_db = $DBH->quote($client_id);
# check if receiver has been already registered
$sth = $DBH->prepare("SELECT client_id, hostname, service, client_type FROM clients WHERE client_id = $client_id_db;");
if ( !defined $sth ) {die("Cannot prepare check statement in unregisterClient: $DBI::errstr\n")}
$sth->execute;
my ($id, $hostname, $service, $client_type) = $sth->fetchrow();
my $hostname_db = $DBH->quote($hostname);
my $service_db = $DBH->quote($service);
# delete registered client
if (!defined $id) {
write2log ("err", "Attempt to delete unregister client");
die("Error - client (#$client_id) is not registered");
} else {
if ($client_type eq 's') {
$DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
if ($DBH->err()) {die("Cannot do delete statement of sender in unregisterClient: $DBI::errstr\n")}
#$DBH->commit();
$DBH->do("UPDATE events SET valid = 'f' where hostname = $hostname_db AND service = $service_db;");
if ($DBH->err()) {die("Cannot do unvalidation statement in unregisterClient: $DBI::errstr\n")}
#$DBH->commit();
write2log("info", "Sender $hostname (client_id: $client_id, service: $service) was deleted and its data were invalidated" );
return 1;
} else {
$DBH->do("DELETE FROM clients WHERE client_id = $client_id_db;");
if ($DBH->err()) {die("Cannot do delete statement of receiver in unregisterClient: $DBI::errstr\n")}
#$DBH->commit();
write2log("info", "Receiver $hostname (client_id: $client_id) was deleted" );
return 1;
}
}
}
} # END of unregisterClient
#-----------------------------------------------------------------------------
# getClients - get list of clients which were registered at warden server
#-----------------------------------------------------------------------------
sub getClients
{
my ($class, $arg) = @_;
#our $IP;
#our $LOCAL_IP;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to getClients from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my (@clients, $client);
my ($client_id, $hostname, $registered, $requestor, $service, $client_type, $type, $receive_own_events, $description_tags, $ip_net_client);
my $sth = $DBH->prepare("SELECT * FROM clients;");
if (!defined $sth) { die("Cannot prepare statement in getClients: $DBI::errstr\n") }
$sth->execute;
while ( my @result = $sth->fetchrow() ) {
$client_id = $result[0];
$hostname = $result[1];
$registered = $result[2];
$requestor = $result[3];
$service = $result[4];
$client_type = $result[5];
$type = $result[6];
$receive_own_events = $result[7];
$description_tags = $result[8];
$ip_net_client = $result[9];
$client = SOAP::Data->name(client => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(REGISTERED => $registered),
SOAP::Data->name(REQUESTOR => $requestor),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(CLIENT_TYPE => $client_type),
SOAP::Data->name(TYPE => $type),
SOAP::Data->name(RECEIVE_OWN_EVENTS => $receive_own_events),
SOAP::Data->name(DESCRIPTION_TAGS => $description_tags),
SOAP::Data->name(IP_NET_CLIENT => $ip_net_client),
));
push(@clients, $client);
}
my $sum = scalar @clients;
write2log("info", "Sending information about $sum registered clients");
return @clients;
}
} # END of getClients
#-----------------------------------------------------------------------------
# getStatus - get list of status items of warden server
#-----------------------------------------------------------------------------
sub getStatus
{
my ($class, $arg) = @_;
#our $IP;
#our $LOCAL_IP;
#our $CN;
my $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
my $IP = $ENV{'REMOTE_ADDR'};
my $LOCAL_IP = $ENV{'SERVER_ADDR'};
if ($LOCAL_IP ne $IP) {
write2log ("err", "Unauthorized access to getStatus from: $IP ($CN) - access allowed only from localhost");
die("Access denied - access allowed only from localhost!");
} else {
my ($sth, @status);
# size of database events
#my $db_size = Format::Human::Bytes::base10(-s $db);
$sth = $DBH->prepare("SELECT data_length + index_length FROM information_schema.TABLES WHERE table_schema = ? AND TABLE_NAME = ?");
$sth->execute("warden", "events");
my $db_size_db = $sth->fetchrow();
my $db_size = (defined $db_size_db ? Format::Human::Bytes::base10($db_size_db) : "none");
# sum of records in table events
$sth = $DBH->prepare("SELECT count(*) FROM events WHERE valid = 't';");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_sum = $sth->fetchrow();
if (!defined $events_sum) { $events_sum = "none" }
# id of last record in table events
$sth = $DBH->prepare("SELECT max(id) FROM events;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_id = $sth->fetchrow();
if (!defined $events_last_id) { $events_last_id = "none" }
# timestamp of first record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT min(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_first_timestamp = $sth->fetchrow();
if (!defined $events_first_timestamp) { $events_first_timestamp = "none" }
# timestamp of last record in table events
$sth = $DBH->prepare("SELECT received FROM events WHERE id = (SELECT max(id) FROM events);");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $events_last_timestamp = $sth->fetchrow();
if (!defined $events_last_timestamp) { $events_last_timestamp = "none" }
# sum of records in table clients
$sth = $DBH->prepare("SELECT count(*) FROM clients;");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my $clients_sum = $sth->fetchrow();
if (!defined $clients_sum) { $clients_sum = "none" }
my $server_status = SOAP::Data->name(server_status => \SOAP::Data->value(
SOAP::Data->name(VERSION => $VERSION),
#SOAP::Data->name(ADDRESS => $ADDRESS),
#SOAP::Data->name(PORT => $PORT),
#SOAP::Data->name(LOGDIR => $LOGDIR),
#SOAP::Data->name(PIDDIR => $PIDDIR),
#SOAP::Data->name(VARDIR => $VARDIR),
#SOAP::Data->name(SSL_KEY_FILE => $SSL_KEY_FILE),
#SOAP::Data->name(SSL_CERT_FILE => $SSL_CERT_FILE),
#SOAP::Data->name(SSL_CA_FILE => $SSL_CA_FILE),
SOAP::Data->name(FACILITY => $FACILITY),
SOAP::Data->name(DB_SIZE => $db_size),
SOAP::Data->name(EVENTS_SUM => $events_sum),
SOAP::Data->name(EVENTS_LAST_ID => $events_last_id),
SOAP::Data->name(EVENTS_FIRST_TIMESTAMP => $events_first_timestamp),
SOAP::Data->name(EVENTS_LAST_TIMESTAMP => $events_last_timestamp),
SOAP::Data->name(CLIENTS_SUM => $clients_sum)
));
push(@status, $server_status);
# statistics of senders
if ($clients_sum != 0) {
$sth = $DBH->prepare("SELECT client_id, hostname, service FROM clients WHERE client_type = 's';");
if (!defined $sth) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth->execute;
my ($client_id, $hostname, $service);
my $client_status;
while(($client_id, $hostname, $service) = $sth->fetchrow()) {
my $hostname_db = $DBH->quote($hostname);
my $service_db = $DBH->quote($service);
my $sth2;
# sum of stored events
$sth2 = $DBH->prepare("SELECT count(*) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth2->execute;
my $count = $sth2->fetchrow();
if (!defined $count) {$count = "none"}
# timestamp of last stored event
$sth2 = $DBH->prepare("SELECT max(received) FROM events WHERE hostname = $hostname_db AND service = $service_db;");
if ( !defined $sth2 ) { die("Cannot prepare statement in getStatus: $DBI::errstr\n") }
$sth2->execute;
my $timestamp = $sth2->fetchrow();
if (!defined $timestamp) { $timestamp = "none" }
# create SOAP data object
$client_status = SOAP::Data->name(client_status => \SOAP::Data->value(
SOAP::Data->name(CLIENT_ID => $client_id),
SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(SERVICE => $service),
SOAP::Data->name(COUNT => $count),
SOAP::Data->name(TIMESTAMP => $timestamp),
));
push(@status, $client_status);
}
}
write2log("info", "Sent of warden server status info");
return @status;
}
} # END of getStatus
##
##
##################################################################################
### MAIN warden-server
##################################################################################
##
###-------------------------------------------------------------------------------
### Superuser controle
###-------------------------------------------------------------------------------
##my $UID = $<;
##if ($UID != 0) {
## die errMsg("You must be root for running this script!")
##}
##
###-------------------------------------------------------------------------------
### Daemonize section
###-------------------------------------------------------------------------------
##use POSIX qw(setsid);
##chdir '/';
##umask 0;
### all STDERR messages are printed on terminal
##open STDIN, '/dev/null' or die errMsg("Can't read /dev/null: $!");
##open STDOUT, '/dev/null' or die errMsg("Can't write to /dev/null: $!");
##defined( my $pid = fork ) or die errMsg("Can't fork: $!");
##exit if $pid;
##
###-------------------------------------------------------------------------------
### Dissociate this process from the controlling terminal
### that started it and stop being part of whatever
### process group this process was a part of.
###------------------------------------------------------------------------------
##POSIX::setsid() or die errMsg("Can't start a new session.");
##
###-------------------------------------------------------------------------------
### Callback signal handler for signals.
###-------------------------------------------------------------------------------
##$SIG{INT} = $SIG{TERM} = $SIG{HUP} = \&signalHandler;
##$SIG{PIPE} = 'ignore';
##
###-------------------------------------------------------------------------------
### Create pid file in /var/run/
###-------------------------------------------------------------------------------
##my $pfh = File::Pid->new( { file => $pid_file, } );
##$pfh->write or die errMsg("Can't write PID file $pid_file: $!");
##my $pid_number = $pfh->pid;
##
###-------------------------------------------------------------------------------
### Starting of Warden server
###-------------------------------------------------------------------------------
##write2log("info", "Starting WARDEN server daemon with pid $pid_number");
##
### log of warden database size
##my $db_size_human = Format::Human::Bytes::base10(-s $db);
##write2log("info", "Size of DB file ($db_file) is: $db_size_human");
##
### start TCP server
##my $server = SOAP::Transport::TCP::Server
## ->new(
## Listen => 5,
## LocalAddr => $ADDRESS,
## LocalPort => $PORT,
## Proto => "tcp",
## ReuseAddr => 1,
## SSL_verify_mode => 0x02,
## SSL_use_cert => 1,
## SSL_server => 1,
## SSL_key_file => $SSL_KEY_FILE,
## SSL_cert_file => $SSL_CERT_FILE,
## SSL_ca_file => $SSL_CA_FILE,
## SSL_error_trap =>\&sslErrorHandler,
## );
##
### check if socket exist
##$server or die errMsg("Socket error: $!");
##
### start SOAP server
##my $soap = SOAP::Server
## ->new()
## ->dispatch_to('Warden');
##
##
###-------------------------------------------------------------------------------
### Process of incoming client's requests and send response
###-------------------------------------------------------------------------------
##write2log("info", "Starting TCP and SOAP server at $ADDRESS:$PORT");
##while ($die_now != 1)
##{
## my $socket = $server->accept();
## next if (!$socket);
##
# our $CN = $ENV{'SSL_CLIENT_S_DN_CN'};
# my @alt_names_array = $socket->peer_certificate("subjectAltNames");
# our $AN_FILTER = altNamesFilter(undef);
# our $IP = $ENV{'REMOTE_ADDR'};
# our $LOCAL_IP = $ENV{'SERVER_ADDR'};
##
## # read input serialized SOAP envelope and data
## my ($request, $buf);
## while (defined($buf = <$socket>))
## {
## $request .= $buf;
## }
##
## # handle of called server function from client and send response to client
## my $response = $soap->handle($request);
## print $socket $response;
##
## $socket->close;
## undef($socket);
## undef($CN);
## undef($AN_FILTER);
## undef($IP);
## undef($LOCAL_IP);
##}
##
##
##
##################################################################################
### Cleanup section
##################################################################################
##END {
## if ($die_now == 1)
## {
## my $pid = trim(`cat $pid_file`);
## write2log("info", "Stopping WARDEN server daemon with pid $pid");
##
## # close connection to DB
## $DBH->disconnect();
##
## # remove pid file
## $pfh->remove if defined $pfh;
## }
##}
#
1;