From 83860784c1d184dd6afa680aeff2e06d65f50b8d Mon Sep 17 00:00:00 2001 From: Patrick J Cherry Date: Fri, 20 Apr 2012 14:25:47 +0100 Subject: Further tinkering involving when to Sanitize html -- now only done if the attribute has been changed. --- lib/mauve/alert.rb | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) (limited to 'lib/mauve') diff --git a/lib/mauve/alert.rb b/lib/mauve/alert.rb index 28079a2..f249913 100644 --- a/lib/mauve/alert.rb +++ b/lib/mauve/alert.rb @@ -297,6 +297,7 @@ module Mauve attributes.each do |key, val| next if html_permitted_in.include?(key) + next unless attribute_dirty?(key) next unless val.is_a?(String) attribute_set(key, Alert.remove_html(val)) @@ -304,6 +305,7 @@ module Mauve attributes.each do |key, val| next unless html_permitted_in.include?(key) + next unless attribute_dirty?(key) next unless val.is_a?(String) attribute_set(key, Alert.clean_html(val)) @@ -607,29 +609,31 @@ module Mauve end class << self - - # Removes HTML from a string + + # Removes or cleans HTML from a string # - # @param [String] txt String to clean + # + # @param [String] str String to clean + # @param [Hash] conf Sanitize::Config thingy # @return [String] - def remove_html(txt) - Sanitize.clean( - txt.to_s, - Sanitize::Config::DEFAULT - ) + def remove_html(str, conf = Sanitize::Config::DEFAULT) + raise ArgumentError, "Expected a string, got a #{str.class}" unless str.is_a?(String) + + if str =~ /<[^0-9 <&.-]/ + Sanitize.clean( str, conf ) + else + str + end end # Cleans HTML in a string, removing dangerous elements/contents. # - # @param [String] txt String to clean + # @param [String] str String to clean # @return [String] - def clean_html(txt) - Sanitize.clean( - txt.to_s, - Sanitize::Config::RELAXED.merge({:remove_contents => true}) - ) + def clean_html(str) + remove_html(str, Sanitize::Config::RELAXED.merge({:remove_contents => true})) end - + # All alerts currently raised # # @return [Array] @@ -725,7 +729,7 @@ module Mauve # Make sure there is no HTML in the update source. Need to do this # here because we use the html-free version in the database save hook. # - update.source = Alert.remove_html(update.source) + update.source = Alert.remove_html(update.source.to_s) # Update each alert supplied # @@ -749,7 +753,7 @@ module Mauve # because of the database save hook will clear it out, causing this # search to fail. # - alert.id = Alert.remove_html(alert.id) + alert.id = Alert.remove_html(alert.id.to_s) alert_db = first(:alert_id => alert.id, :source => update.source) || new(:alert_id => alert.id, :source => update.source) -- cgit v1.2.1 From 99073c56f03ff3978e6106c9760ec389ef6c3745 Mon Sep 17 00:00:00 2001 From: Patrick J Cherry Date: Fri, 20 Apr 2012 14:48:09 +0100 Subject: Added configuration options to disable the notification/packet buffers. --- lib/mauve/configuration_builders/server.rb | 7 +++ lib/mauve/notifier.rb | 19 ++++--- lib/mauve/processor.rb | 82 +++++++++++++++--------------- lib/mauve/server.rb | 50 +++++++++++++++--- 4 files changed, 103 insertions(+), 55 deletions(-) (limited to 'lib/mauve') diff --git a/lib/mauve/configuration_builders/server.rb b/lib/mauve/configuration_builders/server.rb index e3654b9..feb75b8 100644 --- a/lib/mauve/configuration_builders/server.rb +++ b/lib/mauve/configuration_builders/server.rb @@ -163,6 +163,13 @@ module Mauve # The period of sleep during which no heartbeats are raised. # is_attribute "initial_sleep" + + # + # The next two attributes determine if packet/notitication bufferes are + # used. These both default to "true" + # + is_attribute "use_packet_buffer" + is_attribute "use_notification_buffer" def builder_setup @result = Mauve::Server.instance diff --git a/lib/mauve/notifier.rb b/lib/mauve/notifier.rb index 8a26b2c..c473acf 100644 --- a/lib/mauve/notifier.rb +++ b/lib/mauve/notifier.rb @@ -31,6 +31,18 @@ module Mauve end end + + # + # This sends the notification for an alert + # + def notify(alert, at) + if alert.alert_group.nil? + logger.warn "Could not notify for #{alert} since there are no matching alert groups" + else + alert.alert_group.notify(alert, at) + end + end + private @@ -86,12 +98,7 @@ module Mauve # Empty the buffer, one notification at a time. # sz.times do - alert, at = Server.notification_pop - if alert.alert_group.nil? - logger.warn "Could not notify for #{alert} since there are no matching alert groups" - else - alert.alert_group.notify(alert, at) - end + notify(*Server.notification_pop) end end diff --git a/lib/mauve/processor.rb b/lib/mauve/processor.rb index 9896530..0ac7b59 100644 --- a/lib/mauve/processor.rb +++ b/lib/mauve/processor.rb @@ -78,6 +78,44 @@ module Mauve # do_processor end + + # This processes an incoming packet. It is in a seperate method so it can + # be (de)coupled as needed from the UDP server. + # + def process_packet(data, client, received_at) + # + # Uh-oh. Nil data? That's craaaazy + # + return nil if data.nil? + + ip_source = "#{client[3]}" + update = Proto::AlertUpdate.new + + update.parse_from_string(data) + + if @transmission_id_cache[update.transmission_id.to_s] + logger.debug("Ignoring duplicate transmission id #{update.transmission_id}") + return nil + end + + logger.debug "Update #{update.transmission_id} sent at #{update.transmission_time} received at #{received_at.to_i} from "+ + "'#{update.source}'@#{ip_source} alerts #{update.alert.length}" + + Alert.receive_update(update, received_at, ip_source) + + rescue Protobuf::InvalidWireType, + NotImplementedError, + DataObjects::IntegrityError => ex + + logger.error "#{ex} (#{ex.class}) while parsing #{data.length} bytes "+ + "starting '#{data[0..15].inspect}' from #{ip_source}" + + logger.debug ex.backtrace.join("\n") + + ensure + @transmission_id_cache[update.transmission_id.to_s] = Time.now + end + private @@ -157,52 +195,12 @@ module Mauve sz = Server.packet_buffer_size sz.times do - data, client, received_at = Server.packet_pop - - # - # Uh-oh. Nil data? That's craaaazy - # - next if data.nil? - - - # logger.debug("Got #{data.inspect} from #{client.inspect}") - - ip_source = "#{client[3]}" - update = Proto::AlertUpdate.new - - begin - update.parse_from_string(data) - - if @transmission_id_cache[update.transmission_id.to_s] - logger.debug("Ignoring duplicate transmission id #{update.transmission_id}") - # - # Continue with next packet. - # - next - end - - logger.debug "Update #{update.transmission_id} sent at #{update.transmission_time} received at #{received_at.to_i} from "+ - "'#{update.source}'@#{ip_source} alerts #{update.alert.length}" - - Alert.receive_update(update, received_at, ip_source) - - rescue Protobuf::InvalidWireType, - NotImplementedError, - DataObjects::IntegrityError => ex - - logger.error "#{ex} (#{ex.class}) while parsing #{data.length} bytes "+ - "starting '#{data[0..15].inspect}' from #{ip_source}" - - logger.debug ex.backtrace.join("\n") - - ensure - @transmission_id_cache[update.transmission_id.to_s] = Time.now - end + process_packet(*Server.packet_pop) end end def timer_should_stop? - (Server.packet_buffer_size > 0) + (Server.packet_buffer_size > 0) or self.should_stop? end end diff --git a/lib/mauve/server.rb b/lib/mauve/server.rb index 3e82858..db5fda6 100644 --- a/lib/mauve/server.rb +++ b/lib/mauve/server.rb @@ -40,7 +40,7 @@ module Mauve @started_at = Time.now @initial_sleep = 300 - + # # Keep these queues here to prevent a crash in a subthread losing all the # subsquent things in the queue. @@ -69,7 +69,38 @@ module Mauve raise ArgumentError, "database must be a string" unless d.is_a?(String) @database = d end - + + # + # Sets up the packet buffer (or not). The argument can be "false" or "no" + # or a FalseClass object for no. Anything else makes no change. + # + # @param [String] arg + # @return [Array or nil] + def use_packet_buffer=(arg) + logger.debug(arg) + if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i + @packet_buffer = nil + end + + @packet_buffer + end + + # + # Sets up the notification buffer (or not). The argument can be "false" or + # "no" or a FalseClass object for no. Anything else makes no change. + # + # @param [String] arg + # @return [Array or nil] + def use_notification_buffer=(arg) + logger.debug(arg) + if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i + @notification_buffer = nil + end + + @notification_buffer + end + + # Set the sleep period during which notifications about old alerts are # suppressed. # @@ -97,11 +128,8 @@ module Mauve # @return [NilClass] def setup # + # Set up the database # - # - @packet_buffer = [] - @notification_buffer = [] - DataMapper.setup(:default, @database) # DataMapper.logger = Log4r::Logger.new("Mauve::DataMapper") @@ -261,6 +289,8 @@ module Mauve # @param [String] a Packet from the UDP server def packet_enq(a) instance.packet_buffer.push(a) + rescue NoMethodError + Processor.instance.process_packet(*a) end # Shift a packet off the front of the +packet buffer+ @@ -275,6 +305,8 @@ module Mauve # @return [Integer} def packet_buffer_size instance.packet_buffer.size + rescue NoMethodError + 0 end alias packet_push packet_enq @@ -285,6 +317,8 @@ module Mauve # @param [Array] a Notification array, consisting of a Person and the args to Mauve::Person#send_alert def notification_enq(a) instance.notification_buffer.push(a) + rescue NoMethodError + Notifier.instance.notify(*a) end # Shift a notification off the front of the +notification_buffer+ @@ -299,8 +333,10 @@ module Mauve # @return [Integer] def notification_buffer_size instance.notification_buffer.size + rescue NoMethodError + 0 end - + alias notification_push notification_enq alias notification_pop notification_deq -- cgit v1.2.1 From 392a87cfa181a762bf4b3244aa3c6d065ef15253 Mon Sep 17 00:00:00 2001 From: Patrick J Cherry Date: Sat, 21 Apr 2012 10:46:37 +0100 Subject: Added SSL cert verification for Bytemark Authentication. Also tidied away error messages generated during login tests in the web_interface. --- lib/mauve/authentication.rb | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'lib/mauve') diff --git a/lib/mauve/authentication.rb b/lib/mauve/authentication.rb index 54743f1..0fc6823 100644 --- a/lib/mauve/authentication.rb +++ b/lib/mauve/authentication.rb @@ -3,6 +3,11 @@ require 'sha1' require 'xmlrpc/client' require 'timeout' +# +# This allows poking of the SSL attributes of the http client. +# +module XMLRPC ; class Client ; attr_reader :http ; end ; end + module Mauve # @@ -131,15 +136,25 @@ module Mauve def authenticate(login, password) super - client = XMLRPC::Client.new(@srv,"/",@port,nil,nil,nil,nil,true,@timeout).proxy("bytemark.auth") + client = XMLRPC::Client.new(@srv,"/",@port,nil,nil,nil,nil,true,@timeout) + + # + # Make sure we verify our peer before attempting login. + # + if client.http.use_ssl? + client.http.ca_path = "/etc/ssl/certs/" + client.http.verify_mode = OpenSSL::SSL::VERIFY_PEER + end begin - challenge = client.getChallengeForUser(login) + proxy = client.proxy("bytemark.auth") + challenge = proxy.getChallengeForUser(login) response = Digest::SHA1.new.update(challenge).update(password).hexdigest - client.login(login, response) + proxy.login(login, response) return true rescue XMLRPC::FaultException => fault - logger.warn "#{self.class} for #{login} failed: #{fault.faultCode}: #{fault.faultString}" + logger.warn "#{self.class} for #{login} failed" + logger.debug "#{fault.faultCode}: #{fault.faultString}" return false rescue IOError => ex logger.warn "#{ex.class} during auth for #{login} (#{ex.to_s})" -- cgit v1.2.1 From 84b1abf30fe79032209cb0fcd0bfa9d6aaf37721 Mon Sep 17 00:00:00 2001 From: Patrick J Cherry Date: Sat, 21 Apr 2012 13:37:12 +0100 Subject: Overhaul of authentication. * Added new configuration options: ** bytemark_calendar_url ** bytemark_auth_url ** remote_https_verify_mode ** remote_http_timeout ** failed_login_delay * Added authentication tests * Removed remote auth tests in from the web interface tests. * If no bytemark_auth_url is set, then no remote auth takes place. * SSL peer cert validation now takes place by default. * Removed old logic tests * Tidied the way tests take place a little. --- lib/mauve/authentication.rb | 71 ++++++++-------------- lib/mauve/configuration_builders/server.rb | 27 +++++++- lib/mauve/server.rb | 98 ++++++++++++++++++++++++++++-- 3 files changed, 146 insertions(+), 50 deletions(-) (limited to 'lib/mauve') diff --git a/lib/mauve/authentication.rb b/lib/mauve/authentication.rb index 0fc6823..c467a1d 100644 --- a/lib/mauve/authentication.rb +++ b/lib/mauve/authentication.rb @@ -1,7 +1,6 @@ # encoding: UTF-8 require 'sha1' require 'xmlrpc/client' -require 'timeout' # # This allows poking of the SSL attributes of the http client. @@ -28,8 +27,6 @@ module Mauve raise ArgumentError.new("Password must be a string, not a #{password.class}") if String != password.class raise ArgumentError.new("Login or/and password is/are empty.") if login.empty? || password.empty? - return false unless Mauve::Configuration.current.people.has_key?(login) - false end @@ -73,7 +70,7 @@ module Mauve unless true == result logger.info "Authentication for #{login} failed" # Rate limit - sleep 5 + sleep Server.instance.failed_login_delay end result @@ -88,45 +85,6 @@ module Mauve Mauve::Authentication::ORDER << self - # Set up the Bytemark authenticator - # - # @todo allow configuration of where the server is. - # - # @param [String] srv Authentication server name - # @param [String] port Port overwhich authentication should take place - # - # @return [Mauve::AuthBytemark] - # - def initialize (srv='auth.bytemark.co.uk', port=443) - raise ArgumentError.new("Server must be a String, not a #{srv.class}") if String != srv.class - raise ArgumentError.new("Port must be a Fixnum, not a #{port.class}") if Fixnum != port.class - @srv = srv - @port = port - @timeout = 7 - - self - end - - # Tests to see if a server is alive, alive-o. - # - # @deprecated Not really needed. - # - # @return [Boolean] - def ping - begin - Timeout.timeout(@timeout) do - s = TCPSocket.open(@srv, @port) - s.close() - return true - end - rescue Timeout::Error => ex - return false - rescue => ex - return false - end - return false - end - # Authenticate against the Bytemark server # # @param [String] login @@ -136,14 +94,27 @@ module Mauve def authenticate(login, password) super - client = XMLRPC::Client.new(@srv,"/",@port,nil,nil,nil,nil,true,@timeout) + # + # Don't bother checking if no auth_url has been set. + # + return false unless Server.instance.bytemark_auth_url.is_a?(URI) + + # + # Don't bother checking if the person doesn't exist. + # + return false unless Mauve::Configuration.current.people.has_key?(login) + + uri = Server.instance.bytemark_auth_url + timeout = Server.instance.remote_http_timeout + # host=nil, path=nil, port=nil, proxy_host=nil, proxy_port=nil, user=nil, password=nil, use_ssl=nil, timeout=nil) + client = XMLRPC::Client.new(uri.host, uri.path, uri.port, nil, nil, uri.user, uri.password, uri.scheme == "https", timeout) # # Make sure we verify our peer before attempting login. # if client.http.use_ssl? client.http.ca_path = "/etc/ssl/certs/" - client.http.verify_mode = OpenSSL::SSL::VERIFY_PEER + client.http.verify_mode = Server.instance.remote_https_verify_mode end begin @@ -179,6 +150,16 @@ module Mauve # @return [Boolean] def authenticate(login,password) super + # + # Don't bother checking if the person doesn't exist. + # + return false unless Mauve::Configuration.current.people.has_key?(login) + + # + # Don't bother checking if no password has been set. + # + return false if Mauve::Configuration.current.people[login].password.nil? + if ( Digest::SHA1.hexdigest(password) == Mauve::Configuration.current.people[login].password ) return true else diff --git a/lib/mauve/configuration_builders/server.rb b/lib/mauve/configuration_builders/server.rb index feb75b8..d22ed87 100644 --- a/lib/mauve/configuration_builders/server.rb +++ b/lib/mauve/configuration_builders/server.rb @@ -170,7 +170,32 @@ module Mauve # is_attribute "use_packet_buffer" is_attribute "use_notification_buffer" - + + # + # This is where the calendar is located. The request paths are hard-coded. + # + is_attribute "bytemark_calendar_url" + + # + # This is where the Bytemark authentication server is located. + # + is_attribute "bytemark_auth_url" + + # + # This is the level of SSL verification used when making external HTTPS connections. + # + is_attribute "remote_https_verify_mode" + + # + # This is the default timeout when making remote HTTP requests + # + is_attribute "remote_http_timeout" + + # + # This is the default sleep time after an authentication attempt has failed. + # + is_attribute "failed_login_delay" + def builder_setup @result = Mauve::Server.instance end diff --git a/lib/mauve/server.rb b/lib/mauve/server.rb index db5fda6..2b0e101 100644 --- a/lib/mauve/server.rb +++ b/lib/mauve/server.rb @@ -27,6 +27,7 @@ module Mauve attr_reader :hostname, :database, :initial_sleep attr_reader :packet_buffer, :notification_buffer, :started_at + attr_reader :bytemark_auth_url, :bytemark_calendar_url, :remote_http_timeout, :remote_https_verify_mode, :failed_login_delay include Singleton @@ -48,6 +49,23 @@ module Mauve @packet_buffer = [] @notification_buffer = [] + # + # Set the auth/calendar URLs + # + @bytemark_auth_url = nil + @bytemark_calendar_url = nil + + # + # Set a couple of params for remote HTTP requests. + # + @remote_http_timeout = 5 + @remote_https_verify_mode = OpenSSL::SSL::VERIFY_PEER + + # + # Rate limit login attempts to limit the success of brute-forcing. + # + @failed_login_delay = 1 + # # Set up a blank config. # @@ -70,14 +88,12 @@ module Mauve @database = d end - # # Sets up the packet buffer (or not). The argument can be "false" or "no" # or a FalseClass object for no. Anything else makes no change. # # @param [String] arg # @return [Array or nil] def use_packet_buffer=(arg) - logger.debug(arg) if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i @packet_buffer = nil end @@ -85,14 +101,12 @@ module Mauve @packet_buffer end - # # Sets up the notification buffer (or not). The argument can be "false" or # "no" or a FalseClass object for no. Anything else makes no change. # # @param [String] arg # @return [Array or nil] def use_notification_buffer=(arg) - logger.debug(arg) if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i @notification_buffer = nil end @@ -100,6 +114,82 @@ module Mauve @notification_buffer end + # Set the calendar URL. + # + # @param [String] arg + # @return [URI] + def bytemark_calendar_url=(arg) + raise ArgumentError, "bytemark_calendar_url must be a string" unless arg.is_a?(String) + + @bytemark_calendar_url = URI.parse(arg) + + # + # Make sure we get an HTTP URL. + # + raise ArgumentError, "bytemark_calendar_url must be an HTTP(S) URL." unless %w(http https).include?(@bytemark_calendar_url.scheme) + + # + # Set a default request path, if none was given + # + @bytemark_calendar_url.path="/" if @bytemark_calendar_url.path.empty? + + @bytemark_calendar_url + end + + # Set the Bytemark Authentication URL + # + # @param [String] arg + # @return [URI] + def bytemark_auth_url=(arg) + raise ArgumentError, "bytemark_auth_url must be a string" unless arg.is_a?(String) + + @bytemark_auth_url = URI.parse(arg) + # + # Make sure we get an HTTP URL. + # + raise ArgumentError, "bytemark_auth_url must be an HTTP(S) URL." unless %w(http https).include?(@bytemark_auth_url.scheme) + + # + # Set a default request path, if none was given + # + @bytemark_auth_url.path="/" if @bytemark_auth_url.path.empty? + + @bytemark_auth_url + end + + # Sets the timeout when making remote HTTP requests + # + # @param [Integer] arg + # @return [Integer] + def remote_http_timeout=(arg) + raise ArgumentError, "initial_sleep must be an integer" unless s.is_a?(Integer) + @remote_http_timeout = arg + end + + # Sets the SSL verification mode when makeing remote HTTPS requests + # + # @param [String] arg must be one of "none" or "peer" + # @return [Constant] + def remote_https_verify_mode=(arg) + @remote_https_verify_mode = case arg + when "peer" + OpenSSL::SSL::VERIFY_PEER + when "none" + OpenSSL::SSL::VERIFY_NONE + else + raise ArgumentError, "remote_https_verify_mode must be either 'peer' or 'none'" + end + end + + # Set the delay added following a failed login attempt. + # + # @param [Numeric] arg Number of seconds to delay following a failed login attempt + # @return [Numeric] + # + def failed_login_delay=(arg) + raise ArgumentError, "initial_sleep must be numeric" unless arg.is_a?(Numeric) + @failed_login_delay = arg + end # Set the sleep period during which notifications about old alerts are # suppressed. -- cgit v1.2.1