chg: [db_schema] more info on certs, archives, + private in pubK
parent
7367a5382e
commit
13b163173d
544
passivessl.sql
544
passivessl.sql
|
@ -1,32 +1,50 @@
|
|||
-- Database generated with pgModeler (PostgreSQL Database Modeler).
|
||||
-- pgModeler version: 0.9.1-beta
|
||||
-- pgModeler version: 0.9.1
|
||||
-- PostgreSQL version: 10.0
|
||||
-- Project Site: pgmodeler.com.br
|
||||
-- Project Site: pgmodeler.io
|
||||
-- Model Author: ---
|
||||
|
||||
SET check_function_bodies = false;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: cia_dev | type: ROLE --
|
||||
-- DROP ROLE IF EXISTS cia_dev;
|
||||
CREATE ROLE cia_dev WITH
|
||||
INHERIT
|
||||
LOGIN
|
||||
ENCRYPTED PASSWORD '********';
|
||||
-- ddl-end --
|
||||
|
||||
-- Database creation must be done outside an multicommand file.
|
||||
-- These commands were put in this file only for convenience.
|
||||
|
||||
-- Database creation must be done outside a multicommand file.
|
||||
-- These commands were put in this file only as a convenience.
|
||||
-- -- object: passive_ssl | type: DATABASE --
|
||||
-- -- DROP DATABASE IF EXISTS passive_ssl;
|
||||
-- CREATE DATABASE passive_ssl
|
||||
-- ;
|
||||
-- ENCODING = 'UTF8'
|
||||
-- LC_COLLATE = 'en_US.UTF-8'
|
||||
-- LC_CTYPE = 'en_US.UTF-8'
|
||||
-- TABLESPACE = pg_default
|
||||
-- OWNER = postgres;
|
||||
-- -- ddl-end --
|
||||
--
|
||||
|
||||
-- object: ltree | type: EXTENSION --
|
||||
-- DROP EXTENSION IF EXISTS ltree CASCADE;
|
||||
CREATE EXTENSION ltree
|
||||
WITH SCHEMA public;
|
||||
WITH SCHEMA public
|
||||
VERSION '1.1';
|
||||
-- ddl-end --
|
||||
COMMENT ON EXTENSION ltree IS 'data type for hierarchical tree-like structures';
|
||||
-- ddl-end --
|
||||
|
||||
-- object: hstore | type: EXTENSION --
|
||||
-- DROP EXTENSION IF EXISTS hstore CASCADE;
|
||||
CREATE EXTENSION hstore
|
||||
WITH SCHEMA public;
|
||||
WITH SCHEMA public
|
||||
VERSION '1.4';
|
||||
-- ddl-end --
|
||||
COMMENT ON EXTENSION hstore IS 'data type for storing sets of (key, value) pairs';
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.public_key | type: TABLE --
|
||||
|
@ -35,8 +53,8 @@ CREATE TABLE public.public_key(
|
|||
hash bytea NOT NULL,
|
||||
type text NOT NULL,
|
||||
modulus text,
|
||||
exponent int4,
|
||||
modulus_size int4,
|
||||
exponent integer,
|
||||
modulus_size integer,
|
||||
"P" numeric,
|
||||
"Q" numeric,
|
||||
"G" numeric,
|
||||
|
@ -44,10 +62,11 @@ CREATE TABLE public.public_key(
|
|||
"X" numeric,
|
||||
"N" numeric,
|
||||
"B" numeric,
|
||||
bitsize int4,
|
||||
curve_name varchar(256),
|
||||
bitsize integer,
|
||||
curve_name character varying(256),
|
||||
"Gx" numeric,
|
||||
"Gy" numeric,
|
||||
private bytea,
|
||||
CONSTRAINT public_key_pk PRIMARY KEY (hash)
|
||||
|
||||
);
|
||||
|
@ -58,20 +77,46 @@ ALTER TABLE public.public_key OWNER TO postgres;
|
|||
-- object: public.certificate | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public.certificate CASCADE;
|
||||
CREATE TABLE public.certificate(
|
||||
file_path varchar(4096) NOT NULL,
|
||||
mounted_path character varying(4096) NOT NULL,
|
||||
issuer text,
|
||||
cert_chain public.ltree,
|
||||
cert_chain ltree,
|
||||
subject text,
|
||||
hash bytea NOT NULL,
|
||||
"is_CA" bool NOT NULL DEFAULT false,
|
||||
is_valid_chain bool NOT NULL DEFAULT false,
|
||||
"is_CA" boolean NOT NULL DEFAULT false,
|
||||
is_valid_chain boolean NOT NULL DEFAULT false,
|
||||
"notBefore" time,
|
||||
"notAfter" time,
|
||||
"is_SS" bool NOT NULL DEFAULT false,
|
||||
"is_SS" boolean NOT NULL DEFAULT false,
|
||||
"Signature" bytea,
|
||||
"SignatureAlgorithm" text,
|
||||
"Version" integer,
|
||||
"DNSnames" text[],
|
||||
emails text[],
|
||||
"IPaddresses" inet[],
|
||||
"URIs" text[],
|
||||
"PermittedDNS" text[],
|
||||
"ExcludedDNS" text[],
|
||||
"PermittedIPRanges" cidr[],
|
||||
"ExcludedIPRanges" cidr[],
|
||||
"PermittedEmailAddresses" text[],
|
||||
"ExcludedEmailAddresses" text[],
|
||||
"PermittedURIDomains" text[],
|
||||
"ExcludedURIDomains" text[],
|
||||
fs_type smallint DEFAULT 0,
|
||||
atrest_path character varying(4096) NOT NULL,
|
||||
CONSTRAINT certificate_pk PRIMARY KEY (hash)
|
||||
|
||||
);
|
||||
-- ddl-end --
|
||||
COMMENT ON COLUMN public.certificate.mounted_path IS 'Where to access the file when mounted (check fs_type to know the state)';
|
||||
-- ddl-end --
|
||||
COMMENT ON COLUMN public.certificate.fs_type IS 'How to access the raw certificate:
|
||||
0 - mount point
|
||||
1 - tar.gz
|
||||
2 - squashfs';
|
||||
-- ddl-end --
|
||||
COMMENT ON COLUMN public.certificate.atrest_path IS 'Where to access the file when unmounted (check fs_type to know how to mount)';
|
||||
-- ddl-end --
|
||||
ALTER TABLE public.certificate OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
|
@ -84,29 +129,31 @@ CREATE TABLE public.many_certificate_has_many_public_key(
|
|||
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: certificate_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS certificate_fk CASCADE;
|
||||
ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate)
|
||||
REFERENCES public.certificate (hash) MATCH FULL
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||
ALTER TABLE public.many_certificate_has_many_public_key OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public_key_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS public_key_fk CASCADE;
|
||||
ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT public_key_fk FOREIGN KEY (hash_public_key)
|
||||
REFERENCES public.public_key (hash) MATCH FULL
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||
-- object: public."sessionRecord_id_seq" | type: SEQUENCE --
|
||||
-- DROP SEQUENCE IF EXISTS public."sessionRecord_id_seq" CASCADE;
|
||||
CREATE SEQUENCE public."sessionRecord_id_seq"
|
||||
INCREMENT BY 1
|
||||
MINVALUE 1
|
||||
MAXVALUE 9223372036854775807
|
||||
START WITH 1
|
||||
CACHE 1
|
||||
NO CYCLE
|
||||
OWNED BY NONE;
|
||||
-- ddl-end --
|
||||
ALTER SEQUENCE public."sessionRecord_id_seq" OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public."sessionRecord" | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public."sessionRecord" CASCADE;
|
||||
CREATE TABLE public."sessionRecord"(
|
||||
id bigserial NOT NULL,
|
||||
id bigint NOT NULL DEFAULT nextval('public."sessionRecord_id_seq"'::regclass),
|
||||
dst_ip inet NOT NULL,
|
||||
src_ip inet NOT NULL,
|
||||
dst_port int4 NOT NULL,
|
||||
src_port int4 NOT NULL,
|
||||
dst_port integer NOT NULL,
|
||||
src_port integer NOT NULL,
|
||||
hash_ja3 bytea NOT NULL,
|
||||
"timestamp" timestamp(0) with time zone,
|
||||
CONSTRAINT "sessionRecord_pk" PRIMARY KEY (id)
|
||||
|
@ -121,7 +168,7 @@ ALTER TABLE public."sessionRecord" OWNER TO postgres;
|
|||
CREATE TABLE public.ja3(
|
||||
hash bytea NOT NULL,
|
||||
raw text,
|
||||
type varchar(16) NOT NULL,
|
||||
type character varying(16) NOT NULL,
|
||||
CONSTRAINT j3a_pk PRIMARY KEY (hash)
|
||||
|
||||
);
|
||||
|
@ -129,13 +176,6 @@ CREATE TABLE public.ja3(
|
|||
ALTER TABLE public.ja3 OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: ja3_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."sessionRecord" DROP CONSTRAINT IF EXISTS ja3_fk CASCADE;
|
||||
ALTER TABLE public."sessionRecord" ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3)
|
||||
REFERENCES public.ja3 (hash) MATCH FULL
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public."many_sessionRecord_has_many_certificate" | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public."many_sessionRecord_has_many_certificate" CASCADE;
|
||||
CREATE TABLE public."many_sessionRecord_has_many_certificate"(
|
||||
|
@ -145,25 +185,27 @@ CREATE TABLE public."many_sessionRecord_has_many_certificate"(
|
|||
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: "sessionRecord_fk" | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE;
|
||||
ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord")
|
||||
REFERENCES public."sessionRecord" (id) MATCH FULL
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||
ALTER TABLE public."many_sessionRecord_has_many_certificate" OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: certificate_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS certificate_fk CASCADE;
|
||||
ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate)
|
||||
REFERENCES public.certificate (hash) MATCH FULL
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE;
|
||||
-- object: public.fuzzy_hash_id_seq | type: SEQUENCE --
|
||||
-- DROP SEQUENCE IF EXISTS public.fuzzy_hash_id_seq CASCADE;
|
||||
CREATE SEQUENCE public.fuzzy_hash_id_seq
|
||||
INCREMENT BY 1
|
||||
MINVALUE 1
|
||||
MAXVALUE 9223372036854775807
|
||||
START WITH 1
|
||||
CACHE 1
|
||||
NO CYCLE
|
||||
OWNED BY NONE;
|
||||
-- ddl-end --
|
||||
ALTER SEQUENCE public.fuzzy_hash_id_seq OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.fuzzy_hash | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public.fuzzy_hash CASCADE;
|
||||
CREATE TABLE public.fuzzy_hash(
|
||||
id bigserial NOT NULL,
|
||||
id bigint NOT NULL DEFAULT nextval('public.fuzzy_hash_id_seq'::regclass),
|
||||
type text NOT NULL,
|
||||
value text NOT NULL,
|
||||
"id_sessionRecord" bigint,
|
||||
|
@ -174,10 +216,24 @@ CREATE TABLE public.fuzzy_hash(
|
|||
ALTER TABLE public.fuzzy_hash OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.software_id_seq | type: SEQUENCE --
|
||||
-- DROP SEQUENCE IF EXISTS public.software_id_seq CASCADE;
|
||||
CREATE SEQUENCE public.software_id_seq
|
||||
INCREMENT BY 1
|
||||
MINVALUE 1
|
||||
MAXVALUE 2147483647
|
||||
START WITH 1
|
||||
CACHE 1
|
||||
NO CYCLE
|
||||
OWNED BY NONE;
|
||||
-- ddl-end --
|
||||
ALTER SEQUENCE public.software_id_seq OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.software | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public.software CASCADE;
|
||||
CREATE TABLE public.software(
|
||||
id serial NOT NULL,
|
||||
id integer NOT NULL DEFAULT nextval('public.software_id_seq'::regclass),
|
||||
name text NOT NULL,
|
||||
version text,
|
||||
CONSTRAINT software_pk PRIMARY KEY (id)
|
||||
|
@ -187,10 +243,24 @@ CREATE TABLE public.software(
|
|||
ALTER TABLE public.software OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.annotation_id_seq | type: SEQUENCE --
|
||||
-- DROP SEQUENCE IF EXISTS public.annotation_id_seq CASCADE;
|
||||
CREATE SEQUENCE public.annotation_id_seq
|
||||
INCREMENT BY 1
|
||||
MINVALUE 1
|
||||
MAXVALUE 2147483647
|
||||
START WITH 1
|
||||
CACHE 1
|
||||
NO CYCLE
|
||||
OWNED BY NONE;
|
||||
-- ddl-end --
|
||||
ALTER SEQUENCE public.annotation_id_seq OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.annotation | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public.annotation CASCADE;
|
||||
CREATE TABLE public.annotation(
|
||||
id serial NOT NULL,
|
||||
id integer NOT NULL DEFAULT nextval('public.annotation_id_seq'::regclass),
|
||||
hash_ja3 bytea,
|
||||
confidence smallint,
|
||||
id_software integer,
|
||||
|
@ -201,6 +271,275 @@ CREATE TABLE public.annotation(
|
|||
ALTER TABLE public.annotation OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: ja3_trie | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.ja3_trie CASCADE;
|
||||
CREATE INDEX ja3_trie ON public.ja3
|
||||
USING spgist
|
||||
(
|
||||
raw
|
||||
)
|
||||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: hash_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.hash_index CASCADE;
|
||||
CREATE INDEX hash_index ON public.certificate
|
||||
USING btree
|
||||
(
|
||||
hash
|
||||
)
|
||||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pk_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.pk_index CASCADE;
|
||||
CREATE INDEX pk_index ON public.public_key
|
||||
USING btree
|
||||
(
|
||||
hash
|
||||
)
|
||||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: dst_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.dst_index CASCADE;
|
||||
CREATE INDEX dst_index ON public."sessionRecord"
|
||||
USING btree
|
||||
(
|
||||
dst_ip
|
||||
)
|
||||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: path_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.path_index CASCADE;
|
||||
CREATE INDEX path_index ON public.certificate
|
||||
USING gist
|
||||
(
|
||||
cert_chain
|
||||
)
|
||||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_validator | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_validator(oid) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_validator ( _param1 oid)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_validator';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_validator(oid) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_call_handler | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_call_handler() CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_call_handler ()
|
||||
RETURNS language_handler
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_call_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_call_handler() OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_inline_handler | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_inline_handler(internal) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_inline_handler ( _param1 internal)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_inline_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_inline_handler(internal) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: plpython3u | type: LANGUAGE --
|
||||
-- DROP LANGUAGE IF EXISTS plpython3u CASCADE;
|
||||
CREATE LANGUAGE plpython3u
|
||||
HANDLER pg_catalog.plpython3_call_handler
|
||||
VALIDATOR pg_catalog.plpython3_validator
|
||||
INLINE pg_catalog.plpython3_inline_handler;
|
||||
-- ddl-end --
|
||||
ALTER LANGUAGE plpython3u OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.tlshc | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.tlshc(text,text) CASCADE;
|
||||
CREATE FUNCTION public.tlshc ( a text, b text)
|
||||
RETURNS integer
|
||||
LANGUAGE plpython3u
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS $$
|
||||
|
||||
import tlsh
|
||||
return tlsh.diff(a, b)
|
||||
|
||||
$$;
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION public.tlshc(text,text) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.tlsht | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.tlsht(text,text,integer,integer) CASCADE;
|
||||
CREATE FUNCTION public.tlsht ( filter text, hash text, threshold integer, maxrows integer)
|
||||
RETURNS SETOF public.fuzzy_hash
|
||||
LANGUAGE plpython3u
|
||||
IMMUTABLE LEAKPROOF
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
ROWS 1000
|
||||
AS $$
|
||||
|
||||
import tlsh
|
||||
plan = plpy.prepare("SELECT * FROM fuzzy_hash WHERE type <> $1", ["text"])
|
||||
rv = plan.execute(["filter"], maxrows)
|
||||
r = []
|
||||
for x in rv:
|
||||
if tlsh.diff(x["value"], hash) < threshold:
|
||||
r.append(x)
|
||||
return r
|
||||
|
||||
$$;
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION public.tlsht(text,text,integer,integer) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_validator_cp | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_validator_cp(oid) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_validator_cp ( _param1 oid)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_validator';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_validator_cp(oid) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_call_handler_cp | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_call_handler_cp() CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_call_handler_cp ()
|
||||
RETURNS language_handler
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_call_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_call_handler_cp() OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_inline_handler_cp | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_inline_handler_cp(internal) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_inline_handler_cp ( _param1 internal)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_inline_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_inline_handler_cp(internal) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: plpython3u_cp | type: LANGUAGE --
|
||||
-- DROP LANGUAGE IF EXISTS plpython3u_cp CASCADE;
|
||||
CREATE LANGUAGE plpython3u_cp
|
||||
HANDLER pg_catalog.plpython3_call_handler
|
||||
VALIDATOR pg_catalog.plpython3_validator
|
||||
INLINE pg_catalog.plpython3_inline_handler;
|
||||
-- ddl-end --
|
||||
ALTER LANGUAGE plpython3u_cp OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.zgrep | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.zgrep(text,text) CASCADE;
|
||||
CREATE FUNCTION public.zgrep ( a text, b text)
|
||||
RETURNS integer
|
||||
LANGUAGE plpython3u_cp
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS $$
|
||||
|
||||
import tlsh
|
||||
return tlsh.diff(a, b)
|
||||
|
||||
$$;
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION public.zgrep(text,text) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: p_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.p_index CASCADE;
|
||||
CREATE INDEX CONCURRENTLY p_index ON public.public_key
|
||||
USING btree
|
||||
(
|
||||
"P"
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: certificate_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS certificate_fk CASCADE;
|
||||
ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate)
|
||||
REFERENCES public.certificate (hash) MATCH FULL
|
||||
ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public_key_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS public_key_fk CASCADE;
|
||||
ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT public_key_fk FOREIGN KEY (hash_public_key)
|
||||
REFERENCES public.public_key (hash) MATCH FULL
|
||||
ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: ja3_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."sessionRecord" DROP CONSTRAINT IF EXISTS ja3_fk CASCADE;
|
||||
ALTER TABLE public."sessionRecord" ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3)
|
||||
REFERENCES public.ja3 (hash) MATCH FULL
|
||||
ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: "sessionRecord_fk" | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE;
|
||||
ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord")
|
||||
REFERENCES public."sessionRecord" (id) MATCH FULL
|
||||
ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: certificate_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS certificate_fk CASCADE;
|
||||
ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate)
|
||||
REFERENCES public.certificate (hash) MATCH FULL
|
||||
ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: "sessionRecord_fk" | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.fuzzy_hash DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE;
|
||||
ALTER TABLE public.fuzzy_hash ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord")
|
||||
REFERENCES public."sessionRecord" (id) MATCH FULL
|
||||
ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: ja3_fk | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.annotation DROP CONSTRAINT IF EXISTS ja3_fk CASCADE;
|
||||
ALTER TABLE public.annotation ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3)
|
||||
|
@ -215,105 +554,4 @@ REFERENCES public.software (id) MATCH FULL
|
|||
ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: ja3_trie | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.ja3_trie CASCADE;
|
||||
CREATE INDEX CONCURRENTLY ja3_trie ON public.ja3
|
||||
USING spgist
|
||||
(
|
||||
raw
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: hash_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.hash_index CASCADE;
|
||||
CREATE INDEX hash_index ON public.certificate
|
||||
USING btree
|
||||
(
|
||||
hash
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pk_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.pk_index CASCADE;
|
||||
CREATE INDEX pk_index ON public.public_key
|
||||
USING btree
|
||||
(
|
||||
hash
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: dst_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.dst_index CASCADE;
|
||||
CREATE INDEX dst_index ON public."sessionRecord"
|
||||
USING btree
|
||||
(
|
||||
dst_ip
|
||||
);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: path_index | type: INDEX --
|
||||
-- DROP INDEX IF EXISTS public.path_index CASCADE;
|
||||
CREATE INDEX path_index ON public.certificate
|
||||
USING gist
|
||||
(
|
||||
cert_chain
|
||||
)
|
||||
WITH (BUFFERING = ON);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: "sessionRecord_fk" | type: CONSTRAINT --
|
||||
-- ALTER TABLE public.fuzzy_hash DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE;
|
||||
ALTER TABLE public.fuzzy_hash ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord")
|
||||
REFERENCES public."sessionRecord" (id) MATCH FULL
|
||||
ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: plpython3u | type: LANGUAGE --
|
||||
-- DROP LANGUAGE IF EXISTS plpython3u CASCADE;
|
||||
CREATE LANGUAGE plpython3u;
|
||||
-- ddl-end --
|
||||
ALTER LANGUAGE plpython3u OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.tlshc | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.tlshc(text,text) CASCADE;
|
||||
CREATE FUNCTION public.tlshc ( a text, b text)
|
||||
RETURNS int4
|
||||
LANGUAGE plpython3u
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS $$
|
||||
import tlsh
|
||||
return tlsh.diff(a, b)
|
||||
$$;
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION public.tlshc(text,text) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.tlsht | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.tlsht(IN text,IN text,IN int4,IN int4) CASCADE;
|
||||
CREATE FUNCTION public.tlsht (IN filter text, IN hash text, IN threshold int4, IN maxrows int4)
|
||||
RETURNS SETOF public.fuzzy_hash
|
||||
LANGUAGE plpython3u
|
||||
IMMUTABLE LEAKPROOF
|
||||
RETURNS NULL ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
ROWS 1000
|
||||
AS $$
|
||||
import tlsh
|
||||
plan = plpy.prepare("SELECT * FROM fuzzy_hash WHERE type <> $1", ["text"])
|
||||
rv = plan.execute(["filter"], maxrows)
|
||||
r = []
|
||||
for x in rv:
|
||||
if tlsh.diff(x["value"], hash) < threshold:
|
||||
r.append(x)
|
||||
return r
|
||||
$$;
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION public.tlsht(IN text,IN text,IN int4,IN int4) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue