From 13b163173d47645d086f41816a0c3a69cedc623e Mon Sep 17 00:00:00 2001 From: Jean-Louis Huynen Date: Mon, 14 Oct 2019 11:14:27 +0200 Subject: [PATCH] chg: [db_schema] more info on certs, archives, + private in pubK --- passivessl.sql | 544 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 391 insertions(+), 153 deletions(-) diff --git a/passivessl.sql b/passivessl.sql index 89ebd65..1cc7bb5 100644 --- a/passivessl.sql +++ b/passivessl.sql @@ -1,32 +1,50 @@ -- Database generated with pgModeler (PostgreSQL Database Modeler). --- pgModeler version: 0.9.1-beta +-- pgModeler version: 0.9.1 -- PostgreSQL version: 10.0 --- Project Site: pgmodeler.com.br +-- Project Site: pgmodeler.io -- Model Author: --- SET check_function_bodies = false; -- ddl-end -- +-- object: cia_dev | type: ROLE -- +-- DROP ROLE IF EXISTS cia_dev; +CREATE ROLE cia_dev WITH + INHERIT + LOGIN + ENCRYPTED PASSWORD '********'; +-- ddl-end -- --- Database creation must be done outside an multicommand file. --- These commands were put in this file only for convenience. + +-- Database creation must be done outside a multicommand file. +-- These commands were put in this file only as a convenience. -- -- object: passive_ssl | type: DATABASE -- -- -- DROP DATABASE IF EXISTS passive_ssl; -- CREATE DATABASE passive_ssl --- ; +-- ENCODING = 'UTF8' +-- LC_COLLATE = 'en_US.UTF-8' +-- LC_CTYPE = 'en_US.UTF-8' +-- TABLESPACE = pg_default +-- OWNER = postgres; -- -- ddl-end -- -- -- object: ltree | type: EXTENSION -- -- DROP EXTENSION IF EXISTS ltree CASCADE; CREATE EXTENSION ltree - WITH SCHEMA public; + WITH SCHEMA public + VERSION '1.1'; +-- ddl-end -- +COMMENT ON EXTENSION ltree IS 'data type for hierarchical tree-like structures'; -- ddl-end -- -- object: hstore | type: EXTENSION -- -- DROP EXTENSION IF EXISTS hstore CASCADE; CREATE EXTENSION hstore - WITH SCHEMA public; + WITH SCHEMA public + VERSION '1.4'; +-- ddl-end -- +COMMENT ON EXTENSION hstore IS 'data type for storing sets of (key, value) pairs'; -- ddl-end -- -- object: public.public_key | type: TABLE -- @@ -35,8 +53,8 @@ CREATE TABLE public.public_key( hash bytea NOT NULL, type text NOT NULL, modulus text, - exponent int4, - modulus_size int4, + exponent integer, + modulus_size integer, "P" numeric, "Q" numeric, "G" numeric, @@ -44,10 +62,11 @@ CREATE TABLE public.public_key( "X" numeric, "N" numeric, "B" numeric, - bitsize int4, - curve_name varchar(256), + bitsize integer, + curve_name character varying(256), "Gx" numeric, "Gy" numeric, + private bytea, CONSTRAINT public_key_pk PRIMARY KEY (hash) ); @@ -58,20 +77,46 @@ ALTER TABLE public.public_key OWNER TO postgres; -- object: public.certificate | type: TABLE -- -- DROP TABLE IF EXISTS public.certificate CASCADE; CREATE TABLE public.certificate( - file_path varchar(4096) NOT NULL, + mounted_path character varying(4096) NOT NULL, issuer text, - cert_chain public.ltree, + cert_chain ltree, subject text, hash bytea NOT NULL, - "is_CA" bool NOT NULL DEFAULT false, - is_valid_chain bool NOT NULL DEFAULT false, + "is_CA" boolean NOT NULL DEFAULT false, + is_valid_chain boolean NOT NULL DEFAULT false, "notBefore" time, "notAfter" time, - "is_SS" bool NOT NULL DEFAULT false, + "is_SS" boolean NOT NULL DEFAULT false, + "Signature" bytea, + "SignatureAlgorithm" text, + "Version" integer, + "DNSnames" text[], + emails text[], + "IPaddresses" inet[], + "URIs" text[], + "PermittedDNS" text[], + "ExcludedDNS" text[], + "PermittedIPRanges" cidr[], + "ExcludedIPRanges" cidr[], + "PermittedEmailAddresses" text[], + "ExcludedEmailAddresses" text[], + "PermittedURIDomains" text[], + "ExcludedURIDomains" text[], + fs_type smallint DEFAULT 0, + atrest_path character varying(4096) NOT NULL, CONSTRAINT certificate_pk PRIMARY KEY (hash) ); -- ddl-end -- +COMMENT ON COLUMN public.certificate.mounted_path IS 'Where to access the file when mounted (check fs_type to know the state)'; +-- ddl-end -- +COMMENT ON COLUMN public.certificate.fs_type IS 'How to access the raw certificate: +0 - mount point +1 - tar.gz +2 - squashfs'; +-- ddl-end -- +COMMENT ON COLUMN public.certificate.atrest_path IS 'Where to access the file when unmounted (check fs_type to know how to mount)'; +-- ddl-end -- ALTER TABLE public.certificate OWNER TO postgres; -- ddl-end -- @@ -84,29 +129,31 @@ CREATE TABLE public.many_certificate_has_many_public_key( ); -- ddl-end -- - --- object: certificate_fk | type: CONSTRAINT -- --- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS certificate_fk CASCADE; -ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate) -REFERENCES public.certificate (hash) MATCH FULL -ON DELETE RESTRICT ON UPDATE CASCADE; +ALTER TABLE public.many_certificate_has_many_public_key OWNER TO postgres; -- ddl-end -- --- object: public_key_fk | type: CONSTRAINT -- --- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS public_key_fk CASCADE; -ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT public_key_fk FOREIGN KEY (hash_public_key) -REFERENCES public.public_key (hash) MATCH FULL -ON DELETE RESTRICT ON UPDATE CASCADE; +-- object: public."sessionRecord_id_seq" | type: SEQUENCE -- +-- DROP SEQUENCE IF EXISTS public."sessionRecord_id_seq" CASCADE; +CREATE SEQUENCE public."sessionRecord_id_seq" + INCREMENT BY 1 + MINVALUE 1 + MAXVALUE 9223372036854775807 + START WITH 1 + CACHE 1 + NO CYCLE + OWNED BY NONE; +-- ddl-end -- +ALTER SEQUENCE public."sessionRecord_id_seq" OWNER TO postgres; -- ddl-end -- -- object: public."sessionRecord" | type: TABLE -- -- DROP TABLE IF EXISTS public."sessionRecord" CASCADE; CREATE TABLE public."sessionRecord"( - id bigserial NOT NULL, + id bigint NOT NULL DEFAULT nextval('public."sessionRecord_id_seq"'::regclass), dst_ip inet NOT NULL, src_ip inet NOT NULL, - dst_port int4 NOT NULL, - src_port int4 NOT NULL, + dst_port integer NOT NULL, + src_port integer NOT NULL, hash_ja3 bytea NOT NULL, "timestamp" timestamp(0) with time zone, CONSTRAINT "sessionRecord_pk" PRIMARY KEY (id) @@ -121,7 +168,7 @@ ALTER TABLE public."sessionRecord" OWNER TO postgres; CREATE TABLE public.ja3( hash bytea NOT NULL, raw text, - type varchar(16) NOT NULL, + type character varying(16) NOT NULL, CONSTRAINT j3a_pk PRIMARY KEY (hash) ); @@ -129,13 +176,6 @@ CREATE TABLE public.ja3( ALTER TABLE public.ja3 OWNER TO postgres; -- ddl-end -- --- object: ja3_fk | type: CONSTRAINT -- --- ALTER TABLE public."sessionRecord" DROP CONSTRAINT IF EXISTS ja3_fk CASCADE; -ALTER TABLE public."sessionRecord" ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3) -REFERENCES public.ja3 (hash) MATCH FULL -ON DELETE RESTRICT ON UPDATE CASCADE; --- ddl-end -- - -- object: public."many_sessionRecord_has_many_certificate" | type: TABLE -- -- DROP TABLE IF EXISTS public."many_sessionRecord_has_many_certificate" CASCADE; CREATE TABLE public."many_sessionRecord_has_many_certificate"( @@ -145,25 +185,27 @@ CREATE TABLE public."many_sessionRecord_has_many_certificate"( ); -- ddl-end -- - --- object: "sessionRecord_fk" | type: CONSTRAINT -- --- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE; -ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord") -REFERENCES public."sessionRecord" (id) MATCH FULL -ON DELETE RESTRICT ON UPDATE CASCADE; +ALTER TABLE public."many_sessionRecord_has_many_certificate" OWNER TO postgres; -- ddl-end -- --- object: certificate_fk | type: CONSTRAINT -- --- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS certificate_fk CASCADE; -ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate) -REFERENCES public.certificate (hash) MATCH FULL -ON DELETE RESTRICT ON UPDATE CASCADE; +-- object: public.fuzzy_hash_id_seq | type: SEQUENCE -- +-- DROP SEQUENCE IF EXISTS public.fuzzy_hash_id_seq CASCADE; +CREATE SEQUENCE public.fuzzy_hash_id_seq + INCREMENT BY 1 + MINVALUE 1 + MAXVALUE 9223372036854775807 + START WITH 1 + CACHE 1 + NO CYCLE + OWNED BY NONE; +-- ddl-end -- +ALTER SEQUENCE public.fuzzy_hash_id_seq OWNER TO postgres; -- ddl-end -- -- object: public.fuzzy_hash | type: TABLE -- -- DROP TABLE IF EXISTS public.fuzzy_hash CASCADE; CREATE TABLE public.fuzzy_hash( - id bigserial NOT NULL, + id bigint NOT NULL DEFAULT nextval('public.fuzzy_hash_id_seq'::regclass), type text NOT NULL, value text NOT NULL, "id_sessionRecord" bigint, @@ -174,10 +216,24 @@ CREATE TABLE public.fuzzy_hash( ALTER TABLE public.fuzzy_hash OWNER TO postgres; -- ddl-end -- +-- object: public.software_id_seq | type: SEQUENCE -- +-- DROP SEQUENCE IF EXISTS public.software_id_seq CASCADE; +CREATE SEQUENCE public.software_id_seq + INCREMENT BY 1 + MINVALUE 1 + MAXVALUE 2147483647 + START WITH 1 + CACHE 1 + NO CYCLE + OWNED BY NONE; +-- ddl-end -- +ALTER SEQUENCE public.software_id_seq OWNER TO postgres; +-- ddl-end -- + -- object: public.software | type: TABLE -- -- DROP TABLE IF EXISTS public.software CASCADE; CREATE TABLE public.software( - id serial NOT NULL, + id integer NOT NULL DEFAULT nextval('public.software_id_seq'::regclass), name text NOT NULL, version text, CONSTRAINT software_pk PRIMARY KEY (id) @@ -187,10 +243,24 @@ CREATE TABLE public.software( ALTER TABLE public.software OWNER TO postgres; -- ddl-end -- +-- object: public.annotation_id_seq | type: SEQUENCE -- +-- DROP SEQUENCE IF EXISTS public.annotation_id_seq CASCADE; +CREATE SEQUENCE public.annotation_id_seq + INCREMENT BY 1 + MINVALUE 1 + MAXVALUE 2147483647 + START WITH 1 + CACHE 1 + NO CYCLE + OWNED BY NONE; +-- ddl-end -- +ALTER SEQUENCE public.annotation_id_seq OWNER TO postgres; +-- ddl-end -- + -- object: public.annotation | type: TABLE -- -- DROP TABLE IF EXISTS public.annotation CASCADE; CREATE TABLE public.annotation( - id serial NOT NULL, + id integer NOT NULL DEFAULT nextval('public.annotation_id_seq'::regclass), hash_ja3 bytea, confidence smallint, id_software integer, @@ -201,6 +271,275 @@ CREATE TABLE public.annotation( ALTER TABLE public.annotation OWNER TO postgres; -- ddl-end -- +-- object: ja3_trie | type: INDEX -- +-- DROP INDEX IF EXISTS public.ja3_trie CASCADE; +CREATE INDEX ja3_trie ON public.ja3 + USING spgist + ( + raw + ) + WITH (FILLFACTOR = 90); +-- ddl-end -- + +-- object: hash_index | type: INDEX -- +-- DROP INDEX IF EXISTS public.hash_index CASCADE; +CREATE INDEX hash_index ON public.certificate + USING btree + ( + hash + ) + WITH (FILLFACTOR = 90); +-- ddl-end -- + +-- object: pk_index | type: INDEX -- +-- DROP INDEX IF EXISTS public.pk_index CASCADE; +CREATE INDEX pk_index ON public.public_key + USING btree + ( + hash + ) + WITH (FILLFACTOR = 90); +-- ddl-end -- + +-- object: dst_index | type: INDEX -- +-- DROP INDEX IF EXISTS public.dst_index CASCADE; +CREATE INDEX dst_index ON public."sessionRecord" + USING btree + ( + dst_ip + ) + WITH (FILLFACTOR = 90); +-- ddl-end -- + +-- object: path_index | type: INDEX -- +-- DROP INDEX IF EXISTS public.path_index CASCADE; +CREATE INDEX path_index ON public.certificate + USING gist + ( + cert_chain + ) + WITH (FILLFACTOR = 90); +-- ddl-end -- + +-- object: pg_catalog.plpython3_validator | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_validator(oid) CASCADE; +CREATE FUNCTION pg_catalog.plpython3_validator ( _param1 oid) + RETURNS void + LANGUAGE c + VOLATILE + STRICT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_validator'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_validator(oid) OWNER TO postgres; +-- ddl-end -- + +-- object: pg_catalog.plpython3_call_handler | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_call_handler() CASCADE; +CREATE FUNCTION pg_catalog.plpython3_call_handler () + RETURNS language_handler + LANGUAGE c + VOLATILE + CALLED ON NULL INPUT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_call_handler'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_call_handler() OWNER TO postgres; +-- ddl-end -- + +-- object: pg_catalog.plpython3_inline_handler | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_inline_handler(internal) CASCADE; +CREATE FUNCTION pg_catalog.plpython3_inline_handler ( _param1 internal) + RETURNS void + LANGUAGE c + VOLATILE + STRICT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_inline_handler'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_inline_handler(internal) OWNER TO postgres; +-- ddl-end -- + +-- object: plpython3u | type: LANGUAGE -- +-- DROP LANGUAGE IF EXISTS plpython3u CASCADE; +CREATE LANGUAGE plpython3u + HANDLER pg_catalog.plpython3_call_handler + VALIDATOR pg_catalog.plpython3_validator + INLINE pg_catalog.plpython3_inline_handler; +-- ddl-end -- +ALTER LANGUAGE plpython3u OWNER TO postgres; +-- ddl-end -- + +-- object: public.tlshc | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS public.tlshc(text,text) CASCADE; +CREATE FUNCTION public.tlshc ( a text, b text) + RETURNS integer + LANGUAGE plpython3u + VOLATILE + CALLED ON NULL INPUT + SECURITY INVOKER + COST 1 + AS $$ + +import tlsh +return tlsh.diff(a, b) + +$$; +-- ddl-end -- +ALTER FUNCTION public.tlshc(text,text) OWNER TO postgres; +-- ddl-end -- + +-- object: public.tlsht | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS public.tlsht(text,text,integer,integer) CASCADE; +CREATE FUNCTION public.tlsht ( filter text, hash text, threshold integer, maxrows integer) + RETURNS SETOF public.fuzzy_hash + LANGUAGE plpython3u + IMMUTABLE LEAKPROOF + STRICT + SECURITY INVOKER + COST 1 + ROWS 1000 + AS $$ + +import tlsh +plan = plpy.prepare("SELECT * FROM fuzzy_hash WHERE type <> $1", ["text"]) +rv = plan.execute(["filter"], maxrows) +r = [] +for x in rv: + if tlsh.diff(x["value"], hash) < threshold: + r.append(x) +return r + +$$; +-- ddl-end -- +ALTER FUNCTION public.tlsht(text,text,integer,integer) OWNER TO postgres; +-- ddl-end -- + +-- object: pg_catalog.plpython3_validator_cp | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_validator_cp(oid) CASCADE; +CREATE FUNCTION pg_catalog.plpython3_validator_cp ( _param1 oid) + RETURNS void + LANGUAGE c + VOLATILE + STRICT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_validator'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_validator_cp(oid) OWNER TO postgres; +-- ddl-end -- + +-- object: pg_catalog.plpython3_call_handler_cp | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_call_handler_cp() CASCADE; +CREATE FUNCTION pg_catalog.plpython3_call_handler_cp () + RETURNS language_handler + LANGUAGE c + VOLATILE + CALLED ON NULL INPUT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_call_handler'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_call_handler_cp() OWNER TO postgres; +-- ddl-end -- + +-- object: pg_catalog.plpython3_inline_handler_cp | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_inline_handler_cp(internal) CASCADE; +CREATE FUNCTION pg_catalog.plpython3_inline_handler_cp ( _param1 internal) + RETURNS void + LANGUAGE c + VOLATILE + STRICT + SECURITY INVOKER + COST 1 + AS '$libdir/plpython3', 'plpython3_inline_handler'; +-- ddl-end -- +ALTER FUNCTION pg_catalog.plpython3_inline_handler_cp(internal) OWNER TO postgres; +-- ddl-end -- + +-- object: plpython3u_cp | type: LANGUAGE -- +-- DROP LANGUAGE IF EXISTS plpython3u_cp CASCADE; +CREATE LANGUAGE plpython3u_cp + HANDLER pg_catalog.plpython3_call_handler + VALIDATOR pg_catalog.plpython3_validator + INLINE pg_catalog.plpython3_inline_handler; +-- ddl-end -- +ALTER LANGUAGE plpython3u_cp OWNER TO postgres; +-- ddl-end -- + +-- object: public.zgrep | type: FUNCTION -- +-- DROP FUNCTION IF EXISTS public.zgrep(text,text) CASCADE; +CREATE FUNCTION public.zgrep ( a text, b text) + RETURNS integer + LANGUAGE plpython3u_cp + VOLATILE + CALLED ON NULL INPUT + SECURITY INVOKER + COST 1 + AS $$ + +import tlsh +return tlsh.diff(a, b) + +$$; +-- ddl-end -- +ALTER FUNCTION public.zgrep(text,text) OWNER TO postgres; +-- ddl-end -- + +-- object: p_index | type: INDEX -- +-- DROP INDEX IF EXISTS public.p_index CASCADE; +CREATE INDEX CONCURRENTLY p_index ON public.public_key + USING btree + ( + "P" + ); +-- ddl-end -- + +-- object: certificate_fk | type: CONSTRAINT -- +-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS certificate_fk CASCADE; +ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate) +REFERENCES public.certificate (hash) MATCH FULL +ON DELETE CASCADE ON UPDATE CASCADE; +-- ddl-end -- + +-- object: public_key_fk | type: CONSTRAINT -- +-- ALTER TABLE public.many_certificate_has_many_public_key DROP CONSTRAINT IF EXISTS public_key_fk CASCADE; +ALTER TABLE public.many_certificate_has_many_public_key ADD CONSTRAINT public_key_fk FOREIGN KEY (hash_public_key) +REFERENCES public.public_key (hash) MATCH FULL +ON DELETE CASCADE ON UPDATE CASCADE; +-- ddl-end -- + +-- object: ja3_fk | type: CONSTRAINT -- +-- ALTER TABLE public."sessionRecord" DROP CONSTRAINT IF EXISTS ja3_fk CASCADE; +ALTER TABLE public."sessionRecord" ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3) +REFERENCES public.ja3 (hash) MATCH FULL +ON DELETE CASCADE ON UPDATE CASCADE; +-- ddl-end -- + +-- object: "sessionRecord_fk" | type: CONSTRAINT -- +-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE; +ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord") +REFERENCES public."sessionRecord" (id) MATCH FULL +ON DELETE CASCADE ON UPDATE CASCADE; +-- ddl-end -- + +-- object: certificate_fk | type: CONSTRAINT -- +-- ALTER TABLE public."many_sessionRecord_has_many_certificate" DROP CONSTRAINT IF EXISTS certificate_fk CASCADE; +ALTER TABLE public."many_sessionRecord_has_many_certificate" ADD CONSTRAINT certificate_fk FOREIGN KEY (hash_certificate) +REFERENCES public.certificate (hash) MATCH FULL +ON DELETE CASCADE ON UPDATE CASCADE; +-- ddl-end -- + +-- object: "sessionRecord_fk" | type: CONSTRAINT -- +-- ALTER TABLE public.fuzzy_hash DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE; +ALTER TABLE public.fuzzy_hash ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord") +REFERENCES public."sessionRecord" (id) MATCH FULL +ON DELETE SET NULL ON UPDATE CASCADE; +-- ddl-end -- + -- object: ja3_fk | type: CONSTRAINT -- -- ALTER TABLE public.annotation DROP CONSTRAINT IF EXISTS ja3_fk CASCADE; ALTER TABLE public.annotation ADD CONSTRAINT ja3_fk FOREIGN KEY (hash_ja3) @@ -215,105 +554,4 @@ REFERENCES public.software (id) MATCH FULL ON DELETE SET NULL ON UPDATE CASCADE; -- ddl-end -- --- object: ja3_trie | type: INDEX -- --- DROP INDEX IF EXISTS public.ja3_trie CASCADE; -CREATE INDEX CONCURRENTLY ja3_trie ON public.ja3 - USING spgist - ( - raw - ); --- ddl-end -- - --- object: hash_index | type: INDEX -- --- DROP INDEX IF EXISTS public.hash_index CASCADE; -CREATE INDEX hash_index ON public.certificate - USING btree - ( - hash - ); --- ddl-end -- - --- object: pk_index | type: INDEX -- --- DROP INDEX IF EXISTS public.pk_index CASCADE; -CREATE INDEX pk_index ON public.public_key - USING btree - ( - hash - ); --- ddl-end -- - --- object: dst_index | type: INDEX -- --- DROP INDEX IF EXISTS public.dst_index CASCADE; -CREATE INDEX dst_index ON public."sessionRecord" - USING btree - ( - dst_ip - ); --- ddl-end -- - --- object: path_index | type: INDEX -- --- DROP INDEX IF EXISTS public.path_index CASCADE; -CREATE INDEX path_index ON public.certificate - USING gist - ( - cert_chain - ) - WITH (BUFFERING = ON); --- ddl-end -- - --- object: "sessionRecord_fk" | type: CONSTRAINT -- --- ALTER TABLE public.fuzzy_hash DROP CONSTRAINT IF EXISTS "sessionRecord_fk" CASCADE; -ALTER TABLE public.fuzzy_hash ADD CONSTRAINT "sessionRecord_fk" FOREIGN KEY ("id_sessionRecord") -REFERENCES public."sessionRecord" (id) MATCH FULL -ON DELETE SET NULL ON UPDATE CASCADE; --- ddl-end -- - --- object: plpython3u | type: LANGUAGE -- --- DROP LANGUAGE IF EXISTS plpython3u CASCADE; -CREATE LANGUAGE plpython3u; --- ddl-end -- -ALTER LANGUAGE plpython3u OWNER TO postgres; --- ddl-end -- - --- object: public.tlshc | type: FUNCTION -- --- DROP FUNCTION IF EXISTS public.tlshc(text,text) CASCADE; -CREATE FUNCTION public.tlshc ( a text, b text) - RETURNS int4 - LANGUAGE plpython3u - VOLATILE - CALLED ON NULL INPUT - SECURITY INVOKER - COST 1 - AS $$ -import tlsh -return tlsh.diff(a, b) -$$; --- ddl-end -- -ALTER FUNCTION public.tlshc(text,text) OWNER TO postgres; --- ddl-end -- - --- object: public.tlsht | type: FUNCTION -- --- DROP FUNCTION IF EXISTS public.tlsht(IN text,IN text,IN int4,IN int4) CASCADE; -CREATE FUNCTION public.tlsht (IN filter text, IN hash text, IN threshold int4, IN maxrows int4) - RETURNS SETOF public.fuzzy_hash - LANGUAGE plpython3u - IMMUTABLE LEAKPROOF - RETURNS NULL ON NULL INPUT - SECURITY INVOKER - COST 1 - ROWS 1000 - AS $$ -import tlsh -plan = plpy.prepare("SELECT * FROM fuzzy_hash WHERE type <> $1", ["text"]) -rv = plan.execute(["filter"], maxrows) -r = [] -for x in rv: - if tlsh.diff(x["value"], hash) < threshold: - r.append(x) -return r -$$; --- ddl-end -- -ALTER FUNCTION public.tlsht(IN text,IN text,IN int4,IN int4) OWNER TO postgres; --- ddl-end -- -