mirror of https://github.com/MISP/MISP
commit
01d32cf9cf
|
@ -1 +1 @@
|
|||
{"major":2, "minor":3, "hotfix":92}
|
||||
{"major":2, "minor":3, "hotfix":93}
|
|
@ -297,6 +297,8 @@ class TemplatesController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
// called when the user is finished populating a template and is has finished reviewing the resulting attributes at the last stage of the process
|
||||
public function submitEventPopulation($template_id, $event_id) {
|
||||
if ($this->request->is('post')) {
|
||||
$this->loadModel('Event');
|
||||
|
@ -412,6 +414,9 @@ class TemplatesController extends AppController {
|
|||
return $array;
|
||||
}
|
||||
|
||||
// deletes a temporary file created by the user while populating a template
|
||||
// users can add files to attachment fields and when they change their mind about it, they can remove a file (deleting the temporary file)
|
||||
// before it gets saved as an attribute and moved to the persistent attachment store
|
||||
public function deleteTemporaryFile($filename) {
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException('This action is restricted to accepting POST requests only.');
|
||||
//if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This action is only accessible through AJAX.');
|
||||
|
|
|
@ -37,9 +37,9 @@ class RPZExport {
|
|||
|
||||
public function explain($type, $policy) {
|
||||
$explanations = array(
|
||||
'ip' => '# The following list of IP addresses will ',
|
||||
'domain' => '# The following domain names and all of their sub-domains will ',
|
||||
'hostname' => '# The following hostnames will '
|
||||
'ip' => '; The following list of IP addresses will ',
|
||||
'domain' => '; The following domain names and all of their sub-domains will ',
|
||||
'hostname' => '; The following hostnames will '
|
||||
);
|
||||
$policy_explanations = array(
|
||||
'walled-garden' => 'returns the defined alternate location.',
|
||||
|
@ -53,7 +53,7 @@ class RPZExport {
|
|||
public function buildHeader($rpzSettings) {
|
||||
$rpzSettings['serial'] = str_replace('$date', date('Ymd'), $rpzSettings['serial']);
|
||||
$header = '';
|
||||
$header .= '$TTL ' . $rpzSettings['ttl'] . PHP_EOL;
|
||||
$header .= '$TTL ' . $rpzSettings['ttl'] . ';' . PHP_EOL;
|
||||
$header .= '@ SOA ' . $rpzSettings['ns'] . ' ' . $rpzSettings['email'] . ' (' . $rpzSettings['serial'] . ' ' . $rpzSettings['refresh'] . ' ' . $rpzSettings['retry'] . ' ' . $rpzSettings['expiry'] . ' ' . $rpzSettings['minimum_ttl'] . ')' . PHP_EOL;
|
||||
$header .= ' NS ' . $rpzSettings['ns'] . PHP_EOL . PHP_EOL;
|
||||
return $header;
|
||||
|
@ -106,7 +106,7 @@ class RPZExport {
|
|||
if (strpos($input, '/')) {
|
||||
list($input, $prefix) = explode('/', $input);
|
||||
}
|
||||
return $prefix . '.' . $this->{'__' . $type}($input) . ' CNAME ' . $action . PHP_EOL;
|
||||
return $prefix . '.' . $this->{'__' . $type}($input) . '.rpz-ip CNAME ' . $action . PHP_EOL;
|
||||
}
|
||||
|
||||
private function __ipv6($input) {
|
||||
|
|
|
@ -1323,7 +1323,7 @@ class Attribute extends AppModel {
|
|||
public function rpz($org, $isSiteAdmin, $tags = false, $eventId = false, $from = false, $to = false) {
|
||||
// we can group hostname and domain as well as ip-src and ip-dst in this case
|
||||
$conditions['AND'] = array('Attribute.to_ids' => 1, 'Event.published' => 1);
|
||||
$typesToFetch = array('ip' => array('ip-src', 'ip-dst'), 'hostname' => array('hostname'), 'domain' => array('domain'));
|
||||
$typesToFetch = array('ip' => array('ip-src', 'ip-dst'), 'domain' => array('domain'), 'hostname' => array('hostname'));
|
||||
if ($from) $conditions['AND']['Event.date >='] = $from;
|
||||
if ($to) $conditions['AND']['Event.date <='] = $to;
|
||||
if (!$isSiteAdmin) {
|
||||
|
@ -1363,7 +1363,17 @@ class Attribute extends AppModel {
|
|||
'group' => array('Attribute.value'), //fields to GROUP BY
|
||||
);
|
||||
$temp = $this->find('all', $params);
|
||||
foreach ($temp as $value) $values[$k][] = $value['Attribute']['value'];
|
||||
if ($k == 'hostname') {
|
||||
foreach ($temp as $value) {
|
||||
$found = false;
|
||||
foreach ($values['domain'] as $domain) {
|
||||
if (strpos($value['Attribute']['value'], $domain) != 0) {
|
||||
$found = true;
|
||||
}
|
||||
}
|
||||
if (!$found) $values[$k][] = $value['Attribute']['value'];
|
||||
}
|
||||
} else foreach ($temp as $value) $values[$k][] = $value['Attribute']['value'];
|
||||
unset($temp);
|
||||
}
|
||||
return $values;
|
||||
|
|
Loading…
Reference in New Issue