mirror of https://github.com/MISP/MISP
Merge branch '2.4' into develop
commit
5a917f008f
|
@ -10,15 +10,10 @@ class ComplexTypeTool
|
|||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/(\[\.\]|\[dot\]|\(dot\)|\\\\\.)/',
|
||||
'from' => '/(\[\.\]|\[dot\]|\(dot\))/',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\.+/',
|
||||
'to' => '.',
|
||||
'types' => array('ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\[hxxp:\/\/\]/',
|
||||
'to' => 'http://',
|
||||
|
|
|
@ -39,6 +39,8 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
* 'group_one' => 1,
|
||||
* ),
|
||||
* 'DefaultOrg' => 'MY_ORG',
|
||||
* 'DefaultRole' => false // set to a specific value if you wish to hard-set users created via ApacheShibbAuth
|
||||
* 'BlockRoleModifications' => false // set to true if you wish for the roles never to be updated during login. Especially * // useful if you manually change roles in MISP
|
||||
* ),
|
||||
* @param CakeRequest $request The request that contains login information.
|
||||
* @param CakeResponse $response Unused response object.
|
||||
|
@ -72,6 +74,7 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
$orgTag = Configure::read('ApacheShibbAuth.OrgTag');
|
||||
$groupTag = Configure::read('ApacheShibbAuth.GroupTag');
|
||||
$groupRoleMatching = Configure::read('ApacheShibbAuth.GroupRoleMatching');
|
||||
$blockRoleModifications = Configure::check('ApacheShibbAuth.BlockRoleModifications') ? Configure::read('ApacheShibbAuth.BlockRoleModifications') : false;
|
||||
|
||||
// Get user values
|
||||
if (!isset($_SERVER[$mailTag])) {
|
||||
|
@ -110,20 +113,25 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
CakeLog::error('No role was assigned, no egroup matched the configuration.');
|
||||
return false; // Deny if the user is not in any egroup
|
||||
}
|
||||
|
||||
// if a default role is set, override the currently parsed out selection and use that instead.
|
||||
$roleId = Configure::check('ApacheShibbAuth.DefaultRole') ? Configure::read('ApacheShibbAuth.DefaultRole') : $roleId;
|
||||
if ($roleChanged) {
|
||||
CakeLog::write('info', "User role $roleId assigned.");
|
||||
}
|
||||
/** @var User $userModel */
|
||||
$userModel = ClassRegistry::init($this->settings['userModel']);
|
||||
|
||||
if ($user) { // User already exists
|
||||
CakeLog::info( "User `$mispUsername` found in database.");
|
||||
$user = $this->updateUserRole($roleChanged, $user, $roleId, $userModel);
|
||||
if (!$blockRoleModifications) {
|
||||
$user = $this->updateUserRole($roleChanged, $user, $roleId, $userModel);
|
||||
}
|
||||
$user = $this->updateUserOrg($org, $user, $userModel);
|
||||
CakeLog::info("User `$mispUsername` logged in.");
|
||||
return $user;
|
||||
}
|
||||
|
||||
CakeLog::info("User `$mispUsername` not found in database.");
|
||||
|
||||
// Insert user in database if not existent
|
||||
$userData = array('User' => array(
|
||||
'email' => $mispUsername,
|
||||
|
@ -199,7 +207,6 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
$roleId = $roleVal;
|
||||
$roleChanged = true;
|
||||
}
|
||||
CakeLog::write('info', "User role $roleId assigned.");
|
||||
}
|
||||
}
|
||||
return array($roleChanged, $roleId);
|
||||
|
|
|
@ -7,7 +7,7 @@ if ($key === 'refs' &&
|
|||
) {
|
||||
echo '<a href="' . h($value) . '" rel="noreferrer noopener">' . h($value) . '</a>';
|
||||
} else if ($key === 'country') {
|
||||
echo $this->Icon->countryFlag($item['GalaxyElement']['value']) . ' ' . h($value);
|
||||
echo $this->Icon->countryFlag($value) . ' ' . h($value);
|
||||
} else {
|
||||
echo h($value);
|
||||
}
|
|
@ -579,6 +579,188 @@
|
|||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "DNS recursion desired",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/dnsrd.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "DNS recursion desired IN ANY",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/dnsrdany.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "DNS CH TXT version.bind",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/dnsversion.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "IP protocol 41",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/proto41.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "SMTP data",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/smtpdata.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "SMTP greet",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/smtpgreet.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "TELNET login",
|
||||
"provider": "dataplane.org",
|
||||
"url": "https:\/\/dataplane.org\/telnetlogin.txt",
|
||||
"rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]}}",
|
||||
"enabled": true,
|
||||
"distribution": "3",
|
||||
"default": false,
|
||||
"source_format": "csv",
|
||||
"fixed_event": true,
|
||||
"delta_merge": false,
|
||||
"publish": false,
|
||||
"override_ids": false,
|
||||
"settings": "{\"csv\":{\"value\":\"3\",\"delimiter\":\"|\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
"input_source": "network",
|
||||
"delete_local_file": false,
|
||||
"lookup_visible": false
|
||||
},
|
||||
"Tag": {
|
||||
"name": "osint:source-type=\"block-or-filter-list\"",
|
||||
"colour": "#004f89",
|
||||
"exportable": true,
|
||||
"hide_tag": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"Feed": {
|
||||
"name": "All current domains belonging to known malicious DGAs",
|
||||
|
|
Loading…
Reference in New Issue