Merge branch '2.4' into develop

2021-10-20 22:28:55 +02:00 · 2021-10-20 22:28:55 +02:00 · 9edd72c854
parent ea331c6ae9 1fb2d6b9d9
commit 9edd72c854
17 changed files with 50 additions and 26 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -6,9 +6,9 @@ name: misp
 # events but only for the 2.4 and develop branches
 on:
  push:
-    branches: [ 2.4, develop ]
+    branches: [ 2.4, develop, misp-stix ]
  pull_request:
-    branches: [ 2.4, develop ]
+    branches: [ 2.4, develop, misp-stix ]

 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
@ -200,10 +200,13 @@ jobs:
              pushd ./app/files/scripts/cti-python-stix2
              pip install .
              popd
+              pushd ./app/files/scripts/python-stix
+              pip install .
+              popd
              pushd PyMISP
              pip install .[fileobjects,email]
              popd
-              pip install stix zmq redis plyara
+              pip install zmq redis plyara
              deactivate

      - name: Test if apache is working
--- a/.gitignore
+++ b/.gitignore
@ -45,9 +45,6 @@ tools/mkdocs
 !/app/files/misp-objects/*
 !/app/files/misp-decaying-models
 !/app/files/misp-decaying-models/*
-/app/files/scripts/python-stix/
-/app/files/scripts/python-cybox/
-/app/files/scripts/mixbox/
 /app/files/scripts/*.pyc
 /app/files/scripts/*.py~
 /app/files/scripts/__pycache__
--- a/INSTALL/INSTALL.sh
+++ b/INSTALL/INSTALL.sh
@ -1403,6 +1403,9 @@ installCore () {
    sudo mkdir /var/www/.cache/
    sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache

+    # install python-stix dependencies
+    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
    debug "Install PyMISP"
    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ${PATH_TO_MISP}/PyMISP

@ -1725,6 +1728,9 @@ coreCAKE () {
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_age" ""
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_by_date" ""
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban" false
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban_threshold" 5
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban_refresh_on_retry" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.incoming_tags_disabled_by_default" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.footermidleft" "This is an initial install"
@ -2329,6 +2335,7 @@ installCoreRHEL7 () {
  cd $PATH_TO_MISP

  # Fetch submodules
+  $SUDO_WWW git submodule sync
  $SUDO_WWW git submodule update --init --recursive
  # Make git ignore filesystem permission differences for submodules
  $SUDO_WWW git submodule foreach --recursive git config core.filemode false
@ -2347,6 +2354,9 @@ installCoreRHEL7 () {
  UMASK=$(umask)
  umask 0022

+  # install python-stix dependencies
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
  # install zmq
  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq

@ -2458,6 +2468,9 @@ installCoreRHEL8 () {
  UMASK=$(umask)
  umask 0022

+  # install python-stix dependencies
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
  # install zmq, redis
  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq redis

--- a/INSTALL/INSTALL.sh.sfv
+++ b/INSTALL/INSTALL.sh.sfv
@ -1,5 +1,5 @@
-; Generated by RHash v1.4.2 on 2021-10-08 at 10:34.14
+; Generated by RHash v1.3.9 on 2021-10-18 at 10:56.53
 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
 ;
-;       159470  10:34.13 2021-10-08 INSTALL.sh
-INSTALL.sh 9E3B4D450C3F35EEAA14547662979DF376549652 18C310BEC8A91335D8430C0C5B8AC7E60D9B3FFD0B8E3415CF4B32A10A1A6782 316CC204FB4FADA321923109797782A7CA41C258D5841A8A8396BBB3A06B21FEB0A1F37A11A4B6D4C7FEA6B060B1EAD8 967DBCCE0D1E26B2CF285C52625F4859395032B8F502A42FE32D9B3237172FDC4CAE2DC4B0AA9C23B4D278102EA58DE83BDB2760748B049816788395345B42A7
+;       160201  10:56.53 2021-10-18 INSTALL.sh
+INSTALL.sh 8F59974F7AE69DFBF7B1C492E35F0B421AAC10C1 6F9E9C2C24880D2E69E04AB6AE490F72D8B5CBE5BB98596F4FA50C1CFEAA632F CBCFBA692B57E027A9861C4D4FB1D4808511A23148516946802B0364D428638E60087AD6EA7E2F016B2F65CD216DE288 7221893A49C924974F7D28C094C6CB27FC8ACA6E07FECD7B8DE4D55D283C9D6A5FF63409F55EEC110BF6612E8578BD1373E39B83A7986A6369ACF32A6A92F538
--- a/INSTALL/INSTALL.sh.sha1
+++ b/INSTALL/INSTALL.sh.sha1
@ -1 +1 @@
-9e3b4d450c3f35eeaa14547662979df376549652  INSTALL.sh
+8f59974f7ae69dfbf7b1c492e35f0b421aac10c1  INSTALL.sh
--- a/INSTALL/INSTALL.sh.sha256
+++ b/INSTALL/INSTALL.sh.sha256
@ -1 +1 @@
-18c310bec8a91335d8430c0c5b8ac7e60d9b3ffd0b8e3415cf4b32a10a1a6782  INSTALL.sh
+6f9e9c2c24880d2e69e04ab6ae490f72d8b5cbe5bb98596f4fa50c1cfeaa632f  INSTALL.sh
--- a/INSTALL/INSTALL.sh.sha384
+++ b/INSTALL/INSTALL.sh.sha384
@ -1 +1 @@
-316cc204fb4fada321923109797782a7ca41c258d5841a8a8396bbb3a06b21feb0a1f37a11a4b6d4c7fea6b060b1ead8  INSTALL.sh
+cbcfba692b57e027a9861c4d4fb1d4808511a23148516946802b0364d428638e60087ad6ea7e2f016b2f65cd216de288  INSTALL.sh
--- a/INSTALL/INSTALL.sh.sha512
+++ b/INSTALL/INSTALL.sh.sha512
@ -1 +1 @@
-967dbcce0d1e26b2cf285c52625f4859395032b8f502a42fe32d9b3237172fdc4cae2dc4b0aa9c23b4d278102ea58de83bdb2760748b049816788395345b42a7  INSTALL.sh
+7221893a49c924974f7d28c094c6cb27fc8aca6e07fecd7b8de4d55d283c9d6a5ff63409f55eec110bf6612e8578bd1373e39b83a7986a6369acf32a6a92f538  INSTALL.sh
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@ -827,10 +827,10 @@ class Attribute extends AppModel
                    return __('Checksum has an invalid length or format (expected: %s hexadecimal characters). Please double check the value or select type "other".', $length);
                }
            case 'tlsh':
-                if (preg_match("#^[0-9a-f]{35,}$#", $value)) {
+                if (preg_match("#^t?[0-9a-f]{35,}$#i", $value)) {
                    $returnValue = true;
                } else {
-                    $returnValue = __('Checksum has an invalid length or format (expected: at least 35 hexadecimal characters). Please double check the value or select type "other".');
+                    $returnValue = __('Checksum has an invalid length or format (expected: at least 35 hexadecimal characters, optionally starting with t1 instead of hexadecimal characters). Please double check the value or select type "other".');
                }
                break;
            case 'pehash':
--- a/app/files/scripts/misp-stix
+++ b/app/files/scripts/misp-stix
@ -1 +1 @@
-Subproject commit be3f694cd46ac26619ed8e8eaa73f45b2f62d7df
+Subproject commit 04b8c09a56b230789726bc1019efe2c304964f22
--- a/docs/INSTALL.rhel7.md
+++ b/docs/INSTALL.rhel7.md
@ -219,6 +219,7 @@ installCoreRHEL7 () {
  cd $PATH_TO_MISP

  # Fetch submodules
+  $SUDO_WWW git submodule sync
  $SUDO_WWW git submodule update --init --recursive
  # Make git ignore filesystem permission differences for submodules
  $SUDO_WWW git submodule foreach --recursive git config core.filemode false
@ -237,6 +238,9 @@ installCoreRHEL7 () {
  UMASK=$(umask)
  umask 0022

+  # install python-stix dependencies
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
  # install zmq
  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq

--- a/docs/INSTALL.rhel8.md
+++ b/docs/INSTALL.rhel8.md
@ -272,6 +272,9 @@ installCoreRHEL8 () {
  UMASK=$(umask)
  umask 0022

+  # install python-stix dependencies
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
  # install zmq, redis
  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq redis

--- a/docs/INSTALL.ubuntu1804.md
+++ b/docs/INSTALL.ubuntu1804.md
@ -145,6 +145,9 @@ installCore () {
    sudo mkdir /var/www/.cache/
    sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache

+    # install python-stix dependencies
+    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
    debug "Install PyMISP"
    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ${PATH_TO_MISP}/PyMISP

--- a/docs/INSTALL.ubuntu2004.md
+++ b/docs/INSTALL.ubuntu2004.md
@ -137,6 +137,9 @@ installCore () {
    sudo mkdir /var/www/.cache/
    sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache

+    # install python-stix dependencies
+    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ordered-set python-dateutil six weakrefmethod
+
    debug "Install PyMISP"
    ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install ${PATH_TO_MISP}/PyMISP

--- a/docs/generic/MISP_CAKE_init.md
+++ b/docs/generic/MISP_CAKE_init.md
@ -212,6 +212,9 @@ coreCAKE () {
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_age" ""
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_by_date" ""
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban" false
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban_threshold" 5
+  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_republish_ban_refresh_on_retry" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.incoming_tags_disabled_by_default" false
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
  ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.footermidleft" "This is an initial install"
--- a/docs/xINSTALL.OpenBSD.md
+++ b/docs/xINSTALL.OpenBSD.md
@ -1,5 +1,5 @@
 # INSTALLATION INSTRUCTIONS
-## for OpenBSD 6.9-amd64
+## for OpenBSD 7.0-amd64

 !!! warning
    This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
@ -13,11 +13,6 @@
 !!! notice
    This guide attempts to offer native httpd or apache2/nginx.

-!!! warning
-    As of 20181018 the native httpd server is NOT useable with MISP on OpenBSD 6.3.
-    Thus ONLY Apache 2.x available.
-    NO *rewrite* available, just yet. It will be in [the next release](https://marc.info/?l=openbsd-tech&m=152761257806283&w=2)
-
 !!! notice
    As of OpenBSD 6.4 the native httpd has rewrite rules and php 5.6 is gone too.

@ -86,7 +81,7 @@ doas pkg_add -v mariadb-server
 #### Install misc dependencies

 ```bash
-doas pkg_add -v curl git python--%3.8 redis libmagic autoconf--%2.71 automake--%1.16 libtool unzip--iconv rust
+doas pkg_add -v curl git sqlite3 python--%3.9 redis libmagic autoconf--%2.71 automake--%1.16 libtool unzip--iconv rust
 ```

 ```bash
@ -229,8 +224,8 @@ doas rcctl enable httpd
 #### Install Python virtualenv
 ```bash
 doas pkg_add -v py3-virtualenv py3-pip
-doas ln -sf /usr/local/bin/pip3.8 /usr/local/bin/pip
-doas ln -s /usr/local/bin/python3.8 /usr/local/bin/python
+doas ln -sf /usr/local/bin/pip3.9 /usr/local/bin/pip
+doas ln -s /usr/local/bin/python3.9 /usr/local/bin/python
 doas mkdir /usr/local/virtualenvs
 doas /usr/local/bin/virtualenv /usr/local/virtualenvs/MISP
 ```
--- a/mkdocs.yml
+++ b/mkdocs.yml
@ -76,7 +76,7 @@ nav:
      - 'Warning': 'xINSTALL.md'
      - 'Debian 10': 'xINSTALL.debian10.md'
      - 'Tsurugi Linux': 'xINSTALL.tsurugi.md'
-      - 'OpenBSD 6.8': 'xINSTALL.OpenBSD.md'
+      - 'OpenBSD 7.0': 'xINSTALL.OpenBSD.md'
    - Config Guides:
      - 'Elastic Search Logging': 'CONFIG.elasticsearch-logging.md'
      - 'Amazon S3 attachments': 'CONFIG.s3-attachments.md'