From 2aeafd8b791ab1b0f5caa02bdb8ea14dc66f7e0d Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 23 Nov 2018 16:21:48 +0100 Subject: [PATCH 1/5] fix: [sync] Fixed a blocking bug preventing a full push from working with sharing group events --- app/Model/Server.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 1d83a0249..f55b701a2 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -2242,7 +2242,7 @@ class Server extends AppModel } $sgs = $this->Event->SharingGroup->find('all', array( 'recursive' => -1, - 'contain' => array('Organisation', 'SharingGroupOrg', 'SharingGroupServer') + 'contain' => array('Organisation', 'SharingGroupOrg' => array('Organisation'), 'SharingGroupServer') )); $sgIds = array(); foreach ($sgs as $k => $sg) { From fe3921ae9f22584b43fdf51ea90655644e65b0af Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 23 Nov 2018 22:03:48 +0100 Subject: [PATCH 2/5] chg: [version] bump --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index fe4d7f71f..434dba281 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":4, "hotfix":97} +{"major":2, "minor":4, "hotfix":98} From db5d61725a8d45d3127ce045d629d1c7689b2c13 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sat, 24 Nov 2018 21:35:50 +0100 Subject: [PATCH 3/5] chg: [bro] Preparation for the move to restsearch - also fixed some edge-case issues --- app/Lib/Export/BroExport.php | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/app/Lib/Export/BroExport.php b/app/Lib/Export/BroExport.php index f293931a7..a2438bed8 100644 --- a/app/Lib/Export/BroExport.php +++ b/app/Lib/Export/BroExport.php @@ -133,7 +133,22 @@ class BroExport private $whitelist = null; - public function export($items, $orgs, $valueField, $whitelist, $instanceString) + public function handler($data, $options = array()) + { + + } + + public function footer() + { + return "\n"; + } + + public function separator() + { + return "\n"; + } + + public function export($items, $orgs, $valueField, $whitelist = array(), $instanceString) { $intel = array(); //For bro format organisation @@ -155,10 +170,10 @@ class BroExport return $intel; } - private function __generateRule($attribute, $ruleFormat, $valueField, $whitelist) + private function __generateRule($attribute, $ruleFormat, $valueField, $whitelist = array()) { if (isset($this->mapping[$attribute['type']])) { - if (! $this->checkWhitelist($attribute['value'], $whitelist)) { + if (empty($whitelist) || !$this->checkWhitelist($attribute['value'], $whitelist)) { $brotype = $this->mapping[$attribute['type']]['brotype']; if (isset($this->mapping[$attribute['type']]['alternate'])) { if (preg_match($this->mapping[$attribute['type']]['alternate'][0], $attribute['value'])) { From 0fbe40e121f6fb32470e7c2b4230a4cfe7081cb3 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 25 Nov 2018 23:55:15 +0100 Subject: [PATCH 4/5] new: [UI] Explain what caching vs fetching feeds means via hover column header --- app/View/Feeds/index.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Feeds/index.ctp b/app/View/Feeds/index.ctp index 9e82f3c1a..5c5172bef 100644 --- a/app/View/Feeds/index.ctp +++ b/app/View/Feeds/index.ctp @@ -42,8 +42,8 @@   Paginator->sort('id');?> - Paginator->sort('enabled');?> - Paginator->sort('caching_enabled');?> + Paginator->sort('enabled');?> + Paginator->sort('caching_enabled');?> Paginator->sort('name');?> Paginator->sort('source_format', __('Feed Format'));?> Paginator->sort('provider');?> From af0f40ab97f628221ee33684a0ca96e72f9ae91b Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 26 Nov 2018 09:12:01 +0100 Subject: [PATCH 5/5] new: [server settings] Added automatic backup system for the server settings --- app/Controller/ServersController.php | 85 +++++++++++++++------------- app/Model/AppModel.php | 6 ++ app/Model/Attribute.php | 5 -- app/Model/Server.php | 13 ++++- 4 files changed, 65 insertions(+), 44 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 4f766d8d0..3349e140a 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1266,45 +1266,54 @@ class ServersController extends AppController } } else { $oldValue = Configure::read($setting); - $this->Server->serverSettingsSaveValue($setting, $this->request->data['Server']['value']); + $settingSaveResult = $this->Server->serverSettingsSaveValue($setting, $this->request->data['Server']['value']); $this->Log->create(); - $result = $this->Log->save(array( - 'org' => $this->Auth->user('Organisation')['name'], - 'model' => 'Server', - 'model_id' => 0, - 'email' => $this->Auth->user('email'), - 'action' => 'serverSettingsEdit', - 'user_id' => $this->Auth->user('id'), - 'title' => 'Server setting changed', - 'change' => $setting . ' (' . $oldValue . ') => (' . $this->request->data['Server']['value'] . ')', - )); - // execute after hook - if (isset($found['afterHook'])) { - $afterResult = call_user_func_array(array($this->Server, $found['afterHook']), array($setting, $this->request->data['Server']['value'])); - if ($afterResult !== true) { - $this->Log->create(); - $result = $this->Log->save(array( - 'org' => $this->Auth->user('Organisation')['name'], - 'model' => 'Server', - 'model_id' => 0, - 'email' => $this->Auth->user('email'), - 'action' => 'serverSettingsEdit', - 'user_id' => $this->Auth->user('id'), - 'title' => 'Server setting issue', - 'change' => 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult, - )); - if ($this->_isRest) { - return $this->RestResponse->saveFailResponse('Servers', 'serverSettingsEdit', false, $afterResult, $this->response->type()); - } else { - return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $afterResult)), 'status'=>200, 'type' => 'json')); - } - } - } - if ($this->_isRest) { - return $this->RestResponse->saveSuccessResponse('Servers', 'serverSettingsEdit', false, $this->response->type(), 'Field updated'); - } else { - return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Field updated.')), 'status'=>200, 'type' => 'json')); - } + if ($settingSaveResult) { + $result = $this->Log->save(array( + 'org' => $this->Auth->user('Organisation')['name'], + 'model' => 'Server', + 'model_id' => 0, + 'email' => $this->Auth->user('email'), + 'action' => 'serverSettingsEdit', + 'user_id' => $this->Auth->user('id'), + 'title' => 'Server setting changed', + 'change' => $setting . ' (' . $oldValue . ') => (' . $this->request->data['Server']['value'] . ')', + )); + // execute after hook + if (isset($found['afterHook'])) { + $afterResult = call_user_func_array(array($this->Server, $found['afterHook']), array($setting, $this->request->data['Server']['value'])); + if ($afterResult !== true) { + $this->Log->create(); + $result = $this->Log->save(array( + 'org' => $this->Auth->user('Organisation')['name'], + 'model' => 'Server', + 'model_id' => 0, + 'email' => $this->Auth->user('email'), + 'action' => 'serverSettingsEdit', + 'user_id' => $this->Auth->user('id'), + 'title' => 'Server setting issue', + 'change' => 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult, + )); + if ($this->_isRest) { + return $this->RestResponse->saveFailResponse('Servers', 'serverSettingsEdit', false, $afterResult, $this->response->type()); + } else { + return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $afterResult)), 'status'=>200, 'type' => 'json')); + } + } + } + if ($this->_isRest()) { + return $this->RestResponse->saveSuccessResponse('Servers', 'serverSettingsEdit', false, $this->response->type(), 'Field updated'); + } else { + return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Field updated.')), 'status'=>200, 'type' => 'json')); + } + } else { + if ($this->_isRest()) { + $message = __('Something went wrong. MISP tried to save a malformed config file. Setting change reverted.'); + return $this->RestResponse->saveFailResponse('Servers', 'serverSettingsEdit', false, $message, $this->response->type()); + } else { + return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $message)), 'status'=>200, 'type' => 'json')); + } + } } } } diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 7a40a1813..9ab912f74 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -23,6 +23,7 @@ App::uses('Model', 'Model'); App::uses('LogableBehavior', 'Assets.models/behaviors'); App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth'); +App::uses('RandomTool', 'Tools'); class AppModel extends Model { public $name; @@ -1894,4 +1895,9 @@ class AppModel extends Model } return true; } + + public function generateRandomFileName() + { + return (new RandomTool())->random_str(false, 12); + } } diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 5891b6bdb..9c85cc872 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -3096,11 +3096,6 @@ class Attribute extends AppModel return false; } - public function generateRandomFileName() - { - return (new RandomTool())->random_str(false, 12); - } - public function resolveHashType($hash) { $hashTypes = $this->hashTypes; diff --git a/app/Model/Server.php b/app/Model/Server.php index f55b701a2..4c5e7d673 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -3158,6 +3158,7 @@ class Server extends AppModel public function serverSettingsSaveValue($setting, $value) { + copy(APP . 'Config' . DS . 'config.php', APP . 'Config' . DS . 'config.php.bk'); $settingObject = $this->getCurrentServerSettings(); foreach ($settingObject as $branchName => $branch) { if (!isset($branch['level'])) { @@ -3203,7 +3204,17 @@ class Server extends AppModel if (function_exists('opcache_reset')) { opcache_reset(); } - file_put_contents(APP . 'Config' . DS . 'config.php', $settingsString); + $randomFilename = $this->generateRandomFileName(); + // To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman + file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString); + rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php'); + $config_saved = file_get_contents(APP . 'Config' . DS . 'config.php'); + // if the saved config file is empty, restore the backup. + if (strlen($config_saved) < 20) { + copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php'); + return false; + } + return true; } public function checkVersion($newest)