mirror of https://github.com/MISP/MISP
fix: [internal] tightened authkey validation
parent
41f76dd963
commit
c962e4f863
|
@ -1193,6 +1193,16 @@ class AppModel extends Model
|
|||
return $version_array;
|
||||
}
|
||||
|
||||
public function validateAuthkey($value) {
|
||||
if (empty($value['authkey'])) {
|
||||
return 'Empty authkey found. Make sure you set the 40 character long authkey.';
|
||||
}
|
||||
if (!preg_match('/[a-z0-9]{40}/i', $value['authkey'])) {
|
||||
return 'The authkey has to be exactly 40 characters long and consist of alphanumeric characters.';
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
// alternative to the build in notempty/notblank validation functions, compatible with cakephp <= 2.6 and cakephp and cakephp >= 2.7
|
||||
public function valueNotEmpty($value)
|
||||
{
|
||||
|
|
|
@ -47,14 +47,7 @@ class Server extends AppModel
|
|||
)
|
||||
),
|
||||
'authkey' => array(
|
||||
'minlength' => array(
|
||||
'rule' => array('minlength', 40),
|
||||
'message' => 'A authkey of a minimum length of 40 is required.',
|
||||
'required' => true,
|
||||
),
|
||||
'valueNotEmpty' => array(
|
||||
'rule' => array('valueNotEmpty'),
|
||||
),
|
||||
'rule' => array('validateAuthkey')
|
||||
),
|
||||
'org_id' => array(
|
||||
'numeric' => array(
|
||||
|
@ -1757,7 +1750,6 @@ class Server extends AppModel
|
|||
if ("full" === $technique) {
|
||||
// get a list of the event_ids on the server
|
||||
$eventIds = $this->getEventIdsFromServer($server);
|
||||
// FIXME this is not clean at all ! needs to be refactored with try catch error handling/communication
|
||||
if ($eventIds === 403) {
|
||||
return array(1, null);
|
||||
} elseif (is_string($eventIds)) {
|
||||
|
@ -2910,8 +2902,6 @@ class Server extends AppModel
|
|||
$k = $this->Attribute->generateCorrelation();
|
||||
}
|
||||
} else {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->create();
|
||||
if ($value == true) {
|
||||
$jobType = 'jobPurgeCorrelation';
|
||||
$jobTypeText = 'purge correlations';
|
||||
|
@ -2919,6 +2909,8 @@ class Server extends AppModel
|
|||
$jobType = 'jobGenerateCorrelation';
|
||||
$jobTypeText = 'generate correlation';
|
||||
}
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->create();
|
||||
$data = array(
|
||||
'worker' => 'default',
|
||||
'job_type' => $jobTypeText,
|
||||
|
|
Loading…
Reference in New Issue