MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of github.com:MISP/MISP into decaying

pull/5032/head
mokaddem 2019-08-22 15:33:09 +02:00
parent 5a9a905c8d 38db050465
commit ed98d73be7
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
45 changed files with 387 additions and 277 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
INSTALL/INSTALL.sh
View File

@ -142,7 +142,7 @@ MISPvars () {
upload_max_filesize=50M
post_max_size=50M
max_execution_time=300
memory_limit=512M
memory_limit=2048M
CAKE="$PATH_TO_MISP/app/Console/cake"

6
INSTALL/INSTALL.sh.sfv
View File

@ -1,5 +1,5 @@
; Generated by RHash v1.3.8 on 2019-07-17 at 13:59.22
; Generated by RHash v1.3.8 on 2019-08-22 at 13:40.47
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
;
; 99645 13:59.22 2019-07-17 INSTALL.sh
INSTALL.sh E836D3EFFD5BB28DF551EF4BE2DC9B07F90B4551 7839DBD4B9D4D321D17EF44B35617E370EC8C7CAF340546C0B81FE543B8B8577 F4E936E82F2CAA1A2036DCEF19852C29CFEA25C819EB9750878EBAB9A1DFE5045D788C71F2E2DC5390463EB2E3B75CB0 94BE9D56DE26FEF6F268A4DB877C9DED2D18084C4D79E3E9D8477F45D43978FC7B1F039B51DBFF4E9A9A0F29C052CD0C59D39C7DFB9AD90A416EABECC99A1D3C
; 99646 13:40.47 2019-08-22 INSTALL.sh
INSTALL.sh 75D9DE9742CCB2383D044F6A19FED73EA2909F9D C5F790FC1C13AF0B95490CC2136324B9DD9930AF1B4C0AFB6DA4687B47C58E23 5C2AABA9CAFC88F5F81DAFA7717E95DAAEC671DDD9AA32ED2CE0DAF7654C2A11EAB59271802590566F1CDD285A485673 DCB06C97CA3D4528B41C81F9D6933DE235260E5FCFCC28C5FDD2FB19A287B421E492C3AE5AB3896EE3119309F7539BE4B1A03422510721DAE3F20D07EC2CC415

2
INSTALL/INSTALL.sh.sha1
View File

@ -1 +1 @@
e836d3effd5bb28df551ef4be2dc9b07f90b4551 INSTALL.sh
75d9de9742ccb2383d044f6a19fed73ea2909f9d INSTALL.sh

2
INSTALL/INSTALL.sh.sha256
View File

@ -1 +1 @@
7839dbd4b9d4d321d17ef44b35617e370ec8c7caf340546c0b81fe543b8b8577 INSTALL.sh
c5f790fc1c13af0b95490cc2136324b9dd9930af1b4c0afb6da4687b47c58e23 INSTALL.sh

2
INSTALL/INSTALL.sh.sha384
View File

@ -1 +1 @@
f4e936e82f2caa1a2036dcef19852c29cfea25c819eb9750878ebab9a1dfe5045d788c71f2e2dc5390463eb2e3b75cb0 INSTALL.sh
5c2aaba9cafc88f5f81dafa7717e95daaec671ddd9aa32ed2ce0daf7654c2a11eab59271802590566f1cdd285a485673 INSTALL.sh

2
INSTALL/INSTALL.sh.sha512
View File

@ -1 +1 @@
94be9d56de26fef6f268a4db877c9ded2d18084c4d79e3e9d8477f45d43978fc7b1f039b51dbff4e9a9a0f29c052cd0c59d39c7dfb9ad90a416eabecc99a1d3c INSTALL.sh
dcb06c97ca3d4528b41c81f9d6933de235260e5fcfcc28c5fdd2fb19a287b421e492c3ae5ab3896ee3119309f7539be4b1a03422510721dae3f20d07ec2cc415 INSTALL.sh

2
PyMISP

@ -1 +1 @@
Subproject commit eba8b6df24762a83ce19f768da642654d554326d
Subproject commit 101ec5f9ed6d6871b99e1cb0e27d04ebe14f5a44

18
app/Controller/EventDelegationsController.php
View File

@ -30,11 +30,15 @@ class EventDelegationsController extends AppController
public function delegateEvent($id)
{
$id = $this->Toolbox->findIdByUuid($this->EventDelegation->Event, $id);
$event = $this->EventDelegation->Event->find('first', array(
'conditions' => array('Event.id' => $id),
'recursive' => -1,
'fields' => array('Event.id', 'Event.orgc_id', 'Event.distribution')
));
if (empty($event)) {
throw new MethodNotAllowedException('You are not authorised to do that.');
}
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') !== $event['Event']['orgc_id']) {
throw new MethodNotAllowedException('You are not authorised to do that.');
}
@ -45,7 +49,10 @@ class EventDelegationsController extends AppController
if (!empty($existingDelegations)) {
throw new MethodNotAllowedException('This event already has a pending delegation request. Please revoke that before creating a new request.');
}
if ($this->request->is('Post')) {
if ($this->request->is('post')) {
if (empty($this->request->data['EventDelegation'])) {
$this->request->data = array('EventDelegation' => $this->request->data);
}
if ($this->request->data['EventDelegation']['distribution'] != 4) {
$this->request->data['EventDelegation']['sharing_group_id'] = '0';
}
@ -70,6 +77,15 @@ class EventDelegationsController extends AppController
'title' => 'Requested event delegation',
'change' => 'Requested the delegation of event ' . $event['Event']['id'] . ' to organisation ' . $org['Org']['name'],
));
if ($this->_isRest()) {
$delegation_request = $this->EventDelegation->find('first', array(
'conditions' => array(
'EventDelegation.id' => $this->EventDelegation->id
),
'recursive' => -1
));
return $this->RestResponse->viewData($delegation_request, $this->response->type());
}
$this->Flash->success('Delegation request created.');
$this->redirect('/events/view/' . $id);
} else {

37
app/Controller/EventsController.php
View File

@ -2642,18 +2642,45 @@ class EventsController extends AppController
}
// User has filled in his contact form, send out the email.
if ($this->request->is('post') || $this->request->is('put')) {
if (!isset($this->request->data['Event'])) {
$this->request->data = array('Event' => $this->request->data);
}
$message = $this->request->data['Event']['message'];
if (empty($message)) {
$error = __("You must specify a message.");
if ($this->_isRest()) {
throw new MethodNotAllowedException($error);
} else {
$this->Flash->error($error);
$this->redirect(array('action' => 'contact', $id));
}
}
$creator_only = $this->request->data['Event']['person'];
$user = $this->Auth->user();
$user['gpgkey'] = $this->Event->User->getPGP($user['id']);
$user['certif_public'] = $this->Event->User->getCertificate($user['id']);
if ($this->Event->sendContactEmailRouter($id, $message, $creator_only, $user, $this->_isSiteAdmin())) {
// redirect to the view event page
$this->Flash->success(__('Email sent to the reporter.', true));
$success = $this->Event->sendContactEmailRouter($id, $message, $creator_only, $user, $this->_isSiteAdmin());
if ($success) {
$return_message = __('Email sent to the reporter.');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Events', 'contact', $id, $this->response->type(), $return_message);
} else {
$this->Flash->success($return_message);
// redirect to the view event page
$this->redirect(array('action' => 'view', $id));
}
} else {
$this->Flash->error(__('Sending of email failed', true), 'default', array(), 'error');
$return_message = __('Sending of email failed.');
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Events', 'contact', $id, $return_message, $this->response->type());
} else {
$this->Flash->error($return_message, 'default', array(), 'error');
// redirect to the view event page
$this->redirect(array('action' => 'view', $id));
}
}
$this->redirect(array('action' => 'view', $id));
}
// User didn't see the contact form yet. Present it to him.
if (empty($this->data)) {

2
app/Controller/LogsController.php
View File

@ -173,7 +173,7 @@ class LogsController extends AppController
)
);
if (empty($event)) {
throw new MethodNotFoundException('Invalid event.');
throw new NotFoundException('Invalid event.');
}
$event = $event[0];
$attribute_ids = array();

7
app/Controller/ServersController.php
View File

@ -1011,7 +1011,7 @@ class ServersController extends AppController
),
'memory_limit' => array(
'explanation' => 'The maximum memory that PHP can consume. It is recommended to raise this number since certain exports can generate a fair bit of memory usage',
'recommended' => 512,
'recommended' => 2048,
'unit' => 'M'
),
'upload_max_filesize' => array(
@ -1055,6 +1055,9 @@ class ServersController extends AppController
// if Proxy is set up in the settings, try to connect to a test URL
$proxyStatus = $this->Server->proxyDiagnostics($diagnostic_errors);
// get the DB diagnostics
$dbDiagnostics = $this->Server->dbSpaceUsage();
$moduleTypes = array('Enrichment', 'Import', 'Export', 'Cortex');
foreach ($moduleTypes as $type) {
$moduleStatus[$type] = $this->Server->moduleDiagnostics($diagnostic_errors, $type);
@ -1065,7 +1068,7 @@ class ServersController extends AppController
$sessionStatus = $this->Server->sessionDiagnostics($diagnostic_errors, $sessionCount);
$this->set('sessionCount', $sessionCount);
$additionalViewVars = array('gpgStatus', 'sessionErrors', 'proxyStatus', 'sessionStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion', 'mixboxVersion', 'maecVersion', 'stix2Version', 'pymispVersion', 'moduleStatus', 'yaraStatus', 'gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix', 'moduleErrors', 'moduleTypes');
$additionalViewVars = array('gpgStatus', 'sessionErrors', 'proxyStatus', 'sessionStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion', 'mixboxVersion', 'maecVersion', 'stix2Version', 'pymispVersion', 'moduleStatus', 'yaraStatus', 'gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix', 'moduleErrors', 'moduleTypes', 'dbDiagnostics');
}
// check whether the files are writeable
$writeableDirs = $this->Server->writeableDirsDiagnostics($diagnostic_errors);

3
app/Controller/TagsController.php
View File

@ -289,6 +289,9 @@ class TagsController extends AppController
throw new NotFoundException('You don\'t have permission to do that.');
}
if ($this->request->is('post') || $this->request->is('put')) {
if (!isset($this->request->data['Tag'])) {
$this->request->data = array('Tag' => $this->request->data);
}
$this->request->data['Tag']['id'] = $id;
if ($this->Tag->save($this->request->data)) {
if ($this->_isRest()) {

2
app/Controller/UsersController.php
View File

@ -758,7 +758,7 @@ class UsersController extends AppController
}
}
$fail = false;
if ($this->_isSiteAdmin() && !$abortPost && !empty($this->request->data['User']['email'])) {
if (!$this->_isSiteAdmin() && !$abortPost) {
$organisation = $this->User->Organisation->find('first', array(
'conditions' => array('Organisation.id' => $userToEdit['User']['org_id']),
'recursive' => -1

2
app/Locale/default.pot
View File

@ -10946,7 +10946,7 @@ msgid "Can be merged automatically. Injection done."
msgstr ""
#: View/Objects/add.ctp:293
msgid "An instance of this attribute already exists. However, as multiple instanciation is allowed by this template, the two attributes will be keept."
msgid "An instance of this attribute already exists. However, as multiple instances are allowed by this template, the two attributes will be kept."
msgstr ""
#: View/Objects/add.ctp:321;332

20
app/Model/AppModel.php
View File

@ -1800,18 +1800,20 @@ class AppModel extends Model
public function setupRedis()
{
if (class_exists('Redis')) {
if ($this->__redisConnection) {
return $this->__redisConnection;
}
$redis = new Redis();
} else {
if ($this->__redisConnection) {
return $this->__redisConnection;
}
if (!class_exists('Redis')) {
return false;
}
$host = Configure::read('MISP.redis_host') ? Configure::read('MISP.redis_host') : '127.0.0.1';
$port = Configure::read('MISP.redis_port') ? Configure::read('MISP.redis_port') : 6379;
$database = Configure::read('MISP.redis_database') ? Configure::read('MISP.redis_database') : 13;
$host = Configure::read('MISP.redis_host') ?: '127.0.0.1';
$port = Configure::read('MISP.redis_port') ?: 6379;
$database = Configure::read('MISP.redis_database') ?: 13;
$pass = Configure::read('MISP.redis_password');
$redis = new Redis();
if (!$redis->connect($host, $port)) {
return false;
}

14
app/Model/Attribute.php
View File

@ -4065,24 +4065,26 @@ class Attribute extends AppModel
if (!$this->exists()) {
return false;
}
$result = $this->find('first', array(
$result = $this->fetchAttributes($user, array(
'conditions' => array('Attribute.id' => $id),
'flatten' => 1,
'recursive' => -1,
'contain' => array('Event')
));
if (empty($result)) {
throw new ForbiddenException(__('Attribute not found or not authorised.'));
throw new ForbiddenException(__('Invalid attribute'));
}
$result = $result[0];
// check for permissions
if (!$user['Role']['perm_site_admin']) {
if ($result['Event']['locked']) {
if ($user['org_id'] != $result['Event']['org_id'] || !$user['Role']['perm_sync']) {
throw new ForbiddenException(__('Attribute not found or not authorised.'));
throw new ForbiddenException(__('You do not have permission to do that.'));
}
} else {
if ($user['org_id'] != $result['Event']['orgc_id']) {
throw new ForbiddenException(__('Attribute not found or not authorised.'));
throw new ForbiddenException(__('You do not have permission to do that.'));
}
}
}
@ -4283,10 +4285,6 @@ class Attribute extends AppModel
if ($paramsOnly) {
return $params;
}
if (!isset($this->validFormats[$returnFormat])) {
// this is where the new code path for the export modules will go
throw new MethodNotFoundException('Invalid export format.');
}
if (method_exists($exportTool, 'modify_params')) {
$params = $exportTool->modify_params($user, $params);
}

6
app/Model/Event.php
View File

@ -2907,6 +2907,9 @@ class Event extends AppModel
public function sendAlertEmail($id, $senderUser, $oldpublish = null, $processId = null)
{
$event = $this->fetchEvent($senderUser, array('eventid' => $id, 'includeAllTags' => true));
if (empty($event)) {
throw new NotFoundException('Invalid Event.');
}
$this->NotificationLog = ClassRegistry::init('NotificationLog');
if (!$this->NotificationLog->check($event[0]['Event']['orgc_id'], 'publish')) {
if ($processId) {
@ -2916,9 +2919,6 @@ class Event extends AppModel
}
return true;
}
if (empty($event)) {
throw new MethodNotFoundException('Invalid Event.');
}
$userConditions = array('autoalert' => 1);
$this->User = ClassRegistry::init('User');
$users = $this->User->getUsersWithAccess(

2
app/Model/EventDelegation.php
View File

@ -51,7 +51,7 @@ class EventDelegation extends AppModel
{
$event = $this->Event->fetchEvent($user, array('eventid' => $delegation['EventDelegation']['event_id']));
if (empty($event)) {
throw new MethodNotFoundException('Invalid event.');
throw new NotFoundException('Invalid event.');
}
$event = $event[0];
$event['Event']['user_id'] = $user['id'];

1
app/Model/MispObject.php
View File

@ -439,6 +439,7 @@ class MispObject extends AppModel
}
$v['disable_correlation'] = $request_item['disable_correlation'];
$template['ObjectTemplateElement'][] = $v;
unset($v['uuid']); // force creating a new attribute if template element entry gets reused
} else {
$template['warnings'][] = 'Missing attribute type "' . $v['type'] . '" found. Omitted template element ("' . $template_object_elements[$k]['object_relation'] . '") that would not pass validation due to this.';
}

6
app/Model/Organisation.php
View File

@ -94,6 +94,9 @@ class Organisation extends AppModel
if (!empty($this->data['Organisation']['restricted_to_domain'])) {
$this->data['Organisation']['restricted_to_domain'] = str_replace("\r", '', $this->data['Organisation']['restricted_to_domain']);
$this->data['Organisation']['restricted_to_domain'] = explode("\n", $this->data['Organisation']['restricted_to_domain']);
foreach ($this->data['Organisation']['restricted_to_domain'] as $k => $v) {
$this->data['Organisation']['restricted_to_domain'][$k] = trim($v);
}
$this->data['Organisation']['restricted_to_domain'] = json_encode($this->data['Organisation']['restricted_to_domain']);
} else {
$this->data['Organisation']['restricted_to_domain'] = '';
@ -135,6 +138,9 @@ class Organisation extends AppModel
foreach ($results as $k => $organisation) {
if (!empty($organisation['Organisation']['restricted_to_domain'])) {
$results[$k]['Organisation']['restricted_to_domain'] = json_decode($organisation['Organisation']['restricted_to_domain'], true);
foreach ($results[$k]['Organisation']['restricted_to_domain'] as $k => $v) {
$results[$k]['Organisation']['restricted_to_domain'][$k] = trim($v);
}
} else if (isset($organisation['Organisation']['restricted_to_domain'])){
$results[$k]['Organisation']['restricted_to_domain'] = array();
}

18
app/Model/Server.php
View File

@ -4153,6 +4153,24 @@ class Server extends AppModel
return $existingServer[$this->alias]['id'];
}
public function dbSpaceUsage()
{
$sql = sprintf(
'select table_name, sum((data_length+index_length)/1024/1024) AS used, sum(data_free)/1024/1024 reclaimable from information_schema.tables where table_schema = %s group by table_name;',
"'" . $this->getDataSource()->config['database'] . "'"
);
$sqlResult = $this->query($sql);
$result = array();
foreach ($sqlResult as $temp) {
foreach ($temp[0] as $k => $v) {
$temp[0][$k] = round($v, 2) . 'MB';
}
$temp[0]['table'] = $temp['tables']['table_name'];
$result[] = $temp[0];
}
return $result;
}
public function writeableDirsDiagnostics(&$diagnostic_errors)
{
App::uses('File', 'Utility');

2
app/Model/Sighting.php
View File

@ -655,7 +655,7 @@ class Sighting extends AppModel
if (!isset($this->validFormats[$returnFormat])) {
// this is where the new code path for the export modules will go
throw new MethodNotFoundException('Invalid export format.');
throw new NotFoundException('Invalid export format.');
}
$exportToolParams = array(

113
app/Model/Warninglist.php
View File

@ -190,10 +190,9 @@ class Warninglist extends AppModel
{
$redis = $this->setupRedis();
if ($redis !== false) {
$redis->del('misp:warninglist_entries_cache:');
foreach ($warninglistEntries as $entry) {
$redis->sAdd('misp:warninglist_entries_cache:' . $id, $entry);
}
$key = 'misp:warninglist_entries_cache:' . $id;
$redis->del($key);
$redis->sAddArray($key, $warninglistEntries);
return true;
}
return false;
@ -203,7 +202,7 @@ class Warninglist extends AppModel
{
$redis = $this->setupRedis();
if ($redis !== false) {
if (!$redis->exists('misp:warninglist_cache') || $redis->sCard('misp:warninglist_cache') == 0) {
if ($redis->sCard('misp:warninglist_cache') === 0) {
if (!empty($conditions)) {
$warninglists = $this->find('all', array('contain' => array('WarninglistType'), 'conditions' => $conditions));
} else {
@ -237,7 +236,7 @@ class Warninglist extends AppModel
{
$redis = $this->setupRedis();
if ($redis !== false) {
if (!$redis->exists('misp:warninglist_entries_cache:' . $id) || $redis->sCard('misp:warninglist_entries_cache:' . $id) == 0) {
if ($redis->sCard('misp:warninglist_entries_cache:' . $id) === 0) {
$entries = $this->WarninglistEntry->find('list', array(
'recursive' => -1,
'conditions' => array('warninglist_id' => $id),
@ -257,6 +256,38 @@ class Warninglist extends AppModel
return $entries;
}
/**
* Filter out invalid IPv4 or IPv4 CIDR and append maximum netmaks if no netmask is given.
* @param array $inputValues
* @return array
*/
private function filterCidrList($inputValues)
{
$outputValues = [];
foreach ($inputValues as $v) {
$parts = explode('/', $v, 2);
if (filter_var($parts[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$maximumNetmask = 32;
} else if (filter_var($parts[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$maximumNetmask = 128;
} else {
// IP address part of CIDR is invalid
continue;
}
if (!isset($parts[1])) {
// If CIDR doesnt contains '/', we will consider CIDR as /32 for IPv4 or /128 for IPv6
$v = "$v/$maximumNetmask";
} else if ($parts[1] > $maximumNetmask || $parts[1] < 0) {
// Netmask part of CIDR is invalid
continue;
}
$outputValues[$v] = $v;
}
return $outputValues;
}
public function fetchForEventView()
{
$warninglists = $this->getWarninglists(array('enabled' => 1));
@ -266,15 +297,21 @@ class Warninglist extends AppModel
foreach ($warninglists as $k => &$t) {
$t['values'] = $this->getWarninglistEntries($t['Warninglist']['id']);
$t['values'] = array_values($t['values']);
if ($t['Warninglist']['type'] == 'hostname') {
foreach ($t['values'] as $vk => $v) {
$t['values'][$vk] = rtrim($v, '.');
if ($t['Warninglist']['type'] === 'hostname') {
$values = [];
foreach ($t['values'] as $v) {
$v = rtrim($v, '.');
$values[$v] = $v;
}
}
if ($t['Warninglist']['type'] == 'string' || $t['Warninglist']['type'] == 'hostname') {
$t['values'] = $values;
} else if ($t['Warninglist']['type'] === 'string') {
$t['values'] = array_combine($t['values'], $t['values']);
} else if ($t['Warninglist']['type'] === 'cidr') {
$t['values'] = $this->filterCidrList($t['values']);
}
foreach ($t['WarninglistType'] as &$wt) {
foreach ($t['WarninglistType'] as $wt) {
$t['types'][] = $wt['type'];
}
unset($warninglists[$k]['WarninglistType']);
@ -406,45 +443,29 @@ class Warninglist extends AppModel
// For the future we can expand this to look for CIDR overlaps?
private function __evalCIDRList($listValues, $value)
{
$ipv4cidrlist = array();
$ipv6cidrlist = array();
// separate the CIDR list into IPv4 and IPv6
foreach ($listValues as $lv) {
$base = substr($lv, 0, strpos($lv, '/'));
if (filter_var($base, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$ipv4cidrlist[] = $lv;
} elseif (filter_var($base, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$ipv6cidrlist[] = $lv;
}
}
// evaluate the value separately for IPv4 and IPv6
if (filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
return $this->__evalCIDR($value, $ipv4cidrlist, '__ipv4InCidr');
} elseif (filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
return $this->__evalCIDR($value, $ipv6cidrlist, '__ipv6InCidr');
}
return false;
}
// This code converts IP address to all possible CIDRs that can contains given IP address
// and then check if given hash table contains that CIDR.
$ip = ip2long($value);
for ($bits = 0; $bits <= 32; $bits++) {
$mask = -1 << (32 - $bits);
$needle = long2ip($ip & $mask) . "/$bits";
if (isset($listValues[$needle])) {
return true;
}
}
private function __evalCIDR($value, $listValues, $function)
{
foreach ($listValues as $lv) {
if ($this->$function($value, $lv)) {
return true;
} elseif (filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
foreach ($listValues as $lv) {
if (strpos($lv, ':') !== false) { // IPv6 CIDR must contain dot
if ($this->__ipv6InCidr($value, $lv)) {
return true;
}
}
}
}
return false;
}
// using Alnitak's solution from http://stackoverflow.com/questions/594112/matching-an-ip-to-a-cidr-mask-in-php5
private function __ipv4InCidr($ip, $cidr)
{
list($subnet, $bits) = explode('/', $cidr);
$ip = ip2long($ip);
$subnet = ip2long($subnet);
$mask = -1 << (32 - $bits);
$subnet &= $mask; # nb: in case the supplied subnet wasn't correctly aligned
return ($ip & $mask) == $subnet;
return false;
}
// Using solution from https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/IpUtils.php

2
app/View/Elements/Events/View/row_attribute.ctp
View File

@ -154,7 +154,7 @@
?>
</div>
</td>
<td class="shortish">
<td class="short">
<div class="attributeTagContainer" id="#Attribute_<?php echo h($object['id']);?>_tr .attributeTagContainer">
<?php echo $this->element('ajaxTags', array('attributeId' => $object['id'], 'tags' => $object['AttributeTag'], 'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id']), 'context' => $context, 'scope' => 'attribute')); ?>
</div>

3
app/View/Elements/genericElements/IndexTable/headers.ctp
View File

@ -12,7 +12,8 @@
$header_data = h($header['name']);
}
$headersHtml .= sprintf(
'<th>%s</th>',
'<th %s>%s</th>',
empty($header['header_class']) ? '' : 'class="' . h($header['header_class']) . '"',
$header_data
);
}

10
app/View/Elements/genericElements/IndexTable/index_table.ctp
View File

@ -21,7 +21,9 @@
if (!empty($data['description'])) {
echo sprintf('<p>%s</p>', h($data['description']));
}
echo $this->element('/genericElements/IndexTable/pagination', array('paginator' => $this->Paginator));
if (empty($data['skip_pagination'])) {
echo $this->element('/genericElements/IndexTable/pagination', array('paginator' => $this->Paginator));
}
if (!empty($data['top_bar'])) {
echo $this->element('/genericElements/ListTopBar/scaffold', array('data' => $data['top_bar']));
}
@ -41,6 +43,8 @@
$this->element('/genericElements/IndexTable/headers', array('fields' => $data['fields'], 'paginator' => $this->Paginator)),
$rows
);
echo $this->element('/genericElements/IndexTable/pagination_counter', array('paginator' => $this->Paginator));
echo $this->element('/genericElements/IndexTable/pagination', array('paginator' => $this->Paginator));
if (empty($data['skip_pagination'])) {
echo $this->element('/genericElements/IndexTable/pagination_counter', array('paginator' => $this->Paginator));
echo $this->element('/genericElements/IndexTable/pagination', array('paginator' => $this->Paginator));
}
?>

4
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -697,6 +697,10 @@
'url' => '/servers/serverSettings',
'text' => __('Server Settings & Maintenance')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => '/servers/updateProgress',
'text' => __('Update Progress')
));
echo $this->element('/genericElements/SideMenu/side_menu_divider');
if (Configure::read('MISP.background_jobs')) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(

31
app/View/Elements/healthElements/diagnostics.ctp
View File

@ -194,6 +194,37 @@
<?php
endforeach;
?>
<?php
echo '<div style="width:400px;">';
echo $this->element('/genericElements/IndexTable/index_table', array(
'data' => array(
'data' => $dbDiagnostics,
'skip_pagination' => 1,
'fields' => array(
array(
'name' => __('Table'),
'class' => 'bold',
'data_path' => 'table'
),
array(
'name' => __('Used'),
'class' => 'align-right short',
'header_class' => 'align-right',
'data_path' => 'used'
),
array(
'name' => __('Reclaimable'),
'data_path' => 'reclaimable',
'class' => 'align-right',
'header_class' => 'align-right'
)
),
'title' => __('SQL database status'),
'description' => __('Size of each individual table on disk, along with the size that can be freed via SQL optimize. Make sure that you always have at least 3x the size of the largest table in free space in order for the update scripts to work as expected.')
)
));
echo '</div>';
?>
<h3><?php echo __('Advanced attachment handler');?></h3>
<?php echo __('The advanced attachment tools are used by the add attachment functionality to extract additional data about the uploaded sample.');?>
<div style="background-color:#f7f7f9;width:400px;">

3
app/View/Events/import_module.ctp
View File

@ -2,6 +2,9 @@
<?php echo $this->Form->create('', array('type' => 'file'));?>
<fieldset>
<legend><?php echo h(Inflector::humanize($module['name']));?></legend>
<?php if (isset($module['meta']['description'])) {
echo '<p>'.h($module['meta']['description']).'</p>';
} ?>
<?php
if (isset($module['mispattributes']['userConfig']) && !empty($module['mispattributes']['userConfig'])) {
foreach ($module['mispattributes']['userConfig'] as $configName => $config) {

6
app/View/Objects/add.ctp
View File

@ -290,7 +290,7 @@
<tr class="success" title="<?php echo __('Can be merged automatically. Injection done.'); ; ?>">
<td style="white-space: nowrap;">
<?php if (isset($attribute['is_multiple']) && $attribute['is_multiple']): ?>
<i class="fas fa-copy useCursorPointer" style="margin-right: 3px;" title="<?php echo __('An instance of this attribute already exists. However, as multiple instanciation is allowed by this template, the two attributes will be keept.'); ?>" data-objectrelation="<?php echo h($attribute['object_relation']); ?>" data-type="<?php echo h($attribute['type']); ?>" onclick="scrollinRow(this);"></i>
<i class="fas fa-copy useCursorPointer" style="margin-right: 3px;" title="<?php echo __('An instance of this attribute already exists. However, as multiple instances are allowed by this template, the two attributes will be kept.'); ?>" data-objectrelation="<?php echo h($attribute['object_relation']); ?>" data-type="<?php echo h($attribute['type']); ?>" onclick="scrollinRow(this);"></i>
<?php endif; ?>
<?php echo h($attribute['object_relation']); ?>
</td>
@ -347,7 +347,7 @@
var old_value = $clicked.data('valueold');
var revised_value = $clicked.data('valuerevised');
var col_object_relation = $clicked.data('objectrelation');
var col_type = $clicked.data('type');
var col_type = $clicked.data('type');
insertValueAndScroll(col_object_relation, col_type, revised_value, old_value, $clicked);
}
@ -366,7 +366,7 @@
var $value_field = $($matching_row.find('div.object_value_field select, div.object_value_field textarea')[0]);
var cur_val = $value_field.val();
var selected_value;
if (cur_val !== old_value) {
if (cur_val != old_value) {
selected_value = old_value;
$value_field.val(old_value);
$clicked.addClass('fa-sign-in-alt fa-flip-horizontal').removeClass('fa-trash-restore');

263
app/View/Servers/update_progress.ctp
View File

@ -13,149 +13,148 @@ if (isset($updateProgress['preTestSuccess']) && $updateProgress['preTestSuccess'
$percentageFail = 100;
}
?>
<div style="width: 50%;margin: 0 auto;">
<?php if (count($updateProgress['commands']) > 0): ?>
<h2><?php echo(__('Database Update progress'));?></h2>
<div class="" style="max-width: 1000px;">
<div class="servers form">
<div style="width: 50%;margin: 0 auto;">
<?php if (count($updateProgress['commands']) > 0): ?>
<h2><?php echo(__('Database Update progress'));?></h2>
<div class="" style="max-width: 1000px;">
<div>
<h5 style='display: inline-block'>Pre update test status:</h5>
<?php
$icon = isset($updateProgress['preTestSuccess']) ? ($updateProgress['preTestSuccess'] ? 'fa-check' : 'fa-times') : 'fa-question-circle ';
?>
<i class='fa <?php echo($icon); ?>' style="font-size: x-large"></i>
</div>
<div class="progress progress-striped" style="max-width: 1000px;">
<div id="pb-progress" class="bar" style="font-weight: bold; width: <?php echo h($percentage);?>%;"><?php echo h($percentage);?>%</div>
<div id="pb-fail" class="bar" style="width: <?php echo h($percentageFail);?>%; background-color: #ee5f5b;"></div>
</div>
<table class="table table-bordered table-stripped updateProgressTable">
<thead>
<tr>
<th></th>
<th>Update command</th>
</tr>
</thead>
<tbody>
<?php foreach($updateProgress['commands'] as $i => $cmd):
if (isset($updateProgress['results'][$i])) {
$res = $updateProgress['results'][$i];
} else {
$res = false;
}
$rowDone = $i < $updateProgress['current'];
$rowCurrent = $i === $updateProgress['current'];
$rowFail = in_array($i, $updateProgress['failed_num']);
$rowClass = '';
$rowIcon = '<i id="icon-' . $i . '" class="fa"></i>';
if ($rowDone) {
$rowClass = 'class="alert alert-success"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-check-circle-o"></i>';
}
if ($rowCurrent && !$rowFail) {
$rowClass = 'class="alert alert-info"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-cogs"></i>';
} else if ($rowFail) {
$rowClass = 'class="alert alert-danger"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-times-circle-o"></i>';
}
if (isset($updateProgress['time']['started'][$i])) {
$datetimeStart = $updateProgress['time']['started'][$i];
if (isset($updateProgress['time']['elapsed'][$i])) {
$updateDuration = $updateProgress['time']['elapsed'][$i];
} else { // compute elapsed based on started
$temp = new DateTime();
$diff = $temp->diff(new DateTime($datetimeStart));
$updateDuration = $diff->format('%H:%I:%S');
}
} else {
$datetimeStart = '';
$updateDuration = '';
}
<div>
<h5 style='display: inline-block'>Pre update test status:</h5>
<?php
$icon = isset($updateProgress['preTestSuccess']) ? ($updateProgress['preTestSuccess'] ? 'fa-check' : 'fa-times') : 'fa-question-circle ';
?>
<tr id="row-<?php echo $i; ?>" <?php echo $rowClass; ?> >
<td><?php echo $rowIcon; ?></td>
<td>
<div>
<a style="cursor: pointer; maring-bottom: 2px;" onclick="toggleVisiblity(<?php echo $i;?>)">
<span class="foldable fa fa-terminal"></span>
<?php echo __('Update ') . ($i+1); ?>
<span class="inline-term"><?php echo h(substr($cmd, 0, 60)) . (strlen($cmd) > 60 ? '[...]' : '' );?></span>
<span class="label">
<?php echo __('Started @ '); ?>
<span id="startedTime-<?php echo $i; ?>"><?php echo h($datetimeStart); ?></span>
</span>
<span class="label">
<?php echo __('Elapsed Time @ '); ?>
<span id="elapsedTime-<?php echo $i; ?>"><?php echo h($updateDuration); ?></span>
</span>
<i class='fa <?php echo($icon); ?>' style="font-size: x-large"></i>
</div>
</a>
<div data-terminalid="<?php echo $i;?>" style="display: none; margin-top: 5px;">
<div id="termcmd-<?php echo $i;?>" class="div-terminal">
<?php
$temp = preg_replace('/^\n*\s+/', '', $cmd);
$temp = preg_split('/\s{4,}/m', $temp);
foreach ($temp as $j => $line) {
$pad = $j > 0 ? '30' : '0';
if ($line !== '') {
echo '<span style="margin-left: ' . $pad . 'px;">' . h($line) . '</span>';
}
}
?>
</div>
<div>
<span class="fa fa-level-up terminal-res-icon"></span>
<div id="termres-<?php echo $i;?>" class="div-terminal terminal-res">
<div class="progress progress-striped" style="max-width: 1000px;">
<div id="pb-progress" class="bar" style="font-weight: bold; width: <?php echo h($percentage);?>%;"><?php echo h($percentage);?>%</div>
<div id="pb-fail" class="bar" style="width: <?php echo h($percentageFail);?>%; background-color: #ee5f5b;"></div>
</div>
<table class="table table-bordered table-stripped updateProgressTable">
<thead>
<tr>
<th></th>
<th>Update command</th>
</tr>
</thead>
<tbody>
<?php foreach($updateProgress['commands'] as $i => $cmd):
if (isset($updateProgress['results'][$i])) {
$res = $updateProgress['results'][$i];
} else {
$res = false;
}
$rowDone = $i < $updateProgress['current'];
$rowCurrent = $i === $updateProgress['current'];
$rowFail = in_array($i, $updateProgress['failed_num']);
$rowClass = '';
$rowIcon = '<i id="icon-' . $i . '" class="fa"></i>';
if ($rowDone) {
$rowClass = 'class="alert alert-success"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-check-circle"></i>';
}
if ($rowCurrent && !$rowFail) {
$rowClass = 'class="alert alert-info"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-cogs"></i>';
} else if ($rowFail) {
$rowClass = 'class="alert alert-danger"';
$rowIcon = '<i id="icon-' . $i . '" class="fa fa-times-circle"></i>';
}
if (isset($updateProgress['time']['started'][$i])) {
$datetimeStart = $updateProgress['time']['started'][$i];
if (isset($updateProgress['time']['elapsed'][$i])) {
$updateDuration = $updateProgress['time']['elapsed'][$i];
} else { // compute elapsed based on started
$temp = new DateTime();
$diff = $temp->diff(new DateTime($datetimeStart));
$updateDuration = $diff->format('%H:%I:%S');
}
} else {
$datetimeStart = '';
$updateDuration = '';
}
?>
<tr id="row-<?php echo $i; ?>" <?php echo $rowClass; ?> >
<td><?php echo $rowIcon; ?></td>
<td>
<div>
<a style="cursor: pointer; maring-bottom: 2px;" onclick="toggleVisiblity(<?php echo $i;?>)">
<span class="foldable fa fa-terminal"></span>
<?php echo __('Update ') . ($i+1); ?>
<span class="inline-term"><?php echo h(substr($cmd, 0, 60)) . (strlen($cmd) > 60 ? '[...]' : '' );?></span>
<span class="label">
<?php echo __('Started @ '); ?>
<span id="startedTime-<?php echo $i; ?>"><?php echo h($datetimeStart); ?></span>
</span>
<span class="label">
<?php echo __('Elapsed Time @ '); ?>
<span id="elapsedTime-<?php echo $i; ?>"><?php echo h($updateDuration); ?></span>
</span>
</a>
<div data-terminalid="<?php echo $i;?>" style="display: none; margin-top: 5px;">
<div id="termcmd-<?php echo $i;?>" class="div-terminal">
<?php
if ($res !== false) {
$temp = preg_replace('/^\n*\s+/', '', $res);
$temp = preg_split('/\s{2,}/m', $temp);
foreach ($temp as $j => $line) {
$pad = $j > 0 ? '30' : '0';
if ($line !== '') {
echo '<span style="margin-left: ' . $pad . 'px;">' . h($line) . '</span>';
}
$temp = preg_replace('/^\n*\s+/', '', $cmd);
$temp = preg_split('/\s{4,}/m', $temp);
foreach ($temp as $j => $line) {
$pad = $j > 0 ? '30' : '0';
if ($line !== '') {
echo '<span style="margin-left: ' . $pad . 'px;">' . h($line) . '</span>';
}
}
?>
</div>
<div>
<span class="fa fa-level-up terminal-res-icon"></span>
<div id="termres-<?php echo $i;?>" class="div-terminal terminal-res">
<?php
if ($res !== false) {
$temp = preg_replace('/^\n*\s+/', '', $res);
$temp = preg_split('/\s{2,}/m', $temp);
foreach ($temp as $j => $line) {
$pad = $j > 0 ? '30' : '0';
if ($line !== '') {
echo '<span style="margin-left: ' . $pad . 'px;">' . h($line) . '</span>';
}
}
}
?>
</div>
</div>
</div>
</div>
</div>
<div id="single-update-progress-<?php echo $i;?>" class="single-update-progress hidden">
<div class="small-pb-in-td">
<div id="single-update-pb-<?php echo $i;?>" style="height: 100%; background: #149bdf; transition: width 0.6s ease;"></div>
<div id="single-update-progress-<?php echo $i;?>" class="single-update-progress hidden">
<div class="small-pb-in-td">
<div id="single-update-pb-<?php echo $i;?>" style="height: 100%; background: #149bdf; transition: width 0.6s ease;"></div>
</div>
<div id="small-state-text-<?php echo $i;?>" class="small-state-text-in-td badge" class="badge">Filling schema table</div>
</div>
<div id="small-state-text-<?php echo $i;?>" class="small-state-text-in-td badge" class="badge">Filling schema table</div>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php else: ?>
<h2><?php echo __('No update in progress'); ?></h2>
<?php endif; ?>
</div>
<?php else: ?>
<h2><?php echo __('No update in progress'); ?></h2>
<script>
$(document).ready(function() {
setInterval(function() { location.reload(); }, 1000);
});
</script>
<?php endif; ?>
<script>
var updateProgress = <?php echo json_encode($updateProgress); ?>;
var urlGetProgress = "<?php echo $baseurl; ?>/servers/updateProgress";
</script>
<?php
echo $this->element('genericElements/assetLoader', array(
'css' => array('update_progress'),
'js' => array('update_progress')
));
?>
</div>
<?php echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'updateProgress')); ?>
<script>
var updateProgress = <?php echo json_encode($updateProgress); ?>;
var urlGetProgress = "<?php echo $baseurl; ?>/servers/updateProgress";
</script>
<?php
echo $this->element('genericElements/assetLoader', array(
'css' => array('update_progress'),
'js' => array('update_progress')
));
?>

5
app/View/Users/statistics_sightings.ctp
View File

@ -64,8 +64,3 @@
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'globalActions', 'menuItem' => 'statistics'));
?>
<script type="text/javascript">
$(document).ready(function () {
loadSightingsData();
});
</script>

2
app/webroot/css/main.css
View File

@ -1849,7 +1849,7 @@ tr.deleted-attribute td {
}
.align-right {
text-align: right;
text-align: right !important;
}
.hidden {

22
app/webroot/js/misp.js
View File

@ -3703,28 +3703,6 @@ function loadTagTreemap() {
});
}
function loadSightingsData(timestamp) {
url = "/sightings/toplist";
if (timestamp != undefined) {
url = url + '/' + timestamp;
}
$.ajax({
async:true,
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
success:function (data, textStatus) {
$(".sightingsdiv").html(data);
},
complete:function() {
$(".loading").hide();
},
type:"get",
cache: false,
url: url,
});
}
function quickEditEvent(id, field) {
$.ajax({
async:true,

12
app/webroot/js/update_progress.js
View File

@ -117,25 +117,25 @@ function update_row_state(i, state) {
case 0: // success
row.removeClass('alert-danger alert-info');
row.addClass('alert-success');
icon.removeClass('fa-times-circle-o fa-cogs');
icon.addClass('fa-check-circle-o');
icon.removeClass('fa-times-circle fa-cogs');
icon.addClass('fa-check-circle');
break;
case 1: // current
row.removeClass('alert-success alert-danger');
row.addClass('alert-info');
icon.removeClass('fa-check-circle-o', 'fa-times-circle-o');
icon.removeClass('fa-check-circle', 'fa-times-circle');
icon.addClass('fa-cogs');
break;
case 2: //fail
row.removeClass('alert-success alert-info');
row.addClass('alert-danger');
icon.removeClass('fa-check-circle-o fa-cogs');
icon.addClass('fa-times-circle-o');
icon.removeClass('fa-check-circle fa-cogs');
icon.addClass('fa-times-circle');
break;
case 3: //no state
default:
row.removeClass('alert-success alert-info alert-danger');
icon.removeClass('fa-check-circle-o fa-times-circle-o fa-cogs');
icon.removeClass('fa-check-circle fa-times-circle fa-cogs');
break;
}
}

2
docs/INSTALL.rhel7.md
View File

@ -355,7 +355,7 @@ installCake_RHEL ()
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php72/php.ini
# max_execution_time = 300
# memory_limit = 512M
# memory_limit = 2048M
# upload_max_filesize = 50M
# post_max_size = 50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

4
docs/INSTALL.rhel8.md
View File

@ -306,7 +306,7 @@ installCake_RHEL ()
cd $PATH_TO_MISP/app
# Update composer.phar (optional)
$SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
$SUDO_WWW php composer-setup.php
$SUDO_WWW php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
@ -334,7 +334,7 @@ installCake_RHEL ()
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php72/php.ini
# max_execution_time = 300
# memory_limit = 512M
# memory_limit = 2048M
# upload_max_filesize = 50M
# post_max_size = 50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

2
docs/generic/globalVariables.md
View File

@ -79,7 +79,7 @@ MISPvars () {
upload_max_filesize=50M
post_max_size=50M
max_execution_time=300
memory_limit=512M
memory_limit=2048M
CAKE="$PATH_TO_MISP/app/Console/cake"

2
docs/xINSTALL.NetBSD.md
View File

@ -234,7 +234,7 @@ sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install plyara
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
cd $PATH_TO_MISP/app
sudo -u www php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
sudo -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink
sudo -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink
('composer-setup.php'); } echo PHP_EOL;"
sudo -u www env HOME=/tmp php composer-setup.php
sudo -u www php -r "unlink('composer-setup.php');"

2
docs/xINSTALL.OpenBSD.md
View File

@ -410,7 +410,7 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
cd /var/www/htdocs/MISP/app
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
doas -u www php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
doas -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
doas -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
doas -u www env HOME=/var/www php composer-setup.php
doas -u www php -r "unlink('composer-setup.php');"
doas -u www env HOME=/var/www php composer.phar require kamisama/cake-resque:4.1.2

4
docs/xINSTALL.centos6.md
View File

@ -246,7 +246,7 @@ sudo chown apache:apache /var/www/.composer/
cd $PATH_TO_MISP/app
# Update composer.phar (optional)
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
$SUDO_WWW $RUN_PHP "php composer.phar require kamisama/cake-resque:4.1.2"
@ -262,7 +262,7 @@ sudo ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php70/php.d/99-timezone.ini
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php70/php.ini
# max_execution_time=300
# memory_limit=512M
# memory_limit=2048M
# upload_max_filesize=50M
# post_max_size=50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

4
docs/xINSTALL.centos7.md
View File

@ -233,7 +233,7 @@ sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.composer
cd $PATH_TO_MISP/app
# Update composer.phar (optional)
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
$SUDO_WWW $RUN_PHP "php composer.phar require kamisama/cake-resque:4.1.2"
@ -249,7 +249,7 @@ sudo ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php72/php.d/99-timezone.ini
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php72/php.ini
# max_execution_time = 300
# memory_limit = 512M
# memory_limit = 2048M
# upload_max_filesize = 50M
# post_max_size = 50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

4
docs/xINSTALL.debian10.md
View File

@ -202,7 +202,7 @@ cd $PATH_TO_MISP/app
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
# Update composer.phar
$SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
$SUDO_WWW php composer-setup.php
$SUDO_WWW php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
@ -325,7 +325,7 @@ sudo a2ensite misp-ssl
# Recommended: Change some PHP settings in /etc/php/7.3/apache2/php.ini
# max_execution_time = 300
# memory_limit = 512M
# memory_limit = 2048M
# upload_max_filesize = 50M
# post_max_size = 50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

4
docs/xINSTALL.debian9.md
View File

@ -222,7 +222,7 @@ cd $PATH_TO_MISP/app
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
# Update composer.phar
# $SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
# $SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
# $SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'a5c698ffe4b8e849a443b120cd5ba38043260d5c4023dbf93e1558871f1f07f58274fc6f4c93bcfd858c6bd0775cd8d1') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
# $SUDO_WWW php composer-setup.php
# $SUDO_WWW php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar require kamisama/cake-resque:4.1.2
@ -345,7 +345,7 @@ sudo a2ensite misp-ssl
# Recommended: Change some PHP settings in /etc/php/7.3/apache2/php.ini
# max_execution_time = 300
# memory_limit = 512M
# memory_limit = 2048M
# upload_max_filesize = 50M
# post_max_size = 50M
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit

2
docs/xINSTALL.tsurugi.md
View File

@ -117,7 +117,7 @@ function installMISPonTsurugi() {
upload_max_filesize=50M
post_max_size=50M
max_execution_time=300
memory_limit=512M
memory_limit=2048M
PHP_INI=/etc/php/7.0/apache2/php.ini
# apt config