MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: rename FileAccess to FileAccessTool 

every other tool classes name in the Lib/Tools/ folder also ends with "Tool"
pull/1456/head
Andreas Ziegler 2016-08-19 19:25:32 +02:00
parent a2ff5424e1
commit f0905dc536
4 changed files with 41 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
app/Controller/EventsController.php
View File

@ -1927,9 +1927,9 @@ class EventsController extends AppController {
public function _addGfiZip($id) {
if (!empty($this->data) && $this->data['Event']['submittedgfi']['size'] > 0 &&
is_uploaded_file($this->data['Event']['submittedgfi']['tmp_name'])) {
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
$zipData = $fileAccess->readFromFile($this->data['Event']['submittedgfi']['tmp_name'], $this->data['Event']['submittedgfi']['size']);
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$zipData = $fileAccessTool->readFromFile($this->data['Event']['submittedgfi']['tmp_name'], $this->data['Event']['submittedgfi']['size']);
// write
$rootDir = APP . "files" . DS . $id . DS;
@ -1953,7 +1953,7 @@ class EventsController extends AppController {
// open the xml
$xmlFileName = 'analysis.xml';
$xmlFilePath = $rootDir . DS . 'Analysis' . DS . $xmlFileName;
$xmlFileData = $fileAccess->readFromFile($xmlFilePath);
$xmlFileData = $fileAccessTool->readFromFile($xmlFilePath);
// read XML
$this->_readGfiXML($xmlFileData, $id);
@ -1963,9 +1963,9 @@ class EventsController extends AppController {
public function _addIOCFile($id) {
if (!empty($this->data) && $this->data['Event']['submittedioc']['size'] > 0 &&
is_uploaded_file($this->data['Event']['submittedioc']['tmp_name'])) {
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
$iocData = $fileAccess->readFromFile($this->data['Event']['submittedioc']['tmp_name'], $this->data['Event']['submittedioc']['size']);
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$iocData = $fileAccessTool->readFromFile($this->data['Event']['submittedioc']['tmp_name'], $this->data['Event']['submittedioc']['size']);
// write
$rootDir = APP . "files" . DS . $id . DS;
@ -1982,7 +1982,7 @@ class EventsController extends AppController {
// open the xml
$xmlFilePath = $destPath . DS . $this->data['Event']['submittedioc']['name'];
$xmlFileData = $fileAccess->readFromFile($xmlFilePath, $this->data['Event']['submittedioc']['size']);
$xmlFileData = $fileAccessTool->readFromFile($xmlFilePath, $this->data['Event']['submittedioc']['size']);
// Load event and populate the event data
$this->Event->id = $id;
@ -2048,8 +2048,8 @@ class EventsController extends AppController {
}
public function _addMISPExportFile($ext, $take_ownership = false) {
App::uses('FileAccess', 'Tools');
$data = (new FileAccess())->readFromFile($this->data['Event']['submittedfile']['tmp_name'], $this->data['Event']['submittedfile']['size']);
App::uses('FileAccessTool', 'Tools');
$data = (new FileAccessTool())->readFromFile($this->data['Event']['submittedfile']['tmp_name'], $this->data['Event']['submittedfile']['size']);
if ($ext == 'xml') {
App::uses('Xml', 'Utility');
@ -2882,13 +2882,13 @@ class EventsController extends AppController {
if ($attribute['type'] == 'ip-src/ip-dst') {
$types = array('ip-src', 'ip-dst');
} else if ($attribute['type'] == 'malware-sample') {
App::uses('FileAccess', 'Tools');
App::uses('FileAccessTool', 'Tools');
$tmpdir = Configure::read('MISP.tmpdir') ? Configure::read('MISP.tmpdir') : '/tmp';
$tempFile = explode('|', $attribute['data']);
if (!preg_match('/^[a-z0-9]*$/i', $tempFile[0])) {
throw new MethodNotAllowedException('Invalid filename, stop tampering with it.');
}
$attribute['data'] = (new FileAccess())->readFromFile($tmpdir . '/' . $tempFile[0], $tempFile[1]);
$attribute['data'] = (new FileAccessTool())->readFromFile($tmpdir . '/' . $tempFile[0], $tempFile[1]);
unlink($tmpdir . '/' . $tempFile[0]);
$result = $this->Event->Attribute->handleMaliciousBase64($id, $attribute['value'], $attribute['data'], array('md5', 'sha1', 'sha256'), $objectType == 'ShadowAttribute' ? true : false);
if (!$result['success']) {
@ -3735,11 +3735,11 @@ class EventsController extends AppController {
);
$result['related'] = $this->Event->Attribute->fetchAttributes($this->Auth->user(), $options);
if (isset($result['data'])) {
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$tmpdir = Configure::read('MISP.tmpdir') ? Configure::read('MISP.tmpdir') : '/tmp';
$tempFile = $fileAccess->createTempFile($tmpdir, $prefix = 'MISP');
$fileAccess->writeToFile($tempFile, $result['data']);
$tempFile = $fileAccessTool->createTempFile($tmpdir, $prefix = 'MISP');
$fileAccessTool->writeToFile($tempFile, $result['data']);
$result['data'] = basename($tempFile) . '|' . filesize($tempFile);
}
}
@ -3795,8 +3795,8 @@ class EventsController extends AppController {
$tmpfile = new File($fileupload['tmp_name']);
if ((isset($fileupload['error']) && $fileupload['error'] == 0) || (!empty($fileupload['tmp_name']) && $fileupload['tmp_name'] != 'none') && is_uploaded_file($tmpfile->path)) {
$filename = basename($fileupload['name']);
App::uses('FileAccess', 'Tools');
$modulePayload['data'] = (new FileAccess())->readFromFile($fileupload['tmp_name'], $fileupload['size']);
App::uses('FileAccessTool', 'Tools');
$modulePayload['data'] = (new FileAccessTool())->readFromFile($fileupload['tmp_name'], $fileupload['size']);
} else {
$fail = 'Invalid file upload.';
}

4
app/Controller/ServersController.php
View File

@ -551,7 +551,7 @@ class ServersController extends AppController {
$ext = '';
App::uses('File', 'Utility');
App::uses('Folder', 'Utility');
App::uses('FileAccess', 'Tools');
App::uses('FileAccessTool', 'Tools');
$file = new File($server['Server']['submitted_cert']['name']);
$ext = $file->ext();
if (($ext != 'pem') || !$server['Server']['submitted_cert']['size'] > 0) {
@ -560,7 +560,7 @@ class ServersController extends AppController {
}
// read pem file data
$pemData = (new FileAccess())->readFromFile($server['Server']['submitted_cert']['tmp_name'], $server['Server']['submitted_cert']['size']);
$pemData = (new FileAccessTool())->readFromFile($server['Server']['submitted_cert']['tmp_name'], $server['Server']['submitted_cert']['size']);
$destpath = APP . "files" . DS . "certs" . DS;
$dir = new Folder(APP . "files" . DS . "certs", true);

2
app/Lib/Tools/FileAccess.php → app/Lib/Tools/FileAccessTool.php
View File

@ -1,6 +1,6 @@
<?php
class FileAccess {
class FileAccessTool {
private $__fileErrorMsgPrefix = 'An error has occured while attempting to ';
public function createTempFile($dir, $prefix = 'MISP') {

40
app/Model/User.php
View File

@ -336,15 +336,15 @@ class User extends AppModel {
if (openssl_x509_read($check['certif_public'])) {
try {
App::uses('Folder', 'Utility');
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$dir = APP . 'tmp' . DS . 'SMIME';
if (!file_exists($dir)) {
if (!mkdir($dir, 0750, true)) throw new MethodNotAllowedException('The SMIME temp directory is not writeable (app/tmp/SMIME).');
}
$tempFile = $fileAccess->createTempFile($dir, 'SMIME');
$msg_test = $fileAccess->writeToFile($tempFile, 'test');
$msg_test_encrypted = $fileAccess->createTempFile($dir, 'SMIME');
$tempFile = $fileAccessTool->createTempFile($dir, 'SMIME');
$msg_test = $fileAccessTool->writeToFile($tempFile, 'test');
$msg_test_encrypted = $fileAccessTool->createTempFile($dir, 'SMIME');
// encrypt it
if (openssl_pkcs7_encrypt($msg_test, $msg_test_encrypted, $check['certif_public'], null, 0, OPENSSL_CIPHER_AES_256_CBC)) {
unlink($msg_test);
@ -528,15 +528,15 @@ class User extends AppModel {
$certif_public = $user['User']['certif_public'];
try {
App::uses('Folder', 'Utility');
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$dir = APP . 'tmp' . DS . 'SMIME';
if (!file_exists($dir)) {
if (!mkdir($dir, 0750, true)) throw new MethodNotAllowedException('The SMIME temp directory is not writeable (app/tmp/SMIME).');
}
$tempFile = $fileAccess->createTempFile($dir, 'SMIME');
$msg_test = $fileAccess->writeToFile($tempFile, 'test');
$msg_test_encrypted = $fileAccess->createTempFile($dir, 'SMIME');
$tempFile = $fileAccessTool->createTempFile($dir, 'SMIME');
$msg_test = $fileAccessTool->writeToFile($tempFile, 'test');
$msg_test_encrypted = $fileAccessTool->createTempFile($dir, 'SMIME');
// encrypt it
if (openssl_pkcs7_encrypt($msg_test, $msg_test_encrypted, $certif_public, null, 0, OPENSSL_CIPHER_AES_256_CBC)) {
$parse = openssl_x509_parse($certif_public);
@ -758,23 +758,23 @@ class User extends AppModel {
try {
$prependedBody = 'Content-Transfer-Encoding: 7bit' . PHP_EOL . 'Content-Type: text/plain;' . PHP_EOL . ' charset=us-ascii' . PHP_EOL . PHP_EOL . $body;
App::uses('Folder', 'Utility');
App::uses('FileAccess', 'Tools');
$fileAccess = new FileAccess();
App::uses('FileAccessTool', 'Tools');
$fileAccessTool = new FileAccessTool();
$dir = APP . 'tmp' . DS . 'SMIME';
if (!file_exists($dir)) {
if (!mkdir($dir, 0750, true)) throw new MethodNotAllowedException('The SMIME temp directory is not writeable (app/tmp/SMIME).');
}
// save message to file
$tempFile = $fileAccess->createTempFile($dir, 'SMIME');
$msg = $fileAccess->writeToFile($tempFile, $prependedBody);
$tempFile = $fileAccessTool->createTempFile($dir, 'SMIME');
$msg = $fileAccessTool->writeToFile($tempFile, $prependedBody);
$headers_smime = array("To" => $user['User']['email'], "From" => Configure::read('MISP.email'), "Subject" => $subject);
$canSign = true;
if (empty(Configure::read('SMIME.cert_public_sign')) || !is_readable(Configure::read('SMIME.cert_public_sign'))) $canSign = false;
if (empty(Configure::read('SMIME.key_sign')) || !is_readable(Configure::read('SMIME.key_sign'))) $canSign = false;
if ($canSign) {
$signed = $fileAccess->createTempFile($dir, 'SMIME');
$signed = $fileAccessTool->createTempFile($dir, 'SMIME');
if (openssl_pkcs7_sign($msg, $signed, 'file://'.Configure::read('SMIME.cert_public_sign'), array('file://'.Configure::read('SMIME.key_sign'), Configure::read('SMIME.password')), array(), PKCS7_TEXT)) {
$bodySigned = $fileAccess->readFromFile($signed);
$bodySigned = $fileAccessTool->readFromFile($signed);
unlink($msg);
unlink($signed);
} else {
@ -783,15 +783,15 @@ class User extends AppModel {
throw new Exception('Failed while attempting to sign the SMIME message.');
}
// save message to file
$tempFile = $fileAccess->createTempFile($dir, 'SMIME');
$msg_signed = $fileAccess->writeToFile($tempFile, $bodySigned);
$tempFile = $fileAccessTool->createTempFile($dir, 'SMIME');
$msg_signed = $fileAccessTool->writeToFile($tempFile, $bodySigned);
} else {
$msg_signed = $msg;
}
$msg_signed_encrypted = $fileAccess->createTempFile($dir, 'SMIME');
$msg_signed_encrypted = $fileAccessTool->createTempFile($dir, 'SMIME');
// encrypt it
if (openssl_pkcs7_encrypt($msg_signed, $msg_signed_encrypted, $user['User']['certif_public'], $headers_smime, 0, OPENSSL_CIPHER_AES_256_CBC)) {
$bodyEncSig = $fileAccess->readFromFile($msg_signed_encrypted);
$bodyEncSig = $fileAccessTool->readFromFile($msg_signed_encrypted);
unlink($msg_signed);
unlink($msg_signed_encrypted);
$parts = explode("\n\n", $bodyEncSig);