MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
23,726 Commits
34 Branches
364 Tags
186 MiB
Commit Graph

583 Commits (a7905b40cededa7fb54e2c735b8196c9aae03f94)

Author SHA1 Message Date
Jakub Onderka cd943b5e27 new: [sync] Method for filtering out existing sightings 2021-03-09 20:07:02 +01:00
Jakub Onderka 599819f7f9 new: [authkeys] Allowed IPs 2021-03-03 09:23:07 +01:00
Jakub Onderka 8a3144f112 new: [security] Content-Security-Policy support 2021-02-26 13:21:00 +01:00
Jakub Onderka 412d9dba1d
Merge pull request #6906 from JakubOnderka/compressed-requests 
new: [sync] Compressed requests support
 2021-02-18 18:03:11 +01:00
Jakub Onderka bf004ad52d chg: [internal] Simplified ServersController::serverSettings 2021-02-18 17:58:34 +01:00
Jakub Onderka 8342f4e8b4 new: [security] Security audit 2021-02-18 17:58:34 +01:00
Jakub Onderka ab1808a1ed fix: [idTranslator] Distinguish between not found and unreachable 2021-02-11 13:44:56 +01:00
Jakub Onderka d6f9cdc5b1 fix: [internal] idTranslator could show invalid results 2021-02-08 15:28:26 +01:00
Jakub Onderka 2ce6d0b240 fix: [internal] Fix some warnings 2021-01-28 14:09:05 +01:00
iglocska 0a1c3f3458
Merge branch '2.4' into develop 2021-01-22 11:57:08 +01:00
iglocska a8688501c3
fix: [diagnostics] complain about PHP >= 8.0 2021-01-22 11:55:35 +01:00
Jakub Onderka f19516a66c
Merge pull request #6890 from JakubOnderka/php-diagnostics-unit 
fix: [UI] Show proper unit for diagnostics
 2021-01-21 16:19:19 +01:00
iglocska 4cbaf60da8
fix: [update] fixed due to issues introduced with the branch flag 2021-01-20 16:39:10 +01:00
iglocska 8ee0555798
new: [API] update command got new branch parameter 
- instruct the update process to be prepended by a checkout of a given branch
- passed via a URL parameter (/servers/update/branch:develop)
OR
- passed via a JSON object ({"branch": "develop"})
 2021-01-20 14:21:31 +01:00
Jakub Onderka fe0d0e3fa1 fix: [UI] Show proper unit for diagnostics 2021-01-20 09:38:34 +01:00
Jakub Onderka 69f901110a new: [sync] Compressed requests support 2021-01-19 17:59:08 +01:00
Jakub Onderka 7c28f9b966 new: [server] Compare server events overlap 2021-01-18 11:34:38 +01:00
Jakub Onderka 56ef2f9874 new: [internal] New ability to get JSON data from event preview 2021-01-18 10:15:36 +01:00
Jakub Onderka 2bdaa351ad chg: [internal] Simplified code for index and event preview 2021-01-18 10:15:36 +01:00
Jakub Onderka a466d48df5
Merge pull request #6853 from JakubOnderka/server-diagnostic-fix 
fix: [server] Handle case when checking CLI version is not possible
 2021-01-13 14:54:28 +01:00
Jakub Onderka ed816c4da6 fix: [server] Handle case when checking CLI version is not possible 2021-01-13 14:24:25 +01:00
Jakub Onderka bf08b6719a new: [UI] Show link to event preview for ID translator 2021-01-12 10:51:04 +01:00
Jakub Onderka e80cd38f0f chg: [idTranslator] Allow to use from GET request 2021-01-08 10:52:07 +01:00
Jakub Onderka d80475241b chg: [idTranslator] Check also servers that we push 2021-01-08 10:52:07 +01:00
Jakub Onderka 1996687db7 chg: [sync] Return content encoding in postTest 2021-01-07 00:33:46 +01:00
Jakub Onderka 5bc7037c45 fix: [internal] Check if setting value is scalar 2020-12-17 13:50:25 +01:00
Jakub Onderka 66eb224409 chg: [UI] Allow to set syslog setting from UI 2020-11-19 21:32:14 +01:00
Jakub Onderka 071f8877b3 chg: [internal] Throw exception if setting name doesn't exists 2020-11-19 19:08:14 +01:00
mokaddem 89f307bd07 Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-18 09:22:40 +01:00
Jakub Onderka db1e7621b2 fix: [internal] MISP update without branch 2020-11-17 15:04:08 +01:00
mokaddem 3ccaa50a37
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-17 10:33:22 +01:00
Jakub Onderka 7c85cdf88c fix: [internal] Diagnostic data download 2020-11-16 23:48:01 +01:00
mokaddem dc65c79130
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-13 16:26:35 +01:00
iglocska 2dfe32ce57
fix: [rest client] implenented changes for advanced authkeys 
- strip auth headers in the history
- but not in the actual request
 2020-11-13 12:49:14 +01:00
mokaddem 6e1dad515b
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-13 11:04:33 +01:00
iglocska 39911b16c6
Merge branch '2.4' into CRUD 2020-11-13 08:47:22 +01:00
Jakub Onderka 843b2ce7cf
Merge pull request #6560 from JakubOnderka/rest-client-handle-exceptions 
fix: [RestClient] Catch exceptions and show error message to user
 2020-11-12 23:36:55 +01:00
mokaddem 1879bc05b7
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-12 09:05:12 +01:00
iglocska 46bc6ef4b2
fix: [regression] invalid server loaded for connection test 2020-11-12 08:21:24 +01:00
iglocska dbffebe503
Merge branch '2.4' into CRUD 2020-11-11 11:19:23 +01:00
iglocska bf7c9e8394
chg: [REST client] adapted to the APIkey changes 2020-11-11 10:47:10 +01:00
mokaddem 150b4cb7d1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-11-09 10:07:43 +01:00
Jakub Onderka 9a010075d8 chg: [internal] Simplified getApiInfo method 2020-11-07 11:10:40 +01:00
Jakub Onderka 3729591572 fix: [RestClient] Catch exceptions and show error message to user 2020-11-07 10:59:02 +01:00
iglocska 6e81c8ee8a
fix: [security] SSRF fixed in the rest client 
- by using the full path parameter in the rest client, users could issue queries to any server
- this becomes especially problematic when the MISP server is able to query other internal servers,
  as external users could trigger those

- new server setting added that allows enabling the full path option, this is now disabled by default
- new server setting added to add an override baseurl for the rest client, removing the need for the full
  path option in the first place (for example for the training VM with its port forwarding)

- Thanks to Heitor Gouvêa for reporting this vulnerability
 2020-10-31 08:49:01 +01:00
Jakub Onderka 3ff4dd530f new: [UI] Attachment scan diagnostic 2020-10-23 09:27:07 +02:00
Jakub Onderka 46ba51a32e new: [sync] Show client certificate info in connection test 2020-10-19 09:57:06 +02:00
mokaddem b628e15eb9
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-10-09 14:54:47 +02:00
mokaddem 98dd90898d
fix: [server:push] Correctly return message when using API 2020-10-05 10:11:09 +02:00
Jakub Onderka 8b5868d8f1 fix: [warnings] Attach warnings to feed and server event preview 2020-10-03 10:17:05 +02:00
mokaddem 2fdcede6b6
chg: [appModel] Removed prio worker from the list of available workers 
to perform an update
 2020-10-01 09:28:02 +02:00
mokaddem 7d3748f403
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-09-23 18:17:54 +02:00
Jakub Onderka 21e00a996b fix: [internal] Fix tests for missing ACL 2020-09-23 17:28:01 +02:00
mokaddem eb84b3344f
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-09-22 12:08:12 +02:00
iglocska 8c07d01302
new: [workers] add kill all / force kill all buttons to the worker management, fixes #6329 2020-09-22 09:15:03 +02:00
Loïc Fortemps 8844fd7ada
Event ID translation feature (#6212) 
* new: [sync] Event ID translation between sync servers
 2020-08-26 10:01:14 +02:00
Vito Piserchia d649257a15 rebase continue 2020-08-17 17:28:04 +02:00
Vito Piserchia 7da8b32ada rebase continue 2020-08-17 17:25:02 +02:00
Vito Piserchia d13e85eb3e rebase continue 2020-08-17 17:20:32 +02:00
Vito Piserchia a393d411e1 rebase continue 2020-08-17 17:13:58 +02:00
Vito Piserchia dad45e68ca rebase continue 2020-08-17 15:52:32 +02:00
Vito Piserchia b8c7485712 resolve merge 2020-08-16 13:31:31 +02:00
Jakub Onderka a411b36666 chg: [internal] Move attachment handling to one place 2020-08-13 15:34:32 +02:00
mokaddem b3dbecb318
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-07-14 16:25:04 +02:00
Andras Iklody 4aa22acfde
Merge pull request #6044 from JakubOnderka/sort-tags-by-name 
chg: [UI] Sort tags by name for server rules
 2020-07-07 12:19:09 +02:00
mokaddem f3a9481c61
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-07-01 16:22:55 +02:00
iglocska 3ec5fcba0b
new: [event block rule system] added 
- add simple tag filters to block events from being added.
- it will not stop a manual creation of an event with subsequent adding of the tag in a later stage
- it will however block synced events
 2020-06-30 10:45:36 +02:00
mokaddem cb764f42c3
chg: [server:pull] Pluralized `pull_relevant_cluster` as we may pull 
more than one
 2020-06-30 08:49:47 +02:00
mokaddem a137f85654
new: [server:pull_relevant_cluster] Added new cluster pull technique 
It fetches remote clusters based on cluster tags known locally
 2020-06-25 15:01:54 +02:00
Jakub Onderka e2c0df74c2 chg: [UI] Sort tags by name for server rules 2020-06-23 14:05:18 +02:00
mokaddem 49ca882207
fix: [servers:push] Do not throw exception while pushing via rest query 2020-06-16 09:17:01 +02:00
mokaddem b495581ad0
chg: [servers:getVersion] Return `perm_galaxy_editor` status 2020-06-16 08:59:45 +02:00
mokaddem 9b630ab146
new: [server] Added `pull_galaxy_cluster` option in the server config 2020-06-10 09:36:34 +02:00
mokaddem 5c04b9a8c1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-05-28 14:06:30 +02:00
mokaddem 176e29c94f
chg: [server:push] Drafty version of galaxyCluster push 2020-05-26 15:08:24 +02:00
Jakub Onderka 2073161d6f new: [pubsub] Show info about processed messages 2020-05-11 08:22:37 +02:00
iglocska 1c3dc3fe51
Merge branch '2.4' into 5272 2020-04-28 15:31:17 +02:00
iglocska 9770555c39
new: [workers] restart all dead workers 2020-03-06 14:56:35 +01:00
mokaddem 0f6990421b
chg: Changed error messages into translatable strings 2020-01-27 12:47:15 +01:00
mokaddem 13499737a5
Merge remote-tracking branch 'origin/2.4' into pr-5295 2020-01-27 11:47:24 +01:00
Jakub Onderka 73b9513a38 chg: [internal] Refactoring malware handling 2020-01-26 18:56:41 +01:00
iglocska 6d76550ea6
new: [sync] Add additional pull filters to the sync, fixes #5510 
- uses the same format as the index filters
 2020-01-23 09:42:16 +01:00
iglocska a577c69118
chg: [versions] requirements for languages changed 2020-01-17 15:14:53 +01:00
mokaddem 637e2806ef
new: [diagnostic:DBIndexes] Added complete diagnostic for database 
indexes
 2019-12-18 15:53:20 +01:00
mokaddem 0400fa0370
new: [diagnostic:DBIndex] Show table columns having indexes 2019-12-17 10:54:45 +01:00
mokaddem 7c1a83d0ed
chg: [diagnostic:DBSchema] Hide non-critical issues by default 2019-12-10 10:49:02 +01:00
iglocska c2d59dd3a5
Merge branch 'db_fix' into 2.4 2019-11-29 15:26:43 +01:00
mokaddem 1ff5576915
fix: [diagnostic:DBSchema] Removed query execution and soften the 
warning message
 2019-11-29 10:41:09 +01:00
Richard van den Berg 6458015708 Allow pushing of sightings only for perm_sighting 2019-11-26 19:40:49 +01:00
iglocska 17bb03193b
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-11-25 17:01:32 +01:00
Steve Clement a9a6260cef
Merge branch '2.4' into REST_Client_python 2019-11-24 20:27:46 +09:00
Richard van den Berg dd963c2e21 Sync sightings on push, pull and push on add 2019-11-22 21:53:51 +01:00
iglocska a1dcfb1931
new: [deprecation] Added a new library to handle deprecations 
- send X-Deprecation-Warning via the API
- set new Warning flash messages via the UI
- counting the use of these functionalities / API endpoint and / user
  - added a diagnsitic tool to view the outcome of the collection
  - sharing of these collections with the MISP-Project will be optionally available in the future

- two modes of operation:
  - hard deprecation (functions certainly to be removed, reported to the users via API/UI)
  - soft deprecation (gauging interest for the continued use of these functions)
 2019-11-20 15:30:06 +01:00
mokaddem 724619eeec
chg: [diagnostic:fixDBSchema] Updated ACLComponent and added clean cache 2019-11-19 15:09:03 -05:00
mokaddem b8b5880ef6
chg: [diagnostic:db_schema] Added support of default_value and quick fix 2019-11-19 12:07:30 -05:00
mokaddem bcd5ce2362
Merge branch '2.4' of github.com:MISP/MISP into feature-fix-db-inconsistencies 2019-11-19 09:20:42 -05:00
mokaddem 69746c8d4f
new: [server:fixDBSchema] Preliminary work to fix database schema 2019-11-18 19:06:41 -05:00
Steve Clement 35c739980e
chg: [REST] Updated to ExpandedPyMISP 2019-11-15 10:13:49 +09:00
Steve Clement 4bb4d52a5c
fix: [REST] Python has no 'Null' type, it is called 'None' 2019-11-15 09:50:50 +09:00
iglocska 0c15043cfa
new: [sync] view remote user tool added to the server index 
- should help with debugging what user is being used
 2019-11-13 19:09:37 +01:00
mokaddem f03a5c7b5f
chg: [diagnostic] Exposed dbSchemaDiagnostic to the API 2019-11-08 13:52:00 +01:00
mokaddem e32dcf3c69
fix: [releaseUpdateLock] Fixed error message to reflect the reality 2019-11-08 11:51:53 +01:00
mokaddem 0087a49fcc
chg: Usage of camelCase instead of snake_case 2019-10-29 09:57:25 +01:00
mokaddem b87ee19146
chg: [update] Actually reset `UpdateFailNumber` when manually unlocking 2019-10-15 11:44:34 +02:00
mokaddem 959ef2a1e7
chg: [updateProgress] Do no show negative remaining update anymore in 
the UI
 2019-10-14 10:59:26 +02:00
mokaddem 5d4142f62a
chg: [update] Parametrized ignore_disabled in ondemand_action and 
support of string update in update_progress
 2019-10-14 10:49:41 +02:00
Jakub Onderka 8e197d463d chg: [internal] Much better error handling for feed preview 2019-10-10 19:10:52 +02:00
mokaddem 0e2205c061
chg: [update] Added endpoint to release lock and integration with UI 2019-10-10 12:02:23 +02:00
mokaddem 8760c98c7e
Merge branch '2.4' of github.com:MISP/MISP into revisedUpdateProcess 2019-10-08 12:02:09 +02:00
mokaddem ce67cc242a
chg: [updateProgress] Added number of remaining db updates 2019-10-07 15:45:55 +02:00
garanews 85c28ce36e Fix some typo 
Fix some typo
 2019-10-04 13:02:59 +02:00
mokaddem c936d4ab51
chg: [updateProgress] Started taking into account stack of updates - WiP 2019-10-03 13:50:55 +02:00
mokaddem f4d06e7fc1
chg: [diagnostic] Exposed mysql and redis diagnostic on the API 2019-10-01 16:55:01 +02:00
mokaddem 39644802ff
fix: [update] Apply restriction of only 1 running process for only the `update` workers 2019-10-01 13:38:27 +02:00
mokaddem 6fd52393b7
chg: [update] Added new worker type `update` to perform updates 2019-10-01 13:36:37 +02:00
mokaddem 900317d5fe
Merge remote-tracking branch 'origin/2.4' into revisedUpdateProcess 2019-09-30 10:40:01 +02:00
Andras Iklody 7a71d76d82
Merge pull request #5198 from JakubOnderka/redis-info 
new: [internal] Redis diagnostic
 2019-09-27 22:19:05 +02:00
mokaddem 84290eaae6
chg: [dbSchemaDiagnostic] Added support of db_version 2019-09-26 15:20:32 +02:00
mokaddem 80b345c24e
chg: [dbSchemaDiagnostic] Improved parsing and UI - WiP 2019-09-26 14:34:05 +02:00
mokaddem c72f04dd90
Merge branch '2.4' into revisedUpdateProcess 2019-09-26 12:13:49 +02:00
Jakub Onderka 2b28d0c39e
fix: [UI] GnuPG diagnostic message 2019-09-23 09:38:15 +02:00
Jakub Onderka 84d100e982 new: [internal] Redis diagnostic 2019-09-21 07:43:35 +02:00
iglocska c6a1941454
fix: [API] Added DELETE http method to the rest client and fixed the JSON response of the API info 2019-09-20 11:53:28 +02:00
iglocska 71d8436cbc
fix: [UI] If a server add with a newly created external organisation fails, set the external organisation as the currently selected option after the validation fail redirect, fixes #5182 2019-09-18 14:37:42 +02:00
iglocska b6ba80e26e
fix: [prio] changePriority function responses fixed 2019-09-13 15:50:06 +02:00
iglocska ffc9147018
new: [sync] Added sync priority system to prioritise the order of instances to push to 2019-09-13 11:49:12 +02:00
iglocska ed0450faf4
new: [API] verbose output for /servers/update 2019-09-11 16:52:14 +02:00
mokaddem 9c02459fd0
new: [servers:DBDiagnostic] Improved indexTable and added new DB schema 
diagnostic (WiP)
 2019-09-10 15:13:06 +02:00
iglocska 75acd63c46
fix: [security] Fix to a vulnerability related to the server index 
- along with various support tools
- more information coming soon
 2019-09-09 13:00:21 +02:00
iglocska bbc05b229f
new: [diagnostics] Added SQL table size tool 
- along with various other small fixes
- increased recommended memory size additionally
 2019-08-21 17:01:52 +02:00
iglocska e8c5dba4f3
new: [API] get a single server setting via /servers/getSetting/[setting_name], fixes #4964 2019-08-15 20:01:36 +02:00
iglocska b2f3481806
fix: [sync] Sync object builder tool fixed 
- was picking the wrong org as the owner of the remote side
 2019-08-12 11:51:37 +02:00
iglocska 7b6a7a5a65
fix: [API] /servers/restartWorkers response fixed for API users, fixes #4966 2019-08-08 11:19:21 +02:00
iglocska e53a0046a9
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-07 15:04:51 +02:00
iglocska a46e7a680d
chg: [API] servers/serverSettingsEdit now accepts the force parameter in a posted JSON object 2019-08-07 15:03:32 +02:00
iglocska d6692c44a0
new: [sync] Previewing a remote instance now passes pagination rules in the request instead of fetching the full data-set and paginating in memory 
- fixes issues with empty preview pages
- massive performance boost
- requires the remote side to be the same version or newer
 2019-08-02 14:42:23 +02:00
iglocska 5f9e04aa4f
fix: [rest client] Potential fix to the skip ssl validation flag not working on wrong CN name 2019-07-31 14:10:19 +02:00
iglocska dc0f4741be
Revert "fix: [rest client] Potential fix to the SSL validation skip not working" 
This reverts commit 293871cee8.
 2019-07-31 14:03:22 +02:00
iglocska 293871cee8
fix: [rest client] Potential fix to the SSL validation skip not working 2019-07-31 13:58:34 +02:00
iglocska 118fb6649b
fix: [API] Server deletion now responds correctly via the API 2019-07-29 10:23:00 +02:00
iglocska a89b32d0c4
chg: Server pull/push endpoints allow the passing of the parameters as a POSTed JSON in addition to URL parameters, partially fixes #4889 2019-07-29 10:14:49 +02:00
iglocska c8018d7daa
new: [API] Proposal sync rework done 2019-07-12 16:03:08 +02:00
iglocska c06aa1fd79
fix: [API] Simple worker management added 
- /servers/startWorker/[queue]
- /servers/stopWorker/[pid]
- /servers/getWorkers
 2019-06-19 14:08:06 +02:00
iglocska c097f001dc
new: [security] Made certain settings modifiable via the CLI only 
- some settings are too risky to be exposed, even to site admins, so made them CLI accessible only
 2019-06-18 09:57:27 +02:00
iglocska 304358b162
fix: [sync] Fixed an issue that dropped the remote org 2019-05-30 15:06:51 +02:00
iglocska b23a2395e2
fix: [sync] whitelist fields that can be added via the JSON config 2019-05-30 14:50:51 +02:00
iglocska b706b5860b
fix: [UI] Invalid redirect fixed 2019-05-30 14:46:33 +02:00
iglocska aae9307106
new: [Sync] Add a tool to create MISP sync configuration JSONs and to ingest them, fixes #4696 
- sync user can log into remote instance, extract config JSON
- paste it into own instance as site admin to add MISP sync connection
 2019-05-30 14:42:29 +02:00
Steve Clement fc8f7982df
Zoidberg's son: Update system (#4534) 
Zoidberg's son: Update system
 2019-05-01 18:24:41 +09:00
iglocska 8b127f8fab new: [yara] Added diagnostics 2019-04-30 15:36:13 +02:00