MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
23,364 Commits
34 Branches
364 Tags
187 MiB
Commit Graph

1202 Commits (be46572adf00ad57b346e77bfabbee6cf3b95cb7)

Author SHA1 Message Date
Sami Mokaddem 574deccac8
new: [workflow] Added toggling module state 2022-06-17 09:20:27 +02:00
Sami Mokaddem d8f8225b9e
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows 2022-05-30 14:37:36 +02:00
Luciano Righetti 6c2a9ee11e
Merge pull request #8393 from righel/test-if-file-session-conf 
chg: show diagnostic issue if session is file based
 2022-05-30 11:09:46 +02:00
Jakub Onderka d8fd3e937a chg: [sync] Simplify galaxy cluster pushing 2022-05-30 08:28:22 +02:00
Jakub Onderka 0326d35387 chg: [sync] Reuse ServerSyncTool for pushing sightings 2022-05-30 08:28:22 +02:00
Jakub Onderka 46037748a2 chg: [sync] Use ServerSyncTool for pushing events 2022-05-30 08:28:22 +02:00
Jakub Onderka d4deca9330 chg: [sync] Optimise event filtering for push 2022-05-30 08:28:22 +02:00
Jakub Onderka ac82eb3844 chg: [sync] Optimise galaxy cluster pulling 2022-05-30 08:28:21 +02:00
Jakub Onderka b50daa886f chg: [sync] Remove duplicate blocklist checking 2022-05-30 08:28:17 +02:00
Jakub Onderka f7af3c4e4e chg: [sync] Optimise removing old evens when pulling 2022-05-30 08:27:38 +02:00
Jakub Onderka 9de6069ed9 chg: [sync] Optimise event attribute filtering 2022-05-30 08:27:38 +02:00
Jakub Onderka 2b6365760d fix: [internal] Enabling/disabling correlations 2022-05-26 15:42:16 +02:00
Jakub Onderka a0778774d7 new: [setting] MISP.thumbnail_in_redis 2022-05-24 09:18:51 +02:00
Luciano Righetti 5c324ff56b fix: missing file 2022-05-20 16:23:36 +02:00
Luciano Righetti 097c9f8080
Merge pull request #8361 from righel/optimize-event-view-tags 
Optimize event view tags
 2022-05-17 14:35:19 +02:00
Sami Mokaddem c5af331bc5
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows 2022-05-16 10:50:47 +02:00
Jakub Onderka 2f7c671adb new: [internal] Simplify checking if connection is MySQL/MariaDB 2022-05-14 10:17:06 +02:00
Luciano Righetti 5300207ee8 new: add new setting to disable taxonomy checks when browsing data 2022-05-12 11:13:35 +02:00
Sami Mokaddem 140b771989
Merge branch 'webhook' of github.com:MISP/MISP into feature-workflows 2022-05-11 13:05:15 +02:00
Jakub Onderka 2294232442 fix: [internal] Strict types 2022-05-07 10:40:41 +02:00
iglocska a4cba3fdc6
new: [modules] action module type added 
- hooking function type
- add a hooking point via `$this->Module->executeActions($hook_name, $user, $input, $logging_options, $error)`
- will execute the enabled modules for the hook name and depending on the module's type (blocking/not blocking) allow for breaking the execution when false is returned.
- For a sample skeleton, see the misp-modules project
 2022-05-04 01:23:13 +02:00
Sami Mokaddem 10c611d51b
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-04-26 12:44:32 +02:00
Sami Mokaddem c4f7a6e4f0
new: [clusters:attachMultipleClusters] Allow mirroring attribute clusters to events 
Added a new checkbox while picking tags to also tag the event with the tags to be attached to the attribute.
 2022-04-26 12:27:17 +02:00
Jakub Onderka ad6f5a8f64 fix: [internal] Undefined index 2022-04-22 12:08:26 +02:00
Jakub Onderka ff150b8834 chg: [internal] Do not generate export array when initializing Event class 2022-04-10 09:49:21 +02:00
Sami Mokaddem 6c258015a1
chg: [servers:getAllTypes] Moved the type and object collection action for filtering in the model 2022-04-04 11:52:47 +02:00
iglocska 861a9af713
Merge branch '2.4' into develop 2022-03-28 17:49:28 +02:00
Jakub Onderka f1dd24933c fix: [sign] Allow to sign event by key stored in gpg homedir 2022-03-26 12:10:26 +01:00
Luciano Righetti 34df13af81 fix: typo 2022-03-25 16:32:32 +01:00
iglocska f4e390ae27
new: [event locks] have an option to disable them 
- it's annoying and causes headaches
- as discussed in #8204
 2022-03-25 08:52:51 +01:00
Alexandre Dulaunoy ab1305cc18
Merge pull request #8218 from righel/org-svg-logo-setting 
new: add setting for allowing svg org logos
 2022-03-18 11:01:14 +01:00
Luciano Righetti 8dcf414340 fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 15:55:21 +01:00
iglocska 07b091778a
Merge branch '2.4' into develop 2022-03-17 15:51:06 +01:00
Hendrik Baecker eb7a1301bb [chg] LinOTP now with enable/disable as config feature 2022-03-17 15:19:58 +01:00
Luciano Righetti 2bd4a5b30c fix: [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 14:42:49 +01:00
iglocska e8dcb31623
Merge branch 'feature/protected_mode' into develop 2022-03-17 01:43:44 +01:00
iglocska 8eff854fce
fix: [signing validation] use the existing event rather than the incoming event for edits 
- the ground truth for allowing edits is in the LOCAL version of the event
- prevents tampering attempts

- also cleanup of repetive file upload code
 2022-03-17 00:41:55 +01:00
iglocska d49eca93ea
Merge branch 'feature/protected_mode' of github.com:MISP/MISP into feature/protected_mode 2022-03-16 01:34:19 +01:00
iglocska d431ee2d31
new: [pull] added protected mode checks and calling the validation functions if a protected event is found 
- also removed leftover breakpoints
 2022-03-16 01:32:01 +01:00
iglocska c33230c2cd
Merge branch '2.4' into feature/protected_mode 2022-03-15 23:49:06 +01:00
iglocska 3122974853
chg: [pull] signing validation WiP 2022-03-15 23:10:51 +01:00
iglocska 4a65714fe9
fix: [sync] version comparison fixes 
- for determining the right version to compare to when deciding if protected events can be synced
 2022-03-14 00:34:44 +01:00
iglocska 37fb2943bf
chg: [check remote MISP version] added flag for protectedMode awareness 2022-03-13 12:37:30 +01:00
Jakub Onderka 2e87d6b7b4
Merge pull request #8197 from JakubOnderka/push-sightings-refactor 
chg: [sync] Simplify code for sighting pushing
 2022-03-12 13:17:38 +01:00
Luciano Righetti fd43c07952 fix: add default supervisor user to default settings 2022-03-09 12:08:54 +01:00
Luciano Righetti 7fae03d226 fix: add default supervisor user to default settings 2022-03-09 12:01:57 +01:00
Jakub Onderka 90cd99685f chg: [sync] Simplify code for sighting pushing 2022-03-07 17:45:06 +01:00
iglocska 639a4929e3
new: [sharing group blueprints] 
- create a rule based blueprint that is used to create and update a sharing group
- nest sharing groups
- filter organisations by metadata fields
- nested via boolean operators
- CLI exposed
- API exposed
- Lightweight ownership model (only blueprint owner can see and edit the blueprint)
 2022-03-02 02:09:20 +01:00
Jakub Onderka 351d2bfa20 fix: [security] Do not allow to fetch value of redacted setting 2022-02-26 10:57:47 +01:00
Andras Iklody 35d0d77788
Merge pull request #8141 from folbricht-stripe/preserve-session-config 
Preserve Session.* configuration in serverSettingsSaveValue
 2022-02-23 11:40:28 +01:00
iglocska 6ab34c5b34
fix: [sync] fixed several issues with the sync attribute filters causing issues 
- if no negative sync filters defined, errors thrown due to check against null
 2022-02-16 15:23:03 +01:00
Frank Olbricht b08f7cf2d8 Preserve Session.* configuration in serverSettingsSaveValue 2022-02-12 14:41:35 -07:00
iglocska 260d84651c
fix: [tmpdir] default value change missing 
- Thanks @Wachizungu for spotting my fail
 2022-02-09 15:44:18 +01:00
iglocska 607de3683c
fix: [tmpdir] default reverted to MISP/app/tmp 
- too many access errors for users with /tmp as the default
 2022-02-09 09:18:02 +01:00
Jakub Onderka 2f33b4ad3d new: [UI] Show TLS version for server test 2022-01-22 11:39:49 +01:00
Jakub Onderka 067e04fcf6 chg: [setting] Check if value is from options 2022-01-21 20:09:39 +01:00
Jakub Onderka 44c4f80c28 chg: [internal] Do not call __evaluateLeaf for branch 2022-01-21 19:39:49 +01:00
Jakub Onderka 7bf1afc093 fix: [internal] testForCABundle should return true 2022-01-21 17:48:22 +01:00
Jakub Onderka f32c526bbe new: [security] Allow to specify min_tls_version 2022-01-21 10:18:22 +01:00
Jakub Onderka 0c243ce4f7 fix: [setting] Default value for MISP.require_password_confirmation is false 2022-01-20 10:53:45 +01:00
Alexandre Dulaunoy 7a62e49e98
Merge branch '2.4' into develop 2022-01-17 23:35:38 +01:00
Hendrik Baecker 7644a19b7f [chg] LinOTP default baseURL 2022-01-17 07:24:59 +01:00
Hendrik Baecker aeeb16ec06 [chg] Make LinOTP configurable via webui and cli 2022-01-14 14:32:43 +01:00
Alexandre Dulaunoy f19661fb21
Merge branch '2.4' into develop 2022-01-04 15:54:42 +01:00
StefanKelm 9897c42ef5
Update Server.php 
fix wording
 2021-12-30 13:44:10 +01:00
Luciano Righetti 57597b9cd7 fix: change simple bg jobs settings to critical, fix notice in server shell 2021-12-23 14:44:38 +01:00
Jakub Onderka 1caf425b2b
Merge pull request #8039 from JakubOnderka/cake-baseurl-deprecated 
chg: [cli] Deprecate `cake baseurl` command
 2021-12-22 19:47:54 +01:00
iglocska f905eef8f0
Merge branch '8042' into develop 2021-12-21 16:42:50 +01:00
Jakub Onderka 73936bc8fe chg: [cli] Deprecate `cake baseurl` command 2021-12-19 14:05:27 +01:00
iglocska 1c5d7d2f2f
chg: [rephrasing] some warnings 2021-12-17 16:09:01 +01:00
Sami Mokaddem 7f53cdc562
fix: [server:pull] Typo in objectAttribute filtering 2021-12-17 15:23:37 +01:00
Hendrik Baecker 2a54c429ed [chg] Safe LinOTP Config 2021-12-14 17:28:52 +01:00
Sami Mokaddem 0bb4f372ff
fix: [server:pull] Typo while unsetting attribute blocked by filtering rule 2021-12-10 13:47:39 +01:00
Sami Mokaddem fee5563c5a
chg: [server:pull] Do not log empty event entries if it was cause by the rules 2021-12-10 10:56:45 +01:00
Sami Mokaddem 7d87fef8ea
fix: [events:synchronisation] debug and typos 2021-12-10 10:02:49 +01:00
Sami Mokaddem 3db4a4636b
chg: [server:synchronisation] Usage of template_uuid instead of the object name 2021-12-10 09:52:07 +01:00
Sami Mokaddem 014ae34c53
new: [server:synchronisation] Type filtering during PULL synchronisation 
Warning: This feature can introduce unwanted behaviours and inconsistencies
 2021-12-09 12:29:03 +01:00
Luciano Righetti 019bba81af fix: show error message instead of fatal error when diagnostics tool fails to run 2021-11-26 11:45:10 +01:00
Luciano Righetti cab5262d65 fix: improve error handling when supervisor is not available or connection settings are wrong 2021-11-25 10:29:16 +01:00
Jakub Onderka ba71bee293 chg: [internal] testForBinExec cleanup 2021-11-22 09:58:23 +01:00
Jakub Onderka f895bb21e2 chg: [internal] Optimise setting 2021-11-22 09:58:23 +01:00
Jakub Onderka 82a7be8b4d chg: [upload] Allow to upload SVG files 2021-11-22 09:58:23 +01:00
Jakub Onderka e13d0bd4ae chg: [internal] New method ProcessTool::whoami 2021-11-22 09:57:39 +01:00
Jakub Onderka bd99d4866f chg: [diagnostics] Check also MISP.attachments_dir and MISP.tmpdir folders 2021-11-22 09:57:39 +01:00
Jakub Onderka 06107ee622 fix: [internal] User ProcessTool for selfTest 2021-11-22 09:57:39 +01:00
iglocska ec70caeb61
chg: [submodule update] added --init --recursive 2021-11-21 17:13:57 +01:00
Jakub Onderka 4b380f199d fix: [internal] Try to create directory if not exist 2021-11-18 10:19:01 +01:00
Jakub Onderka 9626f12f6f chg: [internal] Use ProcessTool in Server 2021-11-15 10:22:03 +01:00
Jakub Onderka cc25e2729c chg: [internal] Simplify checking if folder is writable 2021-11-14 19:09:39 +01:00
Jakub Onderka 9c60d64b04 fix: [internal] Update JSON 2021-11-14 19:09:38 +01:00
Jakub Onderka db13698ebd chg: [internal] Better submodule info fetching 2021-11-14 19:09:38 +01:00
Jakub Onderka aecf9499ad chg: [internal] Check if update is possible 2021-11-14 19:09:38 +01:00
Jakub Onderka 0cc7804219 chg: [internal] Current branch and commit checking 2021-11-14 19:09:38 +01:00
Jakub Onderka 736aba20a3 chg: [internal] More clear method names 2021-11-14 19:09:38 +01:00
Jakub Onderka 763a9b6e6e fix: [internal] Param order 2021-11-14 19:09:38 +01:00
Jakub Onderka a424c01844 chg: [internal] Small optim 2021-11-14 19:09:38 +01:00
Jakub Onderka c388bb3882 chg: [internal] Move version checking to one function 2021-11-14 19:09:38 +01:00
Jakub Onderka e41a8a785e chg: [internal] Use GitTool for remote version fetching 2021-11-14 19:09:38 +01:00
Jakub Onderka db3183ae54 chg: [internal] Faster way how to get current commit 2021-11-14 19:09:38 +01:00
Jakub Onderka 7074647128 chg: [internal] Authkey resetting 2021-11-14 19:09:37 +01:00