1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/OpenSecurity/bin/log_file.sh Fri May 09 14:09:02 2014 +0200
1.3 @@ -0,0 +1,21 @@
1.4 +#!/bin/bash
1.5 +
1.6 +# ------------------------------------------------------
1.7 +# sample test file for checking the logiing
1.8 +# ------------------------------------------------------
1.9 +
1.10 +FILE_TO_LOG=${1}
1.11 +if [ -z "${FILE_TO_LOG}" ]; then
1.12 + echo "please specify file name to log"
1.13 + exit 1
1.14 +fi
1.15 +FILE_TO_LOG=$(readlink -f ${FILE_TO_LOG})
1.16 +
1.17 +FILE_TIMESTAMP=$(date +"%s") # unix epoch timestamp
1.18 +FILE_CHECKSUM=$(md5sum < "${1}" | gawk '{ print $1; }') # MD5-Checksum
1.19 +
1.20 +OPENSECURITY_URL="http://localhost:8090/log"
1.21 +
1.22 +# POST the log
1.23 +curl --data-urlencode "file=${FILE_TO_LOG}" --data-urlencode "checksum=${FILE_CHECKSUM}" --data-urlencode "timestamp=${FILE_TIMESTAMP}" --data-urlencode 'action=copy' --data-urlencode 'memo=copied to unsafe USB Drive G:\\' ${OPENSECURITY_URL}
1.24 +
2.1 --- a/OpenSecurity/bin/opensecurity_client_restful_server.py Wed Apr 30 15:34:39 2014 +0100
2.2 +++ b/OpenSecurity/bin/opensecurity_client_restful_server.py Fri May 09 14:09:02 2014 +0200
2.3 @@ -32,9 +32,11 @@
2.4 # ------------------------------------------------------------
2.5 # imports
2.6
2.7 +import getpass
2.8 import json
2.9 import os
2.10 import os.path
2.11 +import platform
2.12 import socket
2.13 import subprocess
2.14 import sys
2.15 @@ -59,6 +61,7 @@
2.16 opensecurity_urls = (
2.17 '/credentials', 'os_credentials',
2.18 '/keyfile', 'os_keyfile',
2.19 + '/log', 'os_log',
2.20 '/notification', 'os_notification',
2.21 '/password', 'os_password',
2.22 '/', 'os_root'
2.23 @@ -143,6 +146,42 @@
2.24 return 'user queried for password and keyfile'
2.25
2.26
2.27 +class os_log:
2.28 +
2.29 + """OpenSecurity '/log' handler.
2.30 +
2.31 + This is called on GET or POST on the log function /log
2.32 + """
2.33 +
2.34 + def GET(self):
2.35 +
2.36 + # pick the arguments
2.37 + self.POST()
2.38 +
2.39 +
2.40 + def POST(self):
2.41 +
2.42 + # pick the arguments
2.43 + args = web.input()
2.44 + args['user'] = getpass.getuser()
2.45 + args['system'] = platform.node() + " " + platform.system() + " " + platform.release()
2.46 +
2.47 + # bounce log data
2.48 + url_addr = 'http://GIMME-SERVER-TO-LOG-TO/log'
2.49 +
2.50 + # by provided a 'data' we turn this into a POST statement
2.51 + d = urllib.urlencode(args)
2.52 + req = urllib2.Request(url_addr, d)
2.53 + try:
2.54 + res = urllib2.urlopen(req)
2.55 + except:
2.56 + print('failed to contact: ' + url_addr)
2.57 + print('log data: ' + d)
2.58 + return "Failed"
2.59 +
2.60 + return "Ok"
2.61 +
2.62 +
2.63 class os_notification:
2.64
2.65 """OpenSecurity '/notification' handler.
2.66 @@ -299,8 +338,9 @@
2.67 # TODO: it would be WAY easier and secure if we just
2.68 # add the result json to a HTTP-POST here.
2.69 url_addr = 'http://' + self._remote_ip + ':58080' + self._resource
2.70 - url = url_addr + '?' + urllib.urlencode(j)
2.71 - req = urllib2.Request(url)
2.72 +
2.73 + # by provided a 'data' we turn this into a POST statement
2.74 + req = urllib2.Request(url_addr, urllib.urlencode(j))
2.75 try:
2.76 res = urllib2.urlopen(req)
2.77 except: