2017-10-27 07:22:10 +00:00
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
// Require some libraries
|
|
|
|
|
const needle = require('needle');
|
|
|
|
|
|
|
|
|
|
// External references
|
|
|
|
|
const fetchAgentsExternal = require('../monitoring');
|
|
|
|
|
const getConfig = require('./wazuh-elastic');
|
|
|
|
|
const getPath = require('../../util/get-path');
|
|
|
|
|
|
|
|
|
|
// Colors for console logging
|
|
|
|
|
const colors = require('ansicolors');
|
|
|
|
|
const blueWazuh = colors.blue('wazuh');
|
2017-10-20 18:53:56 +00:00
|
|
|
|
2018-01-24 14:29:02 +00:00
|
|
|
const fs = require('fs');
|
|
|
|
|
const yml = require('js-yaml');
|
|
|
|
|
const path = require('path');
|
2017-10-27 07:34:38 +00:00
|
|
|
const pciRequirementsFile = '../integration_files/pci_requirements.json';
|
|
|
|
|
|
2017-10-27 07:46:52 +00:00
|
|
|
module.exports = (server, options) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
|
2017-10-20 18:53:56 +00:00
|
|
|
// Variables
|
2017-10-27 07:46:52 +00:00
|
|
|
let packageInfo;
|
2017-09-29 05:26:18 +00:00
|
|
|
|
2017-10-20 18:53:56 +00:00
|
|
|
// Read Wazuh app package file
|
2017-06-27 18:28:28 +00:00
|
|
|
try {
|
2017-10-27 07:34:38 +00:00
|
|
|
packageInfo = require('../../package.json');
|
2017-06-27 18:28:28 +00:00
|
|
|
} catch (e) {
|
|
|
|
|
server.log([blueWazuh, 'initialize', 'error'], 'Could not read the Wazuh package file.');
|
2017-10-27 07:34:38 +00:00
|
|
|
}
|
2018-01-24 20:33:45 +00:00
|
|
|
|
2018-01-25 12:44:47 +00:00
|
|
|
|
2017-01-26 15:35:07 +00:00
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
const checkStoredAPI = (req, reply) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
2017-10-20 18:53:56 +00:00
|
|
|
// Get config from elasticsearch
|
2017-12-12 16:59:19 +00:00
|
|
|
getConfig(req.payload, (wapi_config) => {
|
2017-10-20 18:53:56 +00:00
|
|
|
if (wapi_config.error_code > 1) {
|
|
|
|
|
// Can not connect to elasticsearch
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
'statusCode': 200,
|
2017-10-27 07:46:52 +00:00
|
|
|
'error': '1',
|
|
|
|
|
'data': 'no_elasticsearch'
|
2017-10-27 07:34:38 +00:00
|
|
|
});
|
2017-10-20 18:53:56 +00:00
|
|
|
return;
|
|
|
|
|
} else if (wapi_config.error_code > 0) {
|
|
|
|
|
// Credentials not found
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
'statusCode': 400,
|
|
|
|
|
'error': '2',
|
|
|
|
|
'data': 'no_credentials'
|
|
|
|
|
});
|
2017-10-20 18:53:56 +00:00
|
|
|
return;
|
|
|
|
|
}
|
2017-10-27 07:34:38 +00:00
|
|
|
|
|
|
|
|
needle('get', `${wapi_config.url}:${wapi_config.port}/version`, {}, {
|
|
|
|
|
username: wapi_config.user,
|
|
|
|
|
password: wapi_config.password,
|
|
|
|
|
rejectUnauthorized: !wapi_config.insecure
|
|
|
|
|
})
|
|
|
|
|
.then((response) => {
|
2017-11-02 18:00:35 +00:00
|
|
|
if (parseInt(response.body.error) === 0 && response.body.data) {
|
2017-12-03 14:30:47 +00:00
|
|
|
needle('get', `${wapi_config.url}:${wapi_config.port}/cluster/status`, {}, { // Checking the cluster status
|
|
|
|
|
username: wapi_config.user,
|
|
|
|
|
password: wapi_config.password,
|
|
|
|
|
rejectUnauthorized: !wapi_config.insecure
|
|
|
|
|
})
|
|
|
|
|
.then((response) => {
|
|
|
|
|
if (!response.body.error) {
|
|
|
|
|
if (response.body.data.enabled === 'yes') { // If cluster mode is active
|
|
|
|
|
needle('get', `${wapi_config.url}:${wapi_config.port}/cluster/node`, {}, {
|
|
|
|
|
username: wapi_config.user,
|
|
|
|
|
password: wapi_config.password,
|
|
|
|
|
rejectUnauthorized: !wapi_config.insecure
|
|
|
|
|
})
|
|
|
|
|
.then((response) => {
|
|
|
|
|
if (!response.body.error) {
|
|
|
|
|
let managerName = wapi_config.cluster_info.manager;
|
|
|
|
|
delete wapi_config.cluster_info;
|
|
|
|
|
wapi_config.cluster_info = {};
|
|
|
|
|
wapi_config.cluster_info.status = 'enabled';
|
|
|
|
|
wapi_config.cluster_info.manager = managerName;
|
|
|
|
|
wapi_config.cluster_info.node = response.body.data.node;
|
|
|
|
|
wapi_config.cluster_info.cluster = response.body.data.cluster;
|
|
|
|
|
reply({
|
|
|
|
|
'statusCode': 200,
|
|
|
|
|
'data': wapi_config
|
|
|
|
|
});
|
|
|
|
|
} else if (response.body.error){
|
|
|
|
|
reply({
|
|
|
|
|
'statusCode': 500,
|
|
|
|
|
'error': 7,
|
|
|
|
|
'message': response.body.message
|
|
|
|
|
}).code(500);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
else { // Cluster mode is not active
|
|
|
|
|
let managerName = wapi_config.cluster_info.manager;
|
|
|
|
|
delete wapi_config.cluster_info;
|
|
|
|
|
wapi_config.cluster_info = {};
|
|
|
|
|
wapi_config.cluster_info.status = 'disabled';
|
|
|
|
|
wapi_config.cluster_info.cluster = 'Disabled';
|
|
|
|
|
wapi_config.cluster_info.manager = managerName;
|
|
|
|
|
reply({
|
|
|
|
|
'statusCode': 200,
|
|
|
|
|
'data': wapi_config
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
reply({
|
|
|
|
|
'statusCode': 500,
|
|
|
|
|
'error': 5,
|
|
|
|
|
'message': 'Error occurred'
|
|
|
|
|
}).code(500);
|
|
|
|
|
}
|
2017-10-27 07:34:38 +00:00
|
|
|
});
|
2017-10-20 18:53:56 +00:00
|
|
|
} else {
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
'statusCode': 500,
|
|
|
|
|
'error': 7,
|
|
|
|
|
'message': response.body
|
|
|
|
|
});
|
2017-10-20 18:53:56 +00:00
|
|
|
}
|
2017-11-30 12:04:48 +00:00
|
|
|
})
|
|
|
|
|
.catch(error => {
|
|
|
|
|
if(error.code === 'ECONNREFUSED'){
|
|
|
|
|
wapi_config.password = "You shall not pass";
|
|
|
|
|
wapi_config.apiIsDown = true;
|
|
|
|
|
reply({
|
|
|
|
|
'statusCode': 200,
|
|
|
|
|
'data': wapi_config
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
server.log([blueWazuh, 'wazuh-api', 'error'], error);
|
|
|
|
|
}
|
2017-01-23 17:58:50 +00:00
|
|
|
});
|
2017-10-20 18:53:56 +00:00
|
|
|
});
|
2017-01-23 17:58:50 +00:00
|
|
|
};
|
2017-06-01 15:08:10 +00:00
|
|
|
|
2017-12-20 16:48:20 +00:00
|
|
|
|
|
|
|
|
const genericErrorBuilder = (status,code,message) => {
|
|
|
|
|
return {
|
|
|
|
|
statusCode: status,
|
|
|
|
|
error: code,
|
|
|
|
|
message: message || 'Error ocurred'
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-27 07:46:52 +00:00
|
|
|
const checkAPI = (req, reply) => {
|
|
|
|
|
|
|
|
|
|
if (!('user' in req.payload)) {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(400,3,'Missing param: API USER'));
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!('password' in req.payload)) {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(400,4,'Missing param: API PASSWORD'));
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!('url' in req.payload)) {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(400,5,'Missing param: API URL'));
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!('port' in req.payload)) {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(400,6,'Missing param: API PORT'));
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(req.payload.url.includes('https://')) && !(req.payload.url.includes('http://'))) {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(200,1,'protocol_error'));
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
2017-10-27 08:05:27 +00:00
|
|
|
|
2017-10-27 07:46:52 +00:00
|
|
|
req.payload.password = Buffer.from(req.payload.password, 'base64').toString("ascii");
|
|
|
|
|
|
|
|
|
|
needle('get', `${req.payload.url}:${req.payload.port}/version`, {}, {
|
|
|
|
|
username: req.payload.user,
|
|
|
|
|
password: req.payload.password,
|
|
|
|
|
rejectUnauthorized: !req.payload.insecure
|
|
|
|
|
})
|
2017-12-20 16:48:20 +00:00
|
|
|
.then(response => {
|
|
|
|
|
|
|
|
|
|
// Check wrong credentials
|
|
|
|
|
if(parseInt(response.statusCode) === 401){
|
|
|
|
|
return reply(genericErrorBuilder(500,10401,'wrong_credentials')).code(500);
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-02 18:00:35 +00:00
|
|
|
if (parseInt(response.body.error) === 0 && response.body.data) {
|
2017-10-27 07:46:52 +00:00
|
|
|
needle('get', `${req.payload.url}:${req.payload.port}/agents/000`, {}, {
|
|
|
|
|
username: req.payload.user,
|
|
|
|
|
password: req.payload.password,
|
|
|
|
|
rejectUnauthorized: !req.payload.insecure
|
|
|
|
|
})
|
2017-12-20 16:48:20 +00:00
|
|
|
.then(response => {
|
2017-10-27 07:46:52 +00:00
|
|
|
if (!response.body.error) {
|
2017-12-03 14:30:47 +00:00
|
|
|
var managerName = response.body.data.name;
|
|
|
|
|
needle('get', `${req.payload.url}:${req.payload.port}/cluster/status`, {}, { // Checking the cluster status
|
2017-10-27 07:46:52 +00:00
|
|
|
username: req.payload.user,
|
|
|
|
|
password: req.payload.password,
|
|
|
|
|
rejectUnauthorized: !req.payload.insecure
|
|
|
|
|
})
|
2017-12-20 16:48:20 +00:00
|
|
|
.then(response => {
|
2017-10-27 07:46:52 +00:00
|
|
|
if (!response.body.error) {
|
2017-12-03 14:30:47 +00:00
|
|
|
if (response.body.data.enabled === 'yes') { // If cluster mode is active
|
|
|
|
|
needle('get', `${req.payload.url}:${req.payload.port}/cluster/node`, {}, {
|
|
|
|
|
username: req.payload.user,
|
|
|
|
|
password: req.payload.password,
|
|
|
|
|
rejectUnauthorized: !req.payload.insecure
|
|
|
|
|
})
|
2017-12-20 16:48:20 +00:00
|
|
|
.then(response => {
|
2017-12-03 14:30:47 +00:00
|
|
|
if (!response.body.error) {
|
|
|
|
|
reply({
|
|
|
|
|
"manager": managerName,
|
|
|
|
|
"node": response.body.data.node,
|
|
|
|
|
"cluster": response.body.data.cluster,
|
|
|
|
|
"status": 'enabled'
|
|
|
|
|
});
|
2017-12-20 16:48:20 +00:00
|
|
|
} else {
|
|
|
|
|
return reply(genericErrorBuilder(500,7,response.body.message)).code(500);
|
2017-12-03 14:30:47 +00:00
|
|
|
}
|
2017-12-20 16:48:20 +00:00
|
|
|
})
|
|
|
|
|
.catch(error => reply(genericErrorBuilder(500,5,error.message || error)).code(500));
|
2017-12-03 14:30:47 +00:00
|
|
|
}
|
|
|
|
|
else { // Cluster mode is not active
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply({
|
|
|
|
|
manager: managerName,
|
|
|
|
|
cluster: 'Disabled',
|
|
|
|
|
status : 'disabled'
|
2017-12-03 14:30:47 +00:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(500,5,response.body.message)).code(500);
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
2017-12-20 16:48:20 +00:00
|
|
|
})
|
|
|
|
|
.catch(error => reply(genericErrorBuilder(500,5,error.message || error)).code(500));
|
2017-10-27 07:46:52 +00:00
|
|
|
} else {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(500,5,response.body.message)).code(500);
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
2017-12-20 16:48:20 +00:00
|
|
|
})
|
|
|
|
|
.catch(error => reply(genericErrorBuilder(500,5,error.message || error)).code(500));
|
2017-10-27 07:46:52 +00:00
|
|
|
} else {
|
2017-12-20 16:48:20 +00:00
|
|
|
return reply(genericErrorBuilder(500,5,response.body.message)).code(500);
|
2017-10-27 07:46:52 +00:00
|
|
|
}
|
2017-12-20 16:48:20 +00:00
|
|
|
})
|
|
|
|
|
.catch(error => reply(genericErrorBuilder(500,5,error.message || error)).code(500));
|
2016-10-25 19:54:05 +00:00
|
|
|
};
|
|
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
const getPciRequirement = (req, reply) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
2017-10-27 08:05:27 +00:00
|
|
|
let pciRequirements = {};
|
|
|
|
|
let pci_description = '';
|
2017-09-22 07:36:47 +00:00
|
|
|
|
2017-10-20 18:53:56 +00:00
|
|
|
try {
|
2017-10-27 07:46:52 +00:00
|
|
|
pciRequirements = require(pciRequirementsFile);
|
2017-10-20 18:53:56 +00:00
|
|
|
} catch (e) {
|
|
|
|
|
server.log([blueWazuh, 'initialize', 'error'], 'Could not read the mapping file.');
|
|
|
|
|
server.log([blueWazuh, 'initialize', 'error'], 'Path: ' + pciRequirementsFile);
|
|
|
|
|
server.log([blueWazuh, 'initialize', 'error'], 'Exception: ' + e);
|
2017-10-27 08:05:27 +00:00
|
|
|
}
|
2016-10-25 19:54:05 +00:00
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
if (req.params.requirement === 'all') {
|
|
|
|
|
return reply(pciRequirements);
|
2016-10-25 19:54:05 +00:00
|
|
|
}
|
2017-06-01 15:08:10 +00:00
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
if (typeof pciRequirements[req.params.requirement] !== 'undefined'){
|
2017-10-20 18:53:56 +00:00
|
|
|
pci_description = pciRequirements[req.params.requirement];
|
2017-10-27 08:05:27 +00:00
|
|
|
}
|
|
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
pci: {
|
|
|
|
|
requirement: req.params.requirement,
|
|
|
|
|
description: pci_description
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
};
|
2017-08-13 19:54:56 +00:00
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
const errorControl = (error, response) => {
|
2016-10-25 19:54:05 +00:00
|
|
|
if (error) {
|
2017-10-27 07:34:38 +00:00
|
|
|
return ({
|
|
|
|
|
'isError': true,
|
|
|
|
|
'body': {
|
2017-10-27 08:05:27 +00:00
|
|
|
'statusCode': 500,
|
|
|
|
|
'error': 5,
|
|
|
|
|
'message': 'Request error',
|
2017-10-27 07:34:38 +00:00
|
|
|
'errorMessage': error.message
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
} else if (!error && response.body.error) {
|
2017-10-27 07:34:38 +00:00
|
|
|
return ({
|
|
|
|
|
'isError': true,
|
|
|
|
|
'body': {
|
|
|
|
|
'statusCode': 500,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': 6,
|
|
|
|
|
'message': 'Wazuh api error',
|
|
|
|
|
'errorData': response.body
|
2017-10-27 07:34:38 +00:00
|
|
|
}
|
|
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
}
|
2017-10-27 07:34:38 +00:00
|
|
|
return ({
|
|
|
|
|
'isError': false
|
|
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
};
|
|
|
|
|
|
2017-12-12 16:59:19 +00:00
|
|
|
const makeRequest = (method, path, data, id, reply) => {
|
|
|
|
|
getConfig(id, (wapi_config) => {
|
2016-10-25 19:54:05 +00:00
|
|
|
if (wapi_config.error_code > 1) {
|
|
|
|
|
//Can not connect to elasticsearch
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 404,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': 2,
|
|
|
|
|
'message': 'Could not connect with elasticsearch'
|
2017-10-27 07:34:38 +00:00
|
|
|
}).code(404);
|
2017-10-27 08:05:27 +00:00
|
|
|
|
2016-10-25 19:54:05 +00:00
|
|
|
} else if (wapi_config.error_code > 0) {
|
|
|
|
|
//Credentials not found
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 404,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': 1,
|
|
|
|
|
'message': 'Credentials does not exists'
|
2017-10-27 07:34:38 +00:00
|
|
|
}).code(404);
|
2017-10-27 08:05:27 +00:00
|
|
|
|
2016-10-25 19:54:05 +00:00
|
|
|
}
|
|
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
if (!data) {
|
|
|
|
|
data = {};
|
|
|
|
|
}
|
2016-10-25 19:54:05 +00:00
|
|
|
|
|
|
|
|
var options = {
|
2017-10-27 07:34:38 +00:00
|
|
|
headers: {
|
|
|
|
|
'wazuh-app-version': packageInfo.version
|
|
|
|
|
},
|
2017-10-27 08:05:27 +00:00
|
|
|
username: wapi_config.user,
|
|
|
|
|
password: wapi_config.password,
|
2016-10-25 19:54:05 +00:00
|
|
|
rejectUnauthorized: !wapi_config.insecure
|
|
|
|
|
};
|
|
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
let fullUrl = getPath(wapi_config) + path;
|
|
|
|
|
|
|
|
|
|
needle.request(method, fullUrl, data, options, (error, response) => {
|
|
|
|
|
let errorData = errorControl(error, response);
|
2016-10-25 19:54:05 +00:00
|
|
|
if (errorData.isError) {
|
|
|
|
|
reply(errorData.body).code(500);
|
|
|
|
|
} else {
|
|
|
|
|
reply(response.body);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
const requestApi = (req, reply) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
2016-10-25 19:54:05 +00:00
|
|
|
if (!req.payload.method) {
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
'statusCode': 400,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': 3,
|
|
|
|
|
'message': 'Missing param: Method'
|
2017-10-27 07:34:38 +00:00
|
|
|
}).code(400);
|
2016-10-25 19:54:05 +00:00
|
|
|
} else if (!req.payload.path) {
|
2017-10-27 07:34:38 +00:00
|
|
|
reply({
|
|
|
|
|
'statusCode': 400,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': 4,
|
|
|
|
|
'message': 'Missing param: Path'
|
2017-10-27 07:34:38 +00:00
|
|
|
}).code(400);
|
2016-10-25 19:54:05 +00:00
|
|
|
} else {
|
2017-12-12 16:59:19 +00:00
|
|
|
makeRequest(req.payload.method, req.payload.path, req.payload.body, req.payload.id, reply);
|
2016-10-25 19:54:05 +00:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
const getApiSettings = (req, reply) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
2017-12-12 16:59:19 +00:00
|
|
|
getConfig(req.payload.id, (wapi_config) => {
|
2017-10-27 07:34:38 +00:00
|
|
|
if (wapi_config.error_code > 1) {
|
|
|
|
|
//Can not connect to elasticsearch
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 200,
|
|
|
|
|
'error': '1',
|
|
|
|
|
'data': 'no_elasticsearch'
|
|
|
|
|
});
|
2017-10-27 08:05:27 +00:00
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
} else if (wapi_config.error_code > 0) {
|
|
|
|
|
//Credentials not found
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 200,
|
|
|
|
|
'error': '1',
|
|
|
|
|
'data': 'no_credentials'
|
2017-10-27 08:05:27 +00:00
|
|
|
});
|
2017-10-27 07:34:38 +00:00
|
|
|
}
|
|
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
};
|
2017-10-20 18:53:56 +00:00
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
// Fetch agent status and insert it directly on demand
|
2017-10-27 08:05:27 +00:00
|
|
|
const fetchAgents = (req, reply) => {
|
2018-01-25 12:44:47 +00:00
|
|
|
if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
2017-10-27 07:34:38 +00:00
|
|
|
fetchAgentsExternal();
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 200,
|
2017-10-27 08:05:27 +00:00
|
|
|
'error': '0',
|
|
|
|
|
'data': ''
|
2017-10-27 07:34:38 +00:00
|
|
|
});
|
2017-10-27 08:05:27 +00:00
|
|
|
};
|
2017-06-01 15:08:10 +00:00
|
|
|
|
2017-10-27 08:05:27 +00:00
|
|
|
const postErrorLog = (req, reply) => {
|
2016-10-25 19:54:05 +00:00
|
|
|
|
|
|
|
|
if (!req.payload.message) {
|
|
|
|
|
server.log([blueWazuh, 'server', 'error'], 'Error logging failed:');
|
2017-10-27 08:05:27 +00:00
|
|
|
server.log([blueWazuh, 'server', 'error'],
|
|
|
|
|
'You must provide at least one error message to log');
|
|
|
|
|
|
|
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 500,
|
2017-10-27 08:05:27 +00:00
|
|
|
'message': 'You must provide at least one error message to log'
|
2017-10-27 07:34:38 +00:00
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
} else {
|
|
|
|
|
server.log([blueWazuh, 'client', 'error'], req.payload.message);
|
|
|
|
|
if (req.payload.details) {
|
|
|
|
|
server.log([blueWazuh, 'client', 'error'], req.payload.details);
|
|
|
|
|
}
|
2017-10-27 08:05:27 +00:00
|
|
|
return reply({
|
2017-10-27 07:34:38 +00:00
|
|
|
'statusCode': 200,
|
2017-10-27 08:05:27 +00:00
|
|
|
'message': 'Error logged succesfully'
|
2017-10-27 07:34:38 +00:00
|
|
|
});
|
2016-10-25 19:54:05 +00:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2018-01-24 11:54:32 +00:00
|
|
|
const getConfigurationFile = (req,reply) => {
|
|
|
|
|
try{
|
2018-01-24 20:33:45 +00:00
|
|
|
|
2018-01-25 12:44:47 +00:00
|
|
|
//if(!protectedRoute(req)) return reply(genericErrorBuilder(401,7,'Session expired.')).code(401);
|
|
|
|
|
const configFile = yml.load(fs.readFileSync('plugins/wazuh/config.yml', {encoding: 'utf-8'}));
|
2018-01-24 20:33:45 +00:00
|
|
|
if(configFile.login){
|
|
|
|
|
delete configFile.login.password;
|
|
|
|
|
}
|
2018-01-24 11:54:32 +00:00
|
|
|
return reply({
|
|
|
|
|
statusCode: 200,
|
|
|
|
|
error: 0,
|
|
|
|
|
data: configFile
|
|
|
|
|
});
|
|
|
|
|
} catch (error) {
|
|
|
|
|
return reply(genericErrorBuilder(500,6,error.message || error)).code(500)
|
|
|
|
|
}
|
2018-01-24 20:33:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const login = (req,reply) => {
|
|
|
|
|
try{
|
2018-01-25 12:44:47 +00:00
|
|
|
const configFile = yml.load(fs.readFileSync('plugins/wazuh/config.yml', {encoding: 'utf-8'}));
|
|
|
|
|
|
2018-01-24 20:33:45 +00:00
|
|
|
if(!req.payload.password) {
|
2018-01-25 12:44:47 +00:00
|
|
|
return reply(genericErrorBuilder(401,7,'Please give me a password.')).code(401)
|
2018-01-24 20:33:45 +00:00
|
|
|
} else if(req.payload.password !== configFile.login.password){
|
2018-01-25 12:44:47 +00:00
|
|
|
return reply(genericErrorBuilder(401,7,'Wrong password, please try again.')).code(401)
|
2018-01-24 20:33:45 +00:00
|
|
|
}
|
|
|
|
|
const code = (new Date()-1) + 'wazuhapp';
|
|
|
|
|
sessions[code] = {
|
|
|
|
|
created: new Date(),
|
2018-01-26 10:41:45 +00:00
|
|
|
exp : 86400
|
2018-01-24 20:33:45 +00:00
|
|
|
}
|
|
|
|
|
return reply({
|
|
|
|
|
statusCode: 200,
|
|
|
|
|
error: 0,
|
|
|
|
|
code: code
|
|
|
|
|
});
|
|
|
|
|
} catch (error) {
|
|
|
|
|
return reply(genericErrorBuilder(500,6,error.message || error)).code(500)
|
|
|
|
|
}
|
2018-01-24 11:54:32 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-24 20:33:45 +00:00
|
|
|
|
|
|
|
|
|
2016-10-25 19:54:05 +00:00
|
|
|
//Server routes
|
|
|
|
|
|
|
|
|
|
/*
|
2017-10-27 07:34:38 +00:00
|
|
|
* GET /api/wazuh-api/test
|
|
|
|
|
* Returns if the wazuh-api configuration is working
|
|
|
|
|
*
|
|
|
|
|
**/
|
2016-10-25 19:54:05 +00:00
|
|
|
server.route({
|
2017-12-12 16:59:19 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
path: '/api/wazuh-api/checkStoredAPI',
|
2017-02-13 19:58:44 +00:00
|
|
|
handler: checkStoredAPI
|
2016-10-25 19:54:05 +00:00
|
|
|
});
|
|
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
/*
|
|
|
|
|
* POST /api/wazuh-api/test
|
|
|
|
|
* Check if credentials on POST connect to Wazuh API. Not storing them!
|
|
|
|
|
* Returns if the wazuh-api configuration received in the POST body will work
|
|
|
|
|
*
|
|
|
|
|
**/
|
2016-10-25 19:54:05 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
path: '/api/wazuh-api/checkAPI',
|
2017-02-13 19:58:44 +00:00
|
|
|
handler: checkAPI
|
2016-10-25 19:54:05 +00:00
|
|
|
});
|
2017-06-01 15:08:10 +00:00
|
|
|
|
2016-10-25 19:54:05 +00:00
|
|
|
/*
|
2017-10-27 07:34:38 +00:00
|
|
|
* POST /api/wazuh-api/request
|
|
|
|
|
* Returns the request result (With error control)
|
|
|
|
|
*
|
|
|
|
|
**/
|
2016-10-25 19:54:05 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
path: '/api/wazuh-api/request',
|
2016-10-25 19:54:05 +00:00
|
|
|
handler: requestApi
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
/*
|
2017-10-27 07:34:38 +00:00
|
|
|
* GET /api/wazuh-api/settings
|
|
|
|
|
* Get Wazuh-API settings from elasticsearch index
|
|
|
|
|
*
|
|
|
|
|
**/
|
2016-10-25 19:54:05 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'GET',
|
|
|
|
|
path: '/api/wazuh-api/settings',
|
2016-10-25 19:54:05 +00:00
|
|
|
handler: getApiSettings
|
|
|
|
|
});
|
2017-06-01 15:08:10 +00:00
|
|
|
|
|
|
|
|
/*
|
2017-10-27 07:34:38 +00:00
|
|
|
* GET /api/wazuh-api/pci/requirement
|
|
|
|
|
* Return a PCI requirement description
|
|
|
|
|
*
|
|
|
|
|
**/
|
2017-01-26 15:35:07 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'GET',
|
|
|
|
|
path: '/api/wazuh-api/pci/{requirement}',
|
2017-01-26 15:35:07 +00:00
|
|
|
handler: getPciRequirement
|
2017-06-01 15:08:10 +00:00
|
|
|
});
|
2017-08-13 19:54:56 +00:00
|
|
|
|
2017-10-27 07:34:38 +00:00
|
|
|
/*
|
|
|
|
|
* POST /api/wazuh/debug
|
|
|
|
|
* Write in debug log
|
|
|
|
|
*
|
|
|
|
|
**/
|
2016-10-25 19:54:05 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
path: '/api/wazuh/errlog',
|
2016-10-25 19:54:05 +00:00
|
|
|
handler: postErrorLog
|
|
|
|
|
});
|
2017-06-01 15:08:10 +00:00
|
|
|
|
|
|
|
|
/*
|
2017-10-27 07:34:38 +00:00
|
|
|
* GET /api/wazuh-api/pci/requirement
|
|
|
|
|
* Return a PCI requirement description
|
|
|
|
|
*
|
|
|
|
|
**/
|
2017-02-23 12:53:18 +00:00
|
|
|
server.route({
|
2017-10-27 08:05:27 +00:00
|
|
|
method: 'GET',
|
|
|
|
|
path: '/api/wazuh-api/fetchAgents',
|
2017-02-23 12:53:18 +00:00
|
|
|
handler: fetchAgents
|
2017-06-01 15:08:10 +00:00
|
|
|
});
|
2018-01-24 11:54:32 +00:00
|
|
|
|
|
|
|
|
server.route({
|
|
|
|
|
method: 'GET',
|
|
|
|
|
path: '/api/wazuh-api/configuration',
|
|
|
|
|
handler: getConfigurationFile
|
|
|
|
|
});
|
2018-01-24 20:33:45 +00:00
|
|
|
|
|
|
|
|
server.route({
|
|
|
|
|
method: 'POST',
|
|
|
|
|
path: '/api/wazuh-api/login',
|
|
|
|
|
handler: login
|
|
|
|
|
});
|
2017-10-27 07:34:38 +00:00
|
|
|
};
|
