$sensor_id = POST('sensor_id');
$new_xml_data = $_POST['data'];
$token = POST('token');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = ossim_get_error_clean();
} else {
if (!Token::verify('tk_f_rules', $token)) {
$data['status'] = 'error';
$data['data'] = Token::create_error_message();
} else {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$data['status'] = 'error';
$data['data'] = _('Error! Sensor not allowed');
}
$db->close();
}
}
if ($data['status'] == 'error') {
$data['status'] = 'error';
$data['data'] = _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . $data['data'] . '</div>';
echo json_encode($data);
exit;
}
if (!Ossec::is_editable($file)) {
$data['status'] = 'error';
$data['data'] = _('Error! File not editable');
$s_name = $server_obj->get_name();
$s_ip = $server_obj->get_ip();
$server = $s_name . ' (' . $s_ip . ')';
$e_msg = sprintf(_("Unable to deploy agent to assets on a child server. Please login to %s to deploy the HIDS agents"), $server);
}
Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg);
}
} catch (Exception $e) {
$validation_errors['asset_id'] = $e->getMessage();
}
if (empty($validation_errors)) {
//Getting asset information
$_ips = $asset->get_ips();
$ips = $_ips->get_ips();
//Checking HIDS Sensor
$cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $sensor_id) == FALSE;
$asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
$cnd_2 = empty($asset_sensors[$sensor_id]);
if ($cnd_1 || $cnd_2) {
$validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id));
} else {
$system_ids = Av_center::get_system_id_by_component($conn, $sensor_id);
$res = Av_center::get_system_info_by_id($conn, $system_ids['non-canonical']);
if ($res['status'] == 'success') {
//We use this function to calculate sensor name because in HA environments there are two systems for one Sensor ID
if (empty($res['data']['ha_ip'])) {
$sensor_name = $res['data']['name'];
} else {
$sensor_name = Av_sensor::get_name_by_id($conn, $sensor_id);
}
$sensor_ip = $res['data']['current_ip'];
if (Session::menu_perms($m_perms, $sm_perms)) {
$sensor_id = POST('sensor_id');
$agent_id = POST('agent_id');
$asset_id = POST('asset_id');
$agent_name = POST('agent_name');
$ip_cidr = POST('ip_cidr');
$agent_status = POST('agent_status');
$validate = array('sensor_id' => array('validation' => "OSS_HEX", 'e_message' => 'illegal:' . _('Sensor ID')), 'agent_id' => array('validation' => "OSS_DIGIT", 'e_message' => 'illegal:' . _('Agent ID')), 'asset_id' => array('validation' => "OSS_HEX, OSS_NULLABLE", 'e_message' => 'illegal:' . _('Asset ID')), 'agent_name' => array('validation' => 'OSS_SCORE, OSS_LETTER, OSS_DIGIT, OSS_DOT, OSS_SPACE, "(", ")"', 'e_message' => 'illegal:' . _('Agent Name')), 'ip_cidr' => array('validation' => 'OSS_IP_ADDRCIDR', 'e_message' => 'illegal:' . _('IP/CIDR')), 'agent_status' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Agent Status')));
if ($ip_cidr == 'any') {
$validate['ip_cidr'] = array('validation' => 'any', 'e_message' => 'illegal:' . _('IP/CIDR'));
}
$validation_errors = validate_form_fields('POST', $validate);
$db = new ossim_db();
$conn = $db->connect();
//Extra validations
if (empty($validation_errors['sensor_id']) && !Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
$validation_errors['sensor_id'] = sprintf(_("Sensor %s not allowed. Please check with your account admin for more information"), Av_sensor::get_name_by_id($conn, $sensor_id));
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$db->close();
echo "<div style='color:gray; margin:15px; text-align:center;'>" . _('Trend chart not available') . "</div>";
exit;
}
$tz = Util::get_timezone();
$timetz = gmdate("U") + 3600 * $tz;
// time to generate dates with timezone correction
//HIDS trend
$data = array();
if ($agent_status > 1) {
if (Asset_host::is_in_db($conn, $asset_id)) {
$data = Ossec_utilities::hids_trend_by_id($conn, $asset_id);
if (is_array($hids_agents) && !empty($hids_agents)) {
//Case 1: HIDS Agents was previously deployed
$hids_agent = array_pop($hids_agents);
$sensor_id = $hids_agent['sensor_id'];
$agent_id = $hids_agent['agent_id'];
if (Asset_host_ips::valid_ip($hids_agent['ip_cidr']) && array_key_exists($hids_agent['ip_cidr'], $aux_ip_address)) {
$ip_address = $hids_agent['ip_cidr'];
} else {
$ip_address = $default_ip_address;
}
} else {
//Case 2: Not HIDS Agent deployed
$asset_sensors = Asset_host_sensors::get_sensors_by_id($conn, $asset_id);
foreach ($asset_sensors as $asset_sensor_id => $s_data) {
//Checking HIDS Sensor
$cnd_1 = Ossec_utilities::is_sensor_allowed($conn, $asset_sensor_id) == TRUE;
$cnd_2 = !empty($asset_sensors[$asset_sensor_id]);
if ($cnd_1 && $cnd_2) {
$sensor_id = $asset_sensor_id;
break;
}
}
$agent_id = NULL;
$ip_address = $default_ip_address;
}
if ($sensor_id === NULL) {
$deployment_stats[$asset_id]['status'] = 'error';
$deployment_stats[$asset_id]['data'] = _('Error! No HIDS sensor related to asset');
continue;
}
$d_data = array('asset_id' => $asset_id, 'w_ip' => $ip_address, 'w_user' => $user, 'w_password' => $pass, 'w_domain' => $domain, 'agent_id' => $agent_id);
$data['data'] = $validation_errors;
}
echo json_encode($data);
exit;
}
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
Util::response_bad_request(implode('<br/>', $validation_errors));
}
if (POST('pass') != POST('passc')) {
Util::response_bad_request(_('Password fields are different'));
}
if (!empty($_POST['ppass']) && POST('ppass') != POST('ppassc')) {
Util::response_bad_request(_('Privileged Password fields are different'));
}
if (!Ossec_utilities::is_sensor_allowed($conn, POST('sensor'))) {
Util::response_bad_request(_('Error! Sensor not allowed'));
}
$entries = is_array(POST('entries')) ? POST('entries') : array();
foreach ($entries as $entry) {
ossim_valid($entry['id_type'], OSS_NOECHARS, OSS_SCORE, OSS_LETTER, 'illegal:' . _('Type'));
ossim_valid($entry['frequency'], OSS_DIGIT, 'illegal:' . _('frequency'));
ossim_valid($entry['state'], OSS_NOECHARS, OSS_SCORE, OSS_LETTER, 'illegal:' . _('State'));
ossim_valid($entry['arguments'], OSS_NOECHARS, OSS_TEXT, OSS_SPACE, OSS_AT, OSS_NULLABLE, OSS_PUNC_EXT, '\\`', '\\<', '\\>', 'illegal:' . _('Arguments'));
if (ossim_error()) {
Util::response_bad_request(ossim_get_error_clean());
}
}
$ip = POST('ip');
$sensor_id = POST('sensor');
$hostname = POST('hostname');
