def taxii_discovery_service(): taxii_feeds = get_taxii_feeds() authorized = next( (tf for tf in taxii_feeds if current_user.check_feed(tf)), None) if authorized is None: return 'Unauthorized', 401 server_host = config.get('TAXII_HOST', None) if server_host is None: server_host = request.headers.get('Host', None) if server_host is None: return 'Missing Host header', 400 if HOST_RE.match(server_host) is None: return 'Invalid Host header', 400 tm = libtaxii.messages_11.get_message_from_xml(request.data) if tm.message_type != libtaxii.constants.MSG_DISCOVERY_REQUEST: return 'Invalid message, invalid Message Type', 400 dresp = libtaxii.messages_11.DiscoveryResponse( libtaxii.messages_11.generate_message_id(), tm.message_id) for si in _SERVICE_INSTANCES: sii = libtaxii.messages_11.ServiceInstance( si['type'], 'urn:taxii.mitre.org:services:1.1', 'urn:taxii.mitre.org:protocol:http:1.0', "https://{}/{}".format(server_host, si['path']), ['urn:taxii.mitre.org:message:xml:1.1'], available=True) dresp.service_instances.append(sii) return taxii_make_response(dresp)
def get_feed_content(feed): if not current_user.check_feed(feed): return 'Unauthorized', 401 # check if feed exists status = MMMaster.status() tr = status.get('result', None) if tr is None: return jsonify(error={'message': status.get('error', 'error')}) nname = 'mbus:slave:' + feed if nname not in tr: return jsonify(error={'message': 'Unknown feed'}), 404 nclass = tr[nname].get('class', None) if nclass != 'minemeld.ft.redis.RedisSet': return jsonify(error={'message': 'Unknown feed'}), 404 start = request.values.get('s') if start is None: start = 0 try: start = int(start) if start < 0: raise ValueError() except ValueError: LOG.error("Invalid request, s not a non-negative integer: %s", start) return jsonify(error="s should be a positive integer"), 400 num = request.values.get('n') if num is not None: try: num = int(num) if num <= 0: raise ValueError() except ValueError: LOG.error("Invalid request, n not a positive integer: %s", num) return jsonify(error="n should be a positive integer"), 400 else: num = None desc = request.values.get('d') desc = (False if desc is None else True) value = request.values.get('v') if value is not None and value not in _FEED_FORMATS: return jsonify(error="unknown format %s" % value), 400 mimetype = 'text/plain' formatter = generate_plain_feed if value in _FEED_FORMATS: formatter = _FEED_FORMATS[value]['formatter'] mimetype = _FEED_FORMATS[value]['mimetype'] return Response(stream_with_context( formatter(feed, start, num, desc, value)), mimetype=mimetype)
def taxii_poll_service(): taxiict = request.headers['X-TAXII-Content-Type'] if taxiict == 'urn:taxii.mitre.org:message:xml:1.1': tm = libtaxii.messages_11.get_message_from_xml(request.data) if tm.message_type != libtaxii.constants.MSG_POLL_REQUEST: return 'Invalid message', 400 cname = tm.collection_name excbegtime = tm.exclusive_begin_timestamp_label incendtime = tm.inclusive_end_timestamp_label if not current_user.check_feed(cname): return 'Unauthorized', 401 return data_feed_11(tm.message_id, cname, excbegtime, incendtime) elif taxiict == 'urn:taxii.mitre.org:message:xml:1.0': # old TAXII 1.0 not supported yet return 'Invalid message', 400 else: return 'Invalid message', 400
def taxii_poll_service(): taxiict = request.headers['X-TAXII-Content-Type'] if taxiict == 'urn:taxii.mitre.org:message:xml:1.1': tm = libtaxii.messages_11.get_message_from_xml(request.data) if tm.message_type != libtaxii.constants.MSG_POLL_REQUEST: return 'Invalid message', 400 cname = tm.collection_name excbegtime = tm.exclusive_begin_timestamp_label incendtime = tm.inclusive_end_timestamp_label if not current_user.check_feed(cname): return 'Unauthorized', 401 return data_feed_11(tm.message_id, cname, excbegtime, incendtime) elif taxiict == 'urn:taxii.mitre.org:message:xml:1.0': # old TAXII 1.0 not supported yet return 'Invalid message', 400 else: return 'Invalid message', 400
def taxii_discovery_service(): taxii_feeds = get_taxii_feeds() authorized = next( (tf for tf in taxii_feeds if current_user.check_feed(tf)), None ) if authorized is None: return 'Unauthorized', 401 server_host = config.get('TAXII_HOST', None) if server_host is None: server_host = request.headers.get('Host', None) if server_host is None: return 'Missing Host header', 400 if HOST_RE.match(server_host) is None: return 'Invalid Host header', 400 tm = libtaxii.messages_11.get_message_from_xml(request.data) if tm.message_type != libtaxii.constants.MSG_DISCOVERY_REQUEST: return 'Invalid message, invalid Message Type', 400 dresp = libtaxii.messages_11.DiscoveryResponse( libtaxii.messages_11.generate_message_id(), tm.message_id ) for si in _SERVICE_INSTANCES: sii = libtaxii.messages_11.ServiceInstance( si['type'], 'urn:taxii.mitre.org:services:1.1', 'urn:taxii.mitre.org:protocol:http:1.0', "https://{}/{}".format(server_host, si['path']), ['urn:taxii.mitre.org:message:xml:1.1'], available=True ) dresp.service_instances.append(sii) return taxii_make_response(dresp)
def get_feed_content(feed): if not current_user.check_feed(feed): return '<html><body>Unauthorized</body></html>', 401 # check if feed exists status = MMMaster.status() tr = status.get('result', None) if tr is None: LOG.error("Error retrieving status from MMMaster: {!r}".format(status.get('error', 'error'))) return '<html><body>Internal error</body></html>', 500 nname = 'mbus:slave:' + feed if nname not in tr: return '<html><body>Unknown feed</body></html>', 404 nclass = tr[nname].get('class', None) if nclass != 'minemeld.ft.redis.RedisSet': return '<html><body>Unknown feed</body></html>', 404 start = request.values.get('s') if start is None: start = 0 try: start = int(start) if start < 0: raise ValueError() except ValueError: LOG.error("Invalid request, s not a non-negative integer: %s", start) return '<html><body>s should be a positive integer</body></html>', 400 num = request.values.get('n') if num is not None: try: num = int(num) if num <= 0: raise ValueError() except ValueError: LOG.error("Invalid request, n not a positive integer: %s", num) return '<html><body>n should be a positive integer</body></html>', 400 else: num = None desc = request.values.get('d') desc = (False if desc is None else True) value = request.values.get('v') if value is not None and value not in _FEED_FORMATS: return '<html><body>unknown format</body></html>', 400 kwargs = {} kwargs['translate_ip_ranges'] = int(request.values.get('tr', 0)) # generate IP ranges # move to kwargs all the additional parameters, pop the predefined kwargs.update(request.values.to_dict(flat=False)) kwargs.pop('s', None) kwargs.pop('n', None) kwargs.pop('d', None) kwargs.pop('v', None) kwargs.pop('tr', None) mimetype = 'text/plain' formatter = generate_plain_feed if value in _FEED_FORMATS: formatter = _FEED_FORMATS[value]['formatter'] mimetype = _FEED_FORMATS[value]['mimetype'] return Response( stream_with_context( formatter(feed, start, num, desc, value, **kwargs) ), mimetype=mimetype )
def get_feed_content(feed): if not current_user.check_feed(feed): return 'Unauthorized', 401 # check if feed exists status = MMMaster.status() tr = status.get('result', None) if tr is None: return jsonify(error={'message': status.get('error', 'error')}) nname = 'mbus:slave:' + feed if nname not in tr: return jsonify(error={'message': 'Unknown feed'}), 404 nclass = tr[nname].get('class', None) if nclass != 'minemeld.ft.redis.RedisSet': return jsonify(error={'message': 'Unknown feed'}), 404 start = request.values.get('s') if start is None: start = 0 try: start = int(start) if start < 0: raise ValueError() except ValueError: LOG.error("Invalid request, s not a non-negative integer: %s", start) return jsonify(error="s should be a positive integer"), 400 num = request.values.get('n') if num is not None: try: num = int(num) if num <= 0: raise ValueError() except ValueError: LOG.error("Invalid request, n not a positive integer: %s", num) return jsonify(error="n should be a positive integer"), 400 else: num = None desc = request.values.get('d') desc = (False if desc is None else True) value = request.values.get('v') if value is not None and value not in _FEED_FORMATS: return jsonify(error="unknown format %s" % value), 400 kwargs = {} kwargs['translate_ip_ranges'] = int(request.values.get('tr', 0)) # generate IP ranges # move to kwargs all the additional parameters, pop the predefined kwargs.update(request.values.to_dict(flat=False)) kwargs.pop('s', None) kwargs.pop('n', None) kwargs.pop('d', None) kwargs.pop('v', None) kwargs.pop('tr', None) mimetype = 'text/plain' formatter = generate_plain_feed if value in _FEED_FORMATS: formatter = _FEED_FORMATS[value]['formatter'] mimetype = _FEED_FORMATS[value]['mimetype'] return Response( stream_with_context( formatter(feed, start, num, desc, value, **kwargs) ), mimetype=mimetype )