Merge tag '2.0.2' into develop

2.0.2

Author: To-om

CHANGELOG.md

@@ -1,5 +1,17 @@
 # Change Log
 
+## [2.0.2](https://github.com/TheHive-Project/Cortex/tree/2.02)
+
+[Full Changelog](https://github.com/TheHive-Project/Cortex/compare/2.0.1...2.0.2)
+
+**Fixed bugs:**
+
+- Silently failure when ElasticSearch is unreachable [\#76](https://github.com/TheHive-Project/Cortex/issues/76)
+- Coretxutils and TypeError: argument of type 'bool' is not iterable [\#73](https://github.com/TheHive-Project/Cortex/issues/73)
+- Unable to disable analyzers [\#72](https://github.com/TheHive-Project/Cortex/issues/72)
+- Cortex 2 is not passing proxy variable to analyzers [\#71](https://github.com/TheHive-Project/Cortex/issues/71)
+- Session collision when TheHive & Cortex 2 share the same URL [\#70](https://github.com/TheHive-Project/Cortex/issues/70)
+
 ## [2.0.1](https://github.com/TheHive-Project/Cortex/tree/2.0.1) (2018-03-30)
 [Full Changelog](https://github.com/TheHive-Project/Cortex/compare/2.0.0...2.0.1)
 
@@ -9,7 +21,7 @@
 - Packages contain obsolete configuration sample [\#68](https://github.com/TheHive-Project/Cortex/issues/68)
 - User can't change his password [\#67](https://github.com/TheHive-Project/Cortex/issues/67)
 
-## [2.0.0](https://github.com/TheHive-Project/Cortex/tree/2.0.0) (2018-03-29)
+## [2.0.0](https://github.com/TheHive-Project/Cortex/tree/2.0.0) (2018-03-30)
 [Full Changelog](https://github.com/TheHive-Project/Cortex/compare/1.1.4...2.0.0)
 
 **Implemented enhancements:**
@@ -63,6 +75,9 @@
 - Problem Start Cortex on Ubuntu 16.04 [\#35](https://github.com/TheHive-Project/Cortex/issues/35)
 - Error when parsing analyzer failure report [\#33](https://github.com/TheHive-Project/Cortex/issues/33)
 
+## [debian/1.1.2-2](https://github.com/TheHive-Project/Cortex/tree/debian/1.1.2-2) (2017-05-24)
+[Full Changelog](https://github.com/TheHive-Project/Cortex/compare/1.1.2...debian/1.1.2-2)
+
 ## [1.1.2](https://github.com/TheHive-Project/Cortex/tree/1.1.2) (2017-05-24)
 [Full Changelog](https://github.com/TheHive-Project/Cortex/compare/debian/1.1.1-2...1.1.2)
 
@@ -142,4 +157,4 @@
 ## [1.0.0](https://github.com/TheHive-Project/Cortex/tree/1.0.0) (2017-02-01)
 
 
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

app/org/thp/cortex/models/Job.scala

@@ -45,5 +45,8 @@ class JobModel @Inject() () extends ModelDef[JobModel, Job]("job", "Job", "/job"
 class Job(model: JobModel, attributes: JsObject) extends EntityDef[JobModel, Job](model, attributes) with JobAttributes {
   val params: JsObject = Try(Json.parse(parameters()).as[JsObject]).getOrElse(JsObject.empty)
 
-  override def toJson: JsObject = super.toJson + ("date" -> Json.toJson(createdAt))
+  override def toJson: JsObject = {
+    val output = super.toJson + ("date" -> Json.toJson(createdAt))
+    input().fold(output)(i ⇒ output + ("input" -> Json.parse(i)))
+  }
 }

app/org/thp/cortex/services/CSRFFilter.scala

@@ -0,0 +1,40 @@
+package org.thp.cortex.services
+
+import javax.inject.{ Inject, Provider, Singleton }
+
+import play.api.Logger
+import play.api.http.SessionConfiguration
+import play.api.libs.crypto.CSRFTokenSigner
+import play.api.mvc.RequestHeader
+import play.filters.csrf.CSRF.{ ErrorHandler ⇒ CSRFErrorHandler, TokenProvider }
+import play.filters.csrf.CSRFConfig
+
+import akka.stream.Materializer
+
+object CSRFFilter {
+  private[CSRFFilter] lazy val logger = Logger(getClass)
+
+  def shouldProtect(request: RequestHeader): Boolean = {
+    val isLogin = request.uri.startsWith("/api/login")
+    val isApi = request.uri.startsWith("/api")
+    val isInSession = request.session.data.nonEmpty
+    val check = !isLogin && isApi && isInSession
+    logger.debug(s"[csrf] uri ${request.uri} (isLogin=$isLogin, isApi=$isApi, isInSession=$isInSession): ${if (check) "" else "don't"} check")
+    check
+  }
+
+}
+
+@Singleton
+class CSRFFilter @Inject() (
+    config: Provider[CSRFConfig],
+    tokenSignerProvider: Provider[CSRFTokenSigner],
+    sessionConfiguration: SessionConfiguration,
+    tokenProvider: TokenProvider,
+    errorHandler: CSRFErrorHandler)(mat: Materializer)
+  extends play.filters.csrf.CSRFFilter(
+    config.get.copy(shouldProtect = CSRFFilter.shouldProtect),
+    tokenSignerProvider.get,
+    sessionConfiguration,
+    tokenProvider,
+    errorHandler)(mat)

app/org/thp/cortex/services/JobSrv.scala

@@ -415,9 +415,9 @@ class JobSrv(
           .validatedBy(_.read(configAndParam))
           .map(cfg ⇒ Json.obj("config" -> JsObject(cfg).deepMerge(analyzerDefinition.configuration)))
           .map { cfg ⇒
-            val proxy_http = (cfg \ "proxy_http").asOpt[String].fold(JsObject.empty) { proxy ⇒ Json.obj("proxy" -> Json.obj("http" -> proxy)) }
-            val proxy_https = (cfg \ "proxy_https").asOpt[String].fold(JsObject.empty) { proxy ⇒ Json.obj("proxy" -> Json.obj("https" -> proxy)) }
-            cfg.deepMerge(proxy_http).deepMerge(proxy_https)
+            val proxy_http = (cfg \ "config" \ "proxy_http").asOpt[String].fold(JsObject.empty) { proxy ⇒ Json.obj("proxy" -> Json.obj("http" -> proxy)) }
+            val proxy_https = (cfg \ "config" \ "proxy_https").asOpt[String].fold(JsObject.empty) { proxy ⇒ Json.obj("proxy" -> Json.obj("https" -> proxy)) }
+            cfg.deepMerge(Json.obj("config" -> (proxy_http.deepMerge(proxy_https))))
           }
           .map(_ deepMerge artifact +
             ("dataType" -> JsString(job.dataType())) +

conf/reference.conf

@@ -13,17 +13,19 @@ cache {
 # HTTP filters
 play.filters {
   # name of cookie in which the CSRF token is transmitted to client
-  csrf.cookie.name = XSRF-TOKEN
+  csrf.cookie.name = CORTEX-XSRF-TOKEN
   # name of header in which the client should send CSRD token
-  csrf.header.name = X-XSRF-TOKEN
+  csrf.header.name = X-CORTEX-XSRF-TOKEN
 
   enabled = [
     org.thp.cortex.services.StreamFilter,
     org.elastic4play.services.TempFilter,
-    // global.CSRFFilter
+    org.thp.cortex.services.CSRFFilter
   ]
 }
 
+play.http.session.cookieName = CORTEX_SESSION
+
 # ElasticSearch
 search {
   # Name of the index

version.sbt

@@ -1 +1 @@
-version in ThisBuild := "2.0.1"
+version in ThisBuild := "2.0.2"

www/.gitignore

@@ -5,3 +5,5 @@ bower_components/
 .tmp/
 true!ng-annotate/
 dist/
+package-lock.json
+config/manifest.json