misc fixes from code review

Author: hkparker

.env

@@ -6,6 +6,8 @@ WAVE_ENV=development
 WAVE_TLS=false
 WAVE_DB_HOSTNAME=127.0.0.1
 WAVE_DB_USERNAME=postgres
-WAVE_DB_PASSWORD=pastgres
+WAVE_DB_PASSWORD=postgres
+WAVE_DB_ADMIN_USERNAME=postgres
+WAVE_DB_ADMIN_PASSWORD=postgres
 WAVE_DB_NAME=wave_dev
 WAVE_DB_TLS=disable

README.md

@@ -8,7 +8,7 @@ You'll need `npm`, `go`, and `docker-compose` available.
 
 ### Installing dependencies
 
-Install [reflex](https://github.com/cespare/reflex), [forego](https://github.com/ddollar/forego), and [go-bindata](https://github.com/jteeuwen/go-bindata), run `go get -t` and `npm install`.
+Install [reflex](https://github.com/cespare/reflex), [forego](https://github.com/ddollar/forego), and [go-bindata](https://github.com/jteeuwen/go-bindata), run `make embedded-assets`, `go get -t`, and `npm install`.
 
 ```
 make deps

controllers/controllers.go

@@ -14,7 +14,10 @@ func init() {
 			for _, client := range VisualClients {
 				err := client.WriteJSON(event)
 				if err != nil {
-					log.Warn(err)
+					log.WithFields(log.Fields{
+						"at":    "controllers.init",
+						"error": err.Error(),
+					}).Warn("error writing visual update to client")
 				}
 			}
 		}

controllers/router.go

@@ -3,6 +3,7 @@ package controllers
 import (
 	"github.com/gin-gonic/contrib/static"
 	"github.com/gin-gonic/gin"
+	"github.com/hkparker/Wave/engines/visualizer"
 	"github.com/hkparker/Wave/helpers"
 	"github.com/hkparker/Wave/middleware"
 )
@@ -51,6 +52,8 @@ func NewAPI() *gin.Engine {
 }
 
 func NewCollector() *gin.Engine {
+	visualizer.Load()
+
 	collector := gin.Default()
 	collector.GET("/frames", pollCollector)
 	return collector

controllers/users_test.go

@@ -336,7 +336,8 @@ func TestAdminCanAssignUserPassword(t *testing.T) {
 	assert.Equal(200, resp.StatusCode)
 	user.Reload()
 	assert.Equal(true, user.ValidAuthentication("1234"))
-	//assert.Equal(0, len(user.Sessions))
+	user.DestroyAllSessions()
+	assert.Equal(0, len(user.Sessions))
 }
 
 func TestUserCannotAssignUserPassword(t *testing.T) {

controllers/visualizer.go

@@ -25,6 +25,10 @@ func streamVisualization(c *gin.Context) {
 		for _, event := range visualizer.CatchupEvents() {
 			err := conn.WriteJSON(event)
 			if err != nil {
+				log.WithFields(log.Fields{
+					"at":    "controllers.streamVisualization",
+					"error": err.Error(),
+				}).Error("error writing catch-up event")
 			}
 		}
 		VisualClients[id] = conn

engines/ids/ids.go

@@ -1,11 +1,13 @@
 package ids
 
 import (
+	"encoding/json"
 	"fmt"
 	log "github.com/Sirupsen/logrus"
 	"github.com/hkparker/Wave/helpers"
 	"github.com/hkparker/Wave/models"
 	"github.com/robertkrimen/otto"
+	"sync"
 )
 
 var VMs = make(map[string][]*otto.Otto, 0)
@@ -15,11 +17,19 @@ var Alerts = make(chan models.Alert, 0)
 func init() {
 	go processAlerts()
 	go prepareVMs()
-	buildVMs()
 }
 
 var alerting_function = func(call otto.FunctionCall) otto.Value {
-	Alerts <- models.Alert{} //call.Argument(0).String()
+	new_alert := models.Alert{}
+	err := json.Unmarshal([]byte(call.Argument(0).String()), new_alert)
+	if err != nil {
+		log.WithFields(log.Fields{
+			"at":    "ids.alerting_function",
+			"error": err.Error(),
+		}).Error("bad alert from rule")
+	} else {
+		Alerts <- new_alert
+	}
 	return otto.Value{}
 }
 
@@ -59,7 +69,11 @@ func buildVMs() (vm_set []*otto.Otto) {
 			vm := otto.New()
 			_, err := vm.Run(string(rule_data))
 			if err != nil {
-				log.Error(err)
+				log.WithFields(log.Fields{
+					"at":    "ids.buildVMs",
+					"file":  rule_file,
+					"error": err.Error(),
+				}).Error("error loading rule data into VM")
 			}
 			vm.Set("alert", alerting_function)
 			vm_set = append(vm_set, vm)
@@ -79,10 +93,15 @@ func Insert(frame string, parsed models.Wireless80211Frame) {
 		vm_set = <-NewVMs
 		VMs[parsed.Interface] = vm_set
 	}
+	var evals sync.WaitGroup
 	for _, vm := range vm_set {
-		_, err := vm.Run(fmt.Sprintf("evaluate(%s)", frame))
-		if err != nil {
-			log.Error(err)
-		}
+		evals.Add(1)
+		go func(vm *otto.Otto) {
+			_, err := vm.Run(fmt.Sprintf("evaluate(%s)", frame))
+			if err != nil {
+				log.WithFields(log.Fields{}).Error(err)
+			}
+		}(vm)
 	}
+	evals.Wait()
 }

engines/ids/rules/example-rule.js

@@ -7,4 +7,11 @@ var manifest = {
 function evaluate(frame) {
 	// We can pretty print each from by logging JSON.stringify
 	//console.log(JSON.stringify(frame, null, 2))
+
+	// If this frame results in an IDS alert, we send an 
+	alert(JSON.stringify({
+		"Title": "Example rule got a frame",
+		"Rule": manifest.Name,
+		"Severity": "low"
+	}))
 }

engines/visualizer/visualizer.go

@@ -7,9 +7,26 @@ import (
 
 var Devices = make(map[string]models.Device)
 var DevicesMux sync.Mutex
+var Networks = make(map[string][]models.Network)
+var NetworksMux sync.Mutex
 
-func init() {
-	// Load devices from DB
+func Load() {
+	DevicesMux.Lock()
+	defer DevicesMux.Unlock()
+	NetworksMux.Lock()
+	defer NetworksMux.Unlock()
+
+	all_devices := make([]models.Device, 0)
+	models.Orm.Find(&all_devices)
+	for _, device := range all_devices {
+		Devices[device.MAC] = device
+	}
+
+	all_networks := make([]models.Network, 0)
+	models.Orm.Find(&all_networks)
+	for _, network := range all_networks {
+		Networks[network.SSID] = append(Networks[network.SSID], network)
+	}
 }
 
 func Insert(frame models.Wireless80211Frame) {

helpers/database.go

@@ -8,6 +8,8 @@ import (
 var DBHostname string
 var DBUsername string
 var DBPassword string
+var DBAdminUsername string
+var DBAdminPassword string
 var DBName string
 var DBTLS string
 
@@ -18,11 +20,13 @@ func setDatabase() {
 	}
 
 	DBUsername = os.Getenv("WAVE_DB_USERNAME")
+	DBAdminUsername = os.Getenv("WAVE_DB_ADMIN_USERNAME")
 	if DBUsername == "" {
 		log.Fatal("WAVE_DB_USERNAME envar must be provided")
 	}
 
 	DBPassword = os.Getenv("WAVE_DB_PASSWORD")
+	DBAdminPassword = os.Getenv("WAVE_DB_ADMIN_PASSWORD")
 	if DBPassword == "" {
 		log.Fatal("WAVE_DB_PASSWORD envar must be provided")
 	}

main.go

@@ -11,12 +11,7 @@ import (
 func main() {
 	// Setup environment
 	helpers.Setup()
-	models.Connect(
-		helpers.DBUsername,
-		helpers.DBPassword,
-		helpers.DBName,
-		helpers.DBTLS,
-	)
+	models.Connect()
 
 	// Start Collector server
 	go helpers.RunTLS(

models/collector.go

@@ -44,7 +44,10 @@ func Collectors() (collectors []Collector, err error) {
 func CreateCollector(name string) (collector Collector, err error) {
 	cert_data, key_data, err := newCollectorKeys()
 	if err != nil {
-		log.Errorf("failed to create collector: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.CreateCollector",
+			"error": err.Error(),
+		}).Error("failed to create collector")
 		return
 	}
 	collector = Collector{
@@ -60,7 +63,10 @@ func newCollectorKeys() (cert_data []byte, key_data []byte, err error) {
 	api_cert := APITLSCertificate()
 	ca, err := x509.ParseCertificate(api_cert.Certificate[0])
 	if err != nil {
-		log.Errorf("error parsing API TLS certificate for new collector: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.newColletorKeys",
+			"error": err.Error(),
+		}).Error("error parsing API TLS certificate for new collector")
 		return
 	}
 	ca_key := api_cert.PrivateKey
@@ -78,21 +84,30 @@ func newCollectorKeys() (cert_data []byte, key_data []byte, err error) {
 	}
 	collector_priv, err := rsa.GenerateKey(rand.Reader, 2048)
 	if err != nil {
-		log.Errorf("error generating private key for new collector: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.newColletorKeys",
+			"error": err.Error(),
+		}).Error("error generating private key for new collector")
 		return
 	}
 	collector_pub := &collector_priv.PublicKey
 	collector_cert_data, err := x509.CreateCertificate(rand.Reader, collector_cert, ca, collector_pub, ca_key)
 	if err != nil {
-		log.Errorf("error creating collector certificate: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.newColletorKeys",
+			"error": err.Error(),
+		}).Error("error creating collector certificate")
 		return
 	}
 
 	// Create PEM encoding of certificate
 	var cert_buffer bytes.Buffer
 	err = pem.Encode(&cert_buffer, &pem.Block{Type: "CERTIFICATE", Bytes: collector_cert_data})
 	if err != nil {
-		log.Errorf("could not PEM encode collector certificate data: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.newColletorKeys",
+			"error": err.Error(),
+		}).Error("could not PEM encode collector certificate data")
 		return
 	}
 	cert_data = cert_buffer.Bytes()
@@ -101,7 +116,10 @@ func newCollectorKeys() (cert_data []byte, key_data []byte, err error) {
 	var key_buffer bytes.Buffer
 	err = pem.Encode(&key_buffer, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(collector_priv)})
 	if err != nil {
-		log.Errorf("could not PEM encode collector key data: %s", err)
+		log.WithFields(log.Fields{
+			"at":    "models.newColletorKeys",
+			"error": err.Error(),
+		}).Error("could not PEM encode collector key data")
 		return
 	}
 	key_data = key_buffer.Bytes()

models/database.go

@@ -3,51 +3,57 @@ package models
 import (
 	"fmt"
 	log "github.com/Sirupsen/logrus"
+	"github.com/hkparker/Wave/helpers"
 	"github.com/jinzhu/gorm"
 	_ "github.com/jinzhu/gorm/dialects/postgres"
 	_ "github.com/jinzhu/gorm/dialects/sqlite"
 )
 
 var Orm *gorm.DB
 
-func Connect(db_username, db_password, db_name, db_ssl string) {
-	db_check_args := fmt.Sprintf(
-		"user=%s password=%s sslmode=%s",
-		db_username,
-		db_password,
-		db_ssl,
-	)
-	var err error
-	check, err := gorm.Open("postgres", db_check_args)
-	if err != nil {
-		log.WithFields(log.Fields{
-			"at":    "models.Connect",
-			"user":  db_username,
-			"ssl":   db_ssl,
-			"error": err.Error(),
-		}).Fatal("unable to connect to database server")
-	}
-	if check.Exec(fmt.Sprintf("SELECT 1 FROM pg_database WHERE datname = '%s'", db_name)).RowsAffected != 1 {
-		check.Exec(fmt.Sprintf("CREATE DATABASE %s", db_name))
-		log.WithFields(log.Fields{
-			"at":      "models.Connect",
-			"db_name": db_name,
-		}).Info("created missing database")
+func Connect() {
+	if helpers.DBAdminUsername != "" {
+		db_check_args := fmt.Sprintf(
+			"user=%s password=%s sslmode=%s",
+			helpers.DBAdminUsername,
+			helpers.DBAdminPassword,
+			helpers.DBTLS,
+		)
+		var err error
+		check, err := gorm.Open("postgres", db_check_args)
+		if err != nil {
+			log.WithFields(log.Fields{
+				"at":    "models.Connect",
+				"user":  helpers.DBAdminUsername,
+				"ssl":   helpers.DBTLS,
+				"error": err.Error(),
+			}).Fatal("unable to connect to database server")
+		}
+		if check.Exec(fmt.Sprintf("SELECT 1 FROM pg_database WHERE datname = '%s'", helpers.DBName)).RowsAffected != 1 {
+			check.Exec(fmt.Sprintf("CREATE DATABASE %s", helpers.DBName))
+			log.WithFields(log.Fields{
+				"at":      "models.Connect",
+				"db_name": helpers.DBName,
+			}).Info("created missing database")
+		}
 	}
+
 	db_args := fmt.Sprintf(
 		"user=%s password=%s sslmode=%s dbname=%s",
-		db_username,
-		db_password,
-		db_ssl,
-		db_name,
+		helpers.DBUsername,
+		helpers.DBPassword,
+		helpers.DBTLS,
+		helpers.DBName,
 	)
+	var err error
 	Orm, err = gorm.Open("postgres", db_args)
 	if err != nil {
 		log.WithFields(log.Fields{
-			"at":    "models.Connect",
-			"user":  db_username,
-			"ssl":   db_ssl,
-			"error": err.Error(),
+			"at":     "models.Connect",
+			"user":   helpers.DBUsername,
+			"ssl":    helpers.DBTLS,
+			"dbname": helpers.DBName,
+			"error":  err.Error(),
 		}).Fatal("unable to connect to database server")
 	}
 	Setup()