Merge branch 'release/1.1.2'

TheHive-Project · May 24, 2017 · f2969ac · f2969ac
2 parents b8cd22d + 3f38ab7
commit f2969ac
Show file tree

Hide file tree

Showing 13 changed files with 265 additions and 62 deletions.
diff --git a/.gitignore b/.gitignore
@@ -8,6 +8,7 @@ target
 /RUNNING_PID
 .cache-main
 .cache-tests
+.DS_Store
 *.py[cod]
 /report-templates/*.zip
 
@@ -16,3 +17,4 @@ target
 !/bin/activator.bat
 
 conf/application.conf
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,28 +1,55 @@
 # Change Log
 
-## [1.1.1](https://github.com/CERT-BDF/Cortex/tree/1.1.1) (2017-05-17)
+## [1.1.2](https://github.com/CERT-BDF/Cortex/tree/1.1.2)
 
-[Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.1.0...1.1.1)
+[Full Changelog](https://github.com/CERT-BDF/Cortex/compare/rpm/1.1.1-2...1.1.2)
 
 **Implemented enhancements:**
 
+- Add page loader [\#30](https://github.com/CERT-BDF/Cortex/issues/30)
+- Initialize MISP modules at startup [\#28](https://github.com/CERT-BDF/Cortex/issues/28)
+
+**Fixed bugs:**
+
+- jobstatus from jobs within cortex are not updated when status changes [\#31](https://github.com/CERT-BDF/Cortex/issues/31)
+- Cortex and MISP unclear and error-loop [\#29](https://github.com/CERT-BDF/Cortex/issues/29)
+- Error 500 in TheHive when a job is submited to Cortex [\#27](https://github.com/CERT-BDF/Cortex/issues/27)
+
+## [rpm/1.1.1-2](https://github.com/CERT-BDF/Cortex/tree/rpm/1.1.1-2) (2017-05-19)
+[Full Changelog](https://github.com/CERT-BDF/Cortex/compare/debian/1.1.1-2...rpm/1.1.1-2)
+
+## [debian/1.1.1-2](https://github.com/CERT-BDF/Cortex/tree/debian/1.1.1-2) (2017-05-19)
+[Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.1.1...debian/1.1.1-2)
+
+**Fixed bugs:**
+
+- After Upgrade from Cortex 1.0.2 to 1.1.1 system does not come up [\#26](https://github.com/CERT-BDF/Cortex/issues/26)
+
+## [1.1.1](https://github.com/CERT-BDF/Cortex/tree/1.1.1) (2017-05-17)
+[Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.1.0...1.1.1)
+
+**Fixed bugs:**
+
 - Missing logos and favicons [\#25](https://github.com/CERT-BDF/Cortex/issues/25)
-- MISP integration feature request [\#21](https://github.com/CERT-BDF/Cortex/issues/21)
 
-## [1.1.0](https://github.com/CERT-BDF/Cortex/tree/1.1.0) (2017-05-12)
+**Closed issues:**
+
+- Cortex 1.1.0 doesnt work with theHive 2.11.0 [\#24](https://github.com/CERT-BDF/Cortex/issues/24)
+- MISP integration [\#21](https://github.com/CERT-BDF/Cortex/issues/21)
 
+## [1.1.0](https://github.com/CERT-BDF/Cortex/tree/1.1.0) (2017-05-12)
 [Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.0.2...1.1.0)
 
 **Implemented enhancements:**
 
 - Add support to .deb and .rpm package generation [\#20](https://github.com/CERT-BDF/Cortex/issues/20)
+- Scala code cleanup [\#19](https://github.com/CERT-BDF/Cortex/issues/19)
 - Display analyzers metadata [\#18](https://github.com/CERT-BDF/Cortex/issues/18)
 
 **Closed issues:**
 
 - Display Cortex version on the footer [\#23](https://github.com/CERT-BDF/Cortex/issues/23)
 - Use new logo and favicon [\#22](https://github.com/CERT-BDF/Cortex/issues/22)
-- Scala code cleanup [\#19](https://github.com/CERT-BDF/Cortex/issues/19)
 
 ## [1.0.2](https://github.com/CERT-BDF/Cortex/tree/1.0.2) (2017-04-19)
 [Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.0.1...1.0.2)
@@ -36,6 +63,7 @@
 
 **Closed issues:**
 
+- Support for cuckoo malware analysis plattform \(link analysis\) [\#17](https://github.com/CERT-BDF/Cortex/issues/17)
 - Documentation on 'How to create an analyzer' [\#10](https://github.com/CERT-BDF/Cortex/issues/10)
 
 ## [1.0.1](https://github.com/CERT-BDF/Cortex/tree/1.0.1) (2017-03-08)
@@ -52,4 +80,4 @@
 ## [1.0.0](https://github.com/CERT-BDF/Cortex/tree/1.0.0) (2017-02-01)
 
 
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
diff --git a/app/models/JsonFormat.scala b/app/models/JsonFormat.scala
@@ -18,8 +18,7 @@ object JsonFormat {
   implicit val fileArtifactWrites: OWrites[FileArtifact] = OWrites[FileArtifact](fileArtifact ⇒ Json.obj(
     "attributes" → fileArtifact.attributes))
 
-  implicit val dataArtifactWrites: OWrites[DataArtifact] = OWrites[DataArtifact](artifact ⇒
-    artifact.attributes + ("data" → JsString(artifact.data)))
+  implicit val dataArtifactWrites: OWrites[DataArtifact] = Json.writes[DataArtifact]
   implicit val dataActifactReads: Reads[DataArtifact] = Json.reads[DataArtifact]
 
   val artifactWrites: OWrites[Artifact] = OWrites[Artifact] {

diff --git a/app/services/MispSrv.scala b/app/services/MispSrv.scala
@@ -12,7 +12,8 @@ import play.api.libs.json.{ Json, _ }
 import play.api.{ Configuration, Logger }
 
 import scala.collection.JavaConverters._
-import scala.concurrent.{ ExecutionContext, Future }
+import scala.concurrent.{ Await, ExecutionContext, Future }
+import scala.concurrent.duration._
 import scala.sys.process._
 import scala.util.{ Failure, Success, Try }
 
@@ -42,25 +43,34 @@ class MispSrv(
 
   logger.info(s"MISP modules is ${if (mispModulesEnabled) "enabled" else "disabled"}, loader is $loaderCommand")
 
-  lazy val list: Seq[MispModule] = if (mispModulesEnabled) {
-    Json.parse(s"$loaderCommand --list".!!)
-      .as[Seq[String]]
-      .map { moduleName ⇒
-        moduleName → (for {
-          moduleInfo ← Try(Json.parse(s"$loaderCommand --info $moduleName".!!))
-          module ← Try(moduleInfo.as[MispModule](reads(loaderCommand, mispModuleConfig)))
-        } yield module)
-      }
-      .flatMap {
-        case (moduleName, Failure(error)) ⇒
-          logger.warn(s"Load MISP module $moduleName fails", error)
+  private[MispSrv] val futureList: Future[Seq[MispModule]] = Future {
+    if (mispModulesEnabled) {
+      val moduleNameList = Try(Json.parse(s"$loaderCommand --list".!!).as[Seq[String]]) match {
+        case Success(l) ⇒ l
+        case Failure(error) ⇒
+          logger.error(s"MISP module loader fails", error)
           Nil
-        case (_, Success(module)) ⇒
-          logger.info(s"Register MISP module ${module.name} ${module.version}")
-          Seq(module)
       }
-  }
-  else Nil
+
+      moduleNameList
+        .map { moduleName ⇒
+          moduleName → (for {
+            moduleInfo ← Try(Json.parse(s"$loaderCommand --info $moduleName".!!))
+            module ← Try(moduleInfo.as[MispModule](reads(loaderCommand, mispModuleConfig)))
+          } yield module)
+        }
+        .flatMap {
+          case (moduleName, Failure(error)) ⇒
+            logger.warn(s"Load MISP module $moduleName fails: ${error.getMessage}")
+            Nil
+          case (_, Success(module)) ⇒
+            logger.info(s"Register MISP module ${module.name} ${module.version}")
+            Seq(module)
+        }
+    }
+    else Nil
+  }(analyzeExecutionContext)
+  lazy val list: Seq[MispModule] = Await.result(futureList, 5.minutes)
 
   def get(moduleName: String): Option[MispModule] = list.find(_.name == moduleName)
 
@@ -149,7 +159,7 @@ class MispSrv(
 
   private def toArtifact(mispType: String, data: String): Artifact = {
     mispType2dataType(mispType) match {
-      case "file" if mispType == "malware-sample" ⇒ ???
+      case "file" if mispType == "malware-sample" ⇒ ??? // TODO
       case "file" ⇒ FileArtifact(Base64.decodeBase64(data), Json.obj(
         "tlp" → 1,
         "dataType" → "file"))
@@ -188,8 +198,7 @@ class MispSrv(
             Json.obj(
               "types" → dataType2mispType(artifact.dataType),
               "values" → Json.arr(artifact.data))
-          case artifact: FileArtifact ⇒
-            ??? // TODO
+          case artifact: FileArtifact ⇒ ??? // TODO
         }
         val cortexAttribute = Json.obj(
           "types" → Seq("cortex"),
@@ -229,10 +238,8 @@ class MispSrv(
       requiredConfig ← (__ \ "config").read[Set[String]]
       missingConfig = requiredConfig -- config.keys
       _ ← if (missingConfig.nonEmpty) {
-        val message = s"MISP module $name is disabled because the following configuration " +
-          s"item${if (missingConfig.size > 1) "s are" else " is"} missing: ${missingConfig.mkString(", ")}"
-        logger.warn(message)
-        Reads[Unit](_ ⇒ JsError(message))
+        Reads[Unit](_ ⇒ JsError(s"MISP module $name is disabled because the following configuration " +
+          s"item${if (missingConfig.size > 1) "s are" else " is"} missing: ${missingConfig.mkString(", ")}"))
       }
       else {
         Reads[Unit](_ ⇒ JsSuccess(()))

diff --git a/build.sbt b/build.sbt
@@ -13,16 +13,22 @@ libraryDependencies ++= Seq(
   "org.scalatestplus.play" %% "scalatestplus-play" % "1.5.1" % Test
 )
 
-resolvers += "scalaz-bintray" at "http://dl.bintray.com/scalaz/releases"
+// Add information in manifest
+import Package.ManifestAttributes
+import java.util.jar.Attributes.Name._
+packageOptions  ++= Seq(
+  ManifestAttributes(IMPLEMENTATION_TITLE -> name.value),
+  ManifestAttributes(IMPLEMENTATION_VERSION -> version.value),
+  ManifestAttributes(SPECIFICATION_VENDOR -> "TheHive Project"),
+  ManifestAttributes(SPECIFICATION_TITLE -> name.value),
+  ManifestAttributes(SPECIFICATION_VERSION -> "TheHive Project")
+)
 
+resolvers += "scalaz-bintray" at "http://dl.bintray.com/scalaz/releases"
 Release.releaseVersionUIFile := baseDirectory.value / "ui" / "package.json"
-
 Release.changelogFile := baseDirectory.value / "CHANGELOG.md"
-
 publishArtifact in (Compile, packageDoc) := false
-
 publishArtifact in packageDoc := false
-
 sources in (Compile,doc) := Seq.empty
 
 // Front-end //