NAME

Shadowd::Connector - Shadow Daemon Connector (Base)

VERSION

Version 2.0.0

SYNOPSIS

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.

Shadowd::Connector is the base class to connect Perl applications with the Shadow Daemon background server. It is not possible to use this module directly, because there are abstract methods that have to be implemented.

METHODS

new()

This method is a simple constructor for an object oriented interface.

get_client_ip()

This is an abstract method that has to be implemented by a subclass. It has to return the IP address of the client.

get_caller()

This is an abstract method that has to be implemented by a subclass. It has to return the name of the caller.

get_resource()

This is an abstract method that has to be implemented by a subclass. It has to return the the requested resource.

gather_input()

This is an abstract method that has to be implemented by a subclass. It has to save the user input in the class attribute _input.

defuse_input($threats)

This is an abstract method that has to be implemented by a subclass. It has to remove threats from the user input.

gather_hashes()

This is an abstract method that has to be implemented by a subclass. It has to save the cryptographically secure checksums of the executed script in the class attribute _hashes.

error()

This is an abstract method that has to be implemented by a subclass. It has to display an error message.

init_config()

This method initializes and loads the configuration.

get_config($key, $required, $default)

This method returns values from the configuration.

get_input()

This method returns the user input that is brought together by gather_input.

get_hashes()

This method returns the hashes that are brought together by gather_hashes.

remove_ignored($file)

The method removes user input that should be ignored from the class attribute _input.

send_input($host, $port, $profile, $key, $ssl)

This method sends the user input to the background server and return the parsed response.

parse_output($output)

This method parses the response of the background server.

sign($key, $json)

This method signs the input with a secret key to authenticate requests without having to send the password.

log($message)

This method writes messages to a log file.

escape_key($key)

This method escapes keys, i.e. single elements of a path.

unescape_key($key)

This method unescapes keys, i.e. single elements of a path.

split_path($path)

This method splits a path into keys.

start()

This method connects the different components of the module and starts the complete protection process.

AUTHOR

Hendrik Buchwald, <hb@zecure.org>

BUGS

Please report any bugs or feature requests to bug-shadowd-connector@rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Shadowd-Connector. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

It is also possible to report bugs via Github at https://github.com/zecure/shadowd_perl/issues.

SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc Shadowd::Connector

You can also look for information at:

LICENSE AND COPYRIGHT

Shadow Daemon -- Web Application Firewall

Copyright (C) 2014-2016 Hendrik Buchwald <hb@zecure.org>

This file is part of Shadow Daemon. Shadow Daemon is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.