/src/osquery/plugins/config/tls_config.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /** |
2 | | * Copyright (c) 2014-present, The osquery authors |
3 | | * |
4 | | * This source code is licensed as defined by the LICENSE file found in the |
5 | | * root directory of this source tree. |
6 | | * |
7 | | * SPDX-License-Identifier: (Apache-2.0 OR GPL-2.0-only) |
8 | | */ |
9 | | |
10 | | // clang-format off |
11 | | // Keep it on top of all other includes to fix double include WinSock.h header file |
12 | | // which is windows specific boost build problem |
13 | | #include <osquery/remote/utility.h> |
14 | | // clang-format on |
15 | | |
16 | | #include <osquery/config/config.h> |
17 | | #include <osquery/core/flags.h> |
18 | | #include <osquery/dispatcher/dispatcher.h> |
19 | | #include <osquery/registry/registry.h> |
20 | | #include <osquery/remote/enroll/enroll.h> |
21 | | #include <osquery/remote/requests.h> |
22 | | #include <osquery/remote/serializers/json.h> |
23 | | #include <osquery/utils/chars.h> |
24 | | #include <osquery/utils/json/json.h> |
25 | | #include <plugins/config/tls_config.h> |
26 | | |
27 | | #include <sstream> |
28 | | #include <vector> |
29 | | |
30 | | namespace osquery { |
31 | | |
32 | | CLI_FLAG(uint64, |
33 | | config_tls_max_attempts, |
34 | | 3, |
35 | | "Number of attempts to retry a TLS config request"); |
36 | | |
37 | | /// Config retrieval TLS endpoint (path) using TLS hostname. |
38 | | CLI_FLAG(string, |
39 | | config_tls_endpoint, |
40 | | "", |
41 | | "TLS/HTTPS endpoint for config retrieval"); |
42 | | |
43 | | DECLARE_bool(tls_node_api); |
44 | | DECLARE_bool(enroll_always); |
45 | | |
46 | | REGISTER(TLSConfigPlugin, "config", "tls"); |
47 | | |
48 | 0 | Status TLSConfigPlugin::setUp() { |
49 | 0 | if (FLAGS_enroll_always && !FLAGS_disable_enrollment) { |
50 | | // clear any cached node key |
51 | 0 | clearNodeKey(); |
52 | 0 | auto node_key = getNodeKey("tls"); |
53 | 0 | if (node_key.size() == 0) { |
54 | | // Could not generate a node key, continue logging to stderr. |
55 | 0 | return Status(1, "No node key, TLS config failed."); |
56 | 0 | } |
57 | 0 | } |
58 | | |
59 | 0 | uri_ = TLSRequestHelper::makeURI(FLAGS_config_tls_endpoint); |
60 | 0 | return Status(0, "OK"); |
61 | 0 | } |
62 | | |
63 | 0 | Status TLSConfigPlugin::genConfig(std::map<std::string, std::string>& config) { |
64 | 0 | std::string json; |
65 | 0 | JSON params; |
66 | 0 | if (FLAGS_tls_node_api) { |
67 | | // The TLS node API morphs some verbs and variables. |
68 | 0 | params.add("_get", true); |
69 | 0 | } |
70 | |
|
71 | 0 | auto s = TLSRequestHelper::go<JSONSerializer>( |
72 | 0 | uri_, params, json, FLAGS_config_tls_max_attempts); |
73 | 0 | if (s.ok()) { |
74 | 0 | if (FLAGS_tls_node_api) { |
75 | | // The node API embeds configuration data (JSON escaped). |
76 | |
|
77 | 0 | JSON tree; |
78 | 0 | Status parse_status = tree.fromString(json); |
79 | 0 | if (!parse_status.ok()) { |
80 | 0 | VLOG(1) << "Could not parse JSON from TLS config node API"; |
81 | 0 | return Status::failure("Could not parse JSON from TLS config node API"); |
82 | 0 | } |
83 | | |
84 | 0 | if (!tree.doc().IsObject()) { |
85 | 0 | return Status::failure( |
86 | 0 | "Root of the JSON from TLS config node API is not an object"); |
87 | 0 | } |
88 | | |
89 | | // Re-encode the config key into JSON. |
90 | 0 | auto it = tree.doc().FindMember("config"); |
91 | 0 | config["tls_plugin"] = |
92 | 0 | unescapeUnicode(it != tree.doc().MemberEnd() && it->value.IsString() |
93 | 0 | ? it->value.GetString() |
94 | 0 | : ""); |
95 | 0 | } else { |
96 | 0 | config["tls_plugin"] = json; |
97 | 0 | } |
98 | 0 | } |
99 | | |
100 | 0 | return s; |
101 | 0 | } |
102 | | } // namespace osquery |