/src/osquery/plugins/distributed/tls_distributed.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /** |
2 | | * Copyright (c) 2014-present, The osquery authors |
3 | | * |
4 | | * This source code is licensed as defined by the LICENSE file found in the |
5 | | * root directory of this source tree. |
6 | | * |
7 | | * SPDX-License-Identifier: (Apache-2.0 OR GPL-2.0-only) |
8 | | */ |
9 | | |
10 | | // clang-format off |
11 | | // This must be here to prevent a WinSock.h exists error |
12 | | #include "osquery/remote/transports/tls.h" |
13 | | // clang-format on |
14 | | |
15 | | #include <vector> |
16 | | #include <sstream> |
17 | | |
18 | | #include <osquery/distributed/distributed.h> |
19 | | #include <osquery/remote/enroll/enroll.h> |
20 | | #include <osquery/core/flags.h> |
21 | | #include <osquery/registry/registry.h> |
22 | | |
23 | | #include <osquery/utils/json/json.h> |
24 | | #include <osquery/remote/serializers/json.h> |
25 | | #include <osquery/remote/utility.h> |
26 | | |
27 | | namespace osquery { |
28 | | |
29 | | DECLARE_bool(tls_node_api); |
30 | | |
31 | | FLAG(string, |
32 | | distributed_tls_read_endpoint, |
33 | | "", |
34 | | "TLS/HTTPS endpoint for distributed query retrieval"); |
35 | | |
36 | | FLAG(string, |
37 | | distributed_tls_write_endpoint, |
38 | | "", |
39 | | "TLS/HTTPS endpoint for distributed query results"); |
40 | | |
41 | | FLAG(uint64, |
42 | | distributed_tls_max_attempts, |
43 | | 3, |
44 | | "Number of times to attempt a request") |
45 | | |
46 | | class TLSDistributedPlugin : public DistributedPlugin { |
47 | | public: |
48 | | Status setUp() override; |
49 | | |
50 | | Status getQueries(std::string& json) override; |
51 | | |
52 | | Status writeResults(const std::string& json) override; |
53 | | |
54 | | protected: |
55 | | std::string read_uri_; |
56 | | std::string write_uri_; |
57 | | }; |
58 | | |
59 | | REGISTER(TLSDistributedPlugin, "distributed", "tls"); |
60 | | |
61 | 0 | Status TLSDistributedPlugin::setUp() { |
62 | 0 | read_uri_ = TLSRequestHelper::makeURI(FLAGS_distributed_tls_read_endpoint); |
63 | 0 | write_uri_ = TLSRequestHelper::makeURI(FLAGS_distributed_tls_write_endpoint); |
64 | 0 | return Status(0, "OK"); |
65 | 0 | } |
66 | | |
67 | 0 | Status TLSDistributedPlugin::getQueries(std::string& json) { |
68 | 0 | JSON params; |
69 | 0 | params.add("_verb", "POST"); |
70 | 0 | return TLSRequestHelper::go<JSONSerializer>( |
71 | 0 | read_uri_, params, json, FLAGS_distributed_tls_max_attempts); |
72 | 0 | } |
73 | | |
74 | 0 | Status TLSDistributedPlugin::writeResults(const std::string& json) { |
75 | 0 | JSON params; |
76 | 0 | Status s = params.fromString(json); |
77 | |
|
78 | 0 | if (!s.ok()) { |
79 | 0 | return s; |
80 | 0 | } |
81 | | |
82 | | // The response is ignored. |
83 | 0 | std::string response; |
84 | 0 | return TLSRequestHelper::go<JSONSerializer>( |
85 | 0 | write_uri_, params, response, FLAGS_distributed_tls_max_attempts); |
86 | 0 | } |
87 | | } |