forked from Velocidex/velociraptor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclient_info.go
126 lines (103 loc) · 3.13 KB
/
client_info.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package services
import (
"context"
"github.com/Velocidex/ordereddict"
"google.golang.org/protobuf/proto"
actions_proto "www.velocidex.com/golang/velociraptor/actions/proto"
config_proto "www.velocidex.com/golang/velociraptor/config/proto"
crypto_proto "www.velocidex.com/golang/velociraptor/crypto/proto"
)
const (
Unknown ClientOS = iota
Windows
Linux
MacOS
)
type ClientOS int
// Keep some stats about the client in the cache. These will be synced
// to disk periodically.
type Stats struct {
Ping uint64 `json:"Ping,omitempty"`
LastHuntTimestamp uint64 `json:"LastHuntTimestamp,omitempty"`
LastEventTableVersion uint64 `json:"LastEventTableVersion,omitempty"`
IpAddress string `json:"IpAddress,omitempty"`
}
func GetClientInfoManager(config_obj *config_proto.Config) (ClientInfoManager, error) {
org_manager, err := GetOrgManager()
if err != nil {
return nil, err
}
return org_manager.Services(config_obj.OrgId).ClientInfoManager()
}
type ClientInfo struct {
// The original info from disk
actions_proto.ClientInfo
}
func (self ClientInfo) Copy() ClientInfo {
copy := proto.Clone(&self.ClientInfo).(*actions_proto.ClientInfo)
return ClientInfo{*copy}
}
func (self ClientInfo) OS() ClientOS {
switch self.System {
case "windows":
return Windows
case "linux":
return Linux
case "darwin":
return MacOS
}
return Unknown
}
type ClientInfoManager interface {
// Used to set a new client record.
Set(ctx context.Context,
client_info *ClientInfo) error
Get(ctx context.Context,
client_id string) (*ClientInfo, error)
Remove(ctx context.Context, client_id string)
GetStats(ctx context.Context, client_id string) (*Stats, error)
UpdateStats(ctx context.Context, client_id string, stats *Stats) error
// Get the client's tasks and remove them from the queue.
GetClientTasks(ctx context.Context,
client_id string) ([]*crypto_proto.VeloMessage, error)
// Get all the tasks without de-queuing them.
PeekClientTasks(ctx context.Context,
client_id string) ([]*crypto_proto.VeloMessage, error)
QueueMessagesForClient(
ctx context.Context,
client_id string,
req []*crypto_proto.VeloMessage,
notify bool, /* Also notify the client about the new task */
) error
QueueMessageForClient(
ctx context.Context,
client_id string,
req *crypto_proto.VeloMessage,
notify bool, /* Also notify the client about the new task */
completion func()) error
UnQueueMessageForClient(
ctx context.Context,
client_id string,
req *crypto_proto.VeloMessage) error
// Remove client id from the cache - this is needed when the
// record chages and we need to force a read from storage.
Flush(ctx context.Context, client_id string)
GetMetadata(ctx context.Context,
client_id string) (*ordereddict.Dict, error)
SetMetadata(ctx context.Context,
client_id string, metadata *ordereddict.Dict) error
}
func GetHostname(
ctx context.Context,
config_obj *config_proto.Config,
client_id string) string {
client_info_manager, err := GetClientInfoManager(config_obj)
if err != nil {
return ""
}
info, err := client_info_manager.Get(ctx, client_id)
if err != nil {
return ""
}
return info.Hostname
}