Support symlink on windows.

simiaoxiaoseng · Jan 15, 2019 · 3936bcd · 3936bcd
1 parent e64a1e3
commit 3936bcd
Show file tree

Hide file tree

Showing 32 changed files with 674 additions and 392 deletions.
diff --git a/Makefile b/Makefile
@@ -3,6 +3,8 @@ all:
 
 test:
 	go test ./...
+	./output/velociraptor --config artifacts/testdata/windows/test.config.yaml \
+	     golden artifacts/testdata/server/testcases/
 
 release:
 	go run make.go -v linux

diff --git a/api/clients.go b/api/clients.go
@@ -102,6 +102,12 @@ func LabelClients(
 		index_func = db.UnsetIndex
 	case "check":
 		index_func = db.CheckIndex
+	case "set":
+		index_func = db.SetIndex
+
+	default:
+		return nil, errors.New(
+			"Unknown label operation. Must be set, check or remove")
 	}
 
 	for _, label := range in.Labels {

diff --git a/api/proto/config.pb.go b/api/proto/config.pb.go
diff --git a/api/proto/config.proto b/api/proto/config.proto
@@ -199,6 +199,10 @@ message FrontendConfig {
     string public_path = 8 [(sem_type) = {
             description: "If specified we export this path through the /public/ handler.",
         }];
+
+    uint64 concurrency = 9 [(sem_type) = {
+            description: "The number of client messages to process concurrently.",
+        }];
 }
 
 

diff --git a/appveyor.yml b/appveyor.yml
@@ -7,10 +7,14 @@ environment:
   PATH: C:\msys64\mingw64\bin;%GOPATH%\bin;%PATH%
   VELOCIRAPTOR_CONFIG: artifacts\testdata\windows\test.config.yaml
 
+cache:
+  - vendor -> Gopkg.lock
+
 install:
 - cmd: |
     echo %PATH%
     echo %GOPATH%
+    mklink c:\Users\link c:\Windows
     go version
     go env
     go get github.com/golang/dep

diff --git a/artifacts/testdata/server/testcases/labels.in.yaml b/artifacts/testdata/server/testcases/labels.in.yaml
@@ -14,19 +14,21 @@ Queries:
          SELECT * FROM clients()
          WHERE os_info.system = 'windows' ORDER BY client_id
       }, query={
-         SELECT os_info.system, label(client_id=client_id, labels=['WinBoxes'])
+         SELECT os_info.system, label(
+             client_id=client_id, labels=['WinBoxes'],
+             op='set')
          FROM scope()
       })
 
   # Should be able to see our labels now.
   - SELECT * FROM clients(search='label:*') ORDER BY client_id
 
   # Check for labels
-  - SELECT label(client_id='C.11a3013cca8f826e',
+  - SELECT label(client_id='C.11a3013cca8f826e', op='set',
        labels=['WinBoxes'], op='check') AS HasLabel FROM scope()
 
   # Should return Null - no such label
-  - SELECT label(client_id='C.11a3013cca8f826e',
+  - SELECT label(client_id='C.11a3013cca8f826e', op='set',
        labels=['NoWinBoxes'], op='check') AS HasLabel FROM scope()
 
   # Clear everything

diff --git a/artifacts/testdata/server/testcases/labels.out.yaml b/artifacts/testdata/server/testcases/labels.out.yaml
@@ -5,27 +5,29 @@ FROM clients(search='label:*') ORDER BY client_id
      SELECT * FROM clients()
      WHERE os_info.system = 'windows' ORDER BY client_id
   }, query={
-     SELECT os_info.system, label(client_id=client_id, labels=['WinBoxes'])
+     SELECT os_info.system, label(
+         client_id=client_id, labels=['WinBoxes'],
+         op='set')
      FROM scope()
   })
 [
  {
-  "label(client_id=client_id, labels= ['WinBoxes'])": {
+  "label(client_id=client_id, labels= ['WinBoxes'], op='set')": {
    "ClientId": "C.11a3013cca8f826e",
    "Labels": [
     "WinBoxes"
    ],
-   "Op": ""
+   "Op": "set"
   },
   "os_info.system": "windows"
  },
  {
-  "label(client_id=client_id, labels= ['WinBoxes'])": {
+  "label(client_id=client_id, labels= ['WinBoxes'], op='set')": {
    "ClientId": "C.c916a7e445eb0868",
    "Labels": [
     "WinBoxes"
    ],
-   "Op": ""
+   "Op": "set"
   },
   "os_info.system": "windows"
  }
@@ -62,7 +64,7 @@ FROM clients(search='label:*') ORDER BY client_id
    "WinBoxes"
   ]
  }
-]SELECT label(client_id='C.11a3013cca8f826e', labels=['WinBoxes'], op='check') AS HasLabel FROM scope()[
+]SELECT label(client_id='C.11a3013cca8f826e', op='set', labels=['WinBoxes'], op='check') AS HasLabel FROM scope()[
  {
   "HasLabel": {
    "ClientId": "C.11a3013cca8f826e",
@@ -72,7 +74,7 @@ FROM clients(search='label:*') ORDER BY client_id
    "Op": "check"
   }
  }
-]SELECT label(client_id='C.11a3013cca8f826e', labels=['NoWinBoxes'], op='check') AS HasLabel FROM scope()[
+]SELECT label(client_id='C.11a3013cca8f826e', op='set', labels=['NoWinBoxes'], op='check') AS HasLabel FROM scope()[
  {
   "HasLabel": null
  }

diff --git a/artifacts/testdata/windows/file.in.yaml b/artifacts/testdata/windows/file.in.yaml
@@ -5,3 +5,7 @@ Queries:
     WHERE Name =~ "C"
   - SELECT FullPath FROM glob(globs="c:\\*", accessor="file")
     WHERE Name =~ "pagefile.sys"
+
+  # Read symlinks.
+  - SELECT FullPath FROM glob(globs="c:\\Users\\*\\notepad.exe", accessor="file")
+  - SELECT FullPath FROM glob(globs="c:\\Users\\**\\atapi.sys", accessor="file") WHERE FullPath =~ "drivers"
diff --git a/artifacts/testdata/windows/file.out.yaml b/artifacts/testdata/windows/file.out.yaml
@@ -8,6 +8,14 @@ SELECT FullPath FROM glob(globs="/*", accessor="file") WHERE Name =~ "C"[
  }
 ]SELECT FullPath FROM glob(globs="c:\\*", accessor="file") WHERE Name =~ "pagefile.sys"[
  {
-  "FullPath": "C:\\pagefile.sys"
+  "FullPath": "\\C:\\pagefile.sys"
+ }
+]SELECT FullPath FROM glob(globs="c:\\Users\\*\\notepad.exe", accessor="file")[
+ {
+  "FullPath": "\\\\C:\\Users\\link\\notepad.exe"
+ }
+]SELECT FullPath FROM glob(globs="c:\\Users\\**\\atapi.sys", accessor="file") WHERE FullPath =~ "drivers"[
+ {
+  "FullPath": "\\\\C:\\Users\\link\\System32\\drivers\\atapi.sys"
  }
 ]
diff --git a/artifacts/testdata/windows/init.cmd b/artifacts/testdata/windows/init.cmd
@@ -0,0 +1 @@
+mklink "c:\users\link" "c:\Windows"