forked from Velocidex/velociraptor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclient_info.go
132 lines (106 loc) · 3.27 KB
/
client_info.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package services
import (
"context"
"github.com/Velocidex/ordereddict"
"google.golang.org/protobuf/proto"
actions_proto "www.velocidex.com/golang/velociraptor/actions/proto"
config_proto "www.velocidex.com/golang/velociraptor/config/proto"
crypto_proto "www.velocidex.com/golang/velociraptor/crypto/proto"
)
const (
NOTIFY_CLIENT = true
Unknown ClientOS = iota
Windows
Linux
MacOS
)
type ClientOS int
// Keep some stats about the client in the cache. These will be synced
// to disk periodically.
type Stats struct {
Ping uint64 `json:"Ping,omitempty"`
LastHuntTimestamp uint64 `json:"LastHuntTimestamp,omitempty"`
LastEventTableVersion uint64 `json:"LastEventTableVersion,omitempty"`
IpAddress string `json:"IpAddress,omitempty"`
}
func GetClientInfoManager(config_obj *config_proto.Config) (ClientInfoManager, error) {
org_manager, err := GetOrgManager()
if err != nil {
return nil, err
}
return org_manager.Services(config_obj.OrgId).ClientInfoManager()
}
type ClientInfo struct {
// The original info from disk
actions_proto.ClientInfo
}
func (self ClientInfo) Copy() ClientInfo {
copy := proto.Clone(&self.ClientInfo).(*actions_proto.ClientInfo)
return ClientInfo{*copy}
}
func (self ClientInfo) OS() ClientOS {
switch self.System {
case "windows":
return Windows
case "linux":
return Linux
case "darwin":
return MacOS
}
return Unknown
}
type ClientInfoManager interface {
// Used to set a new client record.
Set(ctx context.Context,
client_info *ClientInfo) error
Get(ctx context.Context,
client_id string) (*ClientInfo, error)
Remove(ctx context.Context, client_id string)
GetStats(ctx context.Context, client_id string) (*Stats, error)
UpdateStats(ctx context.Context, client_id string, stats *Stats) error
// Get the client's tasks and remove them from the queue.
GetClientTasks(ctx context.Context,
client_id string) ([]*crypto_proto.VeloMessage, error)
// Get all the tasks without de-queuing them.
PeekClientTasks(ctx context.Context,
client_id string) ([]*crypto_proto.VeloMessage, error)
QueueMessagesForClient(
ctx context.Context,
client_id string,
req []*crypto_proto.VeloMessage,
notify bool, /* Also notify the client about the new task */
) error
QueueMessageForClient(
ctx context.Context,
client_id string,
req *crypto_proto.VeloMessage,
notify bool, /* Also notify the client about the new task */
completion func()) error
UnQueueMessageForClient(
ctx context.Context,
client_id string,
req *crypto_proto.VeloMessage) error
// Remove client id from the cache - this is needed when the
// record chages and we need to force a read from storage.
Flush(ctx context.Context, client_id string)
// Be able to manipulate the client and server metadata.
GetMetadata(ctx context.Context,
client_id string) (*ordereddict.Dict, error)
SetMetadata(ctx context.Context,
client_id string, metadata *ordereddict.Dict, principal string) error
ValidateClientId(client_id string) error
}
func GetHostname(
ctx context.Context,
config_obj *config_proto.Config,
client_id string) string {
client_info_manager, err := GetClientInfoManager(config_obj)
if err != nil {
return ""
}
info, err := client_info_manager.Get(ctx, client_id)
if err != nil {
return ""
}
return info.Hostname
}