def ClientInfo(self, responses): """Obtain some information about the GRR client running.""" if not responses.success: self.Log("Could not get ClientInfo.") return response = responses.First() if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id): # Fetch labels for the client from Fleetspeak. If Fleetspeak doesn't # have any labels for the GRR client, fall back to labels reported by # the client. fleetspeak_labels = fleetspeak_utils.GetLabelsFromFleetspeak( self.client_id) if fleetspeak_labels: response.labels = fleetspeak_labels else: FLEETSPEAK_UNLABELED_CLIENTS.Increment() logging.warning( "Failed to get labels for Fleetspeak client %s.", self.client_id) sanitized_labels = [] for label in response.labels: try: self._ValidateLabel(label) sanitized_labels.append(label) except ValueError: self.Log("Got invalid label: %s", label) response.labels = sanitized_labels self.state.client.startup_info.client_info = response
def ClientInfo(self, responses): """Obtain some information about the GRR client running.""" if not responses.success: self.Log("Could not get ClientInfo.") return response = responses.First() if fleetspeak_utils.IsFleetspeakEnabledClient( self.client_id, token=self.token): label = fleetspeak_utils.GetLabelFromFleetspeak(self.client_id) # A FS enabled GRR shouldn't provide a label, but if it does prefer # it to an unrecognized FS label. # # TODO(user): Remove condition once we are confident in FS labeling. if label != fleetspeak_connector.unknown_label or not response.labels: response.labels = [label] if data_store.AFF4Enabled(): # AFF4 client. with self._OpenClient(mode="rw") as client: client.Set(client.Schema.CLIENT_INFO(response)) client.AddLabels(response.labels, owner="GRR") # rdf_objects.ClientSnapshot. self.state.client.startup_info.client_info = response
def ClientInfo(self, responses): """Obtain some information about the GRR client running.""" if not responses.success: self.Log("Could not get ClientInfo.") return response = responses.First() if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id): label = fleetspeak_utils.GetLabelFromFleetspeak(self.client_id) # A FS enabled GRR shouldn't provide a label, but if it does prefer # it to an unrecognized FS label. # # TODO(user): Remove condition once we are confident in FS labeling. if label != fleetspeak_connector.unknown_label or not response.labels: response.labels = [label] sanitized_labels = [] for label in response.labels: try: rdf_aff4.AFF4ObjectLabel(name=label) sanitized_labels.append(label) except type_info.TypeValueError: self.Log("Got invalid label: %s", label) response.labels = sanitized_labels self.state.client.startup_info.client_info = response
def FlushQueuedMessages(self): # TODO(amoser): This could be done in a single db call, might be worth # optimizing. if self.flow_requests: data_store.REL_DB.WriteFlowRequests(self.flow_requests) self.flow_requests = [] if self.flow_responses: data_store.REL_DB.WriteFlowResponses(self.flow_responses) self.flow_responses = [] if self.client_messages: client_id = self.rdf_flow.client_id if fleetspeak_utils.IsFleetspeakEnabledClient(client_id): for task in self.client_messages: fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task) else: data_store.REL_DB.WriteClientMessages(self.client_messages) self.client_messages = [] if self.completed_requests: data_store.REL_DB.DeleteFlowRequests(self.completed_requests) self.completed_requests = [] if self.replies_to_write: # For top-level hunt-induced flows, write results to the hunt collection. if self.rdf_flow.parent_hunt_id and not self.rdf_flow.parent_flow_id: db_compat.WriteHuntResults(self.rdf_flow.client_id, self.rdf_flow.parent_hunt_id, self.replies_to_write) else: data_store.REL_DB.WriteFlowResults(self.replies_to_write) self.replies_to_write = []
def FlushQueuedMessages(self): # TODO(amoser): This could be done in a single db call, might be worth # optimizing. if self.flow_requests: data_store.REL_DB.WriteFlowRequests(self.flow_requests) self.flow_requests = [] if self.flow_responses: data_store.REL_DB.WriteFlowResponses(self.flow_responses) self.flow_responses = [] if self.client_messages: client_id = self.rdf_flow.client_id if fleetspeak_utils.IsFleetspeakEnabledClient(client_id): for task in self.client_messages: fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task) else: data_store.REL_DB.WriteClientMessages(self.client_messages) self.client_messages = [] if self.completed_requests: data_store.REL_DB.DeleteFlowRequests(self.completed_requests) self.completed_requests = [] if self.replies_to_write: data_store.REL_DB.WriteFlowResults( self.rdf_flow.client_id, self.rdf_flow.flow_id, self.replies_to_write) self.replies_to_write = []
def ClientInfo(self, responses): """Obtain some information about the GRR client running.""" if not responses.success: self.Log("Could not get ClientInfo.") return response = responses.First() if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id): # Fetch labels for the client from Fleetspeak. If Fleetspeak doesn't # have any labels for the GRR client, fall back to labels reported by # the client. fleetspeak_labels = fleetspeak_utils.GetLabelsFromFleetspeak( self.client_id) if fleetspeak_labels: response.labels = fleetspeak_labels elif not response.labels: response.labels = [fleetspeak_connector.unknown_label] sanitized_labels = [] for label in response.labels: try: rdf_aff4.AFF4ObjectLabel(name=label) sanitized_labels.append(label) except type_info.TypeValueError: self.Log("Got invalid label: %s", label) response.labels = sanitized_labels self.state.client.startup_info.client_info = response
def __init__(self, client_id, client_mock): if client_mock is None: client_mock = action_mocks.InvalidActionMock() else: precondition.AssertType(client_mock, action_mocks.ActionMock) self.client_id = client_id self.client_mock = client_mock self._is_fleetspeak_client = fleetspeak_utils.IsFleetspeakEnabledClient( client_id)
def Schedule(self, tasks, mutation_pool, timestamp=None): """Schedule a set of Task() instances.""" non_fleetspeak_tasks = [] for queue, queued_tasks in iteritems( collection.Group(tasks, lambda x: x.queue)): if not queue: continue client_id = _GetClientIdFromQueue(queue) if fleetspeak_utils.IsFleetspeakEnabledClient(client_id, token=self.token): for task in queued_tasks: fleetspeak_utils.SendGrrMessageThroughFleetspeak( client_id, task) continue non_fleetspeak_tasks.extend(queued_tasks) timestamp = timestamp or self.frozen_timestamp mutation_pool.QueueScheduleTasks(non_fleetspeak_tasks, timestamp)
def FlushQueuedMessages(self) -> None: """Flushes queued messages.""" # TODO(amoser): This could be done in a single db call, might be worth # optimizing. if self.flow_requests: data_store.REL_DB.WriteFlowRequests(self.flow_requests) self.flow_requests = [] if self.flow_responses: data_store.REL_DB.WriteFlowResponses(self.flow_responses) self.flow_responses = [] if self.client_action_requests: client_id = self.rdf_flow.client_id if fleetspeak_utils.IsFleetspeakEnabledClient(client_id): for request in self.client_action_requests: msg = rdf_flow_objects.GRRMessageFromClientActionRequest( request) fleetspeak_utils.SendGrrMessageThroughFleetspeak( client_id, msg) else: data_store.REL_DB.WriteClientActionRequests( self.client_action_requests) self.client_action_requests = [] if self.completed_requests: data_store.REL_DB.DeleteFlowRequests(self.completed_requests) self.completed_requests = [] if self.replies_to_write: # For top-level hunt-induced flows, write results to the hunt collection. if self.rdf_flow.parent_hunt_id: data_store.REL_DB.WriteFlowResults(self.replies_to_write) hunt.StopHuntIfCPUOrNetworkLimitsExceeded( self.rdf_flow.parent_hunt_id) else: # Write flow results to REL_DB, even if the flow is a nested flow. data_store.REL_DB.WriteFlowResults(self.replies_to_write) self.replies_to_write = []
def Schedule(self, tasks, mutation_pool, timestamp=None): """Schedule a set of Task() instances.""" non_fleetspeak_tasks = [] for queue, queued_tasks in utils.GroupBy(tasks, lambda x: x.queue).iteritems(): if not queue: continue client_id = _GetClientIdFromQueue(queue) if fleetspeak_utils.IsFleetspeakEnabledClient( client_id, token=self.token): for task in queued_tasks: fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task) continue non_fleetspeak_tasks.extend(queued_tasks) if data_store.RelationalDBReadEnabled(category="client_messages"): data_store.REL_DB.WriteClientMessages(non_fleetspeak_tasks) else: timestamp = timestamp or self.frozen_timestamp mutation_pool.QueueScheduleTasks(non_fleetspeak_tasks, timestamp)