def get_osquery_local_asset(version, suffix):
asset_name = download_url = None
for release_version, prerelease, available_assets in get_osquery_versions():
if version == release_version:
try:
asset_name, download_url = available_assets[suffix]
except KeyError:
pass
break
if asset_name is None and download_url is None and suffix == ".pkg":
# try alternative download
asset_name = "osquery-{version}.pkg".format(version=version)
download_url = ALTERNATIVE_PKG_DOWNLOAD_URL_TMPL.format(version=version)
if asset_name and download_url:
release_dir = get_and_create_local_dir("osquery", "releases")
local_asset_path = os.path.join(release_dir, asset_name)
if not os.path.exists(local_asset_path):
tmp_fh, tmp_path = tempfile.mkstemp(suffix=".osquery_asset{}".format(suffix))
resp = requests.get(download_url, stream=True)
resp.raise_for_status()
with os.fdopen(tmp_fh, "wb") as f:
for chunk in resp.iter_content(64 * 2**10):
f.write(chunk)
shutil.move(tmp_path, local_asset_path)
return local_asset_path
else:
raise ValueError("Could not find requested asset")
def _get_local_path(self, filename):
if not self.release_dir:
self.release_dir = get_and_create_local_dir("filebeat", "releases")
dir_path = os.path.abspath(
os.path.join(self.release_dir,
filename.rsplit(".", 2)[0]))
if not os.path.commonpath([self.release_dir, dir_path
]) == self.release_dir:
raise ValueError("wrong filename")
if not os.path.exists(dir_path):
os.mkdir(dir_path)
return os.path.join(dir_path, "filebeat")
def get_filebeat_binary(version, platform="darwin"):
version = version.strip(".\/")
platform = platform.strip(".\/")
# release dir
releases_root = get_and_create_local_dir("filebeat", "releases")
release_name = FILEBEAT_RELEASE_NAME_TMPL.format(version=version, platform=platform)
# binary exists?
release_dir = os.path.join(releases_root, release_name)
filebeat_binary_path = os.path.join(release_dir, "filebeat")
if not os.path.exists(filebeat_binary_path):
# download release
download_url = FILEBEAT_DOWNLOAD_URL_TMPL.format(release_name=release_name)
resp = requests.get(download_url, stream=True)
# extract release
tf = tarfile.open(fileobj=resp.raw, mode="r:gz")
tf.extractall(path=releases_root)
return filebeat_binary_path
def get_scepclient_binary(version="1.0.0", platform="darwin"):
# release dir
releases_root = get_and_create_local_dir("scep", "releases")
release_name = version
release_dir = os.path.join(releases_root, release_name)
if not os.path.commonpath([releases_root, release_dir]) == releases_root:
raise ValueError("wrong release name")
os.makedirs(release_dir, exist_ok=True)
# binary exists?
scepclient_binary_path = os.path.join(
release_dir, "scepclient-{}-amd64".format(platform))
if not os.path.exists(scepclient_binary_path):
# tempfile
tfh, tfn = tempfile.mkstemp(suffix="scepclient.zip")
# download release
download_url = SCEPCLIENT_RELEASE_URL_TMPL.format(version=version)
resp = requests.get(download_url, stream=True)
with os.fdopen(tfh, "wb") as tf:
for chunk in resp.iter_content(chunk_size=64 * 2**10):
if chunk:
tf.write(chunk)
# extract release
with zipfile.ZipFile(tfn) as zf:
binary_names = []
for name in zf.namelist():
if "scepclient-" in name and "-amd64" in name:
binary_names.append(name)
for binary_name in binary_names:
local_binary_path = os.path.join(release_dir,
os.path.basename(binary_name))
ibf = zf.open(binary_name)
obf = open(local_binary_path, "wb")
while True:
chunk = ibf.read(64 * 2**10)
if not chunk:
break
obf.write(chunk)
ibf.close()
obf.close()
os.chmod(scepclient_binary_path, 0o755)
return scepclient_binary_path
def get_osquery_local_asset(version, suffix):
asset_name = download_url = None
for release_version, prerelease, available_assets in get_osquery_versions(
check_urls=False, last=0):
if version == release_version:
try:
download_url = available_assets[suffix]
except KeyError:
raise ValueError("Could not find requested asset")
asset_name = os.path.basename(urlparse(download_url).path)
release_dir = get_and_create_local_dir("osquery", "releases")
local_asset_path = os.path.join(release_dir, asset_name)
if not os.path.exists(local_asset_path):
tmp_fh, tmp_path = tempfile.mkstemp(
suffix=".osquery_asset{}".format(suffix))
resp = requests.get(download_url, stream=True)
resp.raise_for_status()
with os.fdopen(tmp_fh, "wb") as f:
for chunk in resp.iter_content(64 * 2**10):
f.write(chunk)
shutil.move(tmp_path, local_asset_path)
return local_asset_path
def _get_local_path(self, filename):
if not self.release_dir:
self.release_dir = get_and_create_local_dir("santa", "releases")
basename, _ = os.path.splitext(filename)
local_filename = "{}.pkg".format(basename)
return os.path.join(self.release_dir, local_filename)
def _get_local_path(self, filename):
if not self.release_dir:
self.release_dir = get_and_create_local_dir("osquery", "releases")
return os.path.join(self.release_dir, filename)
def get_all_catalog_local_path(self):
return os.path.join(get_and_create_local_dir("monolith", "repository"),
"all_catalog.xml")
def _get_local_path(self, version):
if not self.release_dir:
self.release_dir = get_and_create_local_dir("santa", "releases")
local_filename = "santa-{}.pkg".format(version)
return os.path.join(self.release_dir, local_filename)
