def ClientInfo(self, responses):
"""Obtain some information about the GRR client running."""
if not responses.success:
self.Log("Could not get ClientInfo.")
return
response = responses.First()
if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id):
# Fetch labels for the client from Fleetspeak. If Fleetspeak doesn't
# have any labels for the GRR client, fall back to labels reported by
# the client.
fleetspeak_labels = fleetspeak_utils.GetLabelsFromFleetspeak(
self.client_id)
if fleetspeak_labels:
response.labels = fleetspeak_labels
else:
FLEETSPEAK_UNLABELED_CLIENTS.Increment()
logging.warning(
"Failed to get labels for Fleetspeak client %s.",
self.client_id)
sanitized_labels = []
for label in response.labels:
try:
self._ValidateLabel(label)
sanitized_labels.append(label)
except ValueError:
self.Log("Got invalid label: %s", label)
response.labels = sanitized_labels
self.state.client.startup_info.client_info = response
def ClientInfo(self, responses):
"""Obtain some information about the GRR client running."""
if not responses.success:
self.Log("Could not get ClientInfo.")
return
response = responses.First()
if fleetspeak_utils.IsFleetspeakEnabledClient(
self.client_id, token=self.token):
label = fleetspeak_utils.GetLabelFromFleetspeak(self.client_id)
# A FS enabled GRR shouldn't provide a label, but if it does prefer
# it to an unrecognized FS label.
#
# TODO(user): Remove condition once we are confident in FS labeling.
if label != fleetspeak_connector.unknown_label or not response.labels:
response.labels = [label]
if data_store.AFF4Enabled():
# AFF4 client.
with self._OpenClient(mode="rw") as client:
client.Set(client.Schema.CLIENT_INFO(response))
client.AddLabels(response.labels, owner="GRR")
# rdf_objects.ClientSnapshot.
self.state.client.startup_info.client_info = response
def ClientInfo(self, responses):
"""Obtain some information about the GRR client running."""
if not responses.success:
self.Log("Could not get ClientInfo.")
return
response = responses.First()
if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id):
label = fleetspeak_utils.GetLabelFromFleetspeak(self.client_id)
# A FS enabled GRR shouldn't provide a label, but if it does prefer
# it to an unrecognized FS label.
#
# TODO(user): Remove condition once we are confident in FS labeling.
if label != fleetspeak_connector.unknown_label or not response.labels:
response.labels = [label]
sanitized_labels = []
for label in response.labels:
try:
rdf_aff4.AFF4ObjectLabel(name=label)
sanitized_labels.append(label)
except type_info.TypeValueError:
self.Log("Got invalid label: %s", label)
response.labels = sanitized_labels
self.state.client.startup_info.client_info = response
def FlushQueuedMessages(self):
# TODO(amoser): This could be done in a single db call, might be worth
# optimizing.
if self.flow_requests:
data_store.REL_DB.WriteFlowRequests(self.flow_requests)
self.flow_requests = []
if self.flow_responses:
data_store.REL_DB.WriteFlowResponses(self.flow_responses)
self.flow_responses = []
if self.client_messages:
client_id = self.rdf_flow.client_id
if fleetspeak_utils.IsFleetspeakEnabledClient(client_id):
for task in self.client_messages:
fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task)
else:
data_store.REL_DB.WriteClientMessages(self.client_messages)
self.client_messages = []
if self.completed_requests:
data_store.REL_DB.DeleteFlowRequests(self.completed_requests)
self.completed_requests = []
if self.replies_to_write:
# For top-level hunt-induced flows, write results to the hunt collection.
if self.rdf_flow.parent_hunt_id and not self.rdf_flow.parent_flow_id:
db_compat.WriteHuntResults(self.rdf_flow.client_id,
self.rdf_flow.parent_hunt_id,
self.replies_to_write)
else:
data_store.REL_DB.WriteFlowResults(self.replies_to_write)
self.replies_to_write = []
def FlushQueuedMessages(self):
# TODO(amoser): This could be done in a single db call, might be worth
# optimizing.
if self.flow_requests:
data_store.REL_DB.WriteFlowRequests(self.flow_requests)
self.flow_requests = []
if self.flow_responses:
data_store.REL_DB.WriteFlowResponses(self.flow_responses)
self.flow_responses = []
if self.client_messages:
client_id = self.rdf_flow.client_id
if fleetspeak_utils.IsFleetspeakEnabledClient(client_id):
for task in self.client_messages:
fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task)
else:
data_store.REL_DB.WriteClientMessages(self.client_messages)
self.client_messages = []
if self.completed_requests:
data_store.REL_DB.DeleteFlowRequests(self.completed_requests)
self.completed_requests = []
if self.replies_to_write:
data_store.REL_DB.WriteFlowResults(
self.rdf_flow.client_id, self.rdf_flow.flow_id, self.replies_to_write)
self.replies_to_write = []
def ClientInfo(self, responses):
"""Obtain some information about the GRR client running."""
if not responses.success:
self.Log("Could not get ClientInfo.")
return
response = responses.First()
if fleetspeak_utils.IsFleetspeakEnabledClient(self.client_id):
# Fetch labels for the client from Fleetspeak. If Fleetspeak doesn't
# have any labels for the GRR client, fall back to labels reported by
# the client.
fleetspeak_labels = fleetspeak_utils.GetLabelsFromFleetspeak(
self.client_id)
if fleetspeak_labels:
response.labels = fleetspeak_labels
elif not response.labels:
response.labels = [fleetspeak_connector.unknown_label]
sanitized_labels = []
for label in response.labels:
try:
rdf_aff4.AFF4ObjectLabel(name=label)
sanitized_labels.append(label)
except type_info.TypeValueError:
self.Log("Got invalid label: %s", label)
response.labels = sanitized_labels
self.state.client.startup_info.client_info = response
def __init__(self, client_id, client_mock):
if client_mock is None:
client_mock = action_mocks.InvalidActionMock()
else:
precondition.AssertType(client_mock, action_mocks.ActionMock)
self.client_id = client_id
self.client_mock = client_mock
self._is_fleetspeak_client = fleetspeak_utils.IsFleetspeakEnabledClient(
client_id)
def Schedule(self, tasks, mutation_pool, timestamp=None):
"""Schedule a set of Task() instances."""
non_fleetspeak_tasks = []
for queue, queued_tasks in iteritems(
collection.Group(tasks, lambda x: x.queue)):
if not queue:
continue
client_id = _GetClientIdFromQueue(queue)
if fleetspeak_utils.IsFleetspeakEnabledClient(client_id,
token=self.token):
for task in queued_tasks:
fleetspeak_utils.SendGrrMessageThroughFleetspeak(
client_id, task)
continue
non_fleetspeak_tasks.extend(queued_tasks)
timestamp = timestamp or self.frozen_timestamp
mutation_pool.QueueScheduleTasks(non_fleetspeak_tasks, timestamp)
def FlushQueuedMessages(self) -> None:
"""Flushes queued messages."""
# TODO(amoser): This could be done in a single db call, might be worth
# optimizing.
if self.flow_requests:
data_store.REL_DB.WriteFlowRequests(self.flow_requests)
self.flow_requests = []
if self.flow_responses:
data_store.REL_DB.WriteFlowResponses(self.flow_responses)
self.flow_responses = []
if self.client_action_requests:
client_id = self.rdf_flow.client_id
if fleetspeak_utils.IsFleetspeakEnabledClient(client_id):
for request in self.client_action_requests:
msg = rdf_flow_objects.GRRMessageFromClientActionRequest(
request)
fleetspeak_utils.SendGrrMessageThroughFleetspeak(
client_id, msg)
else:
data_store.REL_DB.WriteClientActionRequests(
self.client_action_requests)
self.client_action_requests = []
if self.completed_requests:
data_store.REL_DB.DeleteFlowRequests(self.completed_requests)
self.completed_requests = []
if self.replies_to_write:
# For top-level hunt-induced flows, write results to the hunt collection.
if self.rdf_flow.parent_hunt_id:
data_store.REL_DB.WriteFlowResults(self.replies_to_write)
hunt.StopHuntIfCPUOrNetworkLimitsExceeded(
self.rdf_flow.parent_hunt_id)
else:
# Write flow results to REL_DB, even if the flow is a nested flow.
data_store.REL_DB.WriteFlowResults(self.replies_to_write)
self.replies_to_write = []
def Schedule(self, tasks, mutation_pool, timestamp=None):
"""Schedule a set of Task() instances."""
non_fleetspeak_tasks = []
for queue, queued_tasks in utils.GroupBy(tasks,
lambda x: x.queue).iteritems():
if not queue:
continue
client_id = _GetClientIdFromQueue(queue)
if fleetspeak_utils.IsFleetspeakEnabledClient(
client_id, token=self.token):
for task in queued_tasks:
fleetspeak_utils.SendGrrMessageThroughFleetspeak(client_id, task)
continue
non_fleetspeak_tasks.extend(queued_tasks)
if data_store.RelationalDBReadEnabled(category="client_messages"):
data_store.REL_DB.WriteClientMessages(non_fleetspeak_tasks)
else:
timestamp = timestamp or self.frozen_timestamp
mutation_pool.QueueScheduleTasks(non_fleetspeak_tasks, timestamp)
