// invalidAction marks actions that have failed to run func invalidAction(ctx Context, a mig.Action, origin string) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("invalidAction() -> %v", e) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "leaving invalidAction()"}.Debug() }() // move action to invalid dir jsonA, err := json.Marshal(a) if err != nil { panic(err) } dest := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.Invalid, a.ID) err = safeWrite(ctx, dest, jsonA) if err != nil { panic(err) } // remove the action from its origin os.Remove(origin) if err != nil { panic(err) } a.Status = "invalid" a.LastUpdateTime = time.Now().UTC() a.FinishTime = time.Now().UTC() a.Counters.Sent = 0 err = ctx.DB.UpdateAction(a) if err != nil { panic(err) } desc := fmt.Sprintf("invalidAction(): Action '%s' has been marked as invalid.", a.Name) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: a.ID, Desc: desc}.Debug() return }
// issueKillAction issues an `agentdestroy` action targeted to a specific agent // and updates the status of the agent in the database func issueKillAction(agent mig.Agent, ctx Context) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("issueKillAction() -> %v", e) } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, Desc: "leaving issueKillAction()"}.Debug() }() // generate an `agentdestroy` action for this agent killAction := mig.Action{ ID: mig.GenID(), Name: fmt.Sprintf("Kill agent %s", agent.Name), Target: fmt.Sprintf("queueloc='%s'", agent.QueueLoc), ValidFrom: time.Now().Add(-60 * time.Second).UTC(), ExpireAfter: time.Now().Add(30 * time.Minute).UTC(), SyntaxVersion: 2, } var opparams struct { PID int `json:"pid"` Version string `json:"version"` } opparams.PID = agent.PID opparams.Version = agent.Version killOperation := mig.Operation{ Module: "agentdestroy", Parameters: opparams, } killAction.Operations = append(killAction.Operations, killOperation) // sign the action with the scheduler PGP key secring, err := getSecring(ctx) if err != nil { panic(err) } pgpsig, err := killAction.Sign(ctx.PGP.PrivKeyID, secring) if err != nil { panic(err) } killAction.PGPSignatures = append(killAction.PGPSignatures, pgpsig) var jsonAction []byte jsonAction, err = json.Marshal(killAction) if err != nil { panic(err) } // write the action to the spool for scheduling dest := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.New, killAction.ID) err = safeWrite(ctx, dest, jsonAction) if err != nil { panic(err) } // mark the agent as `destroyed` in the database err = ctx.DB.MarkAgentDestroyed(agent) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{Desc: fmt.Sprintf("issued kill action for agent '%s' "+ "with PID '%d'", agent.Name, agent.PID)}.Warning() return }
// FinishAction updates the action fields to mark it as done func (db *DB) FinishAction(a mig.Action) (err error) { a.FinishTime = time.Now() a.Status = "completed" _, err = db.c.Exec(`UPDATE actions SET (finishtime, lastupdatetime, status) = ($1, $2, $3) WHERE id=$4`, a.FinishTime, a.LastUpdateTime, a.Status, a.ID) if err != nil { return fmt.Errorf("Failed to update action: '%v'", err) } return }
// updateAction is called with an array of commands that have finished // Each action that needs updating is processed in a way that reduce IOs func updateAction(cmds []mig.Command, ctx Context) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("updateAction() -> %v", e) } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, Desc: "leaving updateAction()"}.Debug() }() // there may be multiple actions to update, since commands can be mixed, // so we keep a map of actions actions := make(map[float64]mig.Action) for _, cmd := range cmds { var a mig.Action // retrieve the action from the DB if we don't already have it mapped a, ok := actions[cmd.Action.ID] if !ok { a, err = ctx.DB.ActionMetaByID(cmd.Action.ID) if err != nil { panic(err) } } a.LastUpdateTime = time.Now().UTC() // store action in the map actions[a.ID] = a } for _, a := range actions { a.Counters, err = ctx.DB.GetActionCounters(a.ID) if err != nil { panic(err) } // Has the action completed? if a.Counters.Done == a.Counters.Sent { err = landAction(ctx, a) if err != nil { panic(err) } // delete Action from ctx.Directories.Action.InFlight actFile := fmt.Sprintf("%.0f.json", a.ID) os.Rename(ctx.Directories.Action.InFlight+"/"+actFile, ctx.Directories.Action.Done+"/"+actFile) } else { // store updated action in database err = ctx.DB.UpdateRunningAction(a) if err != nil { panic(err) } desc := fmt.Sprintf("updated action '%s': progress=%d/%d, success=%d, cancelled=%d, expired=%d, failed=%d, timeout=%d, duration=%s", a.Name, a.Counters.Done, a.Counters.Sent, a.Counters.Success, a.Counters.Cancelled, a.Counters.Expired, a.Counters.Failed, a.Counters.TimeOut, a.LastUpdateTime.Sub(a.StartTime).String()) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: a.ID, Desc: desc} } } return }
// flyAction moves an action file to the InFlight directory and // write it to database func flyAction(ctx Context, a mig.Action, origin string) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("flyAction() -> %v", e) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "leaving flyAction()"}.Debug() }() // move action to inflight dir jsonA, err := json.Marshal(a) if err != nil { panic(err) } dest := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.InFlight, a.ID) err = safeWrite(ctx, dest, jsonA) if err != nil { panic(err) } // remove the action from its origin os.Remove(origin) if err != nil { panic(err) } a.Status = "inflight" err = ctx.DB.UpdateActionStatus(a) if err != nil { panic(err) } desc := fmt.Sprintf("flyAction(): Action '%s' is in flight", a.Name) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: a.ID, Desc: desc}.Debug() return }
// SignAction takes a MIG Action, signs it with the key identified in the configuration // and returns the signed action func (cli Client) SignAction(a mig.Action) (signed_action mig.Action, err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("SignAction() -> %v", e) } }() secring, err := os.Open(cli.Conf.GPG.Home + "/secring.gpg") if err != nil { panic(err) } defer secring.Close() sig, err := a.Sign(cli.Conf.GPG.KeyID, secring) if err != nil { panic(err) } a.PGPSignatures = append(a.PGPSignatures, sig) signed_action = a return }
// checkActionAuthorization verifies the PGP signatures of a given action // against the Access Control List of the agent. func checkActionAuthorization(a mig.Action, ctx *Context) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("checkActionAuthorization() -> %v", e) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "leaving checkActionAuthorization()"}.Debug() }() var keys [][]byte for _, pk := range PUBLICPGPKEYS { keys = append(keys, []byte(pk)) } // get an io.Reader from the public pgp key keyring, keycount, err := pgp.ArmoredKeysToKeyring(keys) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: fmt.Sprintf("loaded %d keys", keycount)}.Debug() // Check the action syntax and signature err = a.Validate() if err != nil { desc := fmt.Sprintf("action validation failed: %v", err) ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: desc}.Err() panic(desc) } // Validate() checks that the action hasn't expired, but we need to // check the start time ourselves if time.Now().Before(a.ValidFrom) { ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "action is scheduled for later"}.Err() panic("Action ValidFrom date is in the future") } // check ACLs, includes verifying signatures err = a.VerifyACL(ctx.ACL, keyring) if err != nil { desc := fmt.Sprintf("action ACL verification failed: %v", err) ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: desc}.Err() panic(desc) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "ACL verification succeeded."}.Debug() return }
// landAction moves an action file to the Done directory and // updates it in database func landAction(ctx Context, a mig.Action) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("landAction() -> %v", e) } ctx.Channels.Log <- mig.Log{ActionID: a.ID, Desc: "leaving landAction()"}.Debug() }() // update status and timestamps a.Status = "done" a.FinishTime = time.Now().UTC() duration := a.FinishTime.Sub(a.StartTime) // log desc := fmt.Sprintf("action has completed in %s", duration.String()) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: a.ID, Desc: desc} // move action to done dir jsonA, err := json.Marshal(a) if err != nil { panic(err) } dest := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.Done, a.ID) err = safeWrite(ctx, dest, jsonA) if err != nil { panic(err) } // remove the action from its origin origin := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.InFlight, a.ID) os.Remove(origin) if err != nil { panic(err) } err = ctx.DB.FinishAction(a) if err != nil { panic(err) } desc = fmt.Sprintf("landAction(): Action '%s' has landed", a.Name) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: a.ID, Desc: desc}.Debug() return }
// PostAction submits a MIG Action to the API and returns the reflected action with API ID func (cli Client) PostAction(a mig.Action) (a2 mig.Action, err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("PostAction() -> %v", e) } }() a.SyntaxVersion = mig.ActionVersion // serialize ajson, err := json.Marshal(a) if err != nil { panic(err) } actionstr := string(ajson) data := url.Values{"action": {actionstr}} r, err := http.NewRequest("POST", cli.Conf.API.URL+"action/create/", strings.NewReader(data.Encode())) if err != nil { panic(err) } r.Header.Set("Content-Type", "application/x-www-form-urlencoded") resp, err := cli.Do(r) if err != nil { panic(err) } defer resp.Body.Close() if err != nil { panic(err) } body, err := ioutil.ReadAll(resp.Body) if err != nil { panic(err) } if resp.StatusCode != 202 { err = fmt.Errorf("error: HTTP %d. action creation failed.", resp.StatusCode) panic(err) } var resource *cljs.Resource err = json.Unmarshal(body, &resource) if err != nil { panic(err) } a2, err = ValueToAction(resource.Collection.Items[0].Data[0].Value) if err != nil { panic(err) } return }
func main() { var ( conf client.Configuration cli client.Client err error op mig.Operation a mig.Action migrc, show, render, target, expiration, afile string verbose bool modargs []string run interface{} ) defer func() { if e := recover(); e != nil { fmt.Fprintf(os.Stderr, "%v\n", e) } }() homedir := client.FindHomedir() fs := flag.NewFlagSet("mig flag", flag.ContinueOnError) fs.Usage = continueOnFlagError fs.StringVar(&migrc, "c", homedir+"/.migrc", "alternative configuration file") fs.StringVar(&show, "show", "found", "type of results to show") fs.StringVar(&render, "render", "text", "results rendering mode") fs.StringVar(&target, "t", fmt.Sprintf("status='%s' AND mode='daemon'", mig.AgtStatusOnline), "action target") fs.StringVar(&expiration, "e", "300s", "expiration") fs.StringVar(&afile, "i", "/path/to/file", "Load action from file") fs.BoolVar(&verbose, "v", false, "Enable verbose output") // if first argument is missing, or is help, print help // otherwise, pass the remainder of the arguments to the module for parsing // this client is agnostic to module parameters if len(os.Args) < 2 || os.Args[1] == "help" || os.Args[1] == "-h" || os.Args[1] == "--help" { usage() } if len(os.Args) < 2 || os.Args[1] == "-V" { fmt.Println(version) os.Exit(0) } // when reading the action from a file, go directly to launch if os.Args[1] == "-i" { err = fs.Parse(os.Args[1:]) if err != nil { panic(err) } if afile == "/path/to/file" { panic("-i flag must take an action file path as argument") } a, err = mig.ActionFromFile(afile) if err != nil { panic(err) } fmt.Fprintf(os.Stderr, "[info] launching action from file, all flags are ignored\n") goto readytolaunch } // arguments parsing works as follow: // * os.Args[1] must contain the name of the module to launch. we first verify // that a module exist for this name and then continue parsing // * os.Args[2:] contains both global options and module parameters. We parse the // whole []string to extract global options, and module parameters will be left // unparsed in fs.Args() // * fs.Args() with the module parameters is passed as a string to the module parser // which will return a module operation to store in the action op.Module = os.Args[1] if _, ok := modules.Available[op.Module]; !ok { panic("Unknown module " + op.Module) } // -- Ugly hack Warning -- // Parse() will fail on the first flag that is not defined, but in our case module flags // are defined in the module packages and not in this program. Therefore, the flag parse error // is expected. Unfortunately, Parse() writes directly to stderr and displays the error to // the user, which confuses them. The right fix would be to prevent Parse() from writing to // stderr, since that's really the job of the calling program, but in the meantime we work around // it by redirecting stderr to null before calling Parse(), and put it back to normal afterward. // for ref, issue is at https://github.com/golang/go/blob/master/src/flag/flag.go#L793 fs.SetOutput(os.NewFile(uintptr(87592), os.DevNull)) err = fs.Parse(os.Args[2:]) fs.SetOutput(nil) if err != nil { // ignore the flag not defined error, which is expected because // module parameters are defined in modules and not in main if len(err.Error()) > 30 && err.Error()[0:29] == "flag provided but not defined" { // requeue the parameter that failed modargs = append(modargs, err.Error()[31:]) } else { // if it's another error, panic panic(err) } } for _, arg := range fs.Args() { modargs = append(modargs, arg) } run = modules.Available[op.Module].NewRun() if _, ok := run.(modules.HasParamsParser); !ok { fmt.Fprintf(os.Stderr, "[error] module '%s' does not support command line invocation\n", op.Module) os.Exit(2) } op.Parameters, err = run.(modules.HasParamsParser).ParamsParser(modargs) if err != nil || op.Parameters == nil { panic(err) } // If running against the local target, don't post the action to the MIG API // but run it locally instead. if target == "local" { msg, err := modules.MakeMessage(modules.MsgClassParameters, op.Parameters) if err != nil { panic(err) } out := run.(modules.Runner).Run(bytes.NewBuffer(msg)) if len(out) == 0 { panic("got empty results, run failed") } if _, ok := run.(modules.HasResultsPrinter); ok { var modres modules.Result err := json.Unmarshal([]byte(out), &modres) if err != nil { panic(err) } outRes, err := run.(modules.HasResultsPrinter).PrintResults(modres, true) if err != nil { panic(err) } for _, resLine := range outRes { fmt.Println(resLine) } } else { out = fmt.Sprintf("%s\n", out) } os.Exit(0) } a.Operations = append(a.Operations, op) for _, arg := range os.Args[1:] { a.Name += arg + " " } a.Target = target readytolaunch: // instanciate an API client conf, err = client.ReadConfiguration(migrc) if err != nil { panic(err) } cli, err = client.NewClient(conf, "cmd-"+version) if err != nil { panic(err) } if verbose { cli.EnableDebug() } // set the validity 60 second in the past to deal with clock skew a.ValidFrom = time.Now().Add(-60 * time.Second).UTC() period, err := time.ParseDuration(expiration) if err != nil { panic(err) } a.ExpireAfter = a.ValidFrom.Add(period) // add extra 60 seconds taken for clock skew a.ExpireAfter = a.ExpireAfter.Add(60 * time.Second).UTC() asig, err := cli.SignAction(a) if err != nil { panic(err) } a = asig // evaluate target before launch, give a change to cancel before going out to agents agents, err := cli.EvaluateAgentTarget(a.Target) if err != nil { panic(err) } fmt.Fprintf(os.Stderr, "\x1b[33m%d agents will be targeted. ctrl+c to cancel. launching in \x1b[0m", len(agents)) for i := 5; i > 0; i-- { time.Sleep(1 * time.Second) fmt.Fprintf(os.Stderr, "\x1b[33m%d\x1b[0m ", i) } fmt.Fprintf(os.Stderr, "\x1b[33mGO\n\x1b[0m") // launch and follow a, err = cli.PostAction(a) if err != nil { panic(err) } c := make(chan os.Signal, 1) done := make(chan bool, 1) signal.Notify(c, os.Interrupt) go func() { err = cli.FollowAction(a) if err != nil { panic(err) } done <- true }() select { case <-c: fmt.Fprintf(os.Stderr, "stop following action. agents may still be running. printing available results:\n") goto printresults case <-done: goto printresults } printresults: err = cli.PrintActionResults(a, show, render) if err != nil { panic(err) } }
// processNewAction is called when a new action is available. It pulls // the action from the directory, parse it, retrieve a list of targets from // the backend database, and create individual command for each target. func processNewAction(actionPath string, ctx Context) (err error) { var action mig.Action defer func() { if e := recover(); e != nil { err = fmt.Errorf("processNewAction() -> %v", e) } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "leaving processNewAction()"}.Debug() }() // load the action file action, err = mig.ActionFromFile(actionPath) if err != nil { panic(err) } action.StartTime = time.Now() // generate an action id if action.ID < 1 { action.ID = mig.GenID() } desc := fmt.Sprintf("new action received: Name='%s' Target='%s' ValidFrom='%s' ExpireAfter='%s'", action.Name, action.Target, action.ValidFrom, action.ExpireAfter) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc} // TODO: replace with action.Validate(), to include signature verification if time.Now().Before(action.ValidFrom) { // queue new action desc := fmt.Sprintf("action '%s' is not ready for scheduling", action.Name) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc}.Debug() return } if time.Now().After(action.ExpireAfter) { ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("action '%s' is expired. invalidating.", action.Name)} err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } return } // find target agents for the action agents, err := ctx.DB.ActiveAgentsByTarget(action.Target) if err != nil { panic(err) } action.Counters.Sent = len(agents) if action.Counters.Sent == 0 { err = fmt.Errorf("No agents found for target '%s'. invalidating action.", action.Target) err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("Found %d target agents", action.Counters.Sent)} action.Status = "preparing" inserted, err := ctx.DB.InsertOrUpdateAction(action) if err != nil { panic(err) } if inserted { // action was inserted, and not updated, so we need to insert // the signatures as well astr, err := action.String() if err != nil { panic(err) } for _, sig := range action.PGPSignatures { pubring, err := getPubring(ctx) if err != nil { panic(err) } fp, err := pgp.GetFingerprintFromSignature(astr, sig, pubring) if err != nil { panic(err) } inv, err := ctx.DB.InvestigatorByFingerprint(fp) if err != nil { panic(err) } err = ctx.DB.InsertSignature(action.ID, inv.ID, sig) if err != nil { panic(err) } } } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Action written to database"}.Debug() // create an array of empty results to serve as default for all commands emptyResults := make([]modules.Result, len(action.Operations)) created := 0 for _, agent := range agents { err := createCommand(ctx, action, agent, emptyResults) if err != nil { ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Failed to create commmand on agent" + agent.Name}.Err() continue } created++ } if created == 0 { // no command created found ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "No command created. Invalidating action."}.Err() err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } return nil } // move action to flying state err = flyAction(ctx, action, actionPath) if err != nil { panic(err) } return }
// FollowAction continuously loops over an action and prints its completion status in os.Stderr. // when the action reaches its expiration date, FollowAction prints its final status and returns. func (cli Client) FollowAction(a mig.Action) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("followAction() -> %v", e) } }() fmt.Fprintf(os.Stderr, "\x1b[34mFollowing action ID %.0f.\x1b[0m", a.ID) sent := 0 dotter := 0 previousctr := 0 status := "" attempts := 0 var completion float64 for { a, _, err = cli.GetAction(a.ID) if err != nil { attempts++ time.Sleep(1 * time.Second) if attempts >= 30 { panic("failed to retrieve action after 30 seconds. launch may have failed") } continue } if status == "" { status = a.Status } if status != a.Status { fmt.Fprintf(os.Stderr, "\x1b[34mstatus=%s\x1b[0m", a.Status) status = a.Status } // exit follower mode if status isn't one we follow, // or enough commands have returned // or expiration time has passed if (status != "pending" && status != "scheduled" && status != "preparing" && status != "inflight") || (a.Counters.Done > 0 && a.Counters.Done >= a.Counters.Sent) || (time.Now().After(a.ExpireAfter.Add(10 * time.Second))) { goto finish break } // init counters if sent == 0 { if a.Counters.Sent == 0 { time.Sleep(1 * time.Second) continue } else { sent = a.Counters.Sent } } if a.Counters.Done > 0 && a.Counters.Done > previousctr { completion = (float64(a.Counters.Done) / float64(a.Counters.Sent)) * 100 if completion < 99.5 { previousctr = a.Counters.Done fmt.Fprintf(os.Stderr, "\x1b[34m%.0f%%\x1b[0m", completion) } } fmt.Fprintf(os.Stderr, "\x1b[34m.\x1b[0m") time.Sleep(2 * time.Second) dotter++ } finish: a, _, err = cli.GetAction(a.ID) if err != nil { fmt.Fprintf(os.Stderr, "[error] failed to retrieve action counters\n") } else { completion = (float64(a.Counters.Done) / float64(a.Counters.Sent)) * 100 fmt.Fprintf(os.Stderr, "\n\x1b[34m- %2.1f%% done in %s\x1b[0m\n", completion, time.Now().Sub(a.StartTime).String()) } fmt.Fprintf(os.Stderr, "\x1b[34m") a.PrintCounters() fmt.Fprintf(os.Stderr, "\x1b[0m") return }
// FollowAction continuously loops over an action and prints its completion status in os.Stderr. // when the action reaches its expiration date, FollowAction prints its final status and returns. func (cli Client) FollowAction(a mig.Action, total int) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("followAction() -> %v", e) } }() fmt.Fprintf(os.Stderr, "\x1b[34mFollowing action ID %.0f.\x1b[0m\n", a.ID) previousctr := 0 status := "" attempts := 0 var completion float64 bar := pb.New(total) bar.ShowSpeed = true bar.SetMaxWidth(80) bar.Output = os.Stderr bar.Start() for { a, _, err = cli.GetAction(a.ID) if err != nil { attempts++ time.Sleep(time.Second) if attempts >= 30 { panic("failed to retrieve action after 30 seconds. launch may have failed") } continue } if status == "" { status = a.Status } // exit follower mode if status isn't one we follow, // or enough commands have returned // or expiration time has passed if (status != "pending" && status != "scheduled" && status != "preparing" && status != "inflight") || (a.Counters.Done > 0 && a.Counters.Done >= a.Counters.Sent) || (time.Now().After(a.ExpireAfter.Add(10 * time.Second))) { goto finish break } if a.Counters.Done > 0 && a.Counters.Done > previousctr { completion = (float64(a.Counters.Done) / float64(a.Counters.Sent)) * 100 if completion < 99.5 { bar.Add(a.Counters.Done - previousctr) bar.Update() previousctr = a.Counters.Done } } time.Sleep(2 * time.Second) } finish: bar.Add(total - previousctr) bar.Update() bar.Finish() a, _, err = cli.GetAction(a.ID) if err != nil { fmt.Fprintf(os.Stderr, "[error] failed to retrieve action counters\n") } else { completion = (float64(a.Counters.Done) / float64(a.Counters.Sent)) * 100 fmt.Fprintf(os.Stderr, "\x1b[34m%2.1f%% done in %s\x1b[0m\n", completion, time.Now().Sub(a.StartTime).String()) } fmt.Fprintf(os.Stderr, "\x1b[34m") a.PrintCounters() fmt.Fprintf(os.Stderr, "\x1b[0m") return }
// createAction receives a signed action in a POST request, validates it, // and write it into the scheduler spool func createAction(respWriter http.ResponseWriter, request *http.Request) { var ( err error action mig.Action ) opid := getOpID(request) loc := fmt.Sprintf("%s%s", ctx.Server.Host, request.URL.String()) resource := cljs.New(loc) defer func() { if e := recover(); e != nil { ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: fmt.Sprintf("%v", e)}.Err() resource.SetError(cljs.Error{Code: fmt.Sprintf("%.0f", opid), Message: fmt.Sprintf("%v", e)}) respond(http.StatusInternalServerError, resource, respWriter, request) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "leaving createAction()"}.Debug() }() // parse the POST body into a mig action err = request.ParseForm() if err != nil { panic(err) } postAction := request.FormValue("action") err = json.Unmarshal([]byte(postAction), &action) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug() // Init action fields action.ID = mig.GenID() date0 := time.Date(0011, time.January, 11, 11, 11, 11, 11, time.UTC) date1 := time.Date(9998, time.January, 11, 11, 11, 11, 11, time.UTC) action.StartTime = date0 action.FinishTime = date1 action.LastUpdateTime = date0 action.Status = "pending" // load keyring and validate action keyring, err := getKeyring() if err != nil { panic(err) } err = action.Validate() if err != nil { panic(err) } err = action.VerifySignatures(keyring) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Received new action with valid signature"} // write action to database err = ctx.DB.InsertAction(action) if err != nil { panic(err) } // write signatures to database astr, err := action.String() if err != nil { panic(err) } for _, sig := range action.PGPSignatures { k, err := getKeyring() if err != nil { panic(err) } fp, err := pgp.GetFingerprintFromSignature(astr, sig, k) if err != nil { panic(err) } inv, err := ctx.DB.InvestigatorByFingerprint(fp) if err != nil { panic(err) } err = ctx.DB.InsertSignature(action.ID, inv.ID, sig) if err != nil { panic(err) } } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action written to database"} err = resource.AddItem(cljs.Item{ Href: fmt.Sprintf("%s/action?actionid=%.0f", ctx.Server.BaseURL, action.ID), Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%.0f", action.ID), Value: action}}, }) if err != nil { panic(err) } // return a 202 Accepted. the action will be processed asynchronously, and may fail later. respond(http.StatusAccepted, resource, respWriter, request) }
// actionLauncher prepares an action for launch, either by starting with an empty // template, or by loading an existing action from the api or the local disk func actionLauncher(tpl mig.Action, cli client.Client) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("actionLauncher() -> %v", e) } }() var a mig.Action if tpl.ID == 0 { fmt.Println("Entering action launcher with empty template") } else { // reinit the fields that we don't reuse a.Name = tpl.Name a.Target = tpl.Target a.Description = tpl.Description a.Threat = tpl.Threat a.Operations = tpl.Operations fmt.Printf("Entering action launcher using template '%s'\n", a.Name) } hasTimes := false hasSignatures := false hasEvaluatedTarget := false fmt.Println("Type \x1b[32;1mexit\x1b[0m or press \x1b[32;1mctrl+d\x1b[0m to leave. \x1b[32;1mhelp\x1b[0m may help.") prompt := "\x1b[33;1mlauncher>\x1b[0m " for { // completion var symbols = []string{"addoperation", "deloperation", "exit", "help", "init", "json", "launch", "listagents", "load", "details", "filechecker", "netstat", "setname", "settarget", "settimes", "sign", "times"} readline.Completer = func(query, ctx string) []string { var res []string for _, sym := range symbols { if strings.HasPrefix(sym, query) { res = append(res, sym) } } return res } input, err := readline.String(prompt) if err == io.EOF { break } if err != nil { fmt.Println("error: ", err) break } orders := strings.Split(strings.TrimSpace(input), " ") switch orders[0] { case "addoperation": if len(orders) != 2 { fmt.Println("Wrong arguments. Expects 'addoperation <module_name>'") fmt.Println("example: addoperation filechecker") break } // attempt to call ParamsCreator from the requested module // ParamsCreator takes care of retrieving using input var operation mig.Operation operation.Module = orders[1] if _, ok := modules.Available[operation.Module]; ok { // instanciate and call module parameters creation function run := modules.Available[operation.Module].NewRun() if _, ok := run.(modules.HasParamsCreator); !ok { fmt.Println(operation.Module, "module does not provide a parameters creator.") fmt.Println("You can write your action by hand and import it using 'load <file>'") break } operation.Parameters, err = run.(modules.HasParamsCreator).ParamsCreator() if err != nil { fmt.Printf("Parameters creation failed with error: %v\n", err) break } a.Operations = append(a.Operations, operation) opjson, err := json.MarshalIndent(operation, "", " ") if err != nil { panic(err) } fmt.Printf("Inserting %s operation with parameters:\n%s\n", operation.Module, opjson) } else { fmt.Println("Module", operation.Module, "is not available in this console...") fmt.Println("You can write your action by hand and import it using 'load <file>'") } case "deloperation": if len(orders) != 2 { fmt.Println("Wrong arguments. Expects 'deloperation <opnum>'") fmt.Println("example: deloperation 0") break } opnum, err := strconv.Atoi(orders[1]) if err != nil || opnum < 0 || opnum > len(a.Operations)-1 { fmt.Println("error: <opnum> must be a positive integer between 0 and", len(a.Operations)-1) break } a.Operations = append(a.Operations[:opnum], a.Operations[opnum+1:]...) case "details": fmt.Printf("ID %.0f\nName %s\nTarget %s\nAuthor %s <%s>\n"+ "Revision %.0f\nURL %s\nThreat Type %s, Level %s, Family %s, Reference %s\n", a.ID, a.Name, a.Target, a.Description.Author, a.Description.Email, a.Description.Revision, a.Description.URL, a.Threat.Type, a.Threat.Level, a.Threat.Family, a.Threat.Ref) fmt.Printf("%d operations: ", len(a.Operations)) for i, op := range a.Operations { fmt.Printf("%d=%s; ", i, op.Module) } fmt.Printf("\n") case "exit": fmt.Printf("exit\n") goto exit case "help": fmt.Printf(`The following orders are available: addoperation <module> append a new operation of type <module> to the action operations listagents list agents targetted by an action deloperation <opnum> remove operation numbered <opnum> from operations array, count starts at zero details display the action details exit exit this mode help show this help json <pack> show the json of the action launch <nofollow> launch the action. to return before completion, add "nofollow" load <path> load an action from a file at <path> setname <name> set the name of the action settarget <target> set the target settimes <start> <stop> set the validity and expiration dates sign PGP sign the action times show the various timestamps of the action `) case "json": pack := false if len(orders) > 1 { if orders[1] == "pack" { pack = true } else { fmt.Printf("Unknown option '%s'\n", orders[1]) } } var ajson []byte if pack { ajson, err = json.Marshal(a) } else { ajson, err = json.MarshalIndent(a, "", " ") } if err != nil { panic(err) } fmt.Printf("%s\n", ajson) case "launch": follow := true if len(orders) > 1 { if orders[1] == "nofollow" { follow = false } else { fmt.Printf("Unknown option '%s'\n", orders[1]) } } if a.Name == "" { fmt.Println("Action has no name. Define one using 'setname <name>'") break } if a.Target == "" { fmt.Println("Action has no target. Define one using 'settarget <target>'") break } if !hasEvaluatedTarget { agents, err := cli.EvaluateAgentTarget(a.Target) if err != nil { panic(err) } count := len(agents) if count == 0 { fmt.Println("0 agents match this target. launch aborted") break } fmt.Printf("%d agents will be targeted by search \"%s\"\n", count, a.Target) input, err = readline.String("continue? (y/n)> ") if err != nil { panic(err) } if input != "y" { fmt.Println("launch aborted") break } } if !hasTimes { fmt.Printf("Times are not defined. Setting validity from now until +%s\n", defaultExpiration) // for immediate execution, set validity one minute in the past a.ValidFrom = time.Now().Add(-60 * time.Second).UTC() period, err := time.ParseDuration(defaultExpiration) if err != nil { panic(err) } a.ExpireAfter = a.ValidFrom.Add(period) a.ExpireAfter = a.ExpireAfter.Add(60 * time.Second).UTC() hasTimes = true } if !hasSignatures { asig, err := cli.SignAction(a) if err != nil { panic(err) } a = asig hasSignatures = true } a, err = cli.PostAction(a) if err != nil { panic(err) } fmt.Printf("Action '%s' successfully launched with ID '%.0f' on target '%s'\n", a.Name, a.ID, a.Target) if follow { err = cli.FollowAction(a) if err != nil { panic(err) } } fmt.Println("") _ = actionReader(fmt.Sprintf("action %.0f", a.ID), cli) goto exit case "listagents": agents, err := cli.EvaluateAgentTarget(a.Target) if err != nil { fmt.Println(err) break } fmt.Println("---- ID ---- + ---- Name -------") for _, agt := range agents { fmt.Printf("%20.0f %s\n", agt.ID, agt.Name) } case "load": if len(orders) != 2 { fmt.Println("Wrong arguments. Expects 'load <path_to_file>'") break } a, err = mig.ActionFromFile(orders[1]) if err != nil { panic(err) } fmt.Printf("Loaded action '%s' from %s\n", a.Name, orders[1]) case "sign": if !hasTimes { fmt.Println("Times must be set prior to signing") break } asig, err := cli.SignAction(a) if err != nil { panic(err) } a = asig hasSignatures = true case "setname": if len(orders) < 2 { fmt.Println("Wrong arguments. Must be 'setname <some_name>'") break } a.Name = strings.Join(orders[1:], " ") case "settarget": if len(orders) < 2 { fmt.Println("Wrong arguments. Must be 'settarget <some_target_string>'") break } a.Target = strings.Join(orders[1:], " ") agents, err := cli.EvaluateAgentTarget(a.Target) if err != nil { fmt.Println(err) break } fmt.Printf("%d agents will be targetted. To get the list, use 'listagents'\n", len(agents)) hasEvaluatedTarget = true case "settimes": // set the dates if len(orders) != 3 { fmt.Println(`Invalid times. Expects settimes <start> <stop.) examples: settimes 2014-06-30T12:00:00.0Z 2014-06-30T14:00:00.0Z settimes now +60m `) break } if orders[1] == "now" { // for immediate execution, set validity one minute in the past a.ValidFrom = time.Now().Add(-60 * time.Second).UTC() period, err := time.ParseDuration(orders[2]) if err != nil { fmt.Println("Failed to parse duration '%s': %v", orders[2], err) break } a.ExpireAfter = a.ValidFrom.Add(period) a.ExpireAfter = a.ExpireAfter.Add(60 * time.Second).UTC() } else { a.ValidFrom, err = time.Parse("2014-01-01T00:00:00.0Z", orders[1]) if err != nil { fmt.Println("Failed to parse time '%s': %v", orders[1], err) break } a.ExpireAfter, err = time.Parse("2014-01-01T00:00:00.0Z", orders[2]) if err != nil { fmt.Println("Failed to parse time '%s': %v", orders[2], err) break } } hasTimes = true case "times": fmt.Printf("Valid from '%s' until '%s'\nStarted on '%s'\n"+ "Last updated '%s'\nFinished on '%s'\n", a.ValidFrom, a.ExpireAfter, a.StartTime, a.LastUpdateTime, a.FinishTime) case "": break default: fmt.Printf("Unknown order '%s'. You are in action launcher mode. Try `help`.\n", orders[0]) } readline.AddHistory(input) } exit: fmt.Printf("\n") return }
func main() { var err error var Usage = func() { fmt.Fprintf(os.Stderr, "Mozilla InvestiGator Action Verifier\n"+ "usage: %s <-a action file> <-c command file>\n\n"+ "Command line to verify an action *or* command.\n"+ "Options:\n", os.Args[0]) flag.PrintDefaults() } hasaction := false hascommand := false homedir := client.FindHomedir() // command line options var actionfile = flag.String("a", "/path/to/action", "Load action from file") var commandfile = flag.String("c", "/path/to/command", "Load command from file") var config = flag.String("conf", homedir+"/.migrc", "Load configuration from file") var showversion = flag.Bool("V", false, "Show build version and exit") flag.Parse() if *showversion { fmt.Println(mig.Version) os.Exit(0) } conf, err := client.ReadConfiguration(*config) if err != nil { panic(err) } // if a file is defined, load action from that if *actionfile != "/path/to/action" { hasaction = true } if *commandfile != "/path/to/command" { hascommand = true } if (hasaction && hascommand) || (!hasaction && !hascommand) { fmt.Println("[error] either an action file or a command file must be provided") Usage() os.Exit(1) } var a mig.Action if hasaction { a, err = mig.ActionFromFile(*actionfile) if err != nil { panic(err) } } else { c, err := mig.CmdFromFile(*commandfile) if err != nil { panic(err) } a = c.Action } err = a.Validate() if err != nil { fmt.Println(err) } pubringFile, err := os.Open(conf.GPG.Home + "/pubring.gpg") if err != nil { panic(err) } defer pubringFile.Close() // syntax checking err = a.VerifySignatures(pubringFile) if err != nil { fmt.Println("[error]", err) } else { fmt.Println("Valid signature") } }