// createAction receives a signed action in a POST request, validates it,
// and write it into the scheduler spool
func createAction(respWriter http.ResponseWriter, request *http.Request) {
var (
err error
action mig.Action
)
opid := getOpID(request)
loc := fmt.Sprintf("%s%s", ctx.Server.Host, request.URL.String())
resource := cljs.New(loc)
defer func() {
if e := recover(); e != nil {
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: fmt.Sprintf("%v", e)}.Err()
resource.SetError(cljs.Error{Code: fmt.Sprintf("%.0f", opid), Message: fmt.Sprintf("%v", e)})
respond(500, resource, respWriter, request)
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "leaving createAction()"}.Debug()
}()
// parse the POST body into a mig action
err = request.ParseForm()
if err != nil {
panic(err)
}
postAction := request.FormValue("action")
err = json.Unmarshal([]byte(postAction), &action)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug()
// Init action fields
action.ID = mig.GenID()
date0 := time.Date(0011, time.January, 11, 11, 11, 11, 11, time.UTC)
date1 := time.Date(9998, time.January, 11, 11, 11, 11, 11, time.UTC)
action.StartTime = date0
action.FinishTime = date1
action.LastUpdateTime = date0
action.Status = "pending"
// load keyring and validate action
keyring, err := getKeyring()
if err != nil {
panic(err)
}
err = action.Validate()
if err != nil {
panic(err)
}
err = action.VerifySignatures(keyring)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Received new action with valid signature"}
// write action to database
err = ctx.DB.InsertAction(action)
if err != nil {
panic(err)
}
// write signatures to database
astr, err := action.String()
if err != nil {
panic(err)
}
for _, sig := range action.PGPSignatures {
k, err := getKeyring()
if err != nil {
panic(err)
}
fp, err := pgp.GetFingerprintFromSignature(astr, sig, k)
if err != nil {
panic(err)
}
inv, err := ctx.DB.InvestigatorByFingerprint(fp)
if err != nil {
panic(err)
}
err = ctx.DB.InsertSignature(action.ID, inv.ID, sig)
if err != nil {
panic(err)
}
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action written to database"}
err = resource.AddItem(cljs.Item{
Href: fmt.Sprintf("%s/action?actionid=%.0f", ctx.Server.BaseURL, action.ID),
Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%.0f", action.ID), Value: action}},
})
if err != nil {
panic(err)
}
// return a 202 Accepted. the action will be processed asynchronously, and may fail later.
respond(202, resource, respWriter, request)
}
// processNewAction is called when a new action is available. It pulls
// the action from the directory, parse it, retrieve a list of targets from
// the backend database, and create individual command for each target.
func processNewAction(actionPath string, ctx Context) (err error) {
var action mig.Action
defer func() {
if e := recover(); e != nil {
err = fmt.Errorf("processNewAction() -> %v", e)
}
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "leaving processNewAction()"}.Debug()
}()
// load the action file
action, err = mig.ActionFromFile(actionPath)
if err != nil {
panic(err)
}
action.StartTime = time.Now()
// generate an action id
if action.ID < 1 {
action.ID = mig.GenID()
}
desc := fmt.Sprintf("new action received: Name='%s' Target='%s' ValidFrom='%s' ExpireAfter='%s'",
action.Name, action.Target, action.ValidFrom, action.ExpireAfter)
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc}
// TODO: replace with action.Validate(), to include signature verification
if time.Now().Before(action.ValidFrom) {
// queue new action
desc := fmt.Sprintf("action '%s' is not ready for scheduling", action.Name)
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc}.Debug()
return
}
if time.Now().After(action.ExpireAfter) {
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("action '%s' is expired. invalidating.", action.Name)}
err = invalidAction(ctx, action, actionPath)
if err != nil {
panic(err)
}
return
}
// find target agents for the action
agents, err := ctx.DB.ActiveAgentsByTarget(action.Target)
if err != nil {
panic(err)
}
action.Counters.Sent = len(agents)
if action.Counters.Sent == 0 {
err = fmt.Errorf("No agents found for target '%s'. invalidating action.", action.Target)
err = invalidAction(ctx, action, actionPath)
if err != nil {
panic(err)
}
}
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("Found %d target agents", action.Counters.Sent)}
action.Status = "preparing"
inserted, err := ctx.DB.InsertOrUpdateAction(action)
if err != nil {
panic(err)
}
if inserted {
// action was inserted, and not updated, so we need to insert
// the signatures as well
astr, err := action.String()
if err != nil {
panic(err)
}
for _, sig := range action.PGPSignatures {
pubring, err := getPubring(ctx)
if err != nil {
panic(err)
}
fp, err := pgp.GetFingerprintFromSignature(astr, sig, pubring)
if err != nil {
panic(err)
}
inv, err := ctx.DB.InvestigatorByFingerprint(fp)
if err != nil {
panic(err)
}
err = ctx.DB.InsertSignature(action.ID, inv.ID, sig)
if err != nil {
panic(err)
}
}
}
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Action written to database"}.Debug()
// create an array of empty results to serve as default for all commands
emptyResults := make([]modules.Result, len(action.Operations))
created := 0
for _, agent := range agents {
err := createCommand(ctx, action, agent, emptyResults)
if err != nil {
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Failed to create commmand on agent" + agent.Name}.Err()
continue
}
created++
}
if created == 0 {
// no command created found
ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "No command created. Invalidating action."}.Err()
err = invalidAction(ctx, action, actionPath)
if err != nil {
panic(err)
}
return nil
}
// move action to flying state
err = flyAction(ctx, action, actionPath)
if err != nil {
panic(err)
}
return
}
// createAction receives a signed action in a POST request, validates it,
// and write it into the scheduler spool
func createAction(respWriter http.ResponseWriter, request *http.Request) {
var err error
opid := mig.GenID()
var action mig.Action
loc := fmt.Sprintf("http://%s:%d%s", ctx.Server.IP, ctx.Server.Port, request.URL.String())
resource := cljs.New(loc)
defer func() {
if e := recover(); e != nil {
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: fmt.Sprintf("%v", e)}.Err()
resource.SetError(cljs.Error{Code: fmt.Sprintf("%.0f", opid), Message: fmt.Sprintf("%v", e)})
respond(500, resource, respWriter, request, opid)
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "leaving createAction()"}.Debug()
}()
// parse the POST body into a mig action
request.ParseForm()
postAction := request.FormValue("action")
err = json.Unmarshal([]byte(postAction), &action)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug()
// Init action fields
action.ID = mig.GenID()
date0 := time.Date(9998, time.January, 11, 11, 11, 11, 11, time.UTC)
action.StartTime = date0
action.FinishTime = date0
action.LastUpdateTime = date0
action.Status = "init"
// load keyring and validate action
keyring, err := os.Open(ctx.PGP.Home + "/pubring.gpg")
if err != nil {
panic(err)
}
defer keyring.Close()
err = action.Validate()
if err != nil {
panic(err)
}
err = action.VerifySignatures(keyring)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Received new action with valid signature"}
// write action to database
err = ctx.DB.InsertAction(action)
if err != nil {
panic(err)
}
// write signatures to database
astr, err := action.String()
if err != nil {
panic(err)
}
for _, sig := range action.PGPSignatures {
// TODO: opening the keyring in a loop is really ugly. rewind!
k, err := os.Open(ctx.PGP.Home + "/pubring.gpg")
if err != nil {
panic(err)
}
defer k.Close()
fp, err := pgp.GetFingerprintFromSignature(astr, sig, k)
if err != nil {
panic(err)
}
iid, err := ctx.DB.InvestigatorByFingerprint(fp)
if err != nil {
panic(err)
}
err = ctx.DB.InsertSignature(action.ID, iid, sig)
if err != nil {
panic(err)
}
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action written to database"}
// write action to disk
destdir := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.New, action.ID)
newAction, err := json.Marshal(action)
if err != nil {
panic(err)
}
err = ioutil.WriteFile(destdir, newAction, 0640)
if err != nil {
panic(err)
}
ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action committed to spool"}
err = resource.AddItem(cljs.Item{
Href: fmt.Sprintf("%s/action?actionid=%.0f", ctx.Server.BaseURL, action.ID),
Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%.0f", action.ID), Value: action}},
})
if err != nil {
panic(err)
}
respond(201, resource, respWriter, request, opid)
}