From 96a4c9216a249ee43b69a6f7c37bb7254402c9fb Mon Sep 17 00:00:00 2001 From: James Pickett Date: Wed, 2 Oct 2024 15:33:55 -0700 Subject: [PATCH 1/5] include arch and os in headers --- ee/localserver/krypto-ec-middleware.go | 19 ++++++++++++------- ee/localserver/krypto-ec-middleware_test.go | 6 ++++-- .../presence-detection-middleware_test.go | 2 +- ee/localserver/server.go | 6 +++--- 4 files changed, 20 insertions(+), 13 deletions(-) diff --git a/ee/localserver/krypto-ec-middleware.go b/ee/localserver/krypto-ec-middleware.go index 1d7b72aab..8ae5fcde1 100644 --- a/ee/localserver/krypto-ec-middleware.go +++ b/ee/localserver/krypto-ec-middleware.go @@ -25,13 +25,15 @@ import ( ) const ( - timestampValidityRange = 150 - kolideKryptoEccHeader20230130Value = "2023-01-30" - kolideKryptoHeaderKey = "X-Kolide-Krypto" - kolideSessionIdHeaderKey = "X-Kolide-Session" - kolidePresenceDetectionInterval = "X-Kolide-Presence-Detection-Interval" - kolidePresenceDetectionReason = "X-Kolide-Presence-Detection-Reason" - kolideDurationSinceLastPresenceDetection = "X-Kolide-Duration-Since-Last-Presence-Detection" + timestampValidityRange = 150 + kolideKryptoEccHeader20230130Value = "2023-01-30" + kolideKryptoHeaderKey = "X-Kolide-Krypto" + kolideSessionIdHeaderKey = "X-Kolide-Session" + kolidePresenceDetectionIntervalHeaderKey = "X-Kolide-Presence-Detection-Interval" + kolidePresenceDetectionReasonHeaderKey = "X-Kolide-Presence-Detection-Reason" + kolideDurationSinceLastPresenceDetectionHeaderKey = "X-Kolide-Duration-Since-Last-Presence-Detection" + kolideOsHeaderKey = "X-Kolide-Os" + kolideArchHeaderKey = "X-Kolide-Arch" ) type v2CmdRequestType struct { @@ -316,6 +318,9 @@ func (e *kryptoEcMiddleware) Wrap(next http.Handler) http.Handler { bhr := &bufferedHttpResponse{} next.ServeHTTP(bhr, newReq) + bhr.Header().Add(kolideOsHeaderKey, runtime.GOOS) + bhr.Header().Add(kolideArchHeaderKey, runtime.GOARCH) + // add headers to the response map // this assumes that the response to `bhr` was a json encoded blob. var responseMap map[string]interface{} diff --git a/ee/localserver/krypto-ec-middleware_test.go b/ee/localserver/krypto-ec-middleware_test.go index ace5ef654..49736cb7d 100644 --- a/ee/localserver/krypto-ec-middleware_test.go +++ b/ee/localserver/krypto-ec-middleware_test.go @@ -42,7 +42,7 @@ func TestKryptoEcMiddleware(t *testing.T) { koldieSessionId := ulid.New() cmdRequestHeaders := map[string][]string{ - kolidePresenceDetectionInterval: {"0s"}, + kolidePresenceDetectionIntervalHeaderKey: {"0s"}, } cmdReqCallBackHeaders := map[string][]string{ @@ -240,9 +240,11 @@ func TestKryptoEcMiddleware(t *testing.T) { responseHeaders, err := extractJsonProperty[map[string][]string](opened.ResponseData, "headers") require.NoError(t, err) + require.Equal(t, runtime.GOOS, responseHeaders[kolideOsHeaderKey][0]) + // check that the presence detection interval is present if runtime.GOOS == "darwin" { - require.Equal(t, (0 * time.Second).String(), responseHeaders[kolideDurationSinceLastPresenceDetection][0]) + require.Equal(t, (0 * time.Second).String(), responseHeaders[kolideDurationSinceLastPresenceDetectionHeaderKey][0]) } }) } diff --git a/ee/localserver/presence-detection-middleware_test.go b/ee/localserver/presence-detection-middleware_test.go index 2ff95031c..c6206dcff 100644 --- a/ee/localserver/presence-detection-middleware_test.go +++ b/ee/localserver/presence-detection-middleware_test.go @@ -109,7 +109,7 @@ func TestPresenceDetectionHandler(t *testing.T) { handlerToTest.ServeHTTP(rr, req) if tt.shouldHavePresenceDetectionDurationResponseHeader { - require.NotEmpty(t, rr.Header().Get(kolideDurationSinceLastPresenceDetection)) + require.NotEmpty(t, rr.Header().Get(kolideDurationSinceLastPresenceDetectionHeaderKey)) } require.Equal(t, tt.expectedStatusCode, rr.Code) }) diff --git a/ee/localserver/server.go b/ee/localserver/server.go index af8bd519f..89e407e2d 100644 --- a/ee/localserver/server.go +++ b/ee/localserver/server.go @@ -421,7 +421,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // can test this by adding an unauthed endpoint to the mux and running, for example: // curl -i -H "X-Kolide-Presence-Detection-Interval: 10s" -H "X-Kolide-Presence-Detection-Reason: my reason" localhost:12519/id - detectionIntervalStr := r.Header.Get(kolidePresenceDetectionInterval) + detectionIntervalStr := r.Header.Get(kolidePresenceDetectionIntervalHeaderKey) // no presence detection requested if detectionIntervalStr == "" { @@ -439,7 +439,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // set a default reason, on macos the popup will look like "Kolide is trying to authenticate." reason := "authenticate" - reasonHeader := r.Header.Get(kolidePresenceDetectionReason) + reasonHeader := r.Header.Get(kolidePresenceDetectionReasonHeaderKey) if reasonHeader != "" { reason = reasonHeader } @@ -460,7 +460,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // and send the request through // allow the server to decide what to do based on last detection duration - w.Header().Add(kolideDurationSinceLastPresenceDetection, durationSinceLastDetection.String()) + w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, durationSinceLastDetection.String()) next.ServeHTTP(w, r) }) } From d61463d1dbca3b2b72c7bb8dad7485c733075507 Mon Sep 17 00:00:00 2001 From: James Pickett Date: Wed, 2 Oct 2024 15:37:12 -0700 Subject: [PATCH 2/5] used default failed interval value for non darwin --- ee/localserver/krypto-ec-middleware_test.go | 5 +++++ ee/localserver/server.go | 2 ++ 2 files changed, 7 insertions(+) diff --git a/ee/localserver/krypto-ec-middleware_test.go b/ee/localserver/krypto-ec-middleware_test.go index 49736cb7d..d2605b50c 100644 --- a/ee/localserver/krypto-ec-middleware_test.go +++ b/ee/localserver/krypto-ec-middleware_test.go @@ -24,6 +24,7 @@ import ( "github.com/kolide/krypto/pkg/echelper" "github.com/kolide/launcher/ee/agent/keys" "github.com/kolide/launcher/ee/localserver/mocks" + "github.com/kolide/launcher/ee/presencedetection" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/stretchr/testify/assert" @@ -245,7 +246,11 @@ func TestKryptoEcMiddleware(t *testing.T) { // check that the presence detection interval is present if runtime.GOOS == "darwin" { require.Equal(t, (0 * time.Second).String(), responseHeaders[kolideDurationSinceLastPresenceDetectionHeaderKey][0]) + return } + + // not darwin + require.Equal(t, presencedetection.DetectionFailedDurationValue.String(), responseHeaders[kolideDurationSinceLastPresenceDetectionHeaderKey][0]) }) } }) diff --git a/ee/localserver/server.go b/ee/localserver/server.go index 89e407e2d..286ea2361 100644 --- a/ee/localserver/server.go +++ b/ee/localserver/server.go @@ -20,6 +20,7 @@ import ( "github.com/kolide/krypto/pkg/echelper" "github.com/kolide/launcher/ee/agent" "github.com/kolide/launcher/ee/agent/types" + "github.com/kolide/launcher/ee/presencedetection" "github.com/kolide/launcher/pkg/osquery" "github.com/kolide/launcher/pkg/traces" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" @@ -415,6 +416,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // presence detection is only supported on macos currently if runtime.GOOS != "darwin" { + w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, presencedetection.DetectionFailedDurationValue.String()) next.ServeHTTP(w, r) return } From bcd5ae78cf392373e610de2bf29fd3391c5f6105 Mon Sep 17 00:00:00 2001 From: James Pickett Date: Wed, 2 Oct 2024 16:44:22 -0700 Subject: [PATCH 3/5] only add presence detection headers when presence detection requested --- ee/localserver/server.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ee/localserver/server.go b/ee/localserver/server.go index 286ea2361..b9d3d74f1 100644 --- a/ee/localserver/server.go +++ b/ee/localserver/server.go @@ -414,13 +414,6 @@ func (ls *localServer) rateLimitHandler(next http.Handler) http.Handler { func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // presence detection is only supported on macos currently - if runtime.GOOS != "darwin" { - w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, presencedetection.DetectionFailedDurationValue.String()) - next.ServeHTTP(w, r) - return - } - // can test this by adding an unauthed endpoint to the mux and running, for example: // curl -i -H "X-Kolide-Presence-Detection-Interval: 10s" -H "X-Kolide-Presence-Detection-Reason: my reason" localhost:12519/id detectionIntervalStr := r.Header.Get(kolidePresenceDetectionIntervalHeaderKey) @@ -431,6 +424,13 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler return } + // presence detection is only supported on macos currently + if runtime.GOOS != "darwin" { + w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, presencedetection.DetectionFailedDurationValue.String()) + next.ServeHTTP(w, r) + return + } + detectionIntervalDuration, err := time.ParseDuration(detectionIntervalStr) if err != nil { // this is the only time this should returna non-200 status code From dc8faa9708c38785ab1bca59b4f2b22a7e2a02fe Mon Sep 17 00:00:00 2001 From: James Pickett Date: Thu, 3 Oct 2024 08:46:03 -0700 Subject: [PATCH 4/5] fix flakey desktop runner test --- ee/desktop/runner/runner_test.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/ee/desktop/runner/runner_test.go b/ee/desktop/runner/runner_test.go index 9b26444b1..9b2a4c780 100644 --- a/ee/desktop/runner/runner_test.go +++ b/ee/desktop/runner/runner_test.go @@ -18,6 +18,7 @@ import ( "github.com/kolide/launcher/ee/agent/flags/keys" "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/ee/desktop/user/notify" + "github.com/kolide/launcher/pkg/backoff" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/kolide/launcher/pkg/threadsafebuffer" "github.com/stretchr/testify/assert" @@ -163,7 +164,13 @@ func TestDesktopUserProcessRunner_Execute(t *testing.T) { // does not have a console user, so we don't expect any processes // to be started. if tt.cleanShutdown || (os.Getenv("CI") == "true" && runtime.GOOS == "linux") { - assert.Len(t, r.uidProcs, 0, "unexpected process: logs: %s", logBytes.String()) + require.NoError(t, backoff.WaitFor(func() error { + if len(r.uidProcs) == 0 { + return nil + } + + return fmt.Errorf("expected no processes, found %d", len(r.uidProcs)) + }, 10*time.Second, 1*time.Second)) } else { if runtime.GOOS == "windows" { assert.Contains(t, r.uidProcs, user.Username) From 9bd61ff469b3cee7a62973390b0d88e96d841d87 Mon Sep 17 00:00:00 2001 From: James Pickett Date: Thu, 3 Oct 2024 08:59:28 -0700 Subject: [PATCH 5/5] wait longer --- ee/desktop/runner/runner_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/desktop/runner/runner_test.go b/ee/desktop/runner/runner_test.go index 9b2a4c780..3ec4f6bd7 100644 --- a/ee/desktop/runner/runner_test.go +++ b/ee/desktop/runner/runner_test.go @@ -170,7 +170,7 @@ func TestDesktopUserProcessRunner_Execute(t *testing.T) { } return fmt.Errorf("expected no processes, found %d", len(r.uidProcs)) - }, 10*time.Second, 1*time.Second)) + }, 30*time.Second, 1*time.Second)) } else { if runtime.GOOS == "windows" { assert.Contains(t, r.uidProcs, user.Username)