Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed deploy new agent refactor secure connection conditions #5295

Merged
merged 5 commits into from
Mar 14, 2023
Merged

Fixed deploy new agent refactor secure connection conditions #5295

merged 5 commits into from
Mar 14, 2023

Conversation

Machi3mfl
Copy link
Member

@Machi3mfl Machi3mfl commented Mar 14, 2023
edited
Loading

Description

This PR has refactored code when the connection is secure or not.
Closes #5283

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@Machi3mfl Machi3mfl requested a review from a team as a code owner March 14, 2023 15:48
@Machi3mfl Machi3mfl linked an issue Mar 14, 2023 that may be closed by this pull request
The Deploy new agent doesn't display the extra requirements in the install and enroll the agent #5283
Closed
@Machi3mfl
Copy link
Member Author

Machi3mfl commented Mar 14, 2023
edited
Loading

Test cases

When the connection is secure and is TCP

image

  <remote>
    <connection>secure</connection>
    <port>1514</port>
    <protocol>tcp</protocol>
  </remote>

Solaris

Verify

  • Might require some extra installation
  • After installing the agent, you need to enroll it in the Wazuh server. Check the Wazuh agent enrollment
Kazam_screencast_00019.mp4

HP

Verify

  • Might require some extra installation
  • After installing the agent, you need to enroll it in the Wazuh server. Check the Wazuh agent enrollment

image

Alpine

Verify

  • Might require some extra installation
  • After installing the agent, you need to enroll it in the Wazuh server. Check the Wazuh agent enrollment

image

AIX

Verify

  • Might require some extra installation

image

Windows 2008 and XP

Verify

  • Please download the package from our repository and copy it to the Windows system where you are going to install it. Then run the following command to perform the installation

image

For Every SO

Verify

  • If the installer finds another Wazuh agent in the system, it will upgrade it preserving the configuration.
  • Check password input and show the password slide when is setted password is enabled and the SO aren't Solaris,Alpine and Aix

image

  <auth>
    <disabled>no</disabled>
    <port>1515</port>
    <use_source_ip>no</use_source_ip>
    <purge>yes</purge>
    <use_password>yes</use_password>
    <ciphers>HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH</ciphers>
    <!-- <ssl_agent_ca></ssl_agent_ca> -->
    <ssl_verify_host>no</ssl_verify_host>
    <ssl_manager_cert>etc/sslmanager.cert</ssl_manager_cert>
    <ssl_manager_key>etc/sslmanager.key</ssl_manager_key>
    <ssl_auto_negotiate>no</ssl_auto_negotiate>
  </auth>

image

When the connection is secure and is UDP

image

  <remote>
    <connection>secure</connection>
    <port>514</port>
    <protocol>udp</protocol>
    <allowed-ips>0.0.0.0/8</allowed-ips>
  </remote>

Verify

  • Check if the param UDP is available in the register agent command (except Alpine, Solaris, HP)
  • And all the same tests were added for TCP connection

When the connection is no secure (syslog)

image

<remote>
  <connection>syslog</connection>
  <port>514</port>
  <protocol>tcp</protocol>
  <allowed-ips>0.0.0.0/8</allowed-ips>
</remote>

For every SO

Verify

  • Warning: there's no secure protocol configured and agents will not be able to communicate with the manager.
  • All the tests described above for the other connections

image

@yenienserrano
Copy link
Member

yenienserrano commented Mar 14, 2023
edited
Loading

Test TCP UDP syslog
1. Might require some extra installation and After installing the agent, you need to enroll it in the Wazuh server. Check the Wazuh agent enrollment 🟢 🟢 🟢
2. Might require some extra installation 🟢 🟢 🟢
3. Please download the package from our repository and copy it to the Windows system where you are going to install it. Then run the following command to perform the installation 🟢 🟢 🟢
4. If the installer finds another Wazuh agent in the system, it will upgrade it preserving the configuration. 🟢 🟢 🟢
5. Check password input and show the password slide when is setted password is enabled and the SO aren't Solaris,Alpine and Aix 🟢 🟢 🟢
🟢 1 #### Solaris

image
image

HP

image
image

Alpine

image
image

🟢 2

AIX

image
image

🟢 3

Windows

image

image

UDP

Windows

image

syslog

image

🟢 4

image

UDP

image

syslog

image

🟢 5

image

UDP

image

syslog

image

@asteriscos
Copy link
Member

asteriscos commented Mar 14, 2023
edited
Loading

Test cases

Legend:
⚫: none
🟢: pass
🟡: warning
🔴: fail
⚪: not applicable

Test Connection Secure - Protocol TCP Connection Secure - Protocol UDP Connection Syslog
Solaris 🟢 🟢 🟢
HP 🟢 🟢 🟢
Alpine 🟢 🟢 🟢
AIX 🟢 🟢 🟢
Windows 2008 and XP 🟢 🟢 🟢
For Every SO 🟢 🟢 🟢
Solaris

Connection Secure - Protocol TCP

image

Connection Secure - Protocol UDP

image

Connection Syslog

image

HP

Connection Secure - Protocol TCP

image

Connection Secure - Protocol UDP

image

Connection Syslog

image

Alpine

Connection Secure - Protocol TCP

image

Connection Secure - Protocol UDP

image

Connection Syslog

image

AIX

Connection Secure - Protocol TCP

image

Connection Secure - Protocol UDP

image

Connection Syslog

image

Windows 2008 and XP

Connection Secure - Protocol TCP

image

image

Connection Secure - Protocol UDP

image

Connection Syslog

image

For Every SO

Connection Secure - Protocol TCP

image

Connection Secure - Protocol UDP

Screenshot from 2023-03-14 18-53-00

Screenshot from 2023-03-14 18-52-44

Connection Syslog

image

yenienserrano
yenienserrano previously approved these changes Mar 14, 2023
View reviewed changes
asteriscos
asteriscos previously approved these changes Mar 14, 2023
View reviewed changes
@Machi3mfl Machi3mfl dismissed stale reviews from asteriscos and yenienserrano via 12274eb March 14, 2023 18:04
@github-actions
Copy link
Contributor

Code coverage (Jest) % values
Statements 8.77% ( 3240 / 36922 )
Branches 4.49% ( 1287 / 28638 )
Functions 7.63% ( 698 / 9144 )
Lines 8.83% ( 3125 / 35357 )

@Machi3mfl Machi3mfl merged commit 2e5cb9b into 4.4-2.4-wzd Mar 14, 2023
@Machi3mfl Machi3mfl deleted the fix/5283-deploy-new-agent-refactor-secure-connection-conditions branch March 14, 2023 18:10
@github-actions github-actions bot mentioned this pull request Mar 14, 2023
Merged
github-actions bot pushed a commit that referenced this pull request Mar 14, 2023
@Machi3mfl @github-actions
Fixed deploy new agent refactor secure connection conditions (#5295)
dc457fe 
* Fixed default connection secure param when request fail

* Removed unnecessary condtions in code with duplicated code

* Fixed warning message in windows xp and 2008

* Fixed style in enrollment message

* Updated CHANGELOG

(cherry picked from commit 2e5cb9b)
@github-actions github-actions bot mentioned this pull request Mar 14, 2023
Merged
github-actions bot pushed a commit that referenced this pull request Mar 14, 2023
@Machi3mfl @github-actions
Fixed deploy new agent refactor secure connection conditions (#5295)
f59852f 
* Fixed default connection secure param when request fail

* Removed unnecessary condtions in code with duplicated code

* Fixed warning message in windows xp and 2008

* Fixed style in enrollment message

* Updated CHANGELOG

(cherry picked from commit 2e5cb9b)
Machi3mfl added a commit that referenced this pull request Mar 14, 2023
@github-actions @Machi3mfl
[Backport 4.4-7.10] Fixed deploy new agent refactor secure connection…
40c4862 
… conditions (#5297)

Fixed deploy new agent refactor secure connection conditions (#5295)

* Fixed default connection secure param when request fail

* Removed unnecessary condtions in code with duplicated code

* Fixed warning message in windows xp and 2008

* Fixed style in enrollment message

* Updated CHANGELOG

(cherry picked from commit 2e5cb9b)

Co-authored-by: Maximiliano Ibarra <6089438+Machi3mfl@users.noreply.github.com>
@Machi3mfl Machi3mfl mentioned this pull request Mar 14, 2023
Closed
Tostti pushed a commit that referenced this pull request Mar 14, 2023
@github-actions @Machi3mfl
[Backport 4.4-7.16] Fixed deploy new agent refactor secure connection…
1e56d5b 
… conditions (#5296)

Fixed deploy new agent refactor secure connection conditions (#5295)

* Fixed default connection secure param when request fail

* Removed unnecessary condtions in code with duplicated code

* Fixed warning message in windows xp and 2008

* Fixed style in enrollment message

* Updated CHANGELOG

(cherry picked from commit 2e5cb9b)

Co-authored-by: Maximiliano Ibarra <6089438+Machi3mfl@users.noreply.github.com>
@AlexRuiz7 AlexRuiz7 mentioned this pull request Mar 16, 2023
Closed
5 tasks
AlexRuiz7 pushed a commit that referenced this pull request Mar 17, 2023
@Machi3mfl @AlexRuiz7
Fixed deploy new agent refactor secure connection conditions (#5295)
e24007c 
* Fixed default connection secure param when request fail

* Removed unnecessary condtions in code with duplicated code

* Fixed warning message in windows xp and 2008

* Fixed style in enrollment message

* Updated CHANGELOG
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asteriscos asteriscos asteriscos approved these changes

@yenienserrano yenienserrano yenienserrano left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

The Deploy new agent doesn't display the extra requirements in the install and enroll the agent
3 participants
@Machi3mfl @yenienserrano @asteriscos