New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow remoted to connect to external DB for retrieving client key #2127

Merged
merged 28 commits into from Dec 21, 2018

Conversation

Projects
None yet
4 participants
@TJOSERAFAEL
Copy link
Member

TJOSERAFAEL commented Dec 17, 2018

This PR solves the issue #1859

@crolopez crolopez added this to Needs review in Wazuh 3.8.0 via automation Dec 17, 2018

Show resolved Hide resolved src/remoted/secure.c
Show resolved Hide resolved src/wazuh_modules/wmodules.h Outdated
Show resolved Hide resolved src/headers/sec.h
Show resolved Hide resolved src/remoted/secure.c Outdated
Show resolved Hide resolved src/remoted/secure.c Outdated
Show resolved Hide resolved src/shared/auth_client.c
Show resolved Hide resolved src/wazuh_modules/wm_keyrequest.c Outdated
Show resolved Hide resolved src/wazuh_modules/wm_keyrequest.c Outdated
Show resolved Hide resolved src/remoted/secure.c Outdated

@vikman90 vikman90 removed this from Needs review in Wazuh 3.8.0 Dec 17, 2018

vikman90 added some commits Dec 18, 2018

Do not search for duplicate agent key requests in Remoted.
The Agent Key Polling module already does that.

vikman90 added some commits Dec 18, 2018

@vikman90

This comment has been minimized.

Copy link
Member

vikman90 commented Dec 20, 2018

If the agent sends multiple messages before Remoted reloads the client keys, Authd complains:

2018/12/20 14:01:50 ossec-authd: ERROR: ERROR 9012: Duplicated ID.
Let Agent Key Polling module force key insertion.
- Add option "force_insert" to Agent Key Polling module.
- Let force insert option in Authd apply to duplicate agent ID issues.

@vikman90 vikman90 force-pushed the dev-remoted-sql branch from b6b4460 to 8696536 Dec 20, 2018

@vikman90

This comment has been minimized.

Copy link
Member

vikman90 commented Dec 20, 2018

We must improve the program call issue detection:

2018/12/20 16:18:44 ossec-remoted: WARNING: (1213): Message from '192.168.33.11' not allowed.
2018/12/20 16:18:44 wazuh-modulesd: ERROR: Invalid command: '/root/getkey.sh ip 192.168.33.11': (0) Success

This error has been replaced with:

2018/12/20 17:03:50 wazuh-modulesd:agent-key-polling: WARNING: Cannot run key pulling integration (/root/getkey.sh): path is invalid or file has no permissions.

vikman90 added some commits Dec 20, 2018

@vikman90 vikman90 force-pushed the dev-remoted-sql branch from 92f12b2 to 63aed82 Dec 21, 2018

Restart Agent Key Pulling integration if the subprocess dies.
Create a dedicated thread to launch the integration.
`kill()` couldn't detect if the child process is alive or zombie.

@vikman90 vikman90 force-pushed the dev-remoted-sql branch from ec79d14 to 2d3867e Dec 21, 2018

@vikman90 vikman90 changed the title Dev remoted sql external key request Allow remoted to connect to external DB for retrieving client key Dec 21, 2018

@vikman90 vikman90 merged commit f10aabb into 3.8 Dec 21, 2018

@vikman90 vikman90 deleted the dev-remoted-sql branch Dec 21, 2018

@vikman90

This comment has been minimized.

Copy link
Member

vikman90 commented Dec 21, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment