Skip to content

Commit

Permalink
fixed key init
Browse files Browse the repository at this point in the history
  • Loading branch information
@czeumer
czeumer committed May 12, 2022
1 parent f16bac7 commit 659822b
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 28 deletions.
15 changes: 15 additions & 0 deletions ossec/agent_keys.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,21 @@ func LoadAgentKeyMap(filename string) (AgentKeyMap, error) {
}

func (a *AgentKey) WriteAgentKey(filename string) error {
if a == nil {
return errors.New("key is null")
}
if a.AgentID == "" {
return errors.New("agent id is empty")
}
if a.AgentName == "" {
return errors.New("agent name is empty")
}
if a.AgentKey == "" {
return errors.New("agent key is empty")
}
if a.AgentAllowedIPs == "" {
return errors.New("agent allowed ips is empty")
}
if filename == "" {
filename = "/etc/client.keys"
}
Expand Down
53 changes: 25 additions & 28 deletions ossec/authd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,53 +63,50 @@ func InitAgent(cfg *EnrollmentConfig) (*AgentKey, error) {
} else {
keyFile = "/var/ossec/etc/client.keys"
}
//ensure path...
path := filepath.Dir(keyFile)
if _, err := os.Stat(path); os.IsNotExist(err) {
err = os.MkdirAll(path, os.ModePerm)
if err != nil {
if cfg.logger != nil {
cfg.logger.Error("register agent - create path", zap.String("authdServer", cfg.ManagerName), zap.String("agentID", cfg.AgentName), zap.String("agentIP", cfg.AgentIP), zap.String("keyfile", keyFile), zap.Error(err))
}
return nil, err
}
}

hostname, err := DefaultAgentName()
if err != nil {
return nil, err
}

if cfg.AuthPass != "" {

agentKey, err := GetAgentKeyFromFile(hostname, keyFile)
keyMapValid := err == nil && agentKey != nil

if !keyMapValid {
var err2 error
// Try to register agent

//ensure path...
path := filepath.Dir(keyFile)
if _, err2 = os.Stat(path); os.IsNotExist(err2) {
err2 = os.MkdirAll(path, os.ModePerm)
if err2 != nil {
if cfg.logger != nil {
cfg.logger.Error("register agent - create path", zap.String("authdServer", cfg.ManagerName), zap.String("agentID", cfg.AgentName), zap.String("agentIP", cfg.AgentIP), zap.String("keyfile", keyFile), zap.Error(err2))
}
return nil, err
}
}
agentKey, err := GetAgentKeyFromFile(hostname, keyFile)
keyMapValid := err == nil && agentKey != nil

if !keyMapValid && cfg.AuthPass != "" {
var err2 error
// Try to register agent
agentKey, err2 = RegisterAgent(cfg)
if err2 == nil && agentKey != nil {
// persist new key
err2 = agentKey.WriteAgentKey(keyFile)
if err2 != nil {
if cfg.logger != nil {
cfg.logger.Error("register agent - write key file", zap.String("authdServer", cfg.ManagerName), zap.String("agentID", cfg.AgentName), zap.String("agentIP", cfg.AgentIP), zap.String("path", path), zap.String("keyfile", keyFile), zap.Error(err2))
}
return nil, err
}
agentKey, err = GetAgentKeyFromFile(hostname, keyFile)
if err != nil {
return nil, err
}
}
}

agentInfo, err := GetAgentKeyFromFile(hostname, keyFile)
if err != nil {
return nil, err
}

if agentInfo == nil {
if agentKey == nil {
return nil, errors.New("no agent key configured")
}
return agentInfo, nil

return agentKey, nil
}

// NewEnrollmentConfig initialize new enrolment config
Expand Down

0 comments on commit 659822b

Please sign in to comment.