empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove extra logIPs from host auth mw (#1762)

Browse Source 
* Remove extra logIPs from host auth mw

* Fix test
This commit is contained in:
Tomas Touceda 2021-08-23 14:23:27 -03:00 committed by GitHub
parent 26a08096fb
commit 66d864cc84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changes/issue-1661-only-log-ip-once Normal file
View File

@ -0,0 +1 @@
* Make sure to not log ip and fwd ip twice with osquery endpoints.

36
server/service/integration_test.go
View File

@ -674,3 +674,39 @@ func TestVulnerableSoftware(t *testing.T) {
assert.Contains(t, string(bodyBytes), expectedJSONSoft2)
assert.Contains(t, string(bodyBytes), expectedJSONSoft1)
}
func TestSubmitStatusLog(t *testing.T) {
buf := new(bytes.Buffer)
logger := log.NewJSONLogger(buf)
logger = level.NewFilter(logger, level.AllowDebug())
ds := mysql.CreateMySQLDS(t)
defer ds.Close()
_, server := RunServerForTestsWithDS(t, ds, TestServerOpts{Logger: logger})
token := getTestAdminToken(t, server)
_, err := ds.NewHost(&fleet.Host{
DetailUpdatedAt: time.Now(),
LabelUpdatedAt: time.Now(),
SeenTime: time.Now(),
NodeKey: "1234",
UUID: "1",
Hostname: "foo.local",
PrimaryIP: "192.168.1.1",
PrimaryMac: "30-65-EC-6F-C4-58",
})
require.NoError(t, err)
req := submitLogsRequest{
NodeKey: "1234",
LogType: "status",
Data: nil,
}
res := submitLogsResponse{}
doJSONReq(t, req, "POST", server, "/api/v1/osquery/log", token, http.StatusOK, &res)
logString := buf.String()
assert.Equal(t, 1, strings.Count(logString, "\"ip_addr\""))
assert.Equal(t, 1, strings.Count(logString, "x_for_ip_addr"))
}

2
server/service/service_osquery.go
View File

@ -40,8 +40,6 @@ func (svc Service) AuthenticateHost(ctx context.Context, nodeKey string) (*fleet
// skipauth: Authorization is currently for user endpoints only.
svc.authz.SkipAuthorization(ctx)
logIPs(ctx)
if nodeKey == "" {
return nil, osqueryError{
message: "authentication error: missing node key",