2014-12-18 18:50:47 +00:00
|
|
|
/*
|
|
|
|
|
* Copyright (c) 2014, Facebook, Inc.
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* This source code is licensed under the BSD-style license found in the
|
|
|
|
|
* LICENSE file in the root directory of this source tree. An additional grant
|
|
|
|
|
* of patent rights can be found in the PATENTS file in the same directory.
|
|
|
|
|
*
|
|
|
|
|
*/
|
2014-08-04 18:06:45 +00:00
|
|
|
|
2014-10-30 22:03:05 +00:00
|
|
|
#include <exception>
|
2014-08-04 18:06:45 +00:00
|
|
|
#include <sstream>
|
|
|
|
|
|
2014-10-30 22:03:05 +00:00
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
#include <boost/filesystem/fstream.hpp>
|
2014-08-04 18:06:45 +00:00
|
|
|
#include <boost/filesystem/operations.hpp>
|
|
|
|
|
#include <boost/filesystem/path.hpp>
|
2014-10-01 02:49:38 +00:00
|
|
|
#include <boost/property_tree/ptree.hpp>
|
|
|
|
|
#include <boost/property_tree/xml_parser.hpp>
|
|
|
|
|
|
2014-08-04 18:06:45 +00:00
|
|
|
#include <glog/logging.h>
|
|
|
|
|
|
2014-12-03 23:14:02 +00:00
|
|
|
#include <osquery/filesystem.h>
|
2014-10-27 18:55:28 +00:00
|
|
|
|
2014-10-01 02:49:38 +00:00
|
|
|
namespace pt = boost::property_tree;
|
2014-11-03 20:08:46 +00:00
|
|
|
namespace fs = boost::filesystem;
|
2014-10-01 02:49:38 +00:00
|
|
|
|
2014-08-15 07:25:30 +00:00
|
|
|
namespace osquery {
|
2014-08-04 18:06:45 +00:00
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status writeTextFile(const boost::filesystem::path& path,
|
|
|
|
|
const std::string& content,
|
|
|
|
|
int permissions,
|
|
|
|
|
bool force_permissions) {
|
2014-10-30 22:03:05 +00:00
|
|
|
// Open the file with the request permissions.
|
2014-11-03 18:09:54 +00:00
|
|
|
int output_fd =
|
|
|
|
|
open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, permissions);
|
2014-10-30 22:03:05 +00:00
|
|
|
if (output_fd <= 0) {
|
|
|
|
|
return Status(1, "Could not create file");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If the file existed with different permissions before our open
|
|
|
|
|
// they must be restricted.
|
|
|
|
|
if (chmod(path.c_str(), permissions) != 0) {
|
|
|
|
|
// Could not change the file to the requested permissions.
|
|
|
|
|
return Status(1, "Failed to change permissions");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
auto bytes = write(output_fd, content.c_str(), content.size());
|
|
|
|
|
if (bytes != content.size()) {
|
|
|
|
|
close(output_fd);
|
|
|
|
|
return Status(1, "Failed to write contents");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
close(output_fd);
|
|
|
|
|
return Status(0, "OK");
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status readFile(const boost::filesystem::path& path, std::string& content) {
|
2014-10-30 22:03:05 +00:00
|
|
|
auto path_exists = pathExists(path);
|
|
|
|
|
if (!path_exists.ok()) {
|
|
|
|
|
return path_exists;
|
2014-08-04 18:06:45 +00:00
|
|
|
}
|
|
|
|
|
|
2014-08-21 21:35:51 +00:00
|
|
|
int statusCode = 0;
|
|
|
|
|
std::string statusMessage = "OK";
|
2014-11-09 15:57:12 +00:00
|
|
|
std::stringstream buffer;
|
2014-08-21 21:35:51 +00:00
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
fs::ifstream file_h(path);
|
2014-11-09 15:57:12 +00:00
|
|
|
if (file_h.is_open()) {
|
|
|
|
|
buffer << file_h.rdbuf();
|
|
|
|
|
|
|
|
|
|
if (file_h.bad()) {
|
2014-08-21 21:35:51 +00:00
|
|
|
statusCode = 1;
|
|
|
|
|
statusMessage = "Could not read file";
|
2014-11-22 01:08:33 +00:00
|
|
|
} else
|
2014-11-09 15:57:12 +00:00
|
|
|
content.assign(std::move(buffer.str()));
|
2014-11-22 01:08:33 +00:00
|
|
|
|
2014-08-04 18:06:45 +00:00
|
|
|
} else {
|
2014-08-21 21:35:51 +00:00
|
|
|
statusCode = 1;
|
|
|
|
|
statusMessage = "Could not open file for reading";
|
|
|
|
|
}
|
|
|
|
|
return Status(statusCode, statusMessage);
|
2014-08-04 18:06:45 +00:00
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status isWritable(const boost::filesystem::path& path) {
|
2014-10-30 22:03:05 +00:00
|
|
|
auto path_exists = pathExists(path);
|
|
|
|
|
if (!path_exists.ok()) {
|
|
|
|
|
return path_exists;
|
2014-10-27 01:39:03 +00:00
|
|
|
}
|
|
|
|
|
|
2014-10-27 18:55:28 +00:00
|
|
|
if (access(path.c_str(), W_OK) == 0) {
|
|
|
|
|
return Status(0, "OK");
|
2014-10-27 01:39:03 +00:00
|
|
|
}
|
2014-10-27 18:55:28 +00:00
|
|
|
return Status(1, "Path is not writable.");
|
2014-10-27 01:39:03 +00:00
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status isReadable(const boost::filesystem::path& path) {
|
2014-10-30 22:03:05 +00:00
|
|
|
auto path_exists = pathExists(path);
|
|
|
|
|
if (!path_exists.ok()) {
|
|
|
|
|
return path_exists;
|
2014-10-29 09:24:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (access(path.c_str(), R_OK) == 0) {
|
|
|
|
|
return Status(0, "OK");
|
|
|
|
|
}
|
|
|
|
|
return Status(1, "Path is not readable.");
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status pathExists(const boost::filesystem::path& path) {
|
|
|
|
|
if (path.empty()) {
|
2014-10-30 22:03:05 +00:00
|
|
|
return Status(1, "-1");
|
2014-09-09 17:56:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// A tri-state determination of presence
|
2014-11-06 21:20:22 +00:00
|
|
|
try {
|
|
|
|
|
if (!boost::filesystem::exists(path)) {
|
|
|
|
|
return Status(1, "0");
|
|
|
|
|
}
|
2014-11-22 01:08:33 +00:00
|
|
|
} catch (boost::filesystem::filesystem_error e) {
|
2014-11-06 21:20:22 +00:00
|
|
|
return Status(1, e.what());
|
2014-09-09 17:56:48 +00:00
|
|
|
}
|
|
|
|
|
return Status(0, "1");
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status listFilesInDirectory(const boost::filesystem::path& path,
|
2014-08-15 07:25:30 +00:00
|
|
|
std::vector<std::string>& results) {
|
2014-08-14 23:27:20 +00:00
|
|
|
try {
|
|
|
|
|
if (!boost::filesystem::exists(path)) {
|
|
|
|
|
return Status(1, "Directory not found");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!boost::filesystem::is_directory(path)) {
|
|
|
|
|
return Status(1, "Supplied path is not a directory");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
boost::filesystem::directory_iterator begin_iter(path);
|
|
|
|
|
boost::filesystem::directory_iterator end_iter;
|
|
|
|
|
for (; begin_iter != end_iter; begin_iter++) {
|
|
|
|
|
results.push_back(begin_iter->path().string());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Status(0, "OK");
|
2014-10-28 00:37:36 +00:00
|
|
|
} catch (const boost::filesystem::filesystem_error& e) {
|
2014-08-14 23:27:20 +00:00
|
|
|
return Status(1, e.what());
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-10-01 02:49:38 +00:00
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status getDirectory(const boost::filesystem::path& path,
|
|
|
|
|
boost::filesystem::path& dirpath) {
|
2014-10-07 18:20:47 +00:00
|
|
|
if (!isDirectory(path).ok()) {
|
2014-10-06 21:23:26 +00:00
|
|
|
dirpath = boost::filesystem::path(path).parent_path().string();
|
|
|
|
|
return Status(0, "OK");
|
|
|
|
|
}
|
|
|
|
|
dirpath = path;
|
|
|
|
|
return Status(1, "Path is a directory");
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status isDirectory(const boost::filesystem::path& path) {
|
2014-10-06 21:23:26 +00:00
|
|
|
if (boost::filesystem::is_directory(path)) {
|
|
|
|
|
return Status(0, "OK");
|
|
|
|
|
}
|
|
|
|
|
return Status(1, "Path is not a directory");
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-01 02:59:52 +00:00
|
|
|
Status parseTomcatUserConfigFromDisk(
|
2014-11-03 20:08:46 +00:00
|
|
|
const boost::filesystem::path& path,
|
2014-10-28 00:39:34 +00:00
|
|
|
std::vector<std::pair<std::string, std::string> >& credentials) {
|
2014-10-01 02:59:52 +00:00
|
|
|
std::string content;
|
|
|
|
|
auto s = readFile(path, content);
|
|
|
|
|
if (s.ok()) {
|
|
|
|
|
return parseTomcatUserConfig(content, credentials);
|
|
|
|
|
} else {
|
|
|
|
|
return s;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-01 02:49:38 +00:00
|
|
|
Status parseTomcatUserConfig(
|
|
|
|
|
const std::string& content,
|
2014-10-28 00:39:34 +00:00
|
|
|
std::vector<std::pair<std::string, std::string> >& credentials) {
|
2014-10-01 02:49:38 +00:00
|
|
|
std::stringstream ss;
|
|
|
|
|
ss << content;
|
|
|
|
|
pt::ptree tree;
|
|
|
|
|
try {
|
|
|
|
|
pt::xml_parser::read_xml(ss, tree);
|
2014-10-28 00:37:36 +00:00
|
|
|
} catch (const pt::xml_parser_error& e) {
|
2014-10-01 02:49:38 +00:00
|
|
|
return Status(1, e.what());
|
|
|
|
|
}
|
|
|
|
|
try {
|
|
|
|
|
for (const auto& i : tree.get_child("tomcat-users")) {
|
|
|
|
|
if (i.first == "user") {
|
|
|
|
|
try {
|
|
|
|
|
std::pair<std::string, std::string> user;
|
|
|
|
|
user.first = i.second.get<std::string>("<xmlattr>.username");
|
|
|
|
|
user.second = i.second.get<std::string>("<xmlattr>.password");
|
|
|
|
|
credentials.push_back(user);
|
2014-10-28 00:37:36 +00:00
|
|
|
} catch (const std::exception& e) {
|
2014-10-01 02:49:38 +00:00
|
|
|
LOG(ERROR)
|
2014-11-07 22:18:02 +00:00
|
|
|
<< "An error occurred parsing the tomcat users xml: " << e.what();
|
2014-10-01 02:49:38 +00:00
|
|
|
return Status(1, e.what());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-10-28 00:37:36 +00:00
|
|
|
} catch (const std::exception& e) {
|
2014-11-07 22:18:02 +00:00
|
|
|
LOG(ERROR) << "An error occurred while trying to access the tomcat-users"
|
2014-10-01 02:49:38 +00:00
|
|
|
<< " key in the XML content: " << e.what();
|
|
|
|
|
return Status(1, e.what());
|
|
|
|
|
}
|
|
|
|
|
return Status(0, "OK");
|
|
|
|
|
}
|
2014-08-15 07:25:30 +00:00
|
|
|
}
|
