From 2593e8f8371cc96e965ef28147e1ada8a93587da Mon Sep 17 00:00:00 2001 From: Teddy Reed Date: Tue, 10 Feb 2015 12:00:03 -0800 Subject: [PATCH] Add extensions status to osquery_info --- include/osquery/extensions.h | 3 ++ osquery/extensions/extensions.cpp | 41 +++++++++++++++++++++-- osquery/tables/specs/x/osquery_info.table | 1 + osquery/tables/utility/osquery.cpp | 3 ++ 4 files changed, 46 insertions(+), 2 deletions(-) diff --git a/include/osquery/extensions.h b/include/osquery/extensions.h index 37d9a271..bd996c5b 100644 --- a/include/osquery/extensions.h +++ b/include/osquery/extensions.h @@ -194,6 +194,9 @@ class ExtensionManagerRunner : public InternalRunnable { std::string path_; }; +/// Ping an extension manager or extension. +Status pingExtension(const std::string& path); + /** * @brief Call a Plugin exposed by an Extension Registry route. * diff --git a/osquery/extensions/extensions.cpp b/osquery/extensions/extensions.cpp index afdaa9f1..f9ad50b6 100644 --- a/osquery/extensions/extensions.cpp +++ b/osquery/extensions/extensions.cpp @@ -271,13 +271,47 @@ Status startExtension(const std::string& manager_path, return Status(0, std::to_string(status.uuid)); } +Status pingExtension(const std::string& path) { + if (FLAGS_disable_extensions) { + return Status(1, "Extensions disabled"); + } + + // Make sure the extension path exists, and is writable. + if (!pathExists(path) || !isWritable(path)) { + return Status(1, "Extension socket not availabe: " + path); + } + + // Open a socket to the extension. + boost::shared_ptr socket(new TSocket(path)); + boost::shared_ptr transport(new TBufferedTransport(socket)); + boost::shared_ptr protocol(new TBinaryProtocol(transport)); + + ExtensionClient client(protocol); + ExtensionStatus ext_status; + try { + transport->open(); + client.ping(ext_status); + transport->close(); + } catch (const std::exception& e) { + return Status(1, "Extension call failed: " + std::string(e.what())); + } + + return Status(ext_status.code, ext_status.message); +} + Status callExtension(const RouteUUID uuid, const std::string& registry, const std::string& item, const PluginRequest& request, PluginResponse& response) { - // Not yet implemented. - return Status(0, "OK"); + if (FLAGS_disable_extensions) { + return Status(1, "Extensions disabled"); + } + return callExtension(FLAGS_extensions_socket + "." + std::to_string(uuid), + registry, + item, + request, + response); } Status callExtension(const std::string& extension_path, @@ -329,6 +363,9 @@ Status startExtensionWatcher(const std::string& manager_path, } Status startExtensionManager() { + if (FLAGS_disable_extensions) { + return Status(1, "Extensions disabled"); + } return startExtensionManager(FLAGS_extensions_socket); } diff --git a/osquery/tables/specs/x/osquery_info.table b/osquery/tables/specs/x/osquery_info.table index 6414e582..cd88bffb 100644 --- a/osquery/tables/specs/x/osquery_info.table +++ b/osquery/tables/specs/x/osquery_info.table @@ -5,5 +5,6 @@ schema([ Column("config_md5", TEXT), Column("config_path", TEXT), Column("pid", INTEGER, "Process (or thread) ID"), + Column("extensions", TEXT), ]) implementation("osquery@genOsqueryInfo") diff --git a/osquery/tables/utility/osquery.cpp b/osquery/tables/utility/osquery.cpp index c15e7ed3..f20261c7 100644 --- a/osquery/tables/utility/osquery.cpp +++ b/osquery/tables/utility/osquery.cpp @@ -10,6 +10,7 @@ #include #include +#include #include #include #include @@ -65,6 +66,8 @@ QueryData genOsqueryInfo(QueryContext& context) { } r["config_path"] = Flag::get().getValue("config_path"); + r["extensions"] = + (pingExtension(FLAGS_extensions_socket).ok()) ? "active" : "inactive"; results.push_back(r); return results;