dnrops
/
santa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,397 Commits 2 Branches 87 Tags 16 MiB
Commit Graph

1397 Commits

Author SHA1 Message Date
Pete Markowsky 9e124f4c51
Add kSyncEnableCleanSyncEventUpload to the _forcedConfigKeyTypes dict (#1123) 
* Add kSyncEnableCleanSyncEventUpload to the _forcedConfigTypes dict.

* Add KVO helper.

---------

Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
 2023-07-06 17:39:51 -04:00
Matt W cd719ccef4
Fix issue with invalid lengths (#1122) 
* Fix issue with invalid lengths

* Disable clang format around a small block of code for now
 2023-07-06 11:22:18 -04:00
Matt W dde42ee686
Fix check to detect changes to StaticRules (#1121) 2023-06-30 16:39:52 -04:00
Pete Markowsky d144e27798
Fix rule evaluation for TeamID and SigningID rules when encountering broken signatures. (#1120) 2023-06-30 09:54:27 -04:00
Matt W afc2c216b8
Add include for proto status stub (#1119) 2023-06-29 13:32:14 -04:00
Matt W 03d7556f22
Use angle brackets for includes (#1118) 2023-06-29 11:55:46 -04:00
Nick Gregory 020827b091
Fix memleak in fsspool (#1115) 2023-06-29 10:17:08 -04:00
Russell Hancox baa31a5db0
Conf: Update notarization_tool in signing script (#1116) 2023-06-28 22:32:58 -04:00
Pete Markowsky 9ba7075596
Add macOS 13 to the test matrix. (#1113) 2023-06-27 13:22:36 -04:00
Pete Markowsky 5d08538639
Add Support for Logging to JSON (beta feature) (#1112) 
* Add support for logging protobuf to JSON.

Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
 2023-06-23 10:06:45 -04:00
Matt W e73bafb596
Fix build issues due to macOS 13.3 SDK changes (#1110) 
* Fix minor build issues due to changes in the macOS 13.3 SDK

* Disable -Wunknown-warning-option
 2023-06-20 22:23:55 -04:00
Matt W 1e92d109a7
Basic dialog functionality when access to a watch item is denied (#1106) 
* Basic working prototype to display a UI on blocked file access

* Force watch items policies to be silent for now

* Remove unused view

* Refactor to not use newer SwiftUI features

* Address PR feedback
 2023-06-19 14:00:35 -04:00
Matt W 6a6aa6dce8
Abstract TTY writing so multiple writers can be synchronized (#1108) 
* Abstract TTY writing so multiple writers can be synchronized

* Address PR feedback
 2023-06-13 20:19:50 -04:00
Matt W 0715033d6a
Migrate to new SNTRuleType enum values (#1107) 
* Migrate to new SNTRuleType enum values

* Bump table version. Fix comments to address PR feedback.

* Add log message when a downgrade detected
 2023-06-09 11:50:42 -04:00
Matt W 123d7a2d6a
Update docs for signing id rules (#1105) 
* Update docs for signing id rules

* Formatting, Address PR feedback
 2023-05-30 13:27:29 -04:00
Matt W 7b4d997589
Fix missing check for FileChangesRegex (#1102) 2023-05-22 16:13:06 -04:00
Matt W 5307bd9b7f
Fix precedence for static rule evaluation, update santactl fileinfo output. (#1100) 2023-05-18 15:05:23 -04:00
Matt W 0622e6de71
Handle database downgrade scenarios gracefully (#1099) 2023-05-17 04:31:40 +02:00
Russell Hancox e7c32ae87d
Update SECURITY.md (#1098) 2023-05-12 10:30:58 -04:00
Matt W deaf3a638c
Add new rule type for Signing IDs (#1090) 
* WIP: Signing ID rules

* WIP: More work supporting signing ID rules

* Expanded exec controller tests for signing ID and team ID

* wip all current tests now pass

* Added integration tests

* Branch cleanup

* Update protobuf tests for signing id reason types

* Remove old commented out code

---------

Co-authored-by: Russell Hancox <russell@hancox.us>
 2023-05-12 09:22:46 -04:00
Matt W 8a7f1142a8
Stop unmuting the default mute set unnecessarily. (#1095) 
* Stop unmuting the default mute set unnecessarily.

* lint

* Added note to docs explaining operations from default mute set binaries aren't logged
 2023-05-10 09:07:13 -04:00
Matt W c180205059
Return unique_ptr from Enrich instead of shared_ptr (#1093) 2023-05-08 10:55:38 -04:00
Matt W 337df0aa31
Don't establish the FAA client pre-macOS 13 (#1091) 
* Don't establish the FAA client pre-macOS 13

* Only watch FAA keys on macOS 13 and newer
 2023-05-05 15:33:34 -04:00
Russell Hancox e2b099aa50
santactl/rule: Fix --path argument (#1089) 
Fixes #1088
 2023-05-04 17:57:59 -04:00
Pete Markowsky fc4e29f34c
Docs: Added instructions for how to use config-overrides.plist (#1077) 
* Added instructions for how to use config-overrides

---------

Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
 2023-05-01 16:16:11 -04:00
Matt W bf3b6bc6e2
Inject additional dependencies into the serializers (#1078) 
* Injects dependecies for decision cache and client mode lookup

* Fix up tests

* Stored client mode at decision time. Remove clientMode func injection.

* PR Feedback, group property members
 2023-05-01 15:13:54 -04:00
Matt W b810fc81e1
Add support to file monitoring config to invert process exceptions (#1083) 
* Add support to file monitoring config to invert process exceptions

* Update docs

* Added link to github issue
 2023-05-01 15:04:40 -04:00
Matt W 3b3aa999c5
Switch SNTEventState to uint64_t, reposition flag values and masks (#1086) 2023-05-01 14:37:11 -04:00
Faizan 59428f3be3
docs: Fix documentation for clean sync field in the preflight request. (#1082) 
The 'request_clean_sync' field is set here: https://github.com/google/santa/blob/main/Source/santasyncservice/SNTSyncPreflight.m#L76
The constant is defined here: https://github.com/google/santa/blob/main/Source/common/SNTSyncConstants.m#L27
 2023-04-27 23:38:44 -04:00
Jason McCandless ae6451a9b2
docs: Clarify that execution_time, file_bundle_hash_millis and quarantine_timestamp are float64 (#1080) 2023-04-27 18:54:02 -04:00
Russell Hancox feac080fa7
sync: Permit XSRF header between sync stages/sessions (#1081) 2023-04-27 10:52:35 -04:00
Nick Gregory d0f2a0ac4d
One more TSAN fix (#1079) 2023-04-26 17:30:06 +02:00
Pete Markowsky 7fc06ea9d8
Make the sync client content encoding a tunable (#1076) 
Make the sync client content encoding a tunable.

This makes the sync client's content encoding a tunable so that it can be
compatible with more sync servers.

Removed the "backwards compatibility" config option.

---------

Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
 2023-04-24 15:00:29 +02:00
Russell Hancox 1dfeeac936
README: Add more badges (#1075) 2023-04-21 09:54:33 -04:00
Matt W ac9b5d9399
Cache flush metrics (#1074) 
* Added a reason enum when flushing auth result cache

* Set metrics when auth result cache is flushed.
 2023-04-20 16:47:06 -04:00
Matt W 7f3f1c5448
Process unmount events first (#1073) 2023-04-19 11:13:13 -04:00
Russell Hancox 46efd6893f
config: Add EnableSilentTTYMode key to disable TTY notifications. (#1072) 
Fixes #1067
 2023-04-19 10:38:24 -04:00
Matt W 50232578d6
Fix string length issues (#1070) 2023-04-13 10:03:52 -04:00
Russell Hancox d83be03a20
sync: Add more complete XSSI prefix to be stripped. (#1068) 
Sync will try stripping both the new longer prefix and the existing short prefix if the response data begins with either. This should have no impact on existing sync servers but will allow sync servers in the future to use the longer prefix if they wish.
 2023-04-07 15:27:41 -04:00
Russell Hancox 119b29b534
GUI: Device event window, handle empty remount args (#1066) 2023-04-05 16:34:05 -04:00
Matt W be87b3eaf2
Change types of repeated args and envs fields (#1063) 
* Change types of repeated args and envs fields

* Update args and env testdata strings to base64

* Remove whitespace
 2023-03-31 13:18:09 -04:00
Russell Hancox 0fe672817e
sync: Fix case of empty header name (#1062) 2023-03-28 11:50:11 -04:00
Russell Hancox c3b2fbf512
sync: Allow server to override the header for transmitting XSRF tokens (#1060) 
This change allows a sync server to change the header that Santa will use to send XSRF tokens on subsequent requests by putting the header name in the  header.
 2023-03-27 18:11:11 -04:00
Matt W 2984d98cb9
Document SigningID and PlatformBinary exception keys (#1059) 
* Document SigningID and PlatformBinary exception keys

* Minor spacing
 2023-03-25 11:34:06 -04:00
Nick Gregory 5295faef0e
Fix a couple last TSAN failures (#1056) 
* Skip testHandleMessage when testing with tsan

* fix other 2 tsan failures

* change action_env->test_env in bazelrc for sanitizers

* revert Source/santactl/BUILD formatting
 2023-03-23 11:11:29 -04:00
Liam Nicholson 0209344f62
santad: Fix SD Card Block not operating on Internal SD Card Readers (#1055) 2023-03-22 17:54:11 -04:00
Matt W 53ca5eb811
Support filesystem monitoring config embedded in main Santa config (#1054) 
* Allow setting file access policy in main Santa config

* Add some tests
 2023-03-20 16:47:34 -04:00
Matt W 33c7aab9f1
Basic rate limiting for File Access Authorizer (#1053) 
* WIP basic rate limiting support

* WIP added basic metrics when rate limited

* Hookup new metrics

* Cleanup old TODO

* PR feedback, update comments
 2023-03-20 15:58:49 -04:00
Pål-Magnus Slåtto f6d837ac31
chore(ci): Upgrade workflows to non-deprecated runtimes (#1052) 2023-03-15 09:42:16 -04:00
Matt W 5e0a383662
Properly report "file access client enabled" metrics (#1051) 2023-03-14 15:01:03 -04:00