diff --git a/ee/desktop/runner/runner_test.go b/ee/desktop/runner/runner_test.go index 9b26444b1..3ec4f6bd7 100644 --- a/ee/desktop/runner/runner_test.go +++ b/ee/desktop/runner/runner_test.go @@ -18,6 +18,7 @@ import ( "github.com/kolide/launcher/ee/agent/flags/keys" "github.com/kolide/launcher/ee/agent/types/mocks" "github.com/kolide/launcher/ee/desktop/user/notify" + "github.com/kolide/launcher/pkg/backoff" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/kolide/launcher/pkg/threadsafebuffer" "github.com/stretchr/testify/assert" @@ -163,7 +164,13 @@ func TestDesktopUserProcessRunner_Execute(t *testing.T) { // does not have a console user, so we don't expect any processes // to be started. if tt.cleanShutdown || (os.Getenv("CI") == "true" && runtime.GOOS == "linux") { - assert.Len(t, r.uidProcs, 0, "unexpected process: logs: %s", logBytes.String()) + require.NoError(t, backoff.WaitFor(func() error { + if len(r.uidProcs) == 0 { + return nil + } + + return fmt.Errorf("expected no processes, found %d", len(r.uidProcs)) + }, 30*time.Second, 1*time.Second)) } else { if runtime.GOOS == "windows" { assert.Contains(t, r.uidProcs, user.Username) diff --git a/ee/localserver/krypto-ec-middleware.go b/ee/localserver/krypto-ec-middleware.go index 1d7b72aab..8ae5fcde1 100644 --- a/ee/localserver/krypto-ec-middleware.go +++ b/ee/localserver/krypto-ec-middleware.go @@ -25,13 +25,15 @@ import ( ) const ( - timestampValidityRange = 150 - kolideKryptoEccHeader20230130Value = "2023-01-30" - kolideKryptoHeaderKey = "X-Kolide-Krypto" - kolideSessionIdHeaderKey = "X-Kolide-Session" - kolidePresenceDetectionInterval = "X-Kolide-Presence-Detection-Interval" - kolidePresenceDetectionReason = "X-Kolide-Presence-Detection-Reason" - kolideDurationSinceLastPresenceDetection = "X-Kolide-Duration-Since-Last-Presence-Detection" + timestampValidityRange = 150 + kolideKryptoEccHeader20230130Value = "2023-01-30" + kolideKryptoHeaderKey = "X-Kolide-Krypto" + kolideSessionIdHeaderKey = "X-Kolide-Session" + kolidePresenceDetectionIntervalHeaderKey = "X-Kolide-Presence-Detection-Interval" + kolidePresenceDetectionReasonHeaderKey = "X-Kolide-Presence-Detection-Reason" + kolideDurationSinceLastPresenceDetectionHeaderKey = "X-Kolide-Duration-Since-Last-Presence-Detection" + kolideOsHeaderKey = "X-Kolide-Os" + kolideArchHeaderKey = "X-Kolide-Arch" ) type v2CmdRequestType struct { @@ -316,6 +318,9 @@ func (e *kryptoEcMiddleware) Wrap(next http.Handler) http.Handler { bhr := &bufferedHttpResponse{} next.ServeHTTP(bhr, newReq) + bhr.Header().Add(kolideOsHeaderKey, runtime.GOOS) + bhr.Header().Add(kolideArchHeaderKey, runtime.GOARCH) + // add headers to the response map // this assumes that the response to `bhr` was a json encoded blob. var responseMap map[string]interface{} diff --git a/ee/localserver/krypto-ec-middleware_test.go b/ee/localserver/krypto-ec-middleware_test.go index ace5ef654..d2605b50c 100644 --- a/ee/localserver/krypto-ec-middleware_test.go +++ b/ee/localserver/krypto-ec-middleware_test.go @@ -24,6 +24,7 @@ import ( "github.com/kolide/krypto/pkg/echelper" "github.com/kolide/launcher/ee/agent/keys" "github.com/kolide/launcher/ee/localserver/mocks" + "github.com/kolide/launcher/ee/presencedetection" "github.com/kolide/launcher/pkg/log/multislogger" "github.com/stretchr/testify/assert" @@ -42,7 +43,7 @@ func TestKryptoEcMiddleware(t *testing.T) { koldieSessionId := ulid.New() cmdRequestHeaders := map[string][]string{ - kolidePresenceDetectionInterval: {"0s"}, + kolidePresenceDetectionIntervalHeaderKey: {"0s"}, } cmdReqCallBackHeaders := map[string][]string{ @@ -240,10 +241,16 @@ func TestKryptoEcMiddleware(t *testing.T) { responseHeaders, err := extractJsonProperty[map[string][]string](opened.ResponseData, "headers") require.NoError(t, err) + require.Equal(t, runtime.GOOS, responseHeaders[kolideOsHeaderKey][0]) + // check that the presence detection interval is present if runtime.GOOS == "darwin" { - require.Equal(t, (0 * time.Second).String(), responseHeaders[kolideDurationSinceLastPresenceDetection][0]) + require.Equal(t, (0 * time.Second).String(), responseHeaders[kolideDurationSinceLastPresenceDetectionHeaderKey][0]) + return } + + // not darwin + require.Equal(t, presencedetection.DetectionFailedDurationValue.String(), responseHeaders[kolideDurationSinceLastPresenceDetectionHeaderKey][0]) }) } }) diff --git a/ee/localserver/presence-detection-middleware_test.go b/ee/localserver/presence-detection-middleware_test.go index 2ff95031c..c6206dcff 100644 --- a/ee/localserver/presence-detection-middleware_test.go +++ b/ee/localserver/presence-detection-middleware_test.go @@ -109,7 +109,7 @@ func TestPresenceDetectionHandler(t *testing.T) { handlerToTest.ServeHTTP(rr, req) if tt.shouldHavePresenceDetectionDurationResponseHeader { - require.NotEmpty(t, rr.Header().Get(kolideDurationSinceLastPresenceDetection)) + require.NotEmpty(t, rr.Header().Get(kolideDurationSinceLastPresenceDetectionHeaderKey)) } require.Equal(t, tt.expectedStatusCode, rr.Code) }) diff --git a/ee/localserver/server.go b/ee/localserver/server.go index af8bd519f..b9d3d74f1 100644 --- a/ee/localserver/server.go +++ b/ee/localserver/server.go @@ -20,6 +20,7 @@ import ( "github.com/kolide/krypto/pkg/echelper" "github.com/kolide/launcher/ee/agent" "github.com/kolide/launcher/ee/agent/types" + "github.com/kolide/launcher/ee/presencedetection" "github.com/kolide/launcher/pkg/osquery" "github.com/kolide/launcher/pkg/traces" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" @@ -413,15 +414,9 @@ func (ls *localServer) rateLimitHandler(next http.Handler) http.Handler { func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // presence detection is only supported on macos currently - if runtime.GOOS != "darwin" { - next.ServeHTTP(w, r) - return - } - // can test this by adding an unauthed endpoint to the mux and running, for example: // curl -i -H "X-Kolide-Presence-Detection-Interval: 10s" -H "X-Kolide-Presence-Detection-Reason: my reason" localhost:12519/id - detectionIntervalStr := r.Header.Get(kolidePresenceDetectionInterval) + detectionIntervalStr := r.Header.Get(kolidePresenceDetectionIntervalHeaderKey) // no presence detection requested if detectionIntervalStr == "" { @@ -429,6 +424,13 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler return } + // presence detection is only supported on macos currently + if runtime.GOOS != "darwin" { + w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, presencedetection.DetectionFailedDurationValue.String()) + next.ServeHTTP(w, r) + return + } + detectionIntervalDuration, err := time.ParseDuration(detectionIntervalStr) if err != nil { // this is the only time this should returna non-200 status code @@ -439,7 +441,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // set a default reason, on macos the popup will look like "Kolide is trying to authenticate." reason := "authenticate" - reasonHeader := r.Header.Get(kolidePresenceDetectionReason) + reasonHeader := r.Header.Get(kolidePresenceDetectionReasonHeaderKey) if reasonHeader != "" { reason = reasonHeader } @@ -460,7 +462,7 @@ func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler // and send the request through // allow the server to decide what to do based on last detection duration - w.Header().Add(kolideDurationSinceLastPresenceDetection, durationSinceLastDetection.String()) + w.Header().Add(kolideDurationSinceLastPresenceDetectionHeaderKey, durationSinceLastDetection.String()) next.ServeHTTP(w, r) }) }