extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-19 11:20:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add process validation for peer metadata

Browse Source
This commit is contained in:
bcmmbaga
2024-03-12 19:24:08 +03:00
parent e66e39cc70
commit 41348bb39b
2 changed files with 157 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
management/server/posture/process.go
View File

@@ -1,6 +1,9 @@
package posture
import (
"fmt"
"slices"
nbpeer "github.com/netbirdio/netbird/management/server/peer"
)
@@ -16,7 +19,29 @@ type ProcessCheck struct {
var _ Check = (*ProcessCheck)(nil)
func (p *ProcessCheck) Check(peer nbpeer.Peer) (bool, error) {
peerActiveProcesses := make([]string, 0, len(peer.Meta.Processes))
for _, process := range peer.Meta.Processes {
peerActiveProcesses = append(peerActiveProcesses, process.Path)
}
switch peer.Meta.GoOS {
case "darwin", "linux":
for _, process := range p.Processes {
if !slices.Contains(peerActiveProcesses, process.Path) {
return false, nil
}
}
return true, nil
case "windows":
for _, process := range p.Processes {
if !slices.Contains(peerActiveProcesses, process.WindowsPath) {
return false, nil
}
}
return true, nil
default:
return false, fmt.Errorf("unsupported peer's operating system: %s", peer.Meta.GoOS)
}
}
func (p *ProcessCheck) Name() string {

132
management/server/posture/process_test.go
View File

@@ -16,7 +16,137 @@ func TestProcessCheck_Check(t *testing.T) {
wantErr bool
isValid bool
}{
{},
{
name: "darwin with matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "darwin",
Processes: []peer.Process{
{Path: "process1"},
{Path: "process2"}},
},
},
check: ProcessCheck{
Processes: []Process{
{Path: "process1"},
{Path: "process2"},
},
},
wantErr: false,
isValid: true,
},
{
name: "linux with matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "linux",
Processes: []peer.Process{
{Path: "process1"},
{Path: "process2"},
},
},
},
check: ProcessCheck{
Processes: []Process{
{Path: "process1"},
{Path: "process2"},
},
},
wantErr: false,
isValid: true,
},
{
name: "linux with non-matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "linux",
Processes: []peer.Process{
{Path: "process3"},
{Path: "process4"},
},
},
},
check: ProcessCheck{
Processes: []Process{
{Path: "process1"},
{Path: "process2"},
},
},
wantErr: false,
isValid: false,
},
{
name: "windows with matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "windows",
Processes: []peer.Process{
{Path: "process1"},
{Path: "process2"},
},
},
},
check: ProcessCheck{
Processes: []Process{
{WindowsPath: "process1"},
{WindowsPath: "process2"},
},
},
wantErr: false,
isValid: true,
},
{
name: "windows with non-matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "windows",
Processes: []peer.Process{
{Path: "process3"},
{Path: "process4"},
},
},
},
check: ProcessCheck{
Processes: []Process{
{WindowsPath: "process1"},
{WindowsPath: "process2"},
},
},
wantErr: false,
isValid: false,
},
{
name: "unsupported Ios operating system with matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "ios",
},
},
check: ProcessCheck{
Processes: []Process{
{Path: "process1"},
{Path: "process2"},
},
},
wantErr: true,
isValid: false,
},
{
name: "unsupported android operating system with matching processes",
input: peer.Peer{
Meta: peer.PeerSystemMeta{
GoOS: "android",
},
},
check: ProcessCheck{
Processes: []Process{
{Path: "process1"},
{Path: "process2"},
},
},
wantErr: true,
isValid: false,
},
}
for _, tt := range tests {