This also removes an unnecessary hash, checks code signatures on non-MachO files (which is rare but possible) and fixes a rare crash in EndpointSecurityManager
Add helper to make declaring unit tests easier
Add unit_tests test_suite containing all unit tests
Fix reload rule
Update to workspace-relative header locations that were missed before
Add transitive whitelisting.
Binaries may be identified with WHITELIST_COMPILER rules. Any executable they output will then be marked locally with a transitive whitelist rule and allowed to run if the TransitiveWhitelistingEnabled config key is true.
santa-driver: Switch to a struct for vnode IDs, holding both the filesystem ID and vnode ID.
Also drop the separate caches for root/non-root as this doesn't offer any benefit anymore.
* SantaCache: Add santactl command to print histogram of bucket distribution.
This currently only prints the distribution of the non-root cache. In the near future I'll unify the caches again which stops this being a problem.
* Project: Update project to Xcode 9.1 and handle all the new warnings that entails.
* Project: Add library-validation and kill flags to codesigning options
* SNTConfigurator: use mobileconfigs
* use proper key groups
* remove state
* review updates
* review updates
* SNTConfigurator: Revert any out-of-band changes to the sync state file.
* SNTConfigurator move the file watcher to santad only
* sync: start reachability handler to retry to upload blocked event when initial upload fails
* fix indentation
* store related bundle events when server connection fails
* revert SNTBundleEventAction to BOOL
* go back to using SNTBundleEventAction in reply; make sure to send reply to avoid leaks
* fix indentation
* fix indentation
* Merged similar methods into one:
* SNTSyncdQueue addBundleEvents: and addEvent: became addEvents:isFromBundle:
* SNTSyncdQueue backoffForBundleHash: and backoffForEvent: became backoffForPrimaryHash:
* SNTCommandSyncManager postBundleEventsToSyncServer: and postEventToSyncServer: became postEventsToSyncServer:isFromBundle:
* fix style issue
* simplify condition
Split the kernel-land cache into 2 separate caches, one for the root
volume and one for secondary volumes. When an unmount happens, clear
the non-root cache to ensure no overlap with filesystem IDs.
* santabs: Create Santa Bundle Service
* common: SNTXPCConnection add initClientWithServiceName:
* santad: add logic for blocked bundles
* SantaGUI: add ui elements and xpc connections to / from santabs
* santactl/sync: add api features for syncing bundle events
* santactl/bundleinfo: add bundleinfo command for debug builds
* common: prefer bundle hash over file hash for event urls
* common: remove syncBackoff property - this is now handled in santactl sync
* common: add properties to support the bundle event api
* common: find a bundle from a nested binary
* review updates
* sane bundle hash time outs
* post rebase updates
* post review updates
* santactl sync: post a notification for every matching rule and fcm message
* santactl sync: if full sync fails, retry when reachable
* santad: only allow one syncd connection at any given time
Move common request generating and performing code into a common
superclass.
Add code to handle XSSI in JSON responses and support XSRF
tokens via headers.
Adds tests, finally.
Changes preflight hostname to be long instead of short
Previously SNTXPCConnection had two-way validation which, due to the method of
implementation, forced a client to connect to a server straight away. Once that
was removed, it meant invalidationHandlers aren't called if either end dies
before the connection is established.
This also puts back the acceptedHandler, which can be used to know when the
connection has finished being established (particularly useful on the server
side), updates the __weak stuff to use WEAKIFY/STRONGIFY macros (and now
actually switch them back to strong within each block) and make the
tests a lot better by using in-process anonymousListener's rather than
lots of mocking.
Instead of having santad create a listener for SantaGUI to connect to
and then reverse the client-server relationship, have SantaGUI create an
anonymous listener that it sends to santad using the control interface.
Also add a queue for notifications so that blocks that occur while
SantaGUI isn't running will show up once it starts.
