* Add hot cache for file reads
* Clear cache on policy change
* Prevent unbounded cache growth
* Move cache impl to its own class
* Add some additional tests
* Cleanup
* Comment cleanup
* Switch to absl containers
* Use default absl::Hash instead of custom hasher
* Removing another reference to PairHash
* Remove unused imports
This allows a sync server to send a `custom_url` field along with a rule blocking execution and this will be used as the URL for the "open" button in place of the normally generated URL.
* Bump DB version. Ensure proper casing for rule identifiers on insert.
* Minor comment fixes, more test cases
* Handle SigningIDs using the delimiter character
* lint
* PR feedback
* Basic working prototype to display a UI on blocked file access
* Force watch items policies to be silent for now
* Remove unused view
* Refactor to not use newer SwiftUI features
* Address PR feedback
* WIP: Signing ID rules
* WIP: More work supporting signing ID rules
* Expanded exec controller tests for signing ID and team ID
* wip all current tests now pass
* Added integration tests
* Branch cleanup
* Update protobuf tests for signing id reason types
* Remove old commented out code
---------
Co-authored-by: Russell Hancox <russell@hancox.us>
Make the sync client content encoding a tunable.
This makes the sync client's content encoding a tunable so that it can be
compatible with more sync servers.
Removed the "backwards compatibility" config option.
---------
Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
This change allows a sync server to change the header that Santa will use to send XSRF tokens on subsequent requests by putting the header name in the header.
* Skip testHandleMessage when testing with tsan
* fix other 2 tsan failures
* change action_env->test_env in bazelrc for sanitizers
* revert Source/santactl/BUILD formatting
* Add method to get WatchItems state
* Update santactl status with watch items state
* Update status label
* PR feedback - add missing dispatch_group_leave
* WIP begin adopting new ES APIs inverting target mute paths
* Track subscription status so as not to unnecessarily enable/disable
* Properly chain call to invert target mute paths. Fix using wrong Message obj.
* Add base client tests
* Support compiling on older platforms
* More changes to support compiling on older platforms
* Only enable watch items periodic task on macOS 13
* Add more asserts to test
* Disable ES caching for now
* lint
* WIP refactor file access class to setup logging
* Combined GetPathTarget1 and 2, added some tests.
* Change method name to not be abbrv.
* Remove unnecessary includes
* PR feedback: fix missing path sep, add comments
* Fix test issue
* WIP Initial work for new fs watcher client
* WIP basic working mechanics of applying policy to OPEN events
* WIP now support allowing access based on cdhash
* WIP lint fix
* WIP check instigator cdhash and cert hash against policy
* WIP Fix test issue in base ES client class
* WIP Fix test issue in water items test
* Added secondary lookup cache for cert hashes and fallback lookups
* Adopt new SantaVnode name
* Adopt min macOS 11. Adopt new SantaCacheHasher for SantaVnode.
* Rename the es client to FileAccessAuthorizer
* Added some more tests
* Added MockLogger and a lot more tests.
* Removed currently unused subscriptions. Don't enable FS client by default
* lint
* lint after rebase
* Use strtoul for hex string conversion. Update comments.
* PR feedback
* Move santa_action_t to SNTCommonEnums and rename to SNTAction
* Move likely and unlikely macros to a new BranchPrediction header
* Remove SNTCommon.h. Move SantaVnode to its own header.
* Add SantaVnodeHash
* Fix build deps
* Swtich from task_info to libproc for system resource info
* Fix return value
* Convert nanos to seconds
* Make GetTimebase static. Expose NanosToMachTime.
* Abstract return or GetTaskInfo to new type.
* WIP Rename SNTPrefixTree to PrefixTree
* WIP Implement the new PrefixTree and tests
* Add Unit type. Fix build and tests.
* lint
* Make NodeCount accessor for tests
* Updated comments
