Final touches before the 3490 release. (#1125)

* Minor fixes in the client builder logic.
* Version bumped to 3490, CHANGELOG updated.
* Further RRG development.

Author: mbushkov

CHANGELOG.md

@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
+### Removed
+
+### Changed
+
+## [3.4.9.0] - 2025-02-27
+
+### Added
+
 * Added support for listing `%SystemDrive%\Users` as a supplementary mechanism
   for collecting user profiles on Windows (additionally to using data from the
   registry).

compose.yaml

@@ -28,7 +28,7 @@ services:
       - ./docker_config_files/mysql/init.sh:/docker-entrypoint-initdb.d/init.sh
       - db_data:/var/lib/mysql:rw
     ports:
-      - "3306:3306"      
+      - "3306:3306"
     expose:
       - "3306"
     networks:

grr/client_builder/grr_response_client_builder/client_build.py

@@ -213,6 +213,17 @@ def BuildTemplate(self, context=None, output=None):
       # The repacker uses this context to chose the .msi extension for the
       # repacked installer.
       context.append("Target:WindowsMsi")
+    if "Target:Darwin" in context:
+      if not grr_config.CONFIG.Get(
+          "ClientBuilder.install_dir", context=context
+      ):
+        raise ValueError("ClientBuilder.install_dir must be set on Darwin.")
+      if not grr_config.CONFIG.Get(
+          "ClientBuilder.fleetspeak_plist_path", context=context
+      ):
+        raise ValueError(
+            "ClientBuilder.fleetspeak_plist_path must be set on Darwin."
+        )
 
     template_path = None
     # If output is specified, place the built template file there, otherwise
@@ -422,24 +433,6 @@ def main(args):
   logger.handlers = [handler]
 
   if args.subparser_name == "build":
-    if grr_config.CONFIG.ContextApplied("Platform:Darwin"):
-      # We know that the client builder is run on Darwin, so we can check that
-      # the required config options are set. But the builder config options use
-      # the "Target:Darwin" context, as they care about the target system that
-      # the template is built for, not the system that the builder is run on.
-      # The fact that we build macOS templates on Darwin is technically
-      # an implementation detail even though it is impossible to build macOS
-      # templates on any other platform.
-      if not grr_config.CONFIG.Get(
-          "ClientBuilder.install_dir",
-          context=[contexts.TARGET_DARWIN],
-      ):
-        raise RuntimeError("ClientBuilder.install_dir must be set.")
-      if not grr_config.CONFIG.Get(
-          "ClientBuilder.fleetspeak_plist_path",
-          context=[contexts.TARGET_DARWIN],
-      ):
-        raise RuntimeError("ClientBuilder.fleetspeak_plist_path must be set.")
     TemplateBuilder().BuildTemplate(context=context, output=args.output)
   elif args.subparser_name == "repack":
     if args.debug_build:

grr/proto/grr_response_proto/api/signed_commands.proto

@@ -26,7 +26,7 @@ message ApiCommand {
 
     // Whether the command should allow execution with arbitrary
     // standard input without it being pre-signed.
-    bool unsigned_stdin = 7;
+    bool unsigned_stdin_allowed = 7;
   }
 }
 

grr/proto/grr_response_proto/rrg/action/execute_signed_command.proto

@@ -10,7 +10,7 @@ package rrg.action.execute_signed_command;
 import "google/protobuf/duration.proto";
 import "grr_response_proto/rrg/fs.proto";
 
-message SignedCommand {
+message Command {
   // Path to the executable file to execute.
   rrg.fs.Path path = 1;
 
@@ -29,18 +29,18 @@ message SignedCommand {
 
     // Whether the command should allow execution with arbitrary
     // standard input without it being pre-signed.
-    bool unsigned_stdin = 5;
+    bool unsigned_stdin_allowed = 5;
   }
 }
 
 message Args {
-  // Serialized `SignedCommand` message to execute.
+  // Serialized `Command` message to execute.
   bytes command = 1;
 
   // Standard input to pass to the executed command.
   //
   // For this option to work, the command that has been signed has to allow
-  // arbitrary standard input by having the `unsigned_stdin` flag set.
+  // arbitrary standard input by having the `unsigned_stdin_allowed` flag set.
   bytes unsigned_stdin = 2;
 
   // An [Ed25519][1] signature of the command.

grr/proto/grr_response_proto/signed_commands.proto

@@ -16,7 +16,7 @@ message Command {
   repeated EnvVar env_vars = 3;
   oneof stdin {
     // Whether the stdin of the command is unsigned.
-    bool unsigned_stdin = 4;
+    bool unsigned_stdin_allowed = 4;
     // The stdin of the command, if it is signed.
     bytes signed_stdin = 5;
   }

grr/server/grr_response_server/bin/command_signer.py

@@ -41,9 +41,9 @@ def _GetCommandSigner() -> command_signer.AbstractCommandSigner:
 
 def _ConvertToRrgCommand(
     command: api_signed_commands_pb2.ApiCommand,
-) -> execute_signed_command_pb2.SignedCommand:
+) -> execute_signed_command_pb2.Command:
   """Converts a GRR command to a RRG command."""
-  rrg_command = execute_signed_command_pb2.SignedCommand()
+  rrg_command = execute_signed_command_pb2.Command()
 
   rrg_command.path.raw_bytes = command.path.encode("utf-8")
   rrg_command.args.extend(command.args)
@@ -52,7 +52,7 @@ def _ConvertToRrgCommand(
   if command.HasField("signed_stdin"):
     rrg_command.signed_stdin = command.signed_stdin
   else:
-    rrg_command.unsigned_stdin = command.unsigned_stdin
+    rrg_command.unsigned_stdin_allowed = command.unsigned_stdin_allowed
   return rrg_command
 
 

grr/server/grr_response_server/bin/command_signer_test.py

@@ -18,7 +18,7 @@ def testConvertToRrgCommand(self):
 
     rrg_command = command_signer._ConvertToRrgCommand(command)
 
-    expected = execute_signed_command_pb2.SignedCommand()
+    expected = execute_signed_command_pb2.Command()
     expected.path.raw_bytes = b"foo"
     expected.args.extend(["bar", "baz"])
     expected.env["FOO"] = "bar"

grr/server/grr_response_server/command_signer.py

@@ -14,14 +14,14 @@ class AbstractCommandSigner(metaclass=abc.ABCMeta):
   """A base class for command signers."""
 
   @abc.abstractmethod
-  def Sign(self, command: execute_signed_command_pb2.SignedCommand) -> bytes:
+  def Sign(self, command: execute_signed_command_pb2.Command) -> bytes:
     """Signs a command and returns the signature."""
 
   @abc.abstractmethod
   def Verify(
       self,
       signature: bytes,
-      command: execute_signed_command_pb2.SignedCommand,
+      command: execute_signed_command_pb2.Command,
   ) -> None:
     """Validates a signature for given data with a verification key.
 

grr/server/grr_response_server/command_signer_test_mixin.py

@@ -11,19 +11,19 @@ class CommandSignerTestMixin:
   signer: command_signer.AbstractCommandSigner
 
   def testVerifySignatureCanSignAndVerify(self):  # pylint: disable=invalid-name
-    command = execute_signed_command_pb2.SignedCommand()
+    command = execute_signed_command_pb2.Command()
     command.path.raw_bytes = b"/bin/ls"
     command.args.append("-l")
     command.env["PATH"] = "/usr/bin"
-    command.unsigned_stdin = True
+    command.unsigned_stdin_allowed = True
 
     signature = self.signer.Sign(command)
     self.assertLen(signature, 64)
 
     self.signer.Verify(signature, command)
 
   def testVerifySignatureRaisesWhenSignatureIsInvalid(self):  # pylint: disable=invalid-name
-    command = execute_signed_command_pb2.SignedCommand()
+    command = execute_signed_command_pb2.Command()
     command.path.raw_bytes = b"/bin/ls"
 
     signature = b"invalid signature"