From c7314117cdc8dd3cbf2956bd8ab572eda7c6312f Mon Sep 17 00:00:00 2001 From: Stephane Segning Lambou Date: Fri, 4 Oct 2024 19:39:28 +0200 Subject: [PATCH] chore: efs config; v0.2.4 --- scripts/install.ps1 | 2 +- scripts/install.sh | 78 +++------------------------- wazuh-cert-oauth2-client/Cargo.lock | 4 +- wazuh-cert-oauth2-client/Cargo.toml | 2 +- wazuh-cert-oauth2-client/src/main.rs | 7 +-- wazuh-cert-oauth2-model/Cargo.lock | 2 +- wazuh-cert-oauth2-model/Cargo.toml | 2 +- wazuh-cert-oauth2/Cargo.lock | 4 +- wazuh-cert-oauth2/Cargo.toml | 2 +- 9 files changed, 21 insertions(+), 82 deletions(-) diff --git a/scripts/install.ps1 b/scripts/install.ps1 index 3fe1003..c130446 100644 --- a/scripts/install.ps1 +++ b/scripts/install.ps1 @@ -4,7 +4,7 @@ $ErrorActionPreference = "Stop" # Default log level and application details $LOG_LEVEL = ${LOG_LEVEL:-"INFO"} $APP_NAME = ${APP_NAME:-"wazuh-cert-oauth2-client"} -$WOPS_VERSION = ${WOPS_VERSION:-"0.2.3"} +$WOPS_VERSION = ${WOPS_VERSION:-"0.2.4"} $OSSEC_CONF_PATH = ${OSSEC_CONF_PATH:-"C:\Program Files\ossec\etc\ossec.conf"} $USER = "root" $GROUP = "wazuh" diff --git a/scripts/install.sh b/scripts/install.sh index 6990400..8e0dbba 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -10,7 +10,7 @@ fi # Default log level and application details LOG_LEVEL=${LOG_LEVEL:-INFO} APP_NAME=${APP_NAME:-"wazuh-cert-oauth2-client"} -WOPS_VERSION=${WOPS_VERSION:-"0.2.3"} +WOPS_VERSION=${WOPS_VERSION:-"0.2.4"} OSSEC_CONF_PATH=${OSSEC_CONF_PATH:-"/var/ossec/etc/ossec.conf"} USER="root" GROUP="wazuh" @@ -116,31 +116,6 @@ ensure_user_group() { fi } -# Function to configure agent certificates in ossec.conf -configure_agent_certificates() { - info_message "Configuring agent certificates..." - - # Check and insert agent certificate path if it doesn't exist - if ! maybe_sudo grep -q 'etc/sslagent.cert' "$OSSEC_CONF_PATH"; then - maybe_sudo sed_alternative -i '/etc/sslagent.cert' "$OSSEC_CONF_PATH" || { - error_message "Error occurred during Wazuh agent certificate configuration." - exit 1 - } - fi - - # Check and insert agent key path if it doesn't exist - if ! maybe_sudo grep -q 'etc/sslagent.key' "$OSSEC_CONF_PATH"; then - maybe_sudo sed_alternative -i '/etc/sslagent.key' "$OSSEC_CONF_PATH" || { - error_message "Error occurred during Wazuh agent key configuration." - exit 1 - } - fi - - info_message "Agent certificates path configured successfully." -} - check_enrollment() { if ! maybe_sudo grep -q "" "$OSSEC_CONF_PATH"; then ENROLLMENT_BLOCK="\t\t\n\n \n etc/sslagent.cert\n etc/sslagent.key\n\n" @@ -149,14 +124,14 @@ check_enrollment() { error_message "Error occurred during the addition of the enrollment block." exit 1 } - info_message "The enrollement block was added successfully." + info_message "The enrollment block was added successfully." fi } # Determine the OS and architecture case "$(uname)" in - "Linux") OS="unknown-linux-gnu"; BIN_DIR="$HOME/.local/bin" ;; - "Darwin") OS="apple-darwin"; BIN_DIR="/usr/local/bin" ;; + "Linux") OS="unknown-linux-gnu"; BIN_DIR="/var/ossec/bin" ;; + "Darwin") OS="apple-darwin"; BIN_DIR="/Library/Ossec/bin" ;; *) error_exit "Unsupported operating system: $(uname)" ;; esac @@ -186,52 +161,15 @@ maybe_sudo mkdir -p "$BIN_DIR" || error_exit "Failed to create directory $BIN_DI maybe_sudo mv "$TEMP_DIR/$BIN_NAME" "$BIN_DIR/$APP_NAME" || error_exit "Failed to move binary to $BIN_DIR" maybe_sudo chmod 750 "$BIN_DIR/$APP_NAME" || error_exit "Failed to set executable permissions on the binary" -# Step 3: Update shell configuration -print_step 3 "Updating shell configuration..." - -# Determine the appropriate shell configuration file -CURRENT_SHELL=$(echo $SHELL) - -case "$CURRENT_SHELL" in - *zsh) - SHELL_RC="$HOME/.zshrc" - ;; - *bash) - SHELL_RC="$HOME/.bashrc" - ;; - *) - SHELL_RC="$HOME/.bashrc" - ;; -esac - -# If not yet present, add binary directory to PATH and set RUST_LOG environment variable -if ! grep -q "export PATH=\"$BIN_DIR:\$PATH\"" "$SHELL_RC"; then - info_message "Adding $BIN_DIR to PATH in $SHELL_RC..." - echo "export PATH=\"$BIN_DIR:\$PATH\"" >> "$SHELL_RC" - info_message "Updated PATH in $SHELL_RC" -fi - -# Set RUST_LOG environment variable to 'info' -if ! grep -q "export RUST_LOG=info" "$SHELL_RC"; then - echo "export RUST_LOG=info" >> "$SHELL_RC" - info_message "Set RUST_LOG=info in $SHELL_RC" -fi - -if [ -f "$SHELL_RC" ]; then - warn_message "Please run 'source $SHELL_RC' or open a new terminal to apply changes." -else - warn_message "No configuration file found. Changes might not apply. Add RUST_LOG=info when running the OAuth2 script" -fi - -# Step 4: Configure agent certificates -print_step 4 "Configuring Wazuh agent certificates..." +# Step 3: Configure agent certificates +print_step 3 "Configuring Wazuh agent certificates..." ## If OSSEC_CONF_PATH exist, then configure agent if [ -f "$OSSEC_CONF_PATH" ]; then check_enrollment - # configure_agent_certificates else warn_message "Wazuh agent configuration file not found at $OSSEC_CONF_PATH. Skipping agent certificate configuration." fi -success_message "Installation and configuration complete! You can now use '$APP_NAME' from your terminal." \ No newline at end of file +success_message "Installation and configuration complete! You can now use '$BIN_DIR/$APP_NAME' from your terminal." +info_message "Run \n\n\t${GREEN}${BOLD}sudo $BIN_DIR/$APP_NAME o-auth2${NORMAL}\n\n to start configuring. If you don't have sudo on your machine, you can run the command without sudo." \ No newline at end of file diff --git a/wazuh-cert-oauth2-client/Cargo.lock b/wazuh-cert-oauth2-client/Cargo.lock index 8ecc3fc..bb5392e 100644 --- a/wazuh-cert-oauth2-client/Cargo.lock +++ b/wazuh-cert-oauth2-client/Cargo.lock @@ -1786,7 +1786,7 @@ checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" [[package]] name = "wazuh-cert-oauth2-client" -version = "0.2.3" +version = "0.2.4" dependencies = [ "anyhow", "env_logger", @@ -1804,7 +1804,7 @@ dependencies = [ [[package]] name = "wazuh-cert-oauth2-model" -version = "0.2.3" +version = "0.2.4" dependencies = [ "anyhow", "jsonwebtoken", diff --git a/wazuh-cert-oauth2-client/Cargo.toml b/wazuh-cert-oauth2-client/Cargo.toml index 138bf1d..fb2ae2b 100644 --- a/wazuh-cert-oauth2-client/Cargo.toml +++ b/wazuh-cert-oauth2-client/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wazuh-cert-oauth2-client" -version = "0.2.3" +version = "0.2.4" edition = "2021" [dependencies] diff --git a/wazuh-cert-oauth2-client/src/main.rs b/wazuh-cert-oauth2-client/src/main.rs index 8778575..c887810 100644 --- a/wazuh-cert-oauth2-client/src/main.rs +++ b/wazuh-cert-oauth2-client/src/main.rs @@ -6,16 +6,17 @@ use std::env::var; use crate::services::get_token::get_token; use crate::services::get_user_keys::fetch_user_keys; use crate::services::save_to_file::save_keys; +use crate::services::set_name::set_name; use crate::shared::cli::Opt; use crate::shared::constants::*; use crate::shared::path::{default_cert_path, default_key_path}; use anyhow::Result; +use env_logger::{Builder, Env}; use structopt::StructOpt; use wazuh_cert_oauth2_model::models::claims::Claims; use wazuh_cert_oauth2_model::models::document::DiscoveryDocument; use wazuh_cert_oauth2_model::services::fetch_only::fetch_only; use wazuh_cert_oauth2_model::services::jwks::validate_token; -use crate::services::set_name::set_name; mod services; mod shared; @@ -23,7 +24,7 @@ mod shared; #[tokio::main] async fn main() -> Result<()> { - env_logger::init(); + Builder::from_env(Env::default().default_filter_or("info")).init(); info!("starting up"); @@ -53,7 +54,7 @@ async fn main() -> Result<()> { let token = get_token(&issuer, &client_id, client_secret).await?; match validate_token(&token, &jwks, &kc_audiences).await { - Ok(Claims { name, ..}) => { + Ok(Claims { name, .. }) => { let user_key = fetch_user_keys(&endpoint, &token).await?; save_keys(&cert_path, &key_path, &user_key).await?; info!("Keys saved successfully!"); diff --git a/wazuh-cert-oauth2-model/Cargo.lock b/wazuh-cert-oauth2-model/Cargo.lock index 2bb897f..d1283d8 100644 --- a/wazuh-cert-oauth2-model/Cargo.lock +++ b/wazuh-cert-oauth2-model/Cargo.lock @@ -1275,7 +1275,7 @@ checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" [[package]] name = "wazuh-cert-oauth2-model" -version = "0.2.3" +version = "0.2.4" dependencies = [ "anyhow", "jsonwebtoken", diff --git a/wazuh-cert-oauth2-model/Cargo.toml b/wazuh-cert-oauth2-model/Cargo.toml index 4259b61..028dbe8 100644 --- a/wazuh-cert-oauth2-model/Cargo.toml +++ b/wazuh-cert-oauth2-model/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wazuh-cert-oauth2-model" -version = "0.2.3" +version = "0.2.4" edition = "2021" [dependencies] diff --git a/wazuh-cert-oauth2/Cargo.lock b/wazuh-cert-oauth2/Cargo.lock index 9207e61..1d3901a 100644 --- a/wazuh-cert-oauth2/Cargo.lock +++ b/wazuh-cert-oauth2/Cargo.lock @@ -2037,7 +2037,7 @@ checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" [[package]] name = "wazuh-cert-oauth2" -version = "0.2.3" +version = "0.2.4" dependencies = [ "anyhow", "env_logger", @@ -2056,7 +2056,7 @@ dependencies = [ [[package]] name = "wazuh-cert-oauth2-model" -version = "0.2.3" +version = "0.2.4" dependencies = [ "anyhow", "jsonwebtoken", diff --git a/wazuh-cert-oauth2/Cargo.toml b/wazuh-cert-oauth2/Cargo.toml index 4ed32d9..61786bf 100644 --- a/wazuh-cert-oauth2/Cargo.toml +++ b/wazuh-cert-oauth2/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wazuh-cert-oauth2" -version = "0.2.3" +version = "0.2.4" edition = "2021" [dependencies]