Merge branch 'feature-cb-36581' into 'develop'

CB-36581: Preare for 2.2.0 release See merge request carbonblack/integrations/yara-connector!8
carbonblack · Aug 12, 2021 · c3684d3 · c3684d3
2 parents a58b5d6 + 2a8e26c
commit c3684d3
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,10 @@
+VMware Carbon Black EDR Yara Integration Changelog
+
+## v2.2.0
+
+#### Bug Fixes / Changes
+
+* Optimization, refactoring of codebase
+* Standalone mode no longer requires a celery broker
+* More efficient EDR Modulestore Scanning
+
diff --git a/cb-yara-connector.rpm.spec b/cb-yara-connector.rpm.spec
@@ -41,8 +41,14 @@ mkdir -p ${RPM_BUILD_ROOT}/tmp
 mkdir -p ${RPM_BUILD_ROOT}/var/run/
 mkdir -p ${RPM_BUILD_ROOT}/var/cb/data/cb-yara-connector/feed_db
 
+%if %{defined el6}
+mkdir -p ${RPM_BUILD_ROOT}/etc/init
+mkdir -p ${RPM_BUILD_ROOT}/etc/init.d/
+install -m 700 ${RPM_SOURCE_DIR}/cb-yara-connector ${RPM_BUILD_ROOT}/etc/init.d/cb-yara-connector
+%else
 mkdir -p ${RPM_BUILD_ROOT}/etc/systemd/system
 install -m 0644 ${RPM_SOURCE_DIR}/cb-yara-connector.service ${RPM_BUILD_ROOT}/etc/systemd/system/cb-yara-connector.service
+%endif
 
 cp ${RPM_SOURCE_DIR}/example-conf/yara.conf ${RPM_BUILD_ROOT}/etc/cb/integrations/cb-yara-connector/yaraconnector.conf.example
 install -m 0755 ${RPM_BUILD_DIR}/%{name}-%{version}/dist/yaraconnector ${RPM_BUILD_ROOT}/usr/share/cb/integrations/cb-yara-connector/
@@ -53,12 +59,21 @@ touch ${RPM_BUILD_ROOT}/tmp/yaraconnectorceleryworker
 %files
 %defattr(-,root,root)
 %config /etc/cb/integrations/cb-yara-connector/yaraconnector.conf.example
+%if %{defined el6}
+/etc/init.d/cb-yara-connector
+%else
 /etc/systemd/system/cb-yara-connector.service
+%endif
 /tmp/yaraconnectorceleryworker
 /usr/share/cb/integrations/cb-yara-connector/yara-logo.png
 /usr/share/cb/integrations/cb-yara-connector/yaraconnector
 /var/log/cb/integrations/cb-yara-connector/yaraconnector.log
+%dir /etc/cb/integrations/cb-yara-connector/yara_rules
 
 %preun
+%if %{defined el6}
+service cb-yara-connector stop
+%else
 systemctl stop cb-yara-connector
+%endif
 
diff --git a/cb-yara-connector.spec b/cb-yara-connector.spec
@@ -1,15 +1,17 @@
-#import distutils
-#if distutils.distutils_path.endswith('__init__.py'):
-#    distutils.distutils_path = os.path.dirname(distutils.distutils_path)
+from PyInstaller.utils.hooks import collect_submodules
+
+hiddenimports = collect_submodules('encodings')
 
 block_cipher = None
+hiddenimports.extend(['encodings.cp437', 'encodings','billiard','billiard.heap','lockfile','mmap','pkg_resources.py2_warn','celery.app.control','celery.worker.strategy','celery.worker.consumer','celery.events.state','celery.worker.autoscale','celery.worker.components','celery.concurrency.prefork','celery.apps','celery.apps.worker','celery.app.log','celery.fixups', 'celery.fixups.django', 'celery.loaders.app','celery.app.amqp', 'kombu.transport.redis', 'redis', 'celery.backends','celery.backends.redis', 'celery.app.events', 'celery.events', 'kombu.transport.pyamqp'])
+
 
 a = Analysis(['src/cb-yara-connector'],
              pathex=['./src'],
              binaries=[],
-             hiddenimports=['billiard','billiard.heap','lockfile','mmap','pkg_resources.py2_warn','celery.app.control','celery.worker.strategy','celery.worker.consumer','celery.events.state','celery.worker.autoscale','celery.worker.components','celery.concurrency.prefork','celery.apps','celery.apps.worker','celery.app.log','celery.fixups', 'celery.fixups.django', 'celery.loaders.app','celery.app.amqp', 'kombu.transport.redis', 'redis', 'celery.backends','celery.backends.redis', 'celery.app.events', 'celery.events', 'kombu.transport.pyamqp'],
              hookspath=[],
              runtime_hooks=[],
+             hiddenimports=hiddenimports,
              excludes=[],
              win_no_prefer_redirects=False,
              win_private_assemblies=False,

diff --git a/requirements.txt b/requirements.txt
@@ -13,5 +13,5 @@ requests==2.22.0
 simplejson==3.17.0
 urllib3==1.25.7
 yara-python==3.11.0
-pyinstaller==4.2
-cbfeeds==1.0.0
+pyinstaller==4.3
+cbfeeds==1.0.0
diff --git a/src/cbopensource/connectors/yara_connector/task_utils.py b/src/cbopensource/connectors/yara_connector/task_utils.py
@@ -3,7 +3,9 @@
 import zipfile
 
 import requests
+from encodings import cp437
 
+cp437encoding = cp437
 
 def lookup_binary_by_hash(hsum, url, token, timeout=30):
     headers = {"X-Auth-Token": token}