Fix: Change uint64 fields in syncv1.proto to uint32 for compatibility

Change the uint64 fields in the syncv1.proto to uint32 to ensure backwards compatibility. This also updates the SNTSyncEventUpload code to use the uint32 values and updates sync protocol docs.
google · Aug 31, 2024 · be2ef79 · be2ef79
1 parent 2b00ec4
commit be2ef79
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 7 deletions.
diff --git a/Source/santad/EventProviders/SNTEndpointSecurityAuthorizer.mm b/Source/santad/EventProviders/SNTEndpointSecurityAuthorizer.mm
@@ -101,7 +101,6 @@ - (void)processMessage:(const Message &)msg {
                               }];
 }
 
-// Entry point not async
 - (void)handleMessage:(Message &&)esMsg
    recordEventMetrics:(void (^)(EventDisposition))recordEventMetrics {
   if (unlikely(esMsg->event_type != ES_EVENT_TYPE_AUTH_EXEC)) {
@@ -116,7 +115,7 @@ - (void)handleMessage:(Message &&)esMsg
     recordEventMetrics(EventDisposition::kDropped);
     return;
   }
-  // goes async
+
   [self processMessage:std::move(esMsg)
                handler:^(const Message &msg) {
                  [self processMessage:msg];

diff --git a/Source/santasyncservice/SNTSyncEventUpload.mm b/Source/santasyncservice/SNTSyncEventUpload.mm
@@ -150,8 +150,8 @@ - (BOOL)uploadEvents:(NSArray *)events {
   e->set_file_bundle_version(NSStringToUTF8String(event.fileBundleVersion));
   e->set_file_bundle_version_string(NSStringToUTF8String(event.fileBundleVersionString));
   e->set_file_bundle_hash(NSStringToUTF8String(event.fileBundleHash));
-  e->set_file_bundle_hash_millis([event.fileBundleHashMilliseconds longLongValue]);
-  e->set_file_bundle_binary_count([event.fileBundleBinaryCount longLongValue]);
+  e->set_file_bundle_hash_millis([event.fileBundleHashMilliseconds unsignedIntValue]);
+  e->set_file_bundle_binary_count([event.fileBundleBinaryCount unsignedIntValue]);
 
   e->set_pid([event.pid unsignedIntValue]);
   e->set_ppid([event.ppid unsignedIntValue]);

diff --git a/docs/development/sync-protocol.md b/docs/development/sync-protocol.md
@@ -140,7 +140,7 @@ The JSON object has the following keys:
 | enable_bundles              | Use previous setting                        | boolean | Enable bundle scanning | true |
 | enable_transitive_rules     | Use previous setting                        | boolean | Whether or not to enable transitive allowlisting | true |
 | batch_size                  | Use a Santa-defined default value           | integer | Number of events to upload at a time | 128 |
-| full_sync_interval          | Defaults to 600 seconds                     | integer | Number of seconds between full syncs. Note: Santa enforces a minimum value of 60. The default value will be used if a smaller value is provided. | 600 |
+| full_sync_interval          | Defaults to 600 seconds                     | uint32 | Number of seconds between full syncs. Note: Santa enforces a minimum value of 60. The default value will be used if a smaller value is provided. | 600 |
 | client_mode                 | Use previous setting                        | string  | Operating mode to set for the client | either `MONITOR` or `LOCKDOWN` |
 | allowed_path_regex          | Use previous setting                        | string  | Regular expression to allow a binary to execute from a path | "/Users/markowsk/foo/.\*" |
 | blocked_path_regex          | Use previous setting                        | string  | Regular expression to block a binary from executing by path | "/tmp/" |
@@ -223,8 +223,8 @@ sequenceDiagram
 | file_bundle_version | NO | string | The bundle version string | "9999.1.1" |
 | file_bundle_version_string | NO | string | Bundle short version string | "2.3.4" |
 | file_bundle_hash | NO | string | SHA256 hash of all executables in the bundle | "7466e3687f540bcb7792c6d14d5a186667dbe18a85021857b42effe9f0370805" |
-| file_bundle_hash_millis | NO | float64 | The time in milliseconds it took to find all of the binaries, hash and produce the bundle_hash | 1234775 |
-| file_bundle_binary_count | NO | integer | The number of binaries in a bundle | 13 |
+| file_bundle_hash_millis | NO | uint32 | The time in milliseconds it took to find all of the binaries, hash and produce the bundle_hash | 1234775 |
+| file_bundle_binary_count | NO | uint32 | The number of binaries in a bundle | 13 |
 | pid | NO | int | Process id of the executable that was blocked | 1234 |
 | ppid | NO | int | Parent process id of the executable that was blocked | 456 |
 | parent_name | NO | Parent process short command name of the executable that was blocked | "bar" |