Added agent connection cert checking.

2024-12-25 14:45:52 -05:00 · 2020-11-15 00:32:02 -08:00 · 2020-11-15 00:32:02 -08:00 · 0194292e84
commit 0194292e84
parent 4e51a63d71
2 changed files with 8 additions and 10 deletions
--- a/meshuser.js
+++ b/meshuser.js
@ -1331,13 +1331,10 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use

                        // Add server TLS cert hash
                        var tlsCertHash = null;
-                        // TODO: Once new mesh agents seem to work, re-enable this.
-                        /*
                        if (parent.parent.args.ignoreagenthashcheck !== true) {
                            tlsCertHash = parent.webCertificateFullHashs[domain.id];
                            if (tlsCertHash != null) { command.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
                        }
-                        */

                        // Add user consent messages
                        command.soptions = {};
--- a/webserver.js
+++ b/webserver.js
@ -3218,13 +3218,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {

            // Instruct one of more agents to download a URL to a given local drive location.
            var tlsCertHash = null;
-            // TODO: Once new mesh agents seem to work, re-enable this.
-            /*
            if (parent.args.ignoreagenthashcheck !== true) {
                tlsCertHash = obj.webCertificateFullHashs[cmd.domain.id];
                if (tlsCertHash != null) { tlsCertHash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
            }
-            */
            for (var i in cmd.nodeids) {
                obj.GetNodeWithRights(cmd.domain, cmd.user, cmd.nodeids[i], function (node, rights, visible) {
                    if ((node == null) || ((rights & 8) == 0) || (visible == false)) return; // We don't have remote control rights to this device
@ -3238,10 +3235,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {

                    // Send the agent commands to perform the batch upload operation
                    for (var f in cmd.files) {
-                        const acmd = { action: 'wget', overwrite: cmd.overwrite, createFolder: cmd.createFolder, urlpath: '/agentdownload.ashx?c=' + obj.parent.encodeCookie({ a: 'tmpdl', d: cmd.domain.id, nid: node._id, f: cmd.files[f].target }, obj.parent.loginCookieEncryptionKey), path: obj.path.join(agentPath, cmd.files[f].name), folder: agentPath, servertlshash: tlsCertHash };
-                        var agent = obj.wsagents[node._id];
-                        if (agent != null) { try { agent.send(JSON.stringify(acmd)); } catch (ex) { } }
-                        // TODO: Add support for peer servers.
+                        if ((agentPath != null) && (cmd.files[f].name != null) {
+                            try {
+                                const acmd = { action: 'wget', overwrite: cmd.overwrite, createFolder: cmd.createFolder, urlpath: '/agentdownload.ashx?c=' + obj.parent.encodeCookie({ a: 'tmpdl', d: cmd.domain.id, nid: node._id, f: cmd.files[f].target }, obj.parent.loginCookieEncryptionKey), path: obj.path.join(agentPath, cmd.files[f].name), folder: agentPath, servertlshash: tlsCertHash };
+                                var agent = obj.wsagents[node._id];
+                                if (agent != null) { try { agent.send(JSON.stringify(acmd)); } catch (ex) { } }
+                                // TODO: Add support for peer servers.
+                            } catch (ex) { }
+                        }
                    }
                });
            }