Terminal is not bash, fixed chat feature.

This commit is contained in:
Ylian Saint-Hilaire 2019-05-30 09:40:59 -07:00
parent e7a903b8ee
commit 078745b97a
7 changed files with 36 additions and 28 deletions

View File

@ -831,8 +831,14 @@ function createMeshCore(agent) {
this.pipe(this.httprequest._term, { dataTypeSkip: 1, end: false }); this.pipe(this.httprequest._term, { dataTypeSkip: 1, end: false });
this.prependListener('end', function () { this.httprequest._term.end(function () { console.log('Terminal was closed'); }); }); this.prependListener('end', function () { this.httprequest._term.end(function () { console.log('Terminal was closed'); }); });
//this.httprequest.process = childProcess.execFile("%windir%\\system32\\cmd.exe"); //this.httprequest.process = childProcess.execFile("%windir%\\system32\\cmd.exe");
} else {
if (fs.existsSync("/bin/bash")) {
this.httprequest.process = childProcess.execFile("/bin/bash", ["bash", "-i"], { type: childProcess.SpawnTypes.TERM });
if (process.platform == 'linux') { this.httprequest.process.stdin.write("stty erase ^H\nalias ls='ls --color=auto'\nPS1='\\u@\\h:\\w\\$ '\nclear\n"); }
} else { } else {
this.httprequest.process = childProcess.execFile("/bin/sh", ["sh"], { type: childProcess.SpawnTypes.TERM }); this.httprequest.process = childProcess.execFile("/bin/sh", ["sh"], { type: childProcess.SpawnTypes.TERM });
}
//if (this.httprequest.process == null) { }
this.httprequest.process.tunnel = this; this.httprequest.process.tunnel = this;
this.httprequest.process.on('exit', function (ecode, sig) { this.tunnel.end(); }); this.httprequest.process.on('exit', function (ecode, sig) { this.tunnel.end(); });
this.httprequest.process.stderr.on('data', function (chunk) { this.parent.tunnel.write(chunk); }); this.httprequest.process.stderr.on('data', function (chunk) { this.parent.tunnel.write(chunk); });
@ -864,7 +870,6 @@ function createMeshCore(agent) {
this.removeAllListeners('data'); this.removeAllListeners('data');
this.on('data', onTunnelControlData); this.on('data', onTunnelControlData);
//this.write('MeshCore Terminal Hello'); //this.write('MeshCore Terminal Hello');
if (process.platform == 'linux') { this.httprequest.process.stdin.write("stty erase ^H\nalias ls='ls --color=auto'\nclear\n"); }
} else if (this.httprequest.protocol == 2) { } else if (this.httprequest.protocol == 2) {
// Check user access rights for desktop // Check user access rights for desktop

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.3.5-l", "version": "0.3.5-n",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -2005,7 +2005,7 @@
} }
return desktop.m.handleKeys(e); return desktop.m.handleKeys(e);
} }
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) return terminal.m.TermHandleKeys(e); if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeys(e); }
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) return agentConsoleHandleKeys(e); if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) return agentConsoleHandleKeys(e);
if (!xxdialogMode && xxcurrentView == 4) { if (!xxdialogMode && xxcurrentView == 4) {
if (e.ctrlKey == true || e.altKey == true || e.metaKey == true) return; if (e.ctrlKey == true || e.altKey == true || e.metaKey == true) return;
@ -2064,7 +2064,7 @@
} }
return desktop.m.handleKeyDown(e); return desktop.m.handleKeyDown(e);
} }
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeyDown(e); } if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { terminal.m.TermHandleKeyDown(e); if ((e.keyCode >= 37) && (e.keyCode <= 40)) { haltEvent(e); } }
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { haltEvent(e); return false; } // F5 Refresh on files if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { haltEvent(e); return false; } // F5 Refresh on files
if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) { return agentConsoleHandleKeys(e); } if (!xxdialogMode && ((xxcurrentView == 15) || (xxcurrentView == 115))) { return agentConsoleHandleKeys(e); }
if (!xxdialogMode && xxcurrentView == 4) { if (!xxdialogMode && xxcurrentView == 4) {
@ -2098,7 +2098,7 @@
} }
return desktop.m.handleKeyUp(e); return desktop.m.handleKeyUp(e);
} }
if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) return terminal.m.TermHandleKeyUp(e); if (!xxdialogMode && xxcurrentView == 12 && terminal && terminal.State == 3) { return terminal.m.TermHandleKeyUp(e); }
if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { p13folderup(9999); haltEvent(e); return false; } // F5 Refresh on files if (!xxdialogMode && xxcurrentView == 13 && e.keyCode == 116 && p13filetree != null) { p13folderup(9999); haltEvent(e); return false; } // F5 Refresh on files
if (!xxdialogMode && xxcurrentView == 4) { if ((e.keyCode === 8 && searchFocus == 0) || e.keyCode === 27) { return haltEvent(e); } } if (!xxdialogMode && xxcurrentView == 4) { if ((e.keyCode === 8 && searchFocus == 0) || e.keyCode === 27) { return haltEvent(e); } }
if (xxdialogMode && e.keyCode == 27) { dialogclose(0); } if (xxdialogMode && e.keyCode == 27) { dialogclose(0); }

View File

@ -489,7 +489,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
function handleLogoutRequest(req, res) { function handleLogoutRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi')) return; if ((domain == null) || (domain.auth == 'sspi')) { res.sendStatus(404); return; }
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
// Destroy the user's session to log them out will be re-created next request // Destroy the user's session to log them out will be re-created next request
@ -619,7 +619,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
function handleLoginRequest(req, res) { function handleLoginRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
// Normally, use the body username/password. If this is a token, use the username/password in the session. // Normally, use the body username/password. If this is a token, use the username/password in the session.
var xusername = req.body.username, xpassword = req.body.password; var xusername = req.body.username, xpassword = req.body.password;
@ -738,7 +738,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
function handleCreateAccountRequest(req, res) { function handleCreateAccountRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; } if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Check if we are allowed to create new users using the login screen // Check if we are allowed to create new users using the login screen
var domainUserCount = -1; var domainUserCount = -1;
@ -911,7 +911,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Called to process an account reset request // Called to process an account reset request
function handleResetAccountRequest(req, res) { function handleResetAccountRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; } if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Get the email from the body or session. // Get the email from the body or session.
var email = req.body.email; var email = req.body.email;
@ -975,7 +975,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Called to process a web based email verification request // Called to process a web based email verification request
function handleCheckMailRequest(req, res) { function handleCheckMailRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; } if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
if (req.query.c != null) { if (req.query.c != null) {
var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30); var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30);
@ -1066,7 +1066,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
function handleDeleteAccountRequest(req, res) { function handleDeleteAccountRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; } if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Check if the user is logged and we have all required parameters // Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; } if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
@ -1137,7 +1137,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle password changes // Handle password changes
function handlePasswordChangeRequest(req, res) { function handlePasswordChangeRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(401); return; } if ((domain == null) || (domain.auth == 'sspi') || (domain.auth == 'ldap')) { res.sendStatus(404); return; }
// Check if the user is logged and we have all required parameters // Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; } if (!req.session || !req.session.userid || !req.body.apassword0 || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
@ -1169,7 +1169,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Indicates that any request to "/" should render "default" or "login" depending on login state // Indicates that any request to "/" should render "default" or "login" depending on login state
function handleRootRequest(req, res) { function handleRootRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if (!obj.args) { res.sendStatus(500); return; } if (!obj.args) { res.sendStatus(500); return; }
if ((domain.sspi != null) && ((req.query.login == null) || (obj.parent.loginCookieEncryptionKey == null))) { if ((domain.sspi != null) && ((req.query.login == null) || (obj.parent.loginCookieEncryptionKey == null))) {
@ -1441,7 +1441,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Render the terms of service. // Render the terms of service.
function handleTermsRequest(req, res) { function handleTermsRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
// See if term.txt was loaded from the database // See if term.txt was loaded from the database
if ((parent.configurationFiles != null) && (parent.configurationFiles['terms.txt'] != null)) { if ((parent.configurationFiles != null) && (parent.configurationFiles['terms.txt'] != null)) {
@ -1493,6 +1493,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Render the messenger application. // Render the messenger application.
function handleMessengerRequest(req, res) { function handleMessengerRequest(req, res) {
const domain = checkUserIpAddress(req, res);
if (domain == null) { res.sendStatus(404); return; }
var webRtcConfig = null; var webRtcConfig = null;
if (obj.parent.config.settings && obj.parent.config.settings.webrtconfig && (typeof obj.parent.config.settings.webrtconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(obj.parent.config.settings.webrtconfig)); } if (obj.parent.config.settings && obj.parent.config.settings.webrtconfig && (typeof obj.parent.config.settings.webrtconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(obj.parent.config.settings.webrtconfig)); }
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
@ -1608,7 +1611,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle user public file downloads // Handle user public file downloads
function handleDownloadUserFiles(req, res) { function handleDownloadUserFiles(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; } if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; }
var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = ''; var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = '';
if ((spliturl.length < 3) || (obj.common.IsFilenameValid(spliturl[2]) == false) || (domain.userQuota == -1)) { res.sendStatus(404); return; } if ((spliturl.length < 3) || (obj.common.IsFilenameValid(spliturl[2]) == false) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
@ -1708,7 +1711,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Download a file from the server // Download a file from the server
function handleDownloadFile(req, res) { function handleDownloadFile(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; } if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
const user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if (user == null) { res.sendStatus(404); return; } if (user == null) { res.sendStatus(404); return; }
@ -1721,7 +1724,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Upload a MeshCore.js file to the server // Upload a MeshCore.js file to the server
function handleUploadMeshCoreFile(req, res) { function handleUploadMeshCoreFile(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
const user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only) if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
@ -1746,7 +1749,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Upload a file to the server // Upload a file to the server
function handleUploadFile(req, res) { function handleUploadFile(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; }
const user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights
@ -2097,7 +2100,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle the web socket echo request, just echo back the data sent // Handle the web socket echo request, just echo back the data sent
function handleEchoWebSocket(ws, req) { function handleEchoWebSocket(ws, req) {
const domain = checkUserIpAddress(ws, req); const domain = checkUserIpAddress(ws, req);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive
// When data is received from the web socket, echo it back // When data is received from the web socket, echo it back
@ -2218,7 +2221,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a server backup request // Handle a server backup request
function handleBackupRequest(req, res) { function handleBackupRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; } if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
var user = obj.users[req.session.userid]; var user = obj.users[req.session.userid];
if ((user == null) || ((user.siteadmin & 1) == 0)) { res.sendStatus(401); return; } // Check if we have server backup rights if ((user == null) || ((user.siteadmin & 1) == 0)) { res.sendStatus(401); return; } // Check if we have server backup rights
@ -2250,7 +2253,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a server restore request // Handle a server restore request
function handleRestoreRequest(req, res) { function handleRestoreRequest(req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; } if ((!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
const user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights if ((user == null) || ((user.siteadmin & 4) == 0)) { res.sendStatus(401); return; } // Check if we have server restore rights
@ -2266,7 +2269,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a request to download a mesh agent // Handle a request to download a mesh agent
obj.handleMeshAgentRequest = function (req, res) { obj.handleMeshAgentRequest = function (req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
// If required, check if this user has rights to do this // If required, check if this user has rights to do this
if ((obj.parent.config.settings != null) && (obj.parent.config.settings.lockagentdownload == true) && (req.session.userid == null)) { res.sendStatus(401); return; } if ((obj.parent.config.settings != null) && (obj.parent.config.settings.lockagentdownload == true) && (req.session.userid == null)) { res.sendStatus(401); return; }
@ -2512,7 +2515,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a request to download a mesh settings // Handle a request to download a mesh settings
obj.handleMeshSettingsRequest = function (req, res) { obj.handleMeshSettingsRequest = function (req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
//if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; } //if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
// If required, check if this user has rights to do this // If required, check if this user has rights to do this
@ -2552,7 +2555,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a request for power events // Handle a request for power events
obj.handleDevicePowerEvents = function (req, res) { obj.handleDevicePowerEvents = function (req, res) {
const domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) { res.sendStatus(404); return; }
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (req.query.id == null) || (typeof req.query.id != 'string')) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (req.query.id == null) || (typeof req.query.id != 'string')) { res.sendStatus(401); return; }
var x = req.query.id.split('/'); var x = req.query.id.split('/');
var user = obj.users[req.session.userid]; var user = obj.users[req.session.userid];