Updated MeshAgents, MeshCentral Router and bug fixes.

This commit is contained in:
Ylian Saint-Hilaire 2020-06-04 23:27:48 -07:00
parent 8ef040a616
commit 213a3af6a9
29 changed files with 889 additions and 872 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

File diff suppressed because one or more lines are too long

View File

@ -27,6 +27,7 @@ function amt_heci() {
this._setupPTHI = function _setupPTHI()
{
this._amt = heci.create();
this._amt.descriptorMetadata = "amt-pthi";
this._amt.BiosVersionLen = 65;
this._amt.UnicodeStringLen = 20;
@ -397,20 +398,25 @@ function amt_heci() {
fn.apply(this, opt);
}, callback, optional);
}
this.getProtocolVersion = function getProtocolVersion(callback) {
this.getProtocolVersion = function getProtocolVersion(callback)
{
var optional = [];
for (var i = 1; i < arguments.length; ++i) { opt.push(arguments[i]); }
heci.doIoctl(heci.IOCTL.HECI_VERSION, Buffer.alloc(5), Buffer.alloc(5), function (status, buffer, self, fn, opt) {
if (!this._tmpSession) { this._tmpSession = heci.create(); this._tmpSession.parent = this;}
this._tmpSession.doIoctl(heci.IOCTL.HECI_VERSION, Buffer.alloc(5), Buffer.alloc(5), function (status, buffer, self, fn, opt)
{
if (status == 0) {
var result = buffer.readUInt8(0).toString() + '.' + buffer.readUInt8(1).toString() + '.' + buffer.readUInt8(2).toString() + '.' + buffer.readUInt16BE(3).toString();
opt.unshift(result);
fn.apply(self, opt);
}
else {
else
{
opt.unshift(null);
fn.apply(self, opt);
}
}, this, callback, optional);
}
}

View File

@ -27,6 +27,7 @@ function amt_heci() {
this._setupPTHI = function _setupPTHI()
{
this._amt = heci.create();
this._amt.descriptorMetadata = "amt-pthi";
this._amt.BiosVersionLen = 65;
this._amt.UnicodeStringLen = 20;
@ -397,20 +398,25 @@ function amt_heci() {
fn.apply(this, opt);
}, callback, optional);
}
this.getProtocolVersion = function getProtocolVersion(callback) {
this.getProtocolVersion = function getProtocolVersion(callback)
{
var optional = [];
for (var i = 1; i < arguments.length; ++i) { opt.push(arguments[i]); }
heci.doIoctl(heci.IOCTL.HECI_VERSION, Buffer.alloc(5), Buffer.alloc(5), function (status, buffer, self, fn, opt) {
if (!this._tmpSession) { this._tmpSession = heci.create(); this._tmpSession.parent = this;}
this._tmpSession.doIoctl(heci.IOCTL.HECI_VERSION, Buffer.alloc(5), Buffer.alloc(5), function (status, buffer, self, fn, opt)
{
if (status == 0) {
var result = buffer.readUInt8(0).toString() + '.' + buffer.readUInt8(1).toString() + '.' + buffer.readUInt8(2).toString() + '.' + buffer.readUInt16BE(3).toString();
opt.unshift(result);
fn.apply(self, opt);
}
else {
else
{
opt.unshift(null);
fn.apply(self, opt);
}
}, this, callback, optional);
}
}

View File

@ -40,9 +40,9 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
obj.server.on('resumeSession', function (id, cb) { cb(null, tlsSessionStore[id.toString('hex')] || null); });
}
obj.server.listen(args.mpsport, function () {
obj.server.listen(args.mpsport, args.mpsportbind, function () {
console.log("MeshCentral Intel(R) AMT server running on " + certificates.AmtMpsName + ":" + args.mpsport + ((args.mpsaliasport != null) ? (", alias port " + args.mpsaliasport) : "") + ".");
obj.parent.authLog('mps', 'Server listening on 0.0.0.0 port ' + args.mpsport + '.');
obj.parent.authLog('mps', 'Server listening on ' + ((args.mpsportbind != null) ? args.mpsportbind : '0.0.0.0') + ' port ' + args.mpsport + '.');
}).on("error", function (err) { console.error("ERROR: MeshCentral Intel(R) AMT server port " + args.mpsport + " is not available."); if (args.exactports) { process.exit(); } });
obj.server.on('tlsClientError', function (err, tlssocket) { if (args.mpsdebug) { var remoteAddress = tlssocket.remoteAddress; if (tlssocket.remoteFamily == 'IPv6') { remoteAddress = '[' + remoteAddress + ']'; } console.log('MPS:Invalid TLS connection from ' + remoteAddress + ':' + tlssocket.remotePort + '.'); } });

File diff suppressed because one or more lines are too long

View File

@ -122,21 +122,21 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
}
// Find a free port starting with the specified one and going up.
function CheckListenPort(port, func) {
function CheckListenPort(port, addr, func) {
var s = obj.net.createServer(function (socket) { });
obj.tcpServer = s.listen(port, function () { s.close(function () { if (func) { func(port); } }); }).on("error", function (err) {
obj.tcpServer = s.listen(port, function () { s.close(function () { if (func) { func(port, addr); } }); }).on("error", function (err) {
if (args.exactports) { console.error("ERROR: MeshCentral HTTP server port " + port + " not available."); process.exit(); }
else { if (port < 65535) { CheckListenPort(port + 1, func); } else { if (func) { func(0); } } }
else { if (port < 65535) { CheckListenPort(port + 1, addr, func); } else { if (func) { func(0); } } }
});
}
// Start the ExpressJS web server, if the port is busy try the next one.
function StartRedirServer(port) {
function StartRedirServer(port, addr) {
if (port == 0 || port == 65535) { return; }
obj.tcpServer = obj.app.listen(port, function () {
obj.tcpServer = obj.app.listen(port, addr, function () {
obj.port = port;
console.log("MeshCentral HTTP redirection server running on port " + port + ".");
obj.parent.authLog('http', 'Server listening on 0.0.0.0 port ' + port + '.');
obj.parent.authLog('http', 'Server listening on ' + ((addr != null)?addr:'0.0.0.0') + ' port ' + port + '.');
obj.parent.updateServerState('redirect-port', port);
func(obj.port);
}).on('error', function (err) {
@ -155,7 +155,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
return (servernameRe.test(servername) && -1 === servername.indexOf('..') && servername) || '';
};
CheckListenPort(args.redirport, StartRedirServer);
CheckListenPort(args.redirport, args.redirportbind, StartRedirServer);
return obj;
};

View File

@ -21,10 +21,13 @@
"statsevents": 2592000
},
"_Port": 443,
"_PortBind": "127.0.0.1",
"_AliasPort": 444,
"_RedirPort": 80,
"_RedirPortBind": "127.0.0.1",
"_RedirAliasPort": 80,
"_AgentPort": 1234,
"_AgentPortBind": "127.0.0.1",
"_AgentAliasPort": 1234,
"_AgentAliasDNS": "agents.myserver.mydomain.com",
"_AgentPortTls": true,
@ -61,6 +64,7 @@
"_TlsOffload": "127.0.0.1,::1",
"_TrustedProxy": "127.0.0.1,::1",
"_MpsPort": 44330,
"_MpsPortBind": "127.0.0.1",
"_MpsAliasPort": 4433,
"_MpsAliasHost": "mps.mydomain.com",
"_MpsTlsOffload": true,

View File

@ -4805,10 +4805,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
// Start server on a free port.
CheckListenPort(obj.args.port, StartWebServer);
CheckListenPort(obj.args.port, obj.args.portbind, StartWebServer);
// Start on a second agent-only alternative port if needed.
if (obj.args.agentport) { CheckListenPort(obj.args.agentport, StartAltWebServer); }
if (obj.args.agentport) { CheckListenPort(obj.args.agentport, obj.args.agentportbind, StartAltWebServer); }
}
// Authenticates a session and forwards
@ -5024,30 +5024,30 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
// Find a free port starting with the specified one and going up.
function CheckListenPort(port, func) {
function CheckListenPort(port, addr, func) {
var s = obj.net.createServer(function (socket) { });
obj.tcpServer = s.listen(port, function () { s.close(function () { if (func) { func(port); } }); }).on('error', function (err) {
obj.tcpServer = s.listen(port, addr, function () { s.close(function () { if (func) { func(port, addr); } }); }).on('error', function (err) {
if (args.exactports) { console.error('ERROR: MeshCentral HTTPS server port ' + port + ' not available.'); process.exit(); }
else { if (port < 65535) { CheckListenPort(port + 1, func); } else { if (func) { func(0); } } }
else { if (port < 65535) { CheckListenPort(port + 1, addr, func); } else { if (func) { func(0); } } }
});
}
// Start the ExpressJS web server
function StartWebServer(port) {
function StartWebServer(port, addr) {
if ((port < 1) || (port > 65535)) return;
obj.args.port = port;
if (obj.tlsServer != null) {
if (obj.args.lanonly == true) {
obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
obj.tcpServer = obj.tlsServer.listen(port, addr, function () { console.log('MeshCentral HTTPS server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
} else {
obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS server running on ' + certificates.CommonName + ':' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
obj.tcpServer = obj.tlsServer.listen(port, addr, function () { console.log('MeshCentral HTTPS server running on ' + certificates.CommonName + ':' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
obj.parent.updateServerState('servername', certificates.CommonName);
}
if (obj.parent.authlog) { obj.parent.authLog('https', 'Server listening on 0.0.0.0 port ' + port + '.'); }
if (obj.parent.authlog) { obj.parent.authLog('https', 'Server listening on ' + ((addr != null) ? addr : '0.0.0.0') + ' port ' + port + '.'); }
obj.parent.updateServerState('https-port', port);
if (args.aliasport != null) { obj.parent.updateServerState('https-aliasport', args.aliasport); }
} else {
obj.tcpServer = obj.app.listen(port, function () { console.log('MeshCentral HTTP server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
obj.tcpServer = obj.app.listen(port, addr, function () { console.log('MeshCentral HTTP server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
obj.parent.updateServerState('http-port', port);
if (args.aliasport != null) { obj.parent.updateServerState('http-aliasport', args.aliasport); }
}
@ -5067,20 +5067,20 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
// Start the ExpressJS web server on agent-only alternative port
function StartAltWebServer(port) {
function StartAltWebServer(port, addr) {
if ((port < 1) || (port > 65535)) return;
var agentAliasPort = null;
if (args.agentaliasport != null) { agentAliasPort = args.agentaliasport; }
if (obj.tlsAltServer != null) {
if (obj.args.lanonly == true) {
obj.tcpAltServer = obj.tlsAltServer.listen(port, function () { console.log('MeshCentral HTTPS agent-only server running on port ' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
obj.tcpAltServer = obj.tlsAltServer.listen(port, addr, function () { console.log('MeshCentral HTTPS agent-only server running on port ' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
} else {
obj.tcpAltServer = obj.tlsAltServer.listen(port, function () { console.log('MeshCentral HTTPS agent-only server running on ' + certificates.CommonName + ':' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
obj.tcpAltServer = obj.tlsAltServer.listen(port, addr, function () { console.log('MeshCentral HTTPS agent-only server running on ' + certificates.CommonName + ':' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
}
if (obj.parent.authlog) { obj.parent.authLog('https', 'Server listening on 0.0.0.0 port ' + port + '.'); }
obj.parent.updateServerState('https-agent-port', port);
} else {
obj.tcpAltServer = obj.agentapp.listen(port, function () { console.log('MeshCentral HTTP agent-only server running on port ' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
obj.tcpAltServer = obj.agentapp.listen(port, addr, function () { console.log('MeshCentral HTTP agent-only server running on port ' + port + ((agentAliasPort != null) ? (', alias port ' + agentAliasPort) : '') + '.'); });
obj.parent.updateServerState('http-agent-port', port);
}
}