MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed certificate creation when using with authenticode.

This commit is contained in:
Ylian Saint-Hilaire 2022-05-29 11:16:52 -07:00
parent 3e44d64c19
commit 25c805d7ea
2 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
certoperations.js
View File

@ -1089,7 +1089,7 @@ module.exports.CertificateOperations = function (parent) {
mpsPrivateKey = r.mps.key;
}
r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey, ca: [] }, webdefault: { cert: webCertificate, key: webPrivateKey, ca: [] }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, ca: calist, CommonName: commonName, RootName: rootName, AmtMpsName: mpsCommonName, dns: {}, WebIssuer: webIssuer };
r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey, ca: [] }, webdefault: { cert: webCertificate, key: webPrivateKey, ca: [] }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, codesign: { cert: codesignCertificate, key: codesignPrivateKey }, ca: calist, CommonName: commonName, RootName: rootName, AmtMpsName: mpsCommonName, dns: {}, WebIssuer: webIssuer };
// Fetch the certificates names for the main certificate
var webCertificate = obj.pki.certificateFromPem(r.web.cert);

21
meshcentral.js
View File

@ -2860,14 +2860,17 @@ function CreateMeshCentralServer(config, args) {
}
// Generate the agent signature description and URL
const serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
var signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
var signUrl = 'https://' + ((domain.dns != null) ? domain.dns : obj.certificates.CommonName);
if (httpsPort != 443) { signUrl += ':' + httpsPort; }
var xdomain = (domain.dns == null) ? domain.id : '';
if (xdomain != '') xdomain += '/';
signUrl += '/' + xdomain;
var serverSignedAgentsPath, signDesc, signUrl;
if (agentSignCertInfo != null) {
serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
signUrl = 'https://' + ((domain.dns != null) ? domain.dns : obj.certificates.CommonName);
if (httpsPort != 443) { signUrl += ':' + httpsPort; }
var xdomain = (domain.dns == null) ? domain.id : '';
if (xdomain != '') xdomain += '/';
signUrl += '/' + xdomain;
}
// Load agent information file. This includes the data & time of the agent.
const agentInfo = [];
@ -2893,7 +2896,7 @@ function CreateMeshCentralServer(config, args) {
if ((stats == null)) continue; // If this agent does not exist, skip it.
// Check if we need to sign this agent, if so, check if it's already been signed
if (obj.meshAgentsArchitectureNumbers[archid].codesign === true) {
if ((obj.meshAgentsArchitectureNumbers[archid].codesign === true) && (agentSignCertInfo != null)) {{
// Open the original agent with authenticode
var signeedagentpath = obj.path.join(serverSignedAgentsPath, obj.meshAgentsArchitectureNumbers[archid].localname);
const originalAgent = require('./authenticode.js').createAuthenticodeHandler(agentpath);