From 3632741d9e59011398d11e76792b49a5a3be75db Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Wed, 11 Oct 2017 12:20:59 -0700 Subject: [PATCH] MPS certificate name fix, added MeshType to .msh. --- certoperations.js | 13 ++++++++----- meshcentral.js | 4 ++-- package.json | 2 +- webserver.js | 2 +- 4 files changed, 12 insertions(+), 9 deletions(-) diff --git a/certoperations.js b/certoperations.js index b6207a1f..1ae667d3 100644 --- a/certoperations.js +++ b/certoperations.js @@ -219,6 +219,9 @@ module.exports.CertificateOperations = function () { // Fetch the Intel AMT console name var consoleCertificate = obj.pki.certificateFromPem(r.console.cert); r.AmtConsoleName = consoleCertificate.subject.getField('CN').value; + // Fetch the Intel AMT MPS common name + var mpsCertificate = obj.pki.certificateFromPem(r.mps.cert); + r.AmtMpsName = mpsCertificate.subject.getField('CN').value; // Fetch the name of the server var webCertificate = obj.pki.certificateFromPem(r.web.cert); r.CommonName = webCertificate.subject.getField('CN').value; @@ -229,7 +232,7 @@ module.exports.CertificateOperations = function () { if (xcountryField != null) { xcountry = xcountryField.value; } var xorganization, xorganizationField = webCertificate.subject.getField('O'); if (xorganizationField != null) { xorganization = xorganizationField.value; } - if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it. + if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization) && (r.AmtMpsName == commonName)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it. } console.log('Generating certificates...'); @@ -251,7 +254,7 @@ module.exports.CertificateOperations = function () { // If the web certificate does not exist, create one var webCertAndKey, webCertificate, webPrivateKey; - if ((r.web == undefined) || (forceWebCertGen == 1)) { + if ((r.web == null) || (forceWebCertGen == 1)) { webCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization); webCertificate = obj.pki.certificateToPem(webCertAndKey.cert); webPrivateKey = obj.pki.privateKeyToPem(webCertAndKey.key); @@ -266,7 +269,7 @@ module.exports.CertificateOperations = function () { // If the Intel AMT MPS certificate does not exist, create one var mpsCertAndKey, mpsCertificate, mpsPrivateKey; - if (r.console == undefined) { + if ((r.mps == null) || (forceWebCertGen == 1)) { mpsCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization); mpsCertificate = obj.pki.certificateToPem(mpsCertAndKey.cert); mpsPrivateKey = obj.pki.privateKeyToPem(mpsCertAndKey.key); @@ -281,7 +284,7 @@ module.exports.CertificateOperations = function () { // If the Intel AMT console certificate does not exist, create one var consoleCertAndKey, consoleCertificate, consolePrivateKey, amtConsoleName = 'MeshCentral'; - if (r.console == undefined) { + if (r.console == null) { consoleCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, amtConsoleName, country, organization, { name: 'extKeyUsage', clientAuth: true, '2.16.840.1.113741.1.2.1': true, '2.16.840.1.113741.1.2.2': true, '2.16.840.1.113741.1.2.3': true }); // Intel AMT Remote, Agent and Activation usages consoleCertificate = obj.pki.certificateToPem(consoleCertAndKey.cert); consolePrivateKey = obj.pki.privateKeyToPem(consoleCertAndKey.key); @@ -297,7 +300,7 @@ module.exports.CertificateOperations = function () { // If the mesh agent server certificate does not exist, create one var agentCertAndKey, agentCertificate, agentPrivateKey; - if (r.agent == undefined) { + if (r.agent == null) { agentCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, true, 'MeshCentralAgentServer'); agentCertificate = obj.pki.certificateToPem(agentCertAndKey.cert); agentPrivateKey = obj.pki.privateKeyToPem(agentCertAndKey.key); diff --git a/meshcentral.js b/meshcentral.js index a6747292..c912fb2d 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -127,7 +127,7 @@ function CreateMeshCentralServer() { // Launch MeshCentral as a child server and monitor it. obj.launchChildServer = function (startLine) { var child_process = require('child_process'); - var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: 512000 }, function (error, stdout, stderr) { + var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: Infinity }, function (error, stdout, stderr) { if (xprocess.xrestart == 1) { setTimeout(function () { obj.launchChildServer(startLine); }, 500); // This is an expected restart. } else if (xprocess.xrestart == 2) { @@ -136,7 +136,7 @@ function CreateMeshCentralServer() { } else if (xprocess.xrestart == 3) { // Server self-update exit var child_process = require('child_process'); - var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: 512000, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { }); + var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: Infinity, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { }); xxprocess.data = ''; xxprocess.stdout.on('data', function (data) { xxprocess.data += data; }); xxprocess.stderr.on('data', function (data) { xxprocess.data += data; }); diff --git a/package.json b/package.json index 1a3e4056..f8fc4ab7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.0.8-s", + "version": "0.0.8-u", "keywords": [ "Remote Management", "Intel AMT", diff --git a/webserver.js b/webserver.js index 59cc309d..7243f54a 100644 --- a/webserver.js +++ b/webserver.js @@ -1951,7 +1951,7 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate var xdomain = domain.id; if (xdomain != '') xdomain += "/"; - var meshsettings = "MeshName=" + mesh.name + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n"; + var meshsettings = "MeshName=" + mesh.name + "\r\nMeshType=" + mesh.mtype + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n"; if (obj.args.lanonly != true) { meshsettings += "MeshServer=ws" + (obj.args.notls ? '' : 's') + "://" + certificates.CommonName + ":" + obj.args.port + "/" + xdomain + "agent.ashx\r\n"; } else { meshsettings += "MeshServer=local"; } res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=meshagent.msh' });