MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-01-11 15:03:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

MPS certificate name fix, added MeshType to .msh.

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2017-10-11 12:20:59 -07:00
parent 66bb176a12
commit 3632741d9e
4 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
certoperations.js
View File

@ -219,6 +219,9 @@ module.exports.CertificateOperations = function () {
// Fetch the Intel AMT console name // Fetch the Intel AMT console name
var consoleCertificate = obj.pki.certificateFromPem(r.console.cert); var consoleCertificate = obj.pki.certificateFromPem(r.console.cert);
r.AmtConsoleName = consoleCertificate.subject.getField('CN').value; r.AmtConsoleName = consoleCertificate.subject.getField('CN').value;
// Fetch the Intel AMT MPS common name
var mpsCertificate = obj.pki.certificateFromPem(r.mps.cert);
r.AmtMpsName = mpsCertificate.subject.getField('CN').value;
// Fetch the name of the server // Fetch the name of the server
var webCertificate = obj.pki.certificateFromPem(r.web.cert); var webCertificate = obj.pki.certificateFromPem(r.web.cert);
r.CommonName = webCertificate.subject.getField('CN').value; r.CommonName = webCertificate.subject.getField('CN').value;
@ -229,7 +232,7 @@ module.exports.CertificateOperations = function () {
if (xcountryField != null) { xcountry = xcountryField.value; } if (xcountryField != null) { xcountry = xcountryField.value; }
var xorganization, xorganizationField = webCertificate.subject.getField('O'); var xorganization, xorganizationField = webCertificate.subject.getField('O');
if (xorganizationField != null) { xorganization = xorganizationField.value; } if (xorganizationField != null) { xorganization = xorganizationField.value; }
if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it. if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization) && (r.AmtMpsName == commonName)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it.
} }
console.log('Generating certificates...'); console.log('Generating certificates...');
@ -251,7 +254,7 @@ module.exports.CertificateOperations = function () {
// If the web certificate does not exist, create one // If the web certificate does not exist, create one
var webCertAndKey, webCertificate, webPrivateKey; var webCertAndKey, webCertificate, webPrivateKey;
if ((r.web == undefined) || (forceWebCertGen == 1)) { if ((r.web == null) || (forceWebCertGen == 1)) {
webCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization); webCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization);
webCertificate = obj.pki.certificateToPem(webCertAndKey.cert); webCertificate = obj.pki.certificateToPem(webCertAndKey.cert);
webPrivateKey = obj.pki.privateKeyToPem(webCertAndKey.key); webPrivateKey = obj.pki.privateKeyToPem(webCertAndKey.key);
@ -266,7 +269,7 @@ module.exports.CertificateOperations = function () {
// If the Intel AMT MPS certificate does not exist, create one // If the Intel AMT MPS certificate does not exist, create one
var mpsCertAndKey, mpsCertificate, mpsPrivateKey; var mpsCertAndKey, mpsCertificate, mpsPrivateKey;
if (r.console == undefined) { if ((r.mps == null) || (forceWebCertGen == 1)) {
mpsCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization); mpsCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization);
mpsCertificate = obj.pki.certificateToPem(mpsCertAndKey.cert); mpsCertificate = obj.pki.certificateToPem(mpsCertAndKey.cert);
mpsPrivateKey = obj.pki.privateKeyToPem(mpsCertAndKey.key); mpsPrivateKey = obj.pki.privateKeyToPem(mpsCertAndKey.key);
@ -281,7 +284,7 @@ module.exports.CertificateOperations = function () {
// If the Intel AMT console certificate does not exist, create one // If the Intel AMT console certificate does not exist, create one
var consoleCertAndKey, consoleCertificate, consolePrivateKey, amtConsoleName = 'MeshCentral'; var consoleCertAndKey, consoleCertificate, consolePrivateKey, amtConsoleName = 'MeshCentral';
if (r.console == undefined) { if (r.console == null) {
consoleCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, amtConsoleName, country, organization, { name: 'extKeyUsage', clientAuth: true, '2.16.840.1.113741.1.2.1': true, '2.16.840.1.113741.1.2.2': true, '2.16.840.1.113741.1.2.3': true }); // Intel AMT Remote, Agent and Activation usages consoleCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, amtConsoleName, country, organization, { name: 'extKeyUsage', clientAuth: true, '2.16.840.1.113741.1.2.1': true, '2.16.840.1.113741.1.2.2': true, '2.16.840.1.113741.1.2.3': true }); // Intel AMT Remote, Agent and Activation usages
consoleCertificate = obj.pki.certificateToPem(consoleCertAndKey.cert); consoleCertificate = obj.pki.certificateToPem(consoleCertAndKey.cert);
consolePrivateKey = obj.pki.privateKeyToPem(consoleCertAndKey.key); consolePrivateKey = obj.pki.privateKeyToPem(consoleCertAndKey.key);
@ -297,7 +300,7 @@ module.exports.CertificateOperations = function () {
// If the mesh agent server certificate does not exist, create one // If the mesh agent server certificate does not exist, create one
var agentCertAndKey, agentCertificate, agentPrivateKey; var agentCertAndKey, agentCertificate, agentPrivateKey;
if (r.agent == undefined) { if (r.agent == null) {
agentCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, true, 'MeshCentralAgentServer'); agentCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, true, 'MeshCentralAgentServer');
agentCertificate = obj.pki.certificateToPem(agentCertAndKey.cert); agentCertificate = obj.pki.certificateToPem(agentCertAndKey.cert);
agentPrivateKey = obj.pki.privateKeyToPem(agentCertAndKey.key); agentPrivateKey = obj.pki.privateKeyToPem(agentCertAndKey.key);

4
meshcentral.js
View File

@ -127,7 +127,7 @@ function CreateMeshCentralServer() {
// Launch MeshCentral as a child server and monitor it. // Launch MeshCentral as a child server and monitor it.
obj.launchChildServer = function (startLine) { obj.launchChildServer = function (startLine) {
var child_process = require('child_process'); var child_process = require('child_process');
var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: 512000 }, function (error, stdout, stderr) { var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: Infinity }, function (error, stdout, stderr) {
if (xprocess.xrestart == 1) { if (xprocess.xrestart == 1) {
setTimeout(function () { obj.launchChildServer(startLine); }, 500); // This is an expected restart. setTimeout(function () { obj.launchChildServer(startLine); }, 500); // This is an expected restart.
} else if (xprocess.xrestart == 2) { } else if (xprocess.xrestart == 2) {
@ -136,7 +136,7 @@ function CreateMeshCentralServer() {
} else if (xprocess.xrestart == 3) { } else if (xprocess.xrestart == 3) {
// Server self-update exit // Server self-update exit
var child_process = require('child_process'); var child_process = require('child_process');
var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: 512000, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { }); var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: Infinity, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { });
xxprocess.data = ''; xxprocess.data = '';
xxprocess.stdout.on('data', function (data) { xxprocess.data += data; }); xxprocess.stdout.on('data', function (data) { xxprocess.data += data; });
xxprocess.stderr.on('data', function (data) { xxprocess.data += data; }); xxprocess.stderr.on('data', function (data) { xxprocess.data += data; });

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.0.8-s", "version": "0.0.8-u",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",

2
webserver.js
View File

@ -1951,7 +1951,7 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
var xdomain = domain.id; var xdomain = domain.id;
if (xdomain != '') xdomain += "/"; if (xdomain != '') xdomain += "/";
var meshsettings = "MeshName=" + mesh.name + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n"; var meshsettings = "MeshName=" + mesh.name + "\r\nMeshType=" + mesh.mtype + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n";
if (obj.args.lanonly != true) { meshsettings += "MeshServer=ws" + (obj.args.notls ? '' : 's') + "://" + certificates.CommonName + ":" + obj.args.port + "/" + xdomain + "agent.ashx\r\n"; } else { meshsettings += "MeshServer=local"; } if (obj.args.lanonly != true) { meshsettings += "MeshServer=ws" + (obj.args.notls ? '' : 's') + "://" + certificates.CommonName + ":" + obj.args.port + "/" + xdomain + "agent.ashx\r\n"; } else { meshsettings += "MeshServer=local"; }
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=meshagent.msh' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=meshagent.msh' });