Added workaround if MeshCentral can't sign the agents, #4069

2022-06-01 16:29:18 -07:00 · 2022-06-01 16:29:18 -07:00 · 43bbabc00c
parent 7dd125286d
commit 43bbabc00c
2 changed files with 14 additions and 6 deletions
--- a/authenticode.js
+++ b/authenticode.js
@ -505,7 +505,9 @@ function createAuthenticodeHandler(path) {
        //console.log('Signature', Buffer.from(p7signature, 'binary').toString('base64'));

        // Open the output file
-        var output = fs.openSync(args.out, 'w');
+        var output = null;
+        try { output = fs.openSync(args.out, 'w'); } catch (ex) { }
+        if (output == null) return false;
        var tmp, written = 0;
        var executableSize = obj.header.sigpos ? obj.header.sigpos : this.filesize;

@ -544,6 +546,7 @@ function createAuthenticodeHandler(path) {

        // Close the file
        fs.closeSync(output);
+        return true;
    }

    // Save an executable without the signature
--- a/meshcentral.js
+++ b/meshcentral.js
@ -2918,13 +2918,18 @@ function CreateMeshCentralServer(config, args) {
                    if (destinationAgentOk == false) {
                        // If not signed correctly, sign it. First, create the server signed agent folder if needed
                        try { obj.fs.mkdirSync(serverSignedAgentsPath); } catch (ex) { }
-                        console.log(obj.common.format('Code signing agent {0}...', obj.meshAgentsArchitectureNumbers[archid].localname));
-                        originalAgent.sign(agentSignCertInfo, { out: signeedagentpath, desc: signDesc, url: signUrl });
+                        if (originalAgent.sign(agentSignCertInfo, { out: signeedagentpath, desc: signDesc, url: signUrl }) == true) {
+                            // Agent was signed succesfuly
+                            agentpath = signeedagentpath;
+                            console.log(obj.common.format('Code signed agent {0}.', obj.meshAgentsArchitectureNumbers[archid].localname));
+                        } else {
+                            console.log(obj.common.format('Failed to sign agent {0}.', obj.meshAgentsArchitectureNumbers[archid].localname));
+                        }
+                    } else {
+                        // Signed agent is already ok, use it.
+                        agentpath = signeedagentpath;
                    }
                    originalAgent.close();
-
-                    // Update agent path to signed agent
-                    agentpath = signeedagentpath;
                }
            }