Fixed support for ignoreagenthashcheck

This commit is contained in:
Ylian Saint-Hilaire 2020-11-10 12:51:34 -08:00
parent a5abdf5974
commit 47e1f70622
3 changed files with 11 additions and 4 deletions

View File

@ -41,6 +41,7 @@
"agentPortTls": { "type": "boolean", "default": true, "description": "Indicates if the agent-only port must perform TLS, this should be set to false if TLS is performed in front of this server." }, "agentPortTls": { "type": "boolean", "default": true, "description": "Indicates if the agent-only port must perform TLS, this should be set to false if TLS is performed in front of this server." },
"agentCoreDump": { "type": "boolean", "default": false, "description": "Automatically activates and transfers any agent crash dump files to the server in meshcentral-data/coredumps." }, "agentCoreDump": { "type": "boolean", "default": false, "description": "Automatically activates and transfers any agent crash dump files to the server in meshcentral-data/coredumps." },
"agentCoreDumpUsers": { "type": "array", "description": "List of non-administrator users that have access to mesh agent crash dumps." }, "agentCoreDumpUsers": { "type": "array", "description": "List of non-administrator users that have access to mesh agent crash dumps." },
"ignoreAgentHashCheck": { "type": "boolean", "default": false, "description": "When true, the agent no longer checked the TLS certificate of the server. This should be used for debugging only." },
"exactPorts": { "type": "boolean", "default": false }, "exactPorts": { "type": "boolean", "default": false },
"allowLoginToken": { "type": "boolean", "default": false }, "allowLoginToken": { "type": "boolean", "default": false },
"allowFraming": { "type": "boolean", "default": false, "description": "When enabled, the MeshCentral web site can be embedded within another website's iframe." }, "allowFraming": { "type": "boolean", "default": false, "description": "When enabled, the MeshCentral web site can be embedded within another website's iframe." },

View File

@ -1329,8 +1329,11 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
else if ((url.query.p == '4') || (url.query.p == '5')) { requiredNonRights = MESHRIGHT_NOFILES; } else if ((url.query.p == '4') || (url.query.p == '5')) { requiredNonRights = MESHRIGHT_NOFILES; }
// Add server TLS cert hash // Add server TLS cert hash
const tlsCertHash = parent.webCertificateHashs[domain.id]; var tlsCertHash = null;
if (tlsCertHash != null) { command.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); } if (parent.parent.args.ignoreagenthashcheck !== true) {
tlsCertHash = parent.webCertificateHashs[domain.id];
if (tlsCertHash != null) { command.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
}
// Add user consent messages // Add user consent messages
command.soptions = {}; command.soptions = {};

View File

@ -3217,8 +3217,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
// Instruct one of more agents to download a URL to a given local drive location. // Instruct one of more agents to download a URL to a given local drive location.
var tlsCertHash = obj.webCertificateHashs[cmd.domain.id]; var tlsCertHash = null;
if (tlsCertHash != null) { tlsCertHash = Buffer.from(tlsCertHash, 'binary').toString('hex'); } if (parent.args.ignoreagenthashcheck !== true) {
tlsCertHash = obj.webCertificateHashs[cmd.domain.id];
if (tlsCertHash != null) { tlsCertHash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
}
for (var i in cmd.nodeids) { for (var i in cmd.nodeids) {
obj.GetNodeWithRights(cmd.domain, cmd.user, cmd.nodeids[i], function (node, rights, visible) { obj.GetNodeWithRights(cmd.domain, cmd.user, cmd.nodeids[i], function (node, rights, visible) {
if ((node == null) || ((rights & 8) == 0) || (visible == false)) return; // We don't have remote control rights to this device if ((node == null) || ((rights & 8) == 0) || (visible == false)) return; // We don't have remote control rights to this device