MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed device group not found bug, #2948

This commit is contained in:
Ylian Saint-Hilaire 2021-07-29 15:51:40 -07:00
parent 56a51735eb
commit 58039c4c1a
2 changed files with 10 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
agents/meshcore.js
View File

@ -3978,8 +3978,8 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
var rx = '';
var apfarg = {
mpsurl: mesh.ServerUrl.replace('agent.ashx', 'apf.ashx'),
mpsuser: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16),
mpspass: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16),
mpsuser: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16).replace(/\+/g, '@').replace(/\//g, '$'),
mpspass: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16).replace(/\+/g, '@').replace(/\//g, '$'),
mpskeepalive: 60000,
clientname: state.OsHostname,
clientaddress: '127.0.0.1',
@ -4018,8 +4018,8 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
if (connType >= 0) { // Connect
var apfarg = {
mpsurl: mesh.ServerUrl.replace('agent.ashx', 'apf.ashx'),
mpsuser: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16),
mpspass: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16),
mpsuser: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16).replace(/\+/g, '@').replace(/\//g, '$'),
mpspass: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16).replace(/\+/g, '@').replace(/\//g, '$'),
mpskeepalive: 60000,
clientname: require('os').hostname(),
clientaddress: '127.0.0.1',

17
amtmanager.js
View File

@ -1897,7 +1897,7 @@ module.exports.CreateAmtManager = function (parent) {
if (amtPolicy == 2) { activateIntelAmtCcm(dev, mesh.amt.password); } // Activate to CCM policy
if ((amtPolicy == 3) || (amtPolicy == 4)) { // Activate to ACM policy
var acminfo = checkAcmActivation(dev);
if (acminfo == null) {
if ((acminfo == null) || (acminfo.err != null)) {
// No opportunity to activate to ACM, check if we are in CCM
if ((dev.mpsConnection.tag.meiState.Flags & 2) != 0) {
if ((amtPolicy == 3) && (ccmPolicy == 1)) { deactivateIntelAmtCCM(dev); } // If we are in ACM policy and CCM is not allowed, deactivate it now.
@ -1907,11 +1907,7 @@ module.exports.CreateAmtManager = function (parent) {
if ((amtPolicy == 4) || ((amtPolicy == 3) && (ccmPolicy == 2))) { activateIntelAmtCcm(dev, mesh.amt.password); } // If we are in full automatic or ACM with CCM allowed, setup CCM.
else {
// Unable to find an activation match.
var trustedFqdn = null;
if (dev.mpsConnection.tag.meiState.OsDnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.OsDnsSuffix; }
if (dev.mpsConnection.tag.meiState.DnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.DnsSuffix; }
//dev.consoleMsg("No opportunity for ACM activation, trusted FQDN: " + ((trustedFqdn == null) ? "(Not Set)" : trustedFqdn));
dev.consoleMsg("No opportunity for ACM activation, trusted FQDN: " + ((trustedFqdn == null) ? "(Not Set)" : (trustedFqdn + ", HEX: " + Buffer.from(trustedFqdn).toString('hex'))));
if (acminfo == null) { dev.consoleMsg("No opportunity for ACM activation."); } else { dev.consoleMsg("No opportunity for ACM activation: " + acminfo.err); }
removeAmtDevice(dev, 38);
return false; // We are not in CCM and policy restricts use of CCM, so exit now.
}
@ -2014,17 +2010,16 @@ module.exports.CreateAmtManager = function (parent) {
// Check if this device has any way to be activated in ACM using our server certificates.
function checkAcmActivation(dev) {
var domain = parent.config.domains[dev.domainid];
if ((domain == null) || (domain.amtacmactivation == null) || (domain.amtacmactivation.certs == null) || (domain.amtacmactivation.certs.length == 0)) return null;
if ((domain == null) || (domain.amtacmactivation == null) || (domain.amtacmactivation.certs == null) || (domain.amtacmactivation.certs.length == 0)) return { err: "Server does not have any ACM activation certificates." };
const activationCerts = domain.amtacmactivation.certs;
if ((dev.mpsConnection.tag.meiState == null) || (dev.mpsConnection.tag.meiState.Hashes == null) || (dev.mpsConnection.tag.meiState.Hashes.length == 0)) return null;
if ((dev.mpsConnection.tag.meiState == null) || (dev.mpsConnection.tag.meiState.Hashes == null) || (dev.mpsConnection.tag.meiState.Hashes.length == 0)) return { err: "Intel AMT did not report any trusted hashes." };
const deviceHashes = dev.mpsConnection.tag.meiState.Hashes;
if (deviceHashes == null) return null;
// Get the trusted FQDN of the device
var trustedFqdn = null;
if (dev.mpsConnection.tag.meiState.OsDnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.OsDnsSuffix; }
if (dev.mpsConnection.tag.meiState.DnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.DnsSuffix; }
if (trustedFqdn == null) return null;
if (trustedFqdn == null) return { err: "No trusted DNS suffix reported" };
// Find a matching certificate
for (var i in activationCerts) {
@ -2039,7 +2034,7 @@ module.exports.CreateAmtManager = function (parent) {
}
}
}
return null; // Did not find a match
return { err: "No matching ACM activation certificate for \"" + trustedFqdn + "\"." }; // Did not find a match
}
// Return true if the trusted FQDN matched the certificate common name