MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-12-26 07:05:52 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixed CIRA connections when a device is moved to a different group.

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2019-10-10 16:07:32 -07:00
parent 4e671dbdc3
commit 6165723ef1
4 changed files with 89 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
db.js
View File

@ -671,7 +671,8 @@ module.exports.CreateDB = function (parent, func) {
}; };
obj.dispose = function () { for (var x in obj) { if (obj[x].close) { obj[x].close(); } delete obj[x]; } }; obj.dispose = function () { for (var x in obj) { if (obj[x].close) { obj[x].close(); } delete obj[x]; } };
obj.getLocalAmtNodes = function (func) { obj.file.find({ type: 'node', host: { $exists: true, $ne: null }, intelamt: { $exists: true } }).toArray(func); }; obj.getLocalAmtNodes = function (func) { obj.file.find({ type: 'node', host: { $exists: true, $ne: null }, intelamt: { $exists: true } }).toArray(func); };
obj.getAmtUuidNode = function (meshid, uuid, func) { obj.file.find({ type: 'node', meshid: meshid, 'intelamt.uuid': uuid }).toArray(func); }; obj.getAmtUuidMeshNode = function (meshid, uuid, func) { obj.file.find({ type: 'node', meshid: meshid, 'intelamt.uuid': uuid }).toArray(func); };
obj.getAmtUuidNode = function (uuid, func) { obj.file.find({ type: 'node', 'intelamt.uuid': uuid }).toArray(func); };
// TODO: Starting in MongoDB 4.0.3, you should use countDocuments() instead of count() that is deprecated. We should detect MongoDB version and switch. // TODO: Starting in MongoDB 4.0.3, you should use countDocuments() instead of count() that is deprecated. We should detect MongoDB version and switch.
// https://docs.mongodb.com/manual/reference/method/db.collection.countDocuments/ // https://docs.mongodb.com/manual/reference/method/db.collection.countDocuments/
@ -794,7 +795,8 @@ module.exports.CreateDB = function (parent, func) {
}; };
obj.dispose = function () { for (var x in obj) { if (obj[x].close) { obj[x].close(); } delete obj[x]; } }; obj.dispose = function () { for (var x in obj) { if (obj[x].close) { obj[x].close(); } delete obj[x]; } };
obj.getLocalAmtNodes = function (func) { obj.file.find({ type: 'node', host: { $exists: true, $ne: null }, intelamt: { $exists: true } }, func); }; obj.getLocalAmtNodes = function (func) { obj.file.find({ type: 'node', host: { $exists: true, $ne: null }, intelamt: { $exists: true } }, func); };
obj.getAmtUuidNode = function (meshid, uuid, func) { obj.file.find({ type: 'node', meshid: meshid, 'intelamt.uuid': uuid }, func); }; obj.getAmtUuidMeshNode = function (meshid, uuid, func) { obj.file.find({ type: 'node', meshid: meshid, 'intelamt.uuid': uuid }, func); };
obj.getAmtUuidNode = function (uuid, func) { obj.file.find({ type: 'node', 'intelamt.uuid': uuid }, func); };
obj.isMaxType = function (max, type, domainid, func) { if (max == null) { func(false); } else { obj.file.count({ type: type, domain: domainid }, function (err, count) { func((err != null) || (count > max), count); }); } } obj.isMaxType = function (max, type, domainid, func) { if (max == null) { func(false); } else { obj.file.count({ type: type, domain: domainid }, function (err, count) { func((err != null) || (count > max), count); }); } }
// Database actions on the events collection // Database actions on the events collection

3
meshuser.js
View File

@ -2017,6 +2017,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// If any MQTT sessions are connected on this server, switch it now. // If any MQTT sessions are connected on this server, switch it now.
if (parent.parent.mqttbroker != null) { parent.parent.mqttbroker.changeDeviceMesh(node._id, command.meshid); } if (parent.parent.mqttbroker != null) { parent.parent.mqttbroker.changeDeviceMesh(node._id, command.meshid); }
// If any CIRA sessions are connected on this server, switch it now.
if (parent.parent.mpsserver != null) { parent.parent.mpsserver.changeDeviceMesh(node._id, command.meshid); }
// Add the connection state // Add the connection state
const state = parent.parent.GetConnectivityState(node._id); const state = parent.parent.GetConnectivityState(node._id);
if (state) { if (state) {

56
mpsserver.js
View File

@ -20,7 +20,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
obj.db = db; obj.db = db;
obj.args = args; obj.args = args;
obj.certificates = certificates; obj.certificates = certificates;
obj.ciraConnections = {}; obj.ciraConnections = {}; // NodeID --> Socket
var tlsSessionStore = {}; // Store TLS session information for quick resume. var tlsSessionStore = {}; // Store TLS session information for quick resume.
var tlsSessionStoreCount = 0; // Number of cached TLS session information in store. var tlsSessionStoreCount = 0; // Number of cached TLS session information in store.
const constants = (require('crypto').constants ? require('crypto').constants : require('constants')); // require('constants') is deprecated in Node 11.10, use require('crypto').constants instead. const constants = (require('crypto').constants ? require('crypto').constants : require('constants')); // require('constants') is deprecated in Node 11.10, use require('crypto').constants instead.
@ -272,13 +272,16 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
socket.tag.connectTime = Date.now(); socket.tag.connectTime = Date.now();
socket.tag.host = ''; socket.tag.host = '';
// Fetch the mesh // Fetch the node
obj.db.Get(socket.tag.meshid, function (err, meshes) {
if ((meshes != null) && (meshes.length === 1)) {
var mesh = meshes[0];
obj.db.Get(socket.tag.nodeid, function (err, nodes) { obj.db.Get(socket.tag.nodeid, function (err, nodes) {
if ((nodes == null) || (nodes.length !== 1)) { if ((nodes == null) || (nodes.length !== 1)) {
if (mesh.mtype == 1) { var mesh = obj.parent.webserver.meshes[socket.tag.meshid];
if (mesh == null) {
unknownTlsMeshIdCount++;
console.log('ERROR: Intel AMT CIRA connected with unknown groupid: ' + socket.tag.meshid);
socket.end();
return;
} else if (mesh.mtype == 1) {
// Check if we already have too many devices for this domain // Check if we already have too many devices for this domain
if (domain.limits && (typeof domain.limits.maxdevices == 'number')) { if (domain.limits && (typeof domain.limits.maxdevices == 'number')) {
db.isMaxType(domain.limits.maxdevices, 'node', domain.id, function (ismax, count) { db.isMaxType(domain.limits.maxdevices, 'node', domain.id, function (ismax, count) {
@ -328,6 +331,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
} else { } else {
// Node is already present // Node is already present
var node = nodes[0]; var node = nodes[0];
socket.tag.meshid = node.meshid; // Correct the MeshID if the node has moved.
if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; } if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; }
} }
@ -335,13 +339,6 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
obj.ciraConnections[socket.tag.nodeid] = socket; obj.ciraConnections[socket.tag.nodeid] = socket;
obj.parent.SetConnectivityState(socket.tag.meshid, socket.tag.nodeid, socket.tag.connectTime, 2, 7); // TODO: Right now report power state as "present" (7) until we can poll. obj.parent.SetConnectivityState(socket.tag.meshid, socket.tag.nodeid, socket.tag.connectTime, 2, 7); // TODO: Right now report power state as "present" (7) until we can poll.
}); });
} else {
unknownTlsMeshIdCount++;
console.log('ERROR: Intel AMT CIRA connected with unknown groupid: ' + socket.tag.meshid);
socket.end();
return;
}
});
} else { } else {
// This node connected without certificate authentication, use password auth // This node connected without certificate authentication, use password auth
//console.log('Intel AMT CIRA connected without certificate authentication'); //console.log('Intel AMT CIRA connected without certificate authentication');
@ -410,7 +407,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
if (usernameLen != 16) { badUserNameLengthCount++; parent.debug('mps', 'Username length not 16', username, password); SendUserAuthFail(socket); return -1; } if (usernameLen != 16) { badUserNameLengthCount++; parent.debug('mps', 'Username length not 16', username, password); SendUserAuthFail(socket); return -1; }
var meshIdStart = '/' + username, mesh = null; var meshIdStart = '/' + username, mesh = null;
if (obj.parent.webserver.meshes) { for (var i in obj.parent.webserver.meshes) { if (obj.parent.webserver.meshes[i]._id.replace(/\@/g, 'X').replace(/\$/g, 'X').indexOf(meshIdStart) > 0) { mesh = obj.parent.webserver.meshes[i]; break; } } } if (obj.parent.webserver.meshes) { for (var i in obj.parent.webserver.meshes) { if (obj.parent.webserver.meshes[i]._id.replace(/\@/g, 'X').replace(/\$/g, 'X').indexOf(meshIdStart) > 0) { mesh = obj.parent.webserver.meshes[i]; break; } } }
if (mesh == null) { meshNotFoundCount++; parent.debug('mps', 'Mesh not found', username, password); SendUserAuthFail(socket); return -1; } if (mesh == null) { meshNotFoundCount++; parent.debug('mps', 'Device group not found', username, password); SendUserAuthFail(socket); return -1; }
// If this is a agent-less mesh, use the device guid 3 times as ID. // If this is a agent-less mesh, use the device guid 3 times as ID.
if (mesh.mtype == 1) { if (mesh.mtype == 1) {
@ -470,6 +467,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
} else { } else {
// Node is already present // Node is already present
var node = nodes[0]; var node = nodes[0];
socket.tag.meshid = node.meshid; // Correct the MeshID if the node has moved.
if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; } if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; }
} }
@ -480,8 +478,8 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
}); });
} else if (mesh.mtype == 2) { // If this is a agent mesh, search the mesh for this device UUID } else if (mesh.mtype == 2) { // If this is a agent mesh, search the mesh for this device UUID
// Intel AMT GUID (socket.tag.SystemId) will be used to search the node // Intel AMT GUID (socket.tag.SystemId) will be used to search the node
obj.db.getAmtUuidNode(mesh._id, socket.tag.SystemId, function (err, nodes) { // TODO: May need to optimize this request with indexes obj.db.getAmtUuidNode(socket.tag.SystemId, function (err, nodes) { // TODO: May need to optimize this request with indexes
if ((nodes == null) || (nodes.length !== 1)) { if ((nodes == null) || (nodes.length === 0) || (obj.parent.webserver.meshes == null)) {
// New CIRA connection for unknown node, disconnect. // New CIRA connection for unknown node, disconnect.
unknownNodeCount++; unknownNodeCount++;
console.log('CIRA connection for unknown node. groupid: ' + mesh._id + ', uuid: ' + socket.tag.SystemId); console.log('CIRA connection for unknown node. groupid: ' + mesh._id + ', uuid: ' + socket.tag.SystemId);
@ -489,11 +487,27 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
return; return;
} }
// Looking at nodes that match this UUID, select one in the same domain and mesh type.
var node = null;
for (var i in nodes) {
if (mesh.domain == nodes[i].domain) {
var nodemesh = obj.parent.webserver.meshes[nodes[i].meshid];
if ((nodemesh != null) && (nodemesh.mtype == 2)) { node = nodes[i]; }
}
}
if (node == null) {
// New CIRA connection for unknown node, disconnect.
unknownNodeCount++;
console.log('CIRA connection for unknown node. candidate(s): ' + nodes.length + ', groupid: ' + mesh._id + ', uuid: ' + socket.tag.SystemId);
socket.end();
return;
}
// Node is present // Node is present
var node = nodes[0];
if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; } if ((node.intelamt != null) && (node.intelamt.state == 2)) { socket.tag.host = node.intelamt.host; }
socket.tag.nodeid = node._id; socket.tag.nodeid = node._id;
socket.tag.meshid = mesh._id; socket.tag.meshid = node.meshid; // Correct the MeshID if the node has moved.
socket.tag.connectTime = Date.now(); socket.tag.connectTime = Date.now();
// Add the connection to the MPS connection list // Add the connection to the MPS connection list
@ -920,6 +934,12 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
}); });
} }
// Change a node to a new meshid, this is called when a node changes groups.
obj.changeDeviceMesh = function (nodeid, newMeshId) {
var socket = obj.ciraConnections[nodeid];
if ((socket != null) && (socket.tag != null)) { socket.tag.meshid = newMeshId; }
}
function guidToStr(g) { return g.substring(6, 8) + g.substring(4, 6) + g.substring(2, 4) + g.substring(0, 2) + "-" + g.substring(10, 12) + g.substring(8, 10) + "-" + g.substring(14, 16) + g.substring(12, 14) + "-" + g.substring(16, 20) + "-" + g.substring(20); } function guidToStr(g) { return g.substring(6, 8) + g.substring(4, 6) + g.substring(2, 4) + g.substring(0, 2) + "-" + g.substring(10, 12) + g.substring(8, 10) + "-" + g.substring(14, 16) + g.substring(12, 14) + "-" + g.substring(16, 20) + "-" + g.substring(20); }
return obj; return obj;

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.4.2-d", "version": "0.4.2-e",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",