mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-11 23:13:21 -05:00
Rolled back agent tunnel TLS check.
This commit is contained in:
parent
a8fd0510de
commit
6e67fc14c4
@ -780,7 +780,11 @@ function createMeshCore(agent) {
|
||||
|
||||
// Perform manual server TLS certificate checking based on the certificate hash given by the server.
|
||||
woptions.rejectUnauthorized = 0;
|
||||
woptions.checkServerIdentity = function checkServerIdentity(certs) { if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash != certs[0].fingerprint.split(':').join('').toLowerCase())) { throw new Error('BadCert') } }
|
||||
woptions.checkServerIdentity = function checkServerIdentity(certs) {
|
||||
//sendConsoleText('ca: ' + certs[0].fingerprint.split(':').join('').toLowerCase());
|
||||
//sendConsoleText('cs: ' + checkServerIdentity.servertlshash);
|
||||
if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash != certs[0].fingerprint.split(':').join('').toLowerCase())) { throw new Error('BadCert') }
|
||||
}
|
||||
woptions.checkServerIdentity.servertlshash = data.servertlshash;
|
||||
|
||||
//sendConsoleText(JSON.stringify(woptions));
|
||||
|
@ -1330,10 +1330,12 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
|
||||
// Add server TLS cert hash
|
||||
var tlsCertHash = null;
|
||||
/*
|
||||
if (parent.parent.args.ignoreagenthashcheck !== true) {
|
||||
tlsCertHash = parent.webCertificateHashs[domain.id];
|
||||
if (tlsCertHash != null) { command.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
|
||||
}
|
||||
*/
|
||||
|
||||
// Add user consent messages
|
||||
command.soptions = {};
|
||||
|
@ -3218,10 +3218,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
|
||||
// Instruct one of more agents to download a URL to a given local drive location.
|
||||
var tlsCertHash = null;
|
||||
/*
|
||||
if (parent.args.ignoreagenthashcheck !== true) {
|
||||
tlsCertHash = obj.webCertificateHashs[cmd.domain.id];
|
||||
if (tlsCertHash != null) { tlsCertHash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
|
||||
}
|
||||
*/
|
||||
for (var i in cmd.nodeids) {
|
||||
obj.GetNodeWithRights(cmd.domain, cmd.user, cmd.nodeids[i], function (node, rights, visible) {
|
||||
if ((node == null) || ((rights & 8) == 0) || (visible == false)) return; // We don't have remote control rights to this device
|
||||
|
Loading…
Reference in New Issue
Block a user