Completed MeshCentralv1 migration code.
This commit is contained in:
parent
2d8d6cff51
commit
801567f564
Binary file not shown.
|
@ -668,7 +668,9 @@ function createMeshCore(agent) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'info': { // Return information about the agent and agent core module
|
case 'info': { // Return information about the agent and agent core module
|
||||||
response = 'Current Core: ' + obj.meshCoreInfo + '.\r\nAgent Time: ' + Date() + '.\r\nUser Rights: 0x' + rights.toString(16) + '.\r\nPlatform Info: ' + process.platform + '.\r\nCapabilities: ' + obj.meshCoreCapabilities + '.\r\nNative Pipes: ' + obj.useNativePipes + '.\r\nServer URL: ' + mesh.ServerUrl + '.';
|
response = 'Current Core: ' + obj.meshCoreInfo + '.\r\nAgent Time: ' + Date() + '.\r\nUser Rights: 0x' + rights.toString(16) + '.\r\nPlatform Info: ' + process.platform + '.\r\nCapabilities: ' + obj.meshCoreCapabilities + '.\r\nNative Pipes: ' + obj.useNativePipes + '.\r\nServer URL: ' + mesh.ServerUrl + '.\r\n';
|
||||||
|
var oldNodeId = db.Get('OldNodeId');
|
||||||
|
if (oldNodeId != null) { response += 'OldNodeID: ' + oldNodeId + '.\r\n'; }
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'selfinfo': { // Return self information block
|
case 'selfinfo': { // Return self information block
|
||||||
|
@ -934,6 +936,8 @@ function createMeshCore(agent) {
|
||||||
lastSelfInfo = null;
|
lastSelfInfo = null;
|
||||||
} else {
|
} else {
|
||||||
// Server connected, send mesh core information
|
// Server connected, send mesh core information
|
||||||
|
var oldNodeId = db.Get('OldNodeId');
|
||||||
|
if (oldNodeId != null) { mesh.SendCommand({ action: 'mc1migration', oldnodeid: oldNodeId }); }
|
||||||
sendPeriodicServerUpdate(true);
|
sendPeriodicServerUpdate(true);
|
||||||
if (selfInfoUpdateTimer == null) { selfInfoUpdateTimer = setInterval(sendPeriodicServerUpdate, 60000); } // Should be a long time, like 20 minutes. For now, 1 minute.
|
if (selfInfoUpdateTimer == null) { selfInfoUpdateTimer = setInterval(sendPeriodicServerUpdate, 60000); } // Should be a long time, like 20 minutes. For now, 1 minute.
|
||||||
}
|
}
|
||||||
|
|
46
meshagent.js
46
meshagent.js
|
@ -155,14 +155,23 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||||
if (obj.parent.webCertificateHash != msg.substring(2, 50)) { console.log('Agent connected with bad web certificate hash, holding connection (' + obj.remoteaddr + ').'); return; }
|
if (obj.parent.webCertificateHash != msg.substring(2, 50)) { console.log('Agent connected with bad web certificate hash, holding connection (' + obj.remoteaddr + ').'); return; }
|
||||||
|
|
||||||
// Use our server private key to sign the ServerHash + AgentNonce + ServerNonce
|
// Use our server private key to sign the ServerHash + AgentNonce + ServerNonce
|
||||||
var privateKey = obj.forge.pki.privateKeyFromPem(obj.parent.certificates.agent.key);
|
var privateKey, certasn1;
|
||||||
|
if (obj.useSwarmCert == true) {
|
||||||
|
// Use older SwarmServer certificate of MC1
|
||||||
|
certasn1 = obj.parent.swarmCertificateAsn1;
|
||||||
|
privateKey = obj.forge.pki.privateKeyFromPem(obj.parent.certificates.swarmserver.key);
|
||||||
|
} else {
|
||||||
|
// Use new MC2 certificate
|
||||||
|
certasn1 = obj.parent.agentCertificateAsn1;
|
||||||
|
privateKey = obj.forge.pki.privateKeyFromPem(obj.parent.certificates.agent.key);
|
||||||
|
}
|
||||||
var md = obj.forge.md.sha384.create();
|
var md = obj.forge.md.sha384.create();
|
||||||
md.update(msg.substring(2), 'binary');
|
md.update(msg.substring(2), 'binary');
|
||||||
md.update(obj.nonce, 'binary');
|
md.update(obj.nonce, 'binary');
|
||||||
obj.agentnonce = msg.substring(50);
|
obj.agentnonce = msg.substring(50);
|
||||||
|
|
||||||
// Send back our certificate + signature
|
// Send back our certificate + signature
|
||||||
obj.send(obj.common.ShortToStr(2) + obj.common.ShortToStr(parent.agentCertificateAsn1.length) + parent.agentCertificateAsn1 + privateKey.sign(md)); // Command 2, certificate + signature
|
obj.send(obj.common.ShortToStr(2) + obj.common.ShortToStr(certasn1.length) + certasn1 + privateKey.sign(md)); // Command 2, certificate + signature
|
||||||
|
|
||||||
// Check the agent signature if we can
|
// Check the agent signature if we can
|
||||||
if (obj.unauthsign != null) {
|
if (obj.unauthsign != null) {
|
||||||
|
@ -197,12 +206,20 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||||
obj.agentInfo.agentVersion = obj.common.ReadInt(msg, 10);
|
obj.agentInfo.agentVersion = obj.common.ReadInt(msg, 10);
|
||||||
obj.agentInfo.platformType = obj.common.ReadInt(msg, 14);
|
obj.agentInfo.platformType = obj.common.ReadInt(msg, 14);
|
||||||
if (obj.agentInfo.platformType > 6 || obj.agentInfo.platformType < 1) { obj.agentInfo.platformType = 1; }
|
if (obj.agentInfo.platformType > 6 || obj.agentInfo.platformType < 1) { obj.agentInfo.platformType = 1; }
|
||||||
obj.meshid = new Buffer(msg.substring(18, 66), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');;
|
if (msg.substring(50, 66) == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0') {
|
||||||
|
obj.meshid = new Buffer(msg.substring(18, 50), 'binary').toString('hex'); // Older HEX MeshID
|
||||||
|
} else {
|
||||||
|
obj.meshid = new Buffer(msg.substring(18, 66), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); // New Base64 MeshID
|
||||||
|
}
|
||||||
|
//console.log('MeshID', obj.meshid);
|
||||||
obj.agentInfo.capabilities = obj.common.ReadInt(msg, 66);
|
obj.agentInfo.capabilities = obj.common.ReadInt(msg, 66);
|
||||||
var computerNameLen = obj.common.ReadShort(msg, 70);
|
var computerNameLen = obj.common.ReadShort(msg, 70);
|
||||||
obj.agentInfo.computerName = msg.substring(72, 72 + computerNameLen);
|
obj.agentInfo.computerName = msg.substring(72, 72 + computerNameLen);
|
||||||
obj.dbMeshKey = 'mesh/' + obj.domain.id + '/' + obj.meshid;
|
obj.dbMeshKey = 'mesh/' + obj.domain.id + '/' + obj.meshid;
|
||||||
completeAgentConnection();
|
completeAgentConnection();
|
||||||
|
} else if (cmd == 5) {
|
||||||
|
// ServerID. Agent is telling us what serverid it expects. Useful if we have many server certificates.
|
||||||
|
if ((msg.substring(2, 34) == obj.parent.swarmCertificateHash256) || (msg.substring(2, 50) == obj.parent.swarmCertificateHash384)) { obj.useSwarmCert = true; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -463,6 +480,28 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
case 'mc1migration':
|
||||||
|
{
|
||||||
|
if (command.oldnodeid.length != 64) break;
|
||||||
|
var oldNodeKey = 'node//' + command.oldnodeid.toLowerCase();
|
||||||
|
obj.db.Get(oldNodeKey, function (err, nodes) {
|
||||||
|
if (nodes.length != 1) return;
|
||||||
|
var node = nodes[0];
|
||||||
|
if (node.meshid == obj.dbMeshKey) {
|
||||||
|
// Update the device name & host
|
||||||
|
ChangeAgentCoreInfo({ name: node.name });
|
||||||
|
|
||||||
|
// Delete this node including network interface information and events
|
||||||
|
obj.db.Remove(node._id);
|
||||||
|
obj.db.Remove('if' + node._id);
|
||||||
|
|
||||||
|
// Event node deletion
|
||||||
|
var change = 'Migrated device ' + node.name;
|
||||||
|
obj.parent.parent.DispatchEvent(['*', node.meshid], obj, { etype: 'node', action: 'removenode', nodeid: node._id, msg: change, domain: node.domain })
|
||||||
|
}
|
||||||
|
});
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -486,6 +525,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||||
var changes = [], change = 0;
|
var changes = [], change = 0;
|
||||||
|
|
||||||
// Check if anything changes
|
// Check if anything changes
|
||||||
|
if (command.name && (command.name != device.name)) { change = 1; device.name = command.name; changes.push('name'); }
|
||||||
if (device.agent.core != command.value) { if ((command.value == null) && (device.agent.core != null)) { delete device.agent.core; } else { device.agent.core = command.value; } change = 1; changes.push('agent core'); }
|
if (device.agent.core != command.value) { if ((command.value == null) && (device.agent.core != null)) { delete device.agent.core; } else { device.agent.core = command.value; } change = 1; changes.push('agent core'); }
|
||||||
if ((device.agent.caps & 0xFFFFFFE7) != (command.caps & 0xFFFFFFE7)) { device.agent.caps = ((device.agent.caps & 24) + (command.caps & 0xFFFFFFE7)); change = 1; changes.push('agent capabilities'); } // Allow Javascript on the agent to change all capabilities except console and javascript support
|
if ((device.agent.caps & 0xFFFFFFE7) != (command.caps & 0xFFFFFFE7)) { device.agent.caps = ((device.agent.caps & 24) + (command.caps & 0xFFFFFFE7)); change = 1; changes.push('agent capabilities'); } // Allow Javascript on the agent to change all capabilities except console and javascript support
|
||||||
if (command.intelamt) {
|
if (command.intelamt) {
|
||||||
|
|
|
@ -184,15 +184,19 @@ module.exports.CreateSwarmServer = function (parent, db, args, certificates) {
|
||||||
Debug(3, 'Swarm:NODEPUSH:' + JSON.stringify(nodeblock));
|
Debug(3, 'Swarm:NODEPUSH:' + JSON.stringify(nodeblock));
|
||||||
|
|
||||||
// Figure out what is the next agent version we need.
|
// Figure out what is the next agent version we need.
|
||||||
var nextAgentVersion = 200; // TODO
|
var nextAgentVersion = 0;
|
||||||
|
if (nodeblock.agentversion < 200) { nextAgentVersion = 200; } // If less then 200, move to transitional MC1 agent.
|
||||||
|
if (nodeblock.agentversion == 200) { nextAgentVersion = 201; } // If at 200, move to first MC2 agent.
|
||||||
|
|
||||||
// See if we need to start the agent update
|
// See if we need to start the agent update
|
||||||
if ((obj.migrationAgents[nodeblock.agenttype] != null) && (obj.migrationAgents[nodeblock.agenttype][nextAgentVersion] != null)) {
|
if ((nextAgentVersion > 0) && (obj.migrationAgents[nodeblock.agenttype] != null) && (obj.migrationAgents[nodeblock.agenttype][nextAgentVersion] != null)) {
|
||||||
// Start the update
|
// Start the update
|
||||||
socket.tag.update = obj.migrationAgents[nodeblock.agenttype][nextAgentVersion];
|
socket.tag.update = obj.migrationAgents[nodeblock.agenttype][nextAgentVersion];
|
||||||
socket.tag.updatePtr = 0;
|
socket.tag.updatePtr = 0;
|
||||||
console.log('Performing legacy agent update from ' + nodeblock.agentversion + '.' + nodeblock.agenttype + ' to ' + socket.tag.update.ver + '.' + socket.tag.update.arch + ' on ' + nodeblock.agentname + '.');
|
console.log('Performing legacy agent update from ' + nodeblock.agentversion + '.' + nodeblock.agenttype + ' to ' + socket.tag.update.ver + '.' + socket.tag.update.arch + ' on ' + nodeblock.agentname + '.');
|
||||||
obj.SendCommand(socket, LegacyMeshProtocol.GETSTATE, common.IntToStr(5) + common.IntToStr(0)); // agent.SendQuery(5, 0); // Start the agent download
|
obj.SendCommand(socket, LegacyMeshProtocol.GETSTATE, common.IntToStr(5) + common.IntToStr(0)); // agent.SendQuery(5, 0); // Start the agent download
|
||||||
|
} else {
|
||||||
|
console.log('No legacy agent update for ' + nodeblock.agentversion + '.' + nodeblock.agenttype + ' on ' + nodeblock.agentname + '.');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -90,6 +90,11 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
|
||||||
obj.agentCertificateHashHex = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'hex' });
|
obj.agentCertificateHashHex = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'hex' });
|
||||||
obj.agentCertificateHashBase64 = new Buffer(parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'binary' }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
obj.agentCertificateHashBase64 = new Buffer(parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'binary' }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||||
obj.agentCertificateAsn1 = parent.certificateOperations.forge.asn1.toDer(parent.certificateOperations.forge.pki.certificateToAsn1(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.agent.cert))).getBytes();
|
obj.agentCertificateAsn1 = parent.certificateOperations.forge.asn1.toDer(parent.certificateOperations.forge.pki.certificateToAsn1(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.agent.cert))).getBytes();
|
||||||
|
if (parent.certificates.swarmserver != null) {
|
||||||
|
obj.swarmCertificateAsn1 = parent.certificateOperations.forge.asn1.toDer(parent.certificateOperations.forge.pki.certificateToAsn1(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.swarmserver.cert))).getBytes();
|
||||||
|
obj.swarmCertificateHash384 = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.swarmserver.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'binary' });
|
||||||
|
obj.swarmCertificateHash256 = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(obj.certificates.swarmserver.cert).publicKey, { md: parent.certificateOperations.forge.md.sha256.create(), encoding: 'binary' });
|
||||||
|
}
|
||||||
|
|
||||||
// Main lists
|
// Main lists
|
||||||
obj.wsagents = {};
|
obj.wsagents = {};
|
||||||
|
|
Loading…
Reference in New Issue