MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Reverse proxy improvements.

This commit is contained in:
Ylian Saint-Hilaire 2019-10-29 16:31:03 -07:00
parent f062c98aad
commit 81e79019d6
3 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meshagent.js
View File

@ -387,7 +387,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
if (parent.parent.supportsProxyCertificatesRequest !== false) { if (parent.parent.supportsProxyCertificatesRequest !== false) {
obj.badWebCert = Buffer.from(parent.crypto.randomBytes(16), 'binary').toString('base64'); obj.badWebCert = Buffer.from(parent.crypto.randomBytes(16), 'binary').toString('base64');
parent.wsagentsWithBadWebCerts[obj.badWebCert] = obj; // Add this agent to the list of of agents with bad web certificates. parent.wsagentsWithBadWebCerts[obj.badWebCert] = obj; // Add this agent to the list of of agents with bad web certificates.
parent.parent.updateProxyCertificates(); parent.parent.updateProxyCertificates(false);
} }
parent.agentStats.agentBadWebCertHashCount++; parent.agentStats.agentBadWebCertHashCount++;
console.log('Agent bad web cert hash (Agent:' + (Buffer.from(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (Buffer.from(getWebCertHash(domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').'); console.log('Agent bad web cert hash (Agent:' + (Buffer.from(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (Buffer.from(getWebCertHash(domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').');

15
meshcentral.js
View File

@ -862,7 +862,7 @@ function CreateMeshCentralServer(config, args) {
} }
} }
if (obj.supportsProxyCertificatesRequest == true) { obj.updateProxyCertificates(); } if (obj.supportsProxyCertificatesRequest == true) { obj.updateProxyCertificates(true); }
obj.StartEx4(); // Keep going obj.StartEx4(); // Keep going
} }
@ -1022,14 +1022,15 @@ function CreateMeshCentralServer(config, args) {
obj.pendingProxyCertificatesRequests = 0; obj.pendingProxyCertificatesRequests = 0;
obj.lastProxyCertificatesRequest = null; obj.lastProxyCertificatesRequest = null;
obj.supportsProxyCertificatesRequest = false; obj.supportsProxyCertificatesRequest = false;
obj.updateProxyCertificates = function () { obj.updateProxyCertificates = function (force) {
var i; if (force !== true) {
if ((obj.pendingProxyCertificatesRequests > 0) || (obj.supportsProxyCertificatesRequest == false)) { return; } if ((obj.pendingProxyCertificatesRequests > 0) || (obj.supportsProxyCertificatesRequest == false)) return;
if ((obj.lastProxyCertificatesRequest != null) && ((Date.now() - obj.lastProxyCertificatesRequest) < 120000)) { return; } // Don't allow this call more than every 2 minutes. if ((obj.lastProxyCertificatesRequest != null) && ((Date.now() - obj.lastProxyCertificatesRequest) < 120000)) return; // Don't allow this call more than every 2 minutes.
obj.lastProxyCertificatesRequest = Date.now(); obj.lastProxyCertificatesRequest = Date.now();
}
// Load any domain web certificates // Load any domain web certificates
for (i in obj.config.domains) { for (var i in obj.config.domains) {
if (obj.config.domains[i].certurl != null) { if (obj.config.domains[i].certurl != null) {
// Load web certs // Load web certs
obj.pendingProxyCertificatesRequests++; obj.pendingProxyCertificatesRequests++;

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.4.3-p", "version": "0.4.3-q",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",