Server code cleanup & fixes.

This commit is contained in:
Ylian Saint-Hilaire 2019-01-05 12:04:18 -08:00
parent c880007cf2
commit aa92f4c2a2
5 changed files with 62 additions and 128 deletions

View File

@ -14,6 +14,7 @@
/*jshint esversion: 6 */ /*jshint esversion: 6 */
"use strict"; "use strict";
const fs = require("fs");
const crypto = require("crypto"); const crypto = require("crypto");
// Binary encoding and decoding functions // Binary encoding and decoding functions

View File

@ -1235,27 +1235,6 @@ function CreateMeshCentralServer(config, args) {
function logWarnEvent(msg) { if (obj.servicelog != null) { obj.servicelog.warn(msg); } console.log(msg); } function logWarnEvent(msg) { if (obj.servicelog != null) { obj.servicelog.warn(msg); } console.log(msg); }
function logErrorEvent(msg) { if (obj.servicelog != null) { obj.servicelog.error(msg); } console.error(msg); } function logErrorEvent(msg) { if (obj.servicelog != null) { obj.servicelog.error(msg); } console.error(msg); }
// Read entire file and return it in callback function
obj.readEntireTextFile = function(filepath, func) {
var called = false;
try {
obj.fs.open(filepath, 'r', function (err, fd) {
if (fd == null) { func(null); return; }
obj.fs.fstat(fd, function (err, stats) {
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.from(bufferSize), bytesRead = 0;
while (bytesRead < bufferSize) {
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
bytesRead += chunkSize;
}
obj.fs.close(fd);
called = true;
func(buffer.toString('utf8', 0, bufferSize));
});
});
} catch (e) { console.log(e); if (called == false) { func(null); } }
}
// Return the path of a file into the meshcentral-data path // Return the path of a file into the meshcentral-data path
obj.getConfigFilePath = function (filename) { obj.getConfigFilePath = function (filename) {
if ((obj.config != null) && (obj.config.configfiles != null) && (obj.config.configfiles[filename] != null) && (typeof obj.config.configfiles[filename] == 'string')) { if ((obj.config != null) && (obj.config.configfiles != null) && (obj.config.configfiles[filename] != null) && (typeof obj.config.configfiles[filename] == 'string')) {

View File

@ -717,7 +717,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
{ {
// Load the server error log // Load the server error log
if ((user.siteadmin & 16) == 0) break; if ((user.siteadmin & 16) == 0) break;
obj.parent.parent.readEntireTextFile(obj.parent.parent.getConfigFilePath('mesherrors.txt'), function (data) { try { ws.send(JSON.stringify({ action: 'servererrors', data: data })); } catch (ex) { } }); obj.parent.parent.fs.readFile(obj.parent.parent.getConfigFilePath('mesherrors.txt'), 'utf8', function (err, data) { try { ws.send(JSON.stringify({ action: 'servererrors', data: data })); } catch (ex) { } });
break; break;
} }
case 'serverclearerrorlog': case 'serverclearerrorlog':
@ -1213,8 +1213,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Send a mesh agent core to the mesh agent // Send a mesh agent core to the mesh agent
var file = obj.parent.getServerFilePath(user, domain, command.path); var file = obj.parent.getServerFilePath(user, domain, command.path);
if (file != null) { if (file != null) {
obj.parent.readEntireTextFile(file.fullpath, function (data) { obj.parent.parent.fs.readFile(file.fullpath, 'utf8', function (err, data) {
if (data != null) { if (err != null) {
data = obj.common.IntToStr(0) + data; // Add the 4 bytes encoding type & flags (Set to 0 for raw) data = obj.common.IntToStr(0) + data; // Add the 4 bytes encoding type & flags (Set to 0 for raw)
obj.parent.sendMeshAgentCore(user, domain, command.nodeid, data); obj.parent.sendMeshAgentCore(user, domain, command.nodeid, data);
} }
@ -1238,8 +1238,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
case 'close': case 'close':
{ {
// Close the web socket session // Close the web socket session
console.log('CLOSING1'); if (obj.req.session && obj.req.session.ws && obj.req.session.ws == ws) { delete obj.req.session.ws; }
if (obj.req.session && obj.req.session.ws && obj.req.session.ws == ws) { console.log('CLOSING2'); delete obj.req.session.ws; }
try { ws.close(); } catch (e) { } try { ws.close(); } catch (e) { }
break; break;
} }
@ -1397,26 +1396,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
} }
} }
// Read entire file and return it in callback function
function readEntireTextFile(filepath, func) {
var called = false;
try {
obj.fs.open(filepath, 'r', function (err, fd) {
obj.fs.fstat(fd, function (err, stats) {
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.from(bufferSize), bytesRead = 0;
while (bytesRead < bufferSize) {
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
bytesRead += chunkSize;
}
obj.fs.close(fd);
called = true;
func(buffer.toString('utf8', 0, bufferSize));
});
});
} catch (e) { if (called == false) { func(null); } }
}
// Read the folder and all sub-folders and serialize that into json. // Read the folder and all sub-folders and serialize that into json.
function readFilesRec(path) { function readFilesRec(path) {
var r = {}, dir = obj.fs.readdirSync(path); var r = {}, dir = obj.fs.readdirSync(path);

View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.2.5-r", "version": "0.2.5-s",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",

View File

@ -300,12 +300,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
// Check if the source IP address is allowed, return domain if allowed // Check if the source IP address is allowed, return domain if allowed
function checkUserIpAddress(req, res, rootonly) { function checkUserIpAddress(req, res) {
if ((obj.userAllowedIp != null) && (checkUserIpAddressEx(req, res, obj.userAllowedIp) == false)) { return null; } if (checkUserIpAddressEx(req, res, obj.userAllowedIp) == false) { return null; }
if (rootonly == true) { return; } const domain = (req.url ? getDomain(req) : getDomain(res));
var domain;
if (req.url) { domain = getDomain(req); } else { domain = getDomain(res); }
if (domain.userallowedip == null) return domain;
if (checkUserIpAddressEx(req, res, domain.userallowedip) == false) { return null; } if (checkUserIpAddressEx(req, res, domain.userallowedip) == false) { return null; }
return domain; return domain;
} }
@ -322,7 +319,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
function handleLogoutRequest(req, res) { function handleLogoutRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
// Destroy the user's session to log them out will be re-created next request // Destroy the user's session to log them out will be re-created next request
@ -335,7 +332,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
function handleLoginRequest(req, res) { function handleLoginRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
obj.authenticate(req.body.username, req.body.password, domain, function (err, userid, passhint) { obj.authenticate(req.body.username, req.body.password, domain, function (err, userid, passhint) {
if (userid) { if (userid) {
@ -391,7 +388,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
function handleCreateAccountRequest(req, res) { function handleCreateAccountRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.newaccounts === 0) || (domain.newaccounts === false)) { res.sendStatus(401); return; } if ((domain.newaccounts === 0) || (domain.newaccounts === false)) { res.sendStatus(401); return; }
if (!obj.common.validateUsername(req.body.username, 1, 64) || !obj.common.validateEmail(req.body.email, 1, 256) || !obj.common.validateString(req.body.password1, 1, 256) || !obj.common.validateString(req.body.password2, 1, 256) || (req.body.password1 != req.body.password2) || req.body.username == '~' || !obj.common.checkPasswordRequirements(req.body.password1, domain.passwordrequirements)) { if (!obj.common.validateUsername(req.body.username, 1, 64) || !obj.common.validateEmail(req.body.email, 1, 256) || !obj.common.validateString(req.body.password1, 1, 256) || !obj.common.validateString(req.body.password2, 1, 256) || (req.body.password1 != req.body.password2) || req.body.username == '~' || !obj.common.checkPasswordRequirements(req.body.password1, domain.passwordrequirements)) {
@ -445,7 +442,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Called to process an account reset request // Called to process an account reset request
function handleResetAccountRequest(req, res) { function handleResetAccountRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.newaccounts === 0) || (domain.newaccounts === false)) { res.sendStatus(401); return; } if ((domain.newaccounts === 0) || (domain.newaccounts === false)) { res.sendStatus(401); return; }
if (!req.body.email || checkEmail(req.body.email) == false) { if (!req.body.email || checkEmail(req.body.email) == false) {
@ -477,7 +474,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Called to process a web based email verification request // Called to process a web based email verification request
function handleCheckMailRequest(req, res) { function handleCheckMailRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if (req.query.c != null) { if (req.query.c != null) {
var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30); var cookie = obj.parent.decodeCookie(req.query.c, obj.parent.mailserver.mailCookieEncryptionKey, 30);
@ -577,7 +574,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
} }
function handleDeleteAccountRequest(req, res) { function handleDeleteAccountRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
// Check if the user is logged and we have all required parameters // Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; } if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
@ -621,7 +618,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle password changes // Handle password changes
function handlePasswordChangeRequest(req, res) { function handlePasswordChangeRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
// Check if the user is logged and we have all required parameters // Check if the user is logged and we have all required parameters
if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; } if (!req.session || !req.session.userid || !req.body.apassword1 || (req.body.apassword1 != req.body.apassword2) || (req.session.domainid != domain.id)) { res.redirect(domain.url); return; }
@ -645,7 +642,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Indicates that any request to "/" should render "default" or "login" depending on login state // Indicates that any request to "/" should render "default" or "login" depending on login state
function handleRootRequest(req, res) { function handleRootRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if (!obj.args) { res.sendStatus(500); return; } if (!obj.args) { res.sendStatus(500); return; }
@ -829,14 +826,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Render the terms of service. // Render the terms of service.
function handleTermsRequest(req, res) { function handleTermsRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
// See if there is a terms.txt file in meshcentral-data // See if there is a terms.txt file in meshcentral-data
var p = obj.path.join(obj.parent.datapath, 'terms.txt'); var p = obj.path.join(obj.parent.datapath, 'terms.txt');
if (obj.fs.existsSync(p)) { if (obj.fs.existsSync(p)) {
readEntireTextFile(p, function (data) { obj.fs.readFile(p, 'utf8', function (err, data) {
if (data == null) { res.sendStatus(404); return; } if (err != null) { res.sendStatus(404); return; }
// Send the terms // Send the terms
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' });
@ -881,14 +878,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Returns the mesh server root certificate // Returns the mesh server root certificate
function handleRootCertRequest(req, res) { function handleRootCertRequest(req, res) {
if (checkUserIpAddress(req, res, true) == false) { return; } if (checkUserIpAddressEx(req, res, obj.userAllowedIp) === false) { return; } // Check server-wide IP filter only.
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + certificates.RootName + '.cer' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + certificates.RootName + '.cer' });
res.send(Buffer.from(getRootCertBase64(), 'base64')); res.send(Buffer.from(getRootCertBase64(), 'base64'));
} }
// Returns an mescript for Intel AMT configuration // Returns an mescript for Intel AMT configuration
function handleMeScriptRequest(req, res) { function handleMeScriptRequest(req, res) {
if (checkUserIpAddress(req, res, true) == false) { return; } if (checkUserIpAddressEx(req, res, obj.userAllowedIp) === false) { return; } // Check server-wide IP filter only.
if (req.query.type == 1) { if (req.query.type == 1) {
var filename = 'cira_setup.mescript'; var filename = 'cira_setup.mescript';
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + filename }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + filename });
@ -899,8 +896,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((serverNameSplit.length == 4) && (parseInt(serverNameSplit[0]) == serverNameSplit[0]) && (parseInt(serverNameSplit[1]) == serverNameSplit[1]) && (parseInt(serverNameSplit[2]) == serverNameSplit[2]) && (parseInt(serverNameSplit[3]) == serverNameSplit[3])) { if ((serverNameSplit.length == 4) && (parseInt(serverNameSplit[0]) == serverNameSplit[0]) && (parseInt(serverNameSplit[1]) == serverNameSplit[1]) && (parseInt(serverNameSplit[2]) == serverNameSplit[2]) && (parseInt(serverNameSplit[3]) == serverNameSplit[3])) {
// Server name is an IPv4 address // Server name is an IPv4 address
readEntireTextFile(obj.parent.path.join(__dirname, 'public/scripts/cira_setup_script_ip.mescript'), function (data) { obj.fs.readFile(obj.parent.path.join(__dirname, 'public/scripts/cira_setup_script_ip.mescript'), 'utf8', function (err, data) {
if (data == null) { res.sendStatus(404); return; } if (err != null) { res.sendStatus(404); return; }
var scriptFile = JSON.parse(data); var scriptFile = JSON.parse(data);
// Change a few things in the script // Change a few things in the script
@ -925,8 +922,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}); });
} else { } else {
// Server name is a hostname // Server name is a hostname
readEntireTextFile(obj.parent.path.join(__dirname, 'public/scripts/cira_setup_script_dns.mescript'), function (data) { obj.fs.readFile(obj.parent.path.join(__dirname, 'public/scripts/cira_setup_script_dns.mescript'), 'utf8', function (err, data) {
if (data == null) { res.sendStatus(404); return; } if (err != null) { res.sendStatus(404); return; }
var scriptFile = JSON.parse(data); var scriptFile = JSON.parse(data);
// Change a few things in the script // Change a few things in the script
@ -953,8 +950,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
else if (req.query.type == 2) { else if (req.query.type == 2) {
var filename = 'cira_cleanup.mescript'; var filename = 'cira_cleanup.mescript';
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + filename }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + filename });
readEntireTextFile(obj.parent.path.join(__dirname, 'public/scripts/cira_cleanup.mescript'), function (data) { obj.fs.readFile(obj.parent.path.join(__dirname, 'public/scripts/cira_cleanup.mescript'), 'utf8', function (err, data) {
if (data == null) { res.sendStatus(404); return; } if (err != null) { res.sendStatus(404); return; }
res.send(Buffer.from(data)); res.send(Buffer.from(data));
}); });
} }
@ -962,7 +959,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle user public file downloads // Handle user public file downloads
function handleDownloadUserFiles(req, res) { function handleDownloadUserFiles(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; } if (obj.common.validateString(req.path, 1, 4096) == false) { res.sendStatus(404); return; }
var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = ''; var domainname = 'domain', spliturl = decodeURIComponent(req.path).split('/'), filename = '';
@ -987,7 +984,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle logo request // Handle logo request
function handleLogoRequest(req, res) { function handleLogoRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
res.set({ 'Cache-Control': 'max-age=86400' }); // 1 day res.set({ 'Cache-Control': 'max-age=86400' }); // 1 day
if ((domain != null) && domain.titlepicture) { if ((domain != null) && domain.titlepicture) {
@ -1034,12 +1031,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Download a file from the server // Download a file from the server
function handleDownloadFile(req, res) { function handleDownloadFile(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; } if ((req.query.link == null) || (req.session == null) || (req.session.userid == null) || (domain == null) || (domain.userQuota == -1)) { res.sendStatus(404); return; }
var user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if (user == null) { res.sendStatus(404); return; } if (user == null) { res.sendStatus(404); return; }
var file = obj.getServerFilePath(user, domain, req.query.link); const file = obj.getServerFilePath(user, domain, req.query.link);
if (file == null) { res.sendStatus(404); return; } if (file == null) { res.sendStatus(404); return; }
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=\"' + file.name + '\"' }); res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=\"' + file.name + '\"' });
try { res.sendFile(file.fullpath); } catch (e) { res.sendStatus(404); } try { res.sendFile(file.fullpath); } catch (e) { res.sendStatus(404); }
@ -1047,20 +1044,20 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Upload a MeshCore.js file to the server // Upload a MeshCore.js file to the server
function handleUploadMeshCoreFile(req, res) { function handleUploadMeshCoreFile(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
var user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only) if (user.siteadmin != 0xFFFFFFFF) { res.sendStatus(401); return; } // Check if we have mesh core upload rights (Full admin only)
var multiparty = require('multiparty'); const multiparty = require('multiparty');
var form = new multiparty.Form(); const form = new multiparty.Form();
form.parse(req, function (err, fields, files) { form.parse(req, function (err, fields, files) {
if ((fields == null) || (fields.attrib == null) || (fields.attrib.length != 1)) { res.sendStatus(404); return; } if ((fields == null) || (fields.attrib == null) || (fields.attrib.length != 1)) { res.sendStatus(404); return; }
for (var i in files.files) { for (var i in files.files) {
var file = files.files[i]; var file = files.files[i];
readEntireTextFile(file.path, function (data) { obj.fs.readFile(file.path, 'utf8', function (err, data) {
if (data == null) return; if (err != null) return;
data = obj.common.IntToStr(0) + data; // Add the 4 bytes encoding type & flags (Set to 0 for raw) data = obj.common.IntToStr(0) + data; // Add the 4 bytes encoding type & flags (Set to 0 for raw)
obj.sendMeshAgentCore(user, domain, fields.attrib[0], data); // Upload the core obj.sendMeshAgentCore(user, domain, fields.attrib[0], data); // Upload the core
try { obj.fs.unlinkSync(file.path); } catch (e) { } try { obj.fs.unlinkSync(file.path); } catch (e) { }
@ -1072,14 +1069,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Upload a file to the server // Upload a file to the server
function handleUploadFile(req, res) { function handleUploadFile(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (domain.userQuota == -1)) { res.sendStatus(401); return; }
var user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights if ((user.siteadmin & 8) == 0) { res.sendStatus(401); return; } // Check if we have file rights
var multiparty = require('multiparty'); const multiparty = require('multiparty');
var form = new multiparty.Form(); const form = new multiparty.Form();
form.parse(req, function (err, fields, files) { form.parse(req, function (err, fields, files) {
if ((fields == null) || (fields.link == null) || (fields.link.length != 1)) { /*console.log('UploadFile, Invalid Fields:', fields, files);*/ res.sendStatus(404); return; } if ((fields == null) || (fields.link == null) || (fields.link.length != 1)) { /*console.log('UploadFile, Invalid Fields:', fields, files);*/ res.sendStatus(404); return; }
var xfile = obj.getServerFilePath(user, domain, decodeURIComponent(fields.link[0])); var xfile = obj.getServerFilePath(user, domain, decodeURIComponent(fields.link[0]));
@ -1127,8 +1124,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Subscribe to all events we are allowed to receive // Subscribe to all events we are allowed to receive
obj.subscribe = function (userid, target) { obj.subscribe = function (userid, target) {
var user = obj.users[userid]; const user = obj.users[userid];
var subscriptions = [userid, 'server-global']; const subscriptions = [userid, 'server-global'];
if (user.siteadmin != null) { if (user.siteadmin != null) {
if (user.siteadmin == 0xFFFFFFFF) subscriptions.push('*'); if (user.siteadmin == 0xFFFFFFFF) subscriptions.push('*');
if ((user.siteadmin & 2) != 0) subscriptions.push('server-users'); if ((user.siteadmin & 2) != 0) subscriptions.push('server-users');
@ -1221,9 +1218,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}; };
// TLSSocket to encapsulate TLS communication, which then tunneled via SerialTunnel an then wrapped through CIRA APF // TLSSocket to encapsulate TLS communication, which then tunneled via SerialTunnel an then wrapped through CIRA APF
var TLSSocket = require('tls').TLSSocket; const TLSSocket = require('tls').TLSSocket;
var tlsoptions = { secureProtocol: ((req.query.tls1only == 1) ? 'TLSv1_method' : 'SSLv23_method'), ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false }; const tlsoptions = { secureProtocol: ((req.query.tls1only == 1) ? 'TLSv1_method' : 'SSLv23_method'), ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false };
var tlsock = new TLSSocket(ser, tlsoptions); const tlsock = new TLSSocket(ser, tlsoptions);
tlsock.on('error', function (err) { Debug(1, "CIRA TLS Connection Error ", err); }); tlsock.on('error', function (err) { Debug(1, "CIRA TLS Connection Error ", err); });
tlsock.on('secureConnect', function () { Debug(2, "CIRA Secure TLS Connection"); ws._socket.resume(); }); tlsock.on('secureConnect', function () { Debug(2, "CIRA Secure TLS Connection"); ws._socket.resume(); });
@ -1397,14 +1394,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle the web socket echo request, just echo back the data sent // Handle the web socket echo request, just echo back the data sent
function handleEchoWebSocket(ws, req) { function handleEchoWebSocket(ws, req) {
var domain = checkUserIpAddress(ws, req); const domain = checkUserIpAddress(ws, req);
if (domain == null) return; if (domain == null) return;
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive
// When data is received from the web socket, echo it back // When data is received from the web socket, echo it back
ws.on('message', function (data) { ws.on('message', function (data) {
var cmd = data.toString('utf8'); if (data.toString('utf8') == 'close') {
if (cmd == 'close') {
try { ws.close(); } catch (e) { console.log(e); } try { ws.close(); } catch (e) { console.log(e); }
} else { } else {
try { ws.send(data); } catch (e) { console.log(e); } try { ws.send(data); } catch (e) { console.log(e); }
@ -1442,7 +1438,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle Intel AMT events // Handle Intel AMT events
// To subscribe, add "http://server:port/amtevents.ashx" to Intel AMT subscriptions. // To subscribe, add "http://server:port/amtevents.ashx" to Intel AMT subscriptions.
obj.handleAmtEventRequest = function (req, res) { obj.handleAmtEventRequest = function (req, res) {
var domain = getDomain(req); const domain = getDomain(req);
try { try {
if (req.headers.authorization) { if (req.headers.authorization) {
var authstr = req.headers.authorization; var authstr = req.headers.authorization;
@ -1518,14 +1514,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a server backup request // Handle a server backup request
function handleBackupRequest(req, res) { function handleBackupRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
var user = obj.users[req.session.userid]; var user = obj.users[req.session.userid];
if ((user.siteadmin & 1) == 0) { res.sendStatus(401); return; } // Check if we have server backup rights if ((user.siteadmin & 1) == 0) { res.sendStatus(401); return; } // Check if we have server backup rights
// Require modules // Require modules
const fs = require('fs');
const archive = require('archiver')('zip', { level: 9 }); // Sets the compression method to maximum. const archive = require('archiver')('zip', { level: 9 }); // Sets the compression method to maximum.
// Good practice to catch this error explicitly // Good practice to catch this error explicitly
@ -1542,7 +1537,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
for (var i in backupList) { for (var i in backupList) {
var filename = backupList[i]; var filename = backupList[i];
var filepath = obj.path.join(obj.parent.datapath, filename); var filepath = obj.path.join(obj.parent.datapath, filename);
if (fs.existsSync(filepath)) { archive.file(filepath, { name: filename }); } if (obj.fs.existsSync(filepath)) { archive.file(filepath, { name: filename }); }
} }
// Finalize the archive (ie we are done appending files but streams have to finish yet) // Finalize the archive (ie we are done appending files but streams have to finish yet)
@ -1551,14 +1546,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a server restore request // Handle a server restore request
function handleRestoreRequest(req, res) { function handleRestoreRequest(req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; } if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid) || (obj.parent.args.noserverbackup == 1)) { res.sendStatus(401); return; }
var user = obj.users[req.session.userid]; const user = obj.users[req.session.userid];
if ((user.siteadmin & 4) == 0) { res.sendStatus(401); return; } // Check if we have server restore rights if ((user.siteadmin & 4) == 0) { res.sendStatus(401); return; } // Check if we have server restore rights
var multiparty = require('multiparty'); const multiparty = require('multiparty');
var form = new multiparty.Form(); const form = new multiparty.Form();
form.parse(req, function (err, fields, files) { form.parse(req, function (err, fields, files) {
res.send('Server must be restarted, <a href="' + domain.url + '">click here to login</a>.'); res.send('Server must be restarted, <a href="' + domain.url + '">click here to login</a>.');
parent.Stop(files.datafile[0].path); parent.Stop(files.datafile[0].path);
@ -1567,7 +1562,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a request to download a mesh agent // Handle a request to download a mesh agent
obj.handleMeshAgentRequest = function (req, res) { obj.handleMeshAgentRequest = function (req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
// If required, check if this user has rights to do this // If required, check if this user has rights to do this
@ -1642,7 +1637,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.parent.exeHandler.streamExeWithJavaScript({ platform: argentInfo.platform, sourceFileName: argentInfo.path, destinationStream: res, js: Buffer.from(obj.parent.defaultMeshCmd, 'utf8'), peinfo: argentInfo.pe }); obj.parent.exeHandler.streamExeWithJavaScript({ platform: argentInfo.platform, sourceFileName: argentInfo.path, destinationStream: res, js: Buffer.from(obj.parent.defaultMeshCmd, 'utf8'), peinfo: argentInfo.pe });
} }
} else if (req.query.meshaction != null) { } else if (req.query.meshaction != null) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) { res.sendStatus(404); return; } if (domain == null) { res.sendStatus(404); return; }
var user = obj.users[req.session.userid]; var user = obj.users[req.session.userid];
if ((req.query.meshaction == 'route') && (req.query.nodeid != null)) { if ((req.query.meshaction == 'route') && (req.query.nodeid != null)) {
@ -1709,7 +1704,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Create a OSX mesh agent installer // Create a OSX mesh agent installer
obj.handleMeshOsxAgentRequest = function (req, res) { obj.handleMeshOsxAgentRequest = function (req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if ((domain == null) || (req.query.id == null)) { res.sendStatus(404); return; } if ((domain == null) || (req.query.id == null)) { res.sendStatus(404); return; }
// If required, check if this user has rights to do this // If required, check if this user has rights to do this
@ -1794,7 +1789,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// Handle a request to download a mesh settings // Handle a request to download a mesh settings
obj.handleMeshSettingsRequest = function (req, res) { obj.handleMeshSettingsRequest = function (req, res) {
var domain = checkUserIpAddress(req, res); const domain = checkUserIpAddress(req, res);
if (domain == null) return; if (domain == null) return;
//if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; } //if ((domain.id !== '') || (!req.session) || (req.session == null) || (!req.session.userid)) { res.sendStatus(401); return; }
@ -2098,26 +2093,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
return obj.path.join(obj.filespath, domainname + "/" + splitname[0] + "-" + splitname[2]); return obj.path.join(obj.filespath, domainname + "/" + splitname[0] + "-" + splitname[2]);
} }
// Read entire file and return it in callback function
function readEntireTextFile(filepath, func) {
var called = false;
try {
obj.fs.open(filepath, 'r', function (err, fd) {
obj.fs.fstat(fd, function (err, stats) {
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.alloc(bufferSize), bytesRead = 0;
while (bytesRead < bufferSize) {
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
bytesRead += chunkSize;
}
obj.fs.close(fd);
called = true;
func(buffer.toString('utf8', 0, bufferSize));
});
});
} catch (e) { if (called == false) { func(null); } }
}
// Return true is the input string looks like an email address // Return true is the input string looks like an email address
function checkEmail(str) { function checkEmail(str) {
var x = str.split('@'); var x = str.split('@');