diff --git a/agents/MeshCmd-signed.exe b/agents/MeshCmd-signed.exe
index 1876491f..7feb6d10 100644
Binary files a/agents/MeshCmd-signed.exe and b/agents/MeshCmd-signed.exe differ
diff --git a/agents/MeshCmd64-signed.exe b/agents/MeshCmd64-signed.exe
index 2bf9266d..6a83d29f 100644
Binary files a/agents/MeshCmd64-signed.exe and b/agents/MeshCmd64-signed.exe differ
diff --git a/agents/MeshService-signed.exe b/agents/MeshService-signed.exe
index bbd8c9f3..65fdad66 100644
Binary files a/agents/MeshService-signed.exe and b/agents/MeshService-signed.exe differ
diff --git a/agents/MeshService.exe b/agents/MeshService.exe
index 6e75ea80..4d8f147a 100644
Binary files a/agents/MeshService.exe and b/agents/MeshService.exe differ
diff --git a/agents/MeshService64-signed.exe b/agents/MeshService64-signed.exe
index 2727d430..1ebc3bc1 100644
Binary files a/agents/MeshService64-signed.exe and b/agents/MeshService64-signed.exe differ
diff --git a/agents/MeshService64.exe b/agents/MeshService64.exe
index 51fe0421..4f87e207 100644
Binary files a/agents/MeshService64.exe and b/agents/MeshService64.exe differ
diff --git a/agents/meshagent_arm b/agents/meshagent_arm
index e2a30137..bf3a61f4 100644
Binary files a/agents/meshagent_arm and b/agents/meshagent_arm differ
diff --git a/agents/meshagent_arm-linaro b/agents/meshagent_arm-linaro
index a1902a7e..5fa463a7 100644
Binary files a/agents/meshagent_arm-linaro and b/agents/meshagent_arm-linaro differ
diff --git a/agents/meshagent_arm64 b/agents/meshagent_arm64
index 00ab0a12..71c5fc45 100644
Binary files a/agents/meshagent_arm64 and b/agents/meshagent_arm64 differ
diff --git a/agents/meshagent_armhf b/agents/meshagent_armhf
index ee695457..eb4ab97e 100644
Binary files a/agents/meshagent_armhf and b/agents/meshagent_armhf differ
diff --git a/agents/meshagent_freebsd_x86-64 b/agents/meshagent_freebsd_x86-64
index 98081609..9d8a12c4 100644
Binary files a/agents/meshagent_freebsd_x86-64 and b/agents/meshagent_freebsd_x86-64 differ
diff --git a/agents/meshagent_mips b/agents/meshagent_mips
index 05334c4f..5b9929c5 100644
Binary files a/agents/meshagent_mips and b/agents/meshagent_mips differ
diff --git a/agents/meshagent_osx-x86-64 b/agents/meshagent_osx-x86-64
index 429c89c5..72283269 100644
Binary files a/agents/meshagent_osx-x86-64 and b/agents/meshagent_osx-x86-64 differ
diff --git a/agents/meshagent_pogo b/agents/meshagent_pogo
index 5bd1c065..9c47ad03 100644
Binary files a/agents/meshagent_pogo and b/agents/meshagent_pogo differ
diff --git a/agents/meshagent_poky b/agents/meshagent_poky
index 9be7e6b5..a7cdfc6f 100644
Binary files a/agents/meshagent_poky and b/agents/meshagent_poky differ
diff --git a/agents/meshagent_poky64 b/agents/meshagent_poky64
index b086aece..f59f5d12 100644
Binary files a/agents/meshagent_poky64 and b/agents/meshagent_poky64 differ
diff --git a/agents/meshagent_x86 b/agents/meshagent_x86
index a249242b..d7e2d349 100644
Binary files a/agents/meshagent_x86 and b/agents/meshagent_x86 differ
diff --git a/agents/meshagent_x86-64 b/agents/meshagent_x86-64
index ef19fc8a..74977ebe 100644
Binary files a/agents/meshagent_x86-64 and b/agents/meshagent_x86-64 differ
diff --git a/agents/meshagent_x86-64_nokvm b/agents/meshagent_x86-64_nokvm
index d7a909e4..853d53f5 100644
Binary files a/agents/meshagent_x86-64_nokvm and b/agents/meshagent_x86-64_nokvm differ
diff --git a/agents/meshagent_x86_nokvm b/agents/meshagent_x86_nokvm
index 7b49f09b..0a45888b 100644
Binary files a/agents/meshagent_x86_nokvm and b/agents/meshagent_x86_nokvm differ
diff --git a/package.json b/package.json
index 53dae235..1819957e 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "meshcentral",
- "version": "0.5.36",
+ "version": "0.5.37",
"keywords": [
"Remote Management",
"Intel AMT",
diff --git a/translate/translate.json b/translate/translate.json
index d94e8d83..a7898e7c 100644
--- a/translate/translate.json
+++ b/translate/translate.json
@@ -23957,7 +23957,8 @@
"en": "Sign-in using Intel",
"nl": "Log in met Intel",
"xloc": [
- "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-intel"
+ "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-intel",
+ "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->auth-intel"
]
},
{
@@ -31128,4 +31129,4 @@
]
}
]
-}
+}
\ No newline at end of file
diff --git a/views/login.handlebars b/views/login.handlebars
index 33a037bc..9429b188 100644
--- a/views/login.handlebars
+++ b/views/login.handlebars
@@ -78,6 +78,7 @@
+ 
diff --git a/webserver.js b/webserver.js
index bf9a8aa9..53892400 100644
--- a/webserver.js
+++ b/webserver.js
@@ -2389,7 +2389,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { res.sendStatus(404); return; } // Check 3FA URL key
if ((obj.userAllowedIp != null) && (checkIpAddressEx(req, res, obj.userAllowedIp, false) === false)) { return; } // Check server-wide IP filter only.
- if (req.query.type == 1) {
+ if ((req.query.type == 1) && (req.query.meshid != null)) {
obj.getCiraConfigurationScript(req.query.meshid, function (script) {
if (script == null) { res.sendStatus(404); } else {
try {
@@ -2408,6 +2408,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
res.send(script);
}
});
+ } else {
+ res.sendStatus(404);
}
}
@@ -4248,10 +4250,42 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
}
- // JumpCloud
+ // Intel SAML
+ if (typeof domain.authstrategies.intel == 'object') {
+ if ((typeof domain.authstrategies.intel.cert != 'string') || (typeof domain.authstrategies.intel.idpurl != 'string')) {
+ console.log('ERROR: Missing Intel SAML configuration.');
+ } else {
+ var cert = obj.fs.readFileSync(obj.path.join(obj.parent.datapath, domain.authstrategies.intel.cert));
+ if (cert == null) {
+ console.log('ERROR: Unable to read Intel SAML IdP certificate: ' + domain.authstrategies.intel.cert);
+ } else {
+ var options = { path: url + 'auth-intel-callback', entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral' };
+ if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
+ options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
+ const SamlStrategy = require('passport-saml').Strategy;
+ passport.use(new SamlStrategy(options,
+ function (profile, done) {
+ if (typeof profile.nameID != 'string') { return done(); }
+ var user = { id: 'user/' + domain.id + '/~' + profile.issuer + ':' + profile.nameID, name: profile.nameID };
+ if ((typeof profile.firstname == 'string') && (typeof profile.lastname == 'string')) { user.name = profile.firstname + ' ' + profile.lastname; }
+ if (typeof profile.email == 'string') { user.email = profile.email; }
+ return done(null, user);
+ }
+ ));
+ obj.app.get(url + 'auth-intel', function (req, res, next) {
+ domain.passport.authenticate('saml', { failureRedirect: '/', failureFlash: true })(req, res, next);
+ });
+ obj.app.post(url + 'auth-intel-callback', function (req, res, next) {
+ domain.passport.authenticate('saml', { failureRedirect: '/', failureFlash: true })(req, res, next);
+ }, handleStrategyLogin);
+ }
+ }
+ }
+
+ // JumpCloud SAML
if (typeof domain.authstrategies.jumpcloud == 'object') {
if ((typeof domain.authstrategies.jumpcloud.cert != 'string') || (typeof domain.authstrategies.jumpcloud.idpurl != 'string')) {
- console.log('ERROR: Missing JumpCloud configuration.');
+ console.log('ERROR: Missing JumpCloud SAML configuration.');
} else {
var cert = obj.fs.readFileSync(obj.path.join(obj.parent.datapath, domain.authstrategies.jumpcloud.cert));
if (cert == null) {