mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-25 14:45:52 -05:00
Agent TLS certificate improvement.
This commit is contained in:
parent
68d8e53548
commit
e04db9fa9f
@ -779,7 +779,13 @@ function createMeshCore(agent) {
|
||||
|
||||
// Perform manual server TLS certificate checking based on the certificate hash given by the server.
|
||||
woptions.rejectUnauthorized = 0;
|
||||
woptions.checkServerIdentity = function checkServerIdentity(certs) { if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash != certs[0].digest.split(':').join('').toLowerCase())) { throw new Error('BadCert') } }
|
||||
woptions.checkServerIdentity = function checkServerIdentity(certs) {
|
||||
// If the tunnel certificate matches the control channel certificate, accept the connection
|
||||
try { if (require('MeshAgent').ServerInfo.ControlChannelCertificate.digest == certs[0].digest) return; } catch (ex) { }
|
||||
try { if (require('MeshAgent').ServerInfo.ControlChannelCertificate.fingerprint == certs[0].fingerprint) return; } catch (ex) { }
|
||||
// Check that the certificate is the one expected by the server, fail if not.
|
||||
if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash.toLowerCase() != certs[0].digest.split(':').join('').toLowerCase())) { throw new Error('BadCert') }
|
||||
}
|
||||
woptions.checkServerIdentity.servertlshash = data.servertlshash;
|
||||
|
||||
//sendConsoleText(JSON.stringify(woptions));
|
||||
@ -1177,7 +1183,13 @@ function createMeshCore(agent) {
|
||||
|
||||
// Perform manual server TLS certificate checking based on the certificate hash given by the server.
|
||||
agentFileHttpOptions.rejectUnauthorized = 0;
|
||||
agentFileHttpOptions.checkServerIdentity = function checkServerIdentity(certs) { if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash != certs[0].digest.split(':').join('').toLowerCase())) { throw new Error('BadCert') } }
|
||||
agentFileHttpOptions.checkServerIdentity = function checkServerIdentity(certs) {
|
||||
// If the tunnel certificate matches the control channel certificate, accept the connection
|
||||
try { if (require('MeshAgent').ServerInfo.ControlChannelCertificate.digest == certs[0].digest) return; } catch (ex) { }
|
||||
try { if (require('MeshAgent').ServerInfo.ControlChannelCertificate.fingerprint == certs[0].fingerprint) return; } catch (ex) { }
|
||||
// Check that the certificate is the one expected by the server, fail if not.
|
||||
if ((checkServerIdentity.servertlshash != null) && (checkServerIdentity.servertlshash.toLowerCase() != certs[0].digest.split(':').join('').toLowerCase())) { throw new Error('BadCert') }
|
||||
}
|
||||
agentFileHttpOptions.checkServerIdentity.servertlshash = data.servertlshash;
|
||||
|
||||
if (agentFileHttpOptions == null) return;
|
||||
|
2
public/scripts/amt-wsman-0.2.0-min.js
vendored
2
public/scripts/amt-wsman-0.2.0-min.js
vendored
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
@ -8056,7 +8056,16 @@
|
||||
|
||||
// Find file result
|
||||
if (data.action == 'findfile') {
|
||||
if (xxdialogTag == data.reqid) { if (data.r == null) { QE('d2findFilter', true); QE('filefind_dlgOkButton', true); xxdialogTag = null; } else { QA('d2findResults', '<div style=white-space:nowrap>' + EscapeHtml(data.r) + '</div>'); } }
|
||||
if (xxdialogTag == data.reqid) {
|
||||
if (data.r == null) {
|
||||
QE('d2findFilter', true);
|
||||
QE('filefind_dlgOkButton', true);
|
||||
xxdialogTag = null;
|
||||
if (Q('d2findResults').innerHTML == '') { QH('d2findResults', '<div style=text-align:center;margin:10px><i>' + "No files found" + '</i></div>'); }
|
||||
} else {
|
||||
QA('d2findResults', '<div style=white-space:nowrap>' + EscapeHtml(data.r) + '</div>');
|
||||
}
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user