mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-12 15:33:20 -05:00
Reverse proxy fixes.
This commit is contained in:
parent
668f496dc9
commit
e9f9950740
32
meshrelay.js
32
meshrelay.js
@ -48,8 +48,8 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
|
|
||||||
// Disconnect this agent
|
// Disconnect this agent
|
||||||
obj.close = function (arg) {
|
obj.close = function (arg) {
|
||||||
if ((arg == 1) || (arg == null)) { try { ws.close(); parent.parent.debug('relay', 'Relay: Soft disconnect (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); } catch (e) { console.log(e); } } // Soft close, close the websocket
|
if ((arg == 1) || (arg == null)) { try { ws.close(); parent.parent.debug('relay', 'Relay: Soft disconnect (' + cleanRemoteAddr(req.ip) + ')'); } catch (e) { console.log(e); } } // Soft close, close the websocket
|
||||||
if (arg == 2) { try { ws._socket._parent.end(); parent.parent.debug('relay', 'Relay: Hard disconnect (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); } catch (e) { console.log(e); } } // Hard close, close the TCP socket
|
if (arg == 2) { try { ws._socket._parent.end(); parent.parent.debug('relay', 'Relay: Hard disconnect (' + cleanRemoteAddr(req.ip) + ')'); } catch (e) { console.log(e); } } // Hard close, close the TCP socket
|
||||||
|
|
||||||
// Aggressive cleanup
|
// Aggressive cleanup
|
||||||
delete obj.id;
|
delete obj.id;
|
||||||
@ -143,7 +143,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
// Check that at least one connection is authenticated
|
// Check that at least one connection is authenticated
|
||||||
if ((obj.authenticated != true) && (relayinfo.peer1.authenticated != true)) {
|
if ((obj.authenticated != true) && (relayinfo.peer1.authenticated != true)) {
|
||||||
ws.close();
|
ws.close();
|
||||||
parent.parent.debug('relay', 'Relay without-auth: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
|
parent.parent.debug('relay', 'Relay without-auth: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ')');
|
||||||
delete obj.id;
|
delete obj.id;
|
||||||
delete obj.ws;
|
delete obj.ws;
|
||||||
delete obj.peer;
|
delete obj.peer;
|
||||||
@ -186,7 +186,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
try { relayinfo.peer1.ws.send('c'); } catch (ex) { }
|
try { relayinfo.peer1.ws.send('c'); } catch (ex) { }
|
||||||
} else {
|
} else {
|
||||||
// Write the recording file header
|
// Write the recording file header
|
||||||
var firstBlock = JSON.stringify({ magic: 'MeshCentralRelaySession', ver: 1, userid: sessionUser._id, username: sessionUser.name, sessionid: obj.id, ipaddr1: cleanRemoteAddr(ws._socket.remoteAddress), ipaddr2: cleanRemoteAddr(obj.peer.ws._socket.remoteAddress), time: new Date().toLocaleString(), protocol: req.query.p, nodeid: req.query.nodeid });
|
var firstBlock = JSON.stringify({ magic: 'MeshCentralRelaySession', ver: 1, userid: sessionUser._id, username: sessionUser.name, sessionid: obj.id, ipaddr1: cleanRemoteAddr(req.ip), ipaddr2: cleanRemoteAddr(obj.peer.req.ip), time: new Date().toLocaleString(), protocol: req.query.p, nodeid: req.query.nodeid });
|
||||||
recordingEntry(fd, 1, ((req.query.browser) ? 2 : 0), firstBlock, function () {
|
recordingEntry(fd, 1, ((req.query.browser) ? 2 : 0), firstBlock, function () {
|
||||||
relayinfo.peer1.ws.logfile = ws.logfile = { fd: fd, lock: false };
|
relayinfo.peer1.ws.logfile = ws.logfile = { fd: fd, lock: false };
|
||||||
try { ws.send('cr'); } catch (ex) { } // Send connect to both peers, 'cr' indicates the session is being recorded.
|
try { ws.send('cr'); } catch (ex) { } // Send connect to both peers, 'cr' indicates the session is being recorded.
|
||||||
@ -200,7 +200,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
try { relayinfo.peer1.ws.send('c'); } catch (ex) { }
|
try { relayinfo.peer1.ws.send('c'); } catch (ex) { }
|
||||||
}
|
}
|
||||||
|
|
||||||
parent.parent.debug('relay', 'Relay connected: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ' --> ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ')');
|
parent.parent.debug('relay', 'Relay connected: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ' --> ' + cleanRemoteAddr(obj.peer.req.ip) + ')');
|
||||||
|
|
||||||
// Log the connection
|
// Log the connection
|
||||||
if (sessionUser != null) {
|
if (sessionUser != null) {
|
||||||
@ -208,13 +208,13 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
if (req.query.p == 1) { msg = 'Started terminal session'; }
|
if (req.query.p == 1) { msg = 'Started terminal session'; }
|
||||||
else if (req.query.p == 2) { msg = 'Started desktop session'; }
|
else if (req.query.p == 2) { msg = 'Started desktop session'; }
|
||||||
else if (req.query.p == 5) { msg = 'Started file management session'; }
|
else if (req.query.p == 5) { msg = 'Started file management session'; }
|
||||||
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress), protocol: req.query.p, nodeid: req.query.nodeid };
|
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.req.ip) + ' to ' + cleanRemoteAddr(req.ip), protocol: req.query.p, nodeid: req.query.nodeid };
|
||||||
parent.parent.DispatchEvent(['*', sessionUser._id], obj, event);
|
parent.parent.DispatchEvent(['*', sessionUser._id], obj, event);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Connected already, drop (TODO: maybe we should re-connect?)
|
// Connected already, drop (TODO: maybe we should re-connect?)
|
||||||
ws.close();
|
ws.close();
|
||||||
parent.parent.debug('relay', 'Relay duplicate: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
|
parent.parent.debug('relay', 'Relay duplicate: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ')');
|
||||||
delete obj.id;
|
delete obj.id;
|
||||||
delete obj.ws;
|
delete obj.ws;
|
||||||
delete obj.peer;
|
delete obj.peer;
|
||||||
@ -224,7 +224,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
// Wait for other relay connection
|
// Wait for other relay connection
|
||||||
ws._socket.pause(); // Hold traffic until the other connection
|
ws._socket.pause(); // Hold traffic until the other connection
|
||||||
parent.wsrelays[obj.id] = { peer1: obj, state: 1, timeout: setTimeout(function () { closeBothSides(); }, 30000) };
|
parent.wsrelays[obj.id] = { peer1: obj, state: 1, timeout: setTimeout(function () { closeBothSides(); }, 30000) };
|
||||||
parent.parent.debug('relay', 'Relay holding: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ') ' + (obj.authenticated ? 'Authenticated' : ''));
|
parent.parent.debug('relay', 'Relay holding: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ') ' + (obj.authenticated ? 'Authenticated' : ''));
|
||||||
|
|
||||||
// Check if a peer server has this connection
|
// Check if a peer server has this connection
|
||||||
if (parent.parent.multiServer != null) {
|
if (parent.parent.multiServer != null) {
|
||||||
@ -267,7 +267,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
ws.on('error', function (err) {
|
ws.on('error', function (err) {
|
||||||
parent.relaySessionErrorCount++;
|
parent.relaySessionErrorCount++;
|
||||||
if (obj.relaySessionCounted) { parent.relaySessionCount--; delete obj.relaySessionCounted; }
|
if (obj.relaySessionCounted) { parent.relaySessionCount--; delete obj.relaySessionCounted; }
|
||||||
console.log('Relay error from ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + err.toString().split('\r')[0] + '.');
|
console.log('Relay error from ' + cleanRemoteAddr(req.ip) + ', ' + err.toString().split('\r')[0] + '.');
|
||||||
closeBothSides();
|
closeBothSides();
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -290,7 +290,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
|
|
||||||
// Disconnect the peer
|
// Disconnect the peer
|
||||||
try { if (peer.relaySessionCounted) { parent.relaySessionCount--; delete peer.relaySessionCounted; } } catch (ex) { console.log(ex); }
|
try { if (peer.relaySessionCounted) { parent.relaySessionCount--; delete peer.relaySessionCounted; } } catch (ex) { console.log(ex); }
|
||||||
parent.parent.debug('relay', 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ' --> ' + cleanRemoteAddr(peer.ws._socket.remoteAddress) + ')');
|
parent.parent.debug('relay', 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ' --> ' + cleanRemoteAddr(peer.req.ip) + ')');
|
||||||
try { peer.ws.close(); } catch (e) { } // Soft disconnect
|
try { peer.ws.close(); } catch (e) { } // Soft disconnect
|
||||||
try { peer.ws._socket._parent.end(); } catch (e) { } // Hard disconnect
|
try { peer.ws._socket._parent.end(); } catch (e) { } // Hard disconnect
|
||||||
|
|
||||||
@ -301,10 +301,10 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
else if (req.query.p == 2) { msg = 'Ended desktop session'; }
|
else if (req.query.p == 2) { msg = 'Ended desktop session'; }
|
||||||
else if (req.query.p == 5) { msg = 'Ended file management session'; }
|
else if (req.query.p == 5) { msg = 'Ended file management session'; }
|
||||||
if (user) {
|
if (user) {
|
||||||
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: user._id, username: parent.users[user._id].name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)', protocol: req.query.p, nodeid: req.query.nodeid };
|
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: user._id, username: parent.users[user._id].name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.req.ip) + ' to ' + cleanRemoteAddr(req.ip) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)', protocol: req.query.p, nodeid: req.query.nodeid };
|
||||||
parent.parent.DispatchEvent(['*', user._id], obj, event);
|
parent.parent.DispatchEvent(['*', user._id], obj, event);
|
||||||
} else if (peer.user) {
|
} else if (peer.user) {
|
||||||
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: peer.user._id, username: parent.users[peer.user._id].name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.ws._socket.remoteAddress) + ' to ' + cleanRemoteAddr(ws._socket.remoteAddress) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)', protocol: req.query.p, nodeid: req.query.nodeid };
|
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: peer.user._id, username: parent.users[peer.user._id].name, msg: msg + ' \"' + obj.id + '\" from ' + cleanRemoteAddr(obj.peer.req.ip) + ' to ' + cleanRemoteAddr(req.ip) + ', ' + Math.floor((Date.now() - ws.time) / 1000) + ' second(s)', protocol: req.query.p, nodeid: req.query.nodeid };
|
||||||
parent.parent.DispatchEvent(['*', peer.user._id], obj, event);
|
parent.parent.DispatchEvent(['*', peer.user._id], obj, event);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -314,7 +314,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
delete peer.ws;
|
delete peer.ws;
|
||||||
delete peer.peer;
|
delete peer.peer;
|
||||||
} else {
|
} else {
|
||||||
parent.parent.debug('relay', 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')');
|
parent.parent.debug('relay', 'Relay disconnect: ' + obj.id + ' (' + cleanRemoteAddr(req.ip) + ')');
|
||||||
}
|
}
|
||||||
try { ws.close(); } catch (ex) { }
|
try { ws.close(); } catch (ex) { }
|
||||||
delete parent.wsrelays[obj.id];
|
delete parent.wsrelays[obj.id];
|
||||||
@ -371,7 +371,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
if (obj.id == undefined) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
|
if (obj.id == undefined) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one.
|
||||||
var command = { nodeid: cookie.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: cookie.tcpport, tcpaddr: cookie.tcpaddr };
|
var command = { nodeid: cookie.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: cookie.tcpport, tcpaddr: cookie.tcpaddr };
|
||||||
parent.parent.debug('relay', 'Relay: Sending agent tunnel command: ' + JSON.stringify(command));
|
parent.parent.debug('relay', 'Relay: Sending agent tunnel command: ' + JSON.stringify(command));
|
||||||
if (obj.sendAgentMessage(command, user._id, cookie.domainid) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
|
if (obj.sendAgentMessage(command, user._id, cookie.domainid) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(req.ip) + ')'); }
|
||||||
performRelay();
|
performRelay();
|
||||||
});
|
});
|
||||||
return obj;
|
return obj;
|
||||||
@ -391,11 +391,11 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
|||||||
if (req.query.tcpport != null) {
|
if (req.query.tcpport != null) {
|
||||||
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: req.query.tcpport, tcpaddr: ((req.query.tcpaddr == null) ? '127.0.0.1' : req.query.tcpaddr) };
|
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, tcpport: req.query.tcpport, tcpaddr: ((req.query.tcpaddr == null) ? '127.0.0.1' : req.query.tcpaddr) };
|
||||||
parent.parent.debug('relay', 'Relay: Sending agent TCP tunnel command: ' + JSON.stringify(command));
|
parent.parent.debug('relay', 'Relay: Sending agent TCP tunnel command: ' + JSON.stringify(command));
|
||||||
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
|
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(req.ip) + ')'); }
|
||||||
} else if (req.query.udpport != null) {
|
} else if (req.query.udpport != null) {
|
||||||
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, udpport: req.query.udpport, udpaddr: ((req.query.udpaddr == null) ? '127.0.0.1' : req.query.udpaddr) };
|
var command = { nodeid: req.query.nodeid, action: 'msg', type: 'tunnel', value: '*/meshrelay.ashx?id=' + obj.id, udpport: req.query.udpport, udpaddr: ((req.query.udpaddr == null) ? '127.0.0.1' : req.query.udpaddr) };
|
||||||
parent.parent.debug('relay', 'Relay: Sending agent UDP tunnel command: ' + JSON.stringify(command));
|
parent.parent.debug('relay', 'Relay: Sending agent UDP tunnel command: ' + JSON.stringify(command));
|
||||||
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(ws._socket.remoteAddress) + ')'); }
|
if (obj.sendAgentMessage(command, user._id, domain.id) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + cleanRemoteAddr(req.ip) + ')'); }
|
||||||
}
|
}
|
||||||
performRelay();
|
performRelay();
|
||||||
});
|
});
|
||||||
|
@ -137,16 +137,19 @@ module.exports.CreateMeshScanner = function (parent) {
|
|||||||
try { info = obj.parent.config.domains[''].title2; } catch (ex) { }
|
try { info = obj.parent.config.domains[''].title2; } catch (ex) { }
|
||||||
try { info = obj.parent.args.localdiscovery.info; } catch (ex) { }
|
try { info = obj.parent.args.localdiscovery.info; } catch (ex) { }
|
||||||
|
|
||||||
|
// Figure out the correct websocket port
|
||||||
|
var port = (parent.args.aliasport)?parent.args.aliasport:parent.args.port;
|
||||||
|
|
||||||
// Build the IPv4 response
|
// Build the IPv4 response
|
||||||
var url = (parent.args.notls ? 'ws' : 'wss') + '://%s:' + parent.args.port + '/agent.ashx';
|
var url = (parent.args.notls ? 'ws' : 'wss') + '://%s:' + port + '/agent.ashx';
|
||||||
obj.multicastPacket4 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
|
obj.multicastPacket4 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
|
||||||
if (parent.certificates.CommonName.indexOf('.') != -1) { url = (parent.args.notls ? 'ws' : 'wss') + '://' + parent.certificates.CommonName + ':' + parent.args.port + '/agent.ashx'; }
|
if (parent.certificates.CommonName.indexOf('.') != -1) { url = (parent.args.notls ? 'ws' : 'wss') + '://' + parent.certificates.CommonName + ':' + port + '/agent.ashx'; }
|
||||||
obj.multicastPacket4x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
|
obj.multicastPacket4x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
|
||||||
|
|
||||||
// Build the IPv6 response
|
// Build the IPv6 response
|
||||||
url = (parent.args.notls ? 'ws' : 'wss') + '://[%s]:' + parent.args.port + '/agent.ashx';
|
url = (parent.args.notls ? 'ws' : 'wss') + '://[%s]:' + port + '/agent.ashx';
|
||||||
obj.multicastPacket6 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
|
obj.multicastPacket6 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
|
||||||
if (parent.certificates.CommonName.indexOf('.') != -1) { url = (parent.args.notls ? 'ws' : 'wss') + '://' + parent.certificates.CommonName + ':' + parent.args.port + '/agent.ashx'; }
|
if (parent.certificates.CommonName.indexOf('.') != -1) { url = (parent.args.notls ? 'ws' : 'wss') + '://' + parent.certificates.CommonName + ':' + port + '/agent.ashx'; }
|
||||||
obj.multicastPacket6x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
|
obj.multicastPacket6x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
|
||||||
|
|
||||||
setupServers();
|
setupServers();
|
||||||
|
13
meshuser.js
13
meshuser.js
@ -51,6 +51,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
// Send a message to the user
|
// Send a message to the user
|
||||||
//obj.send = function (data) { try { if (typeof data == 'string') { ws.send(Buffer.from(data, 'binary')); } else { ws.send(data); } } catch (e) { } }
|
//obj.send = function (data) { try { if (typeof data == 'string') { ws.send(Buffer.from(data, 'binary')); } else { ws.send(data); } } catch (e) { } }
|
||||||
|
|
||||||
|
// Clean a IPv6 address that encodes a IPv4 address
|
||||||
|
function cleanRemoteAddr(addr) { if (addr.startsWith('::ffff:')) { return addr.substring(7); } else { return addr; } }
|
||||||
|
|
||||||
// Disconnect this user
|
// Disconnect this user
|
||||||
obj.close = function (arg) {
|
obj.close = function (arg) {
|
||||||
if ((arg == 1) || (arg == null)) { try { ws.close(); parent.parent.debug('user', 'Soft disconnect'); } catch (e) { console.log(e); } } // Soft close, close the websocket
|
if ((arg == 1) || (arg == null)) { try { ws.close(); parent.parent.debug('user', 'Soft disconnect'); } catch (e) { console.log(e); } } // Soft close, close the websocket
|
||||||
@ -142,7 +145,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
|
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
|
||||||
command.username = user.name; // Add user name
|
command.username = user.name; // Add user name
|
||||||
command.userid = user._id; // Add user id
|
command.userid = user._id; // Add user id
|
||||||
command.remoteaddr = (req.ip.startsWith('::ffff:')) ? (req.ip.substring(7)) : req.ip; // User's IP address
|
command.remoteaddr = cleanRemoteAddr(req.ip); // User's IP address
|
||||||
delete command.nodeid; // Remove the nodeid since it's implied
|
delete command.nodeid; // Remove the nodeid since it's implied
|
||||||
try { agent.send(JSON.stringify(command)); } catch (ex) { }
|
try { agent.send(JSON.stringify(command)); } catch (ex) { }
|
||||||
}
|
}
|
||||||
@ -160,7 +163,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
|
if (typeof domain.userconsentflags == 'number') { command.consent |= domain.userconsentflags; } // Add server required consent flags
|
||||||
command.username = user.name; // Add user name
|
command.username = user.name; // Add user name
|
||||||
command.userid = user._id; // Add user id
|
command.userid = user._id; // Add user id
|
||||||
command.remoteaddr = (req.ip.startsWith('::ffff:')) ? (req.ip.substring(7)) : req.ip; // User's IP address
|
command.remoteaddr = cleanRemoteAddr(req.ip); // User's IP address
|
||||||
parent.parent.multiServer.DispatchMessageSingleServer(command, routing.serverid);
|
parent.parent.multiServer.DispatchMessageSingleServer(command, routing.serverid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -765,8 +768,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
case 'relays': {
|
case 'relays': {
|
||||||
for (var i in parent.wsrelays) {
|
for (var i in parent.wsrelays) {
|
||||||
r += 'id: ' + i + ', state: ' + parent.wsrelays[i].state;
|
r += 'id: ' + i + ', state: ' + parent.wsrelays[i].state;
|
||||||
if (parent.wsrelays[i].peer1 != null) { r += ', peer1: ' + cleanRemoteAddr(parent.wsrelays[i].peer1.ws._socket.remoteAddress); }
|
if (parent.wsrelays[i].peer1 != null) { r += ', peer1: ' + cleanRemoteAddr(parent.wsrelays[i].peer1.req.ip); }
|
||||||
if (parent.wsrelays[i].peer2 != null) { r += ', peer2: ' + cleanRemoteAddr(parent.wsrelays[i].peer2.ws._socket.remoteAddress); }
|
if (parent.wsrelays[i].peer2 != null) { r += ', peer2: ' + cleanRemoteAddr(parent.wsrelays[i].peer2.req.ip); }
|
||||||
r += '<br />';
|
r += '<br />';
|
||||||
}
|
}
|
||||||
if (r == '') { r = 'No relays.'; }
|
if (r == '') { r = 'No relays.'; }
|
||||||
@ -2863,8 +2866,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
// Return true if at least one element of arr2 is in arr1
|
// Return true if at least one element of arr2 is in arr1
|
||||||
function findOne(arr1, arr2) { if ((arr1 == null) || (arr2 == null)) return false; return arr2.some(function (v) { return arr1.indexOf(v) >= 0; }); };
|
function findOne(arr1, arr2) { if ((arr1 == null) || (arr2 == null)) return false; return arr2.some(function (v) { return arr1.indexOf(v) >= 0; }); };
|
||||||
|
|
||||||
// Clean a IPv6 address that encodes a IPv4 address
|
|
||||||
function cleanRemoteAddr(addr) { if (addr.startsWith('::ffff:')) { return addr.substring(7); } else { return addr; } }
|
|
||||||
function getRandomPassword() { return Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64').split('/').join('@'); }
|
function getRandomPassword() { return Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64').split('/').join('@'); }
|
||||||
|
|
||||||
return obj;
|
return obj;
|
||||||
|
16
webserver.js
16
webserver.js
@ -2119,7 +2119,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
var fd = obj.fs.openSync(recFullFilename, 'w');
|
var fd = obj.fs.openSync(recFullFilename, 'w');
|
||||||
if (fd != null) {
|
if (fd != null) {
|
||||||
// Write the recording file header
|
// Write the recording file header
|
||||||
var firstBlock = JSON.stringify({ magic: 'MeshCentralRelaySession', ver: 1, userid: user._id, username: user.name, ipaddr: cleanRemoteAddr(ws._socket.remoteAddress), nodeid: node._id, intelamt: true, protocol: (req.query.p == 2) ? 101 : 100, time: new Date().toLocaleString() })
|
var firstBlock = JSON.stringify({ magic: 'MeshCentralRelaySession', ver: 1, userid: user._id, username: user.name, ipaddr: cleanRemoteAddr(req.ip), nodeid: node._id, intelamt: true, protocol: (req.query.p == 2) ? 101 : 100, time: new Date().toLocaleString() })
|
||||||
recordingEntry(fd, 1, 0, firstBlock, function () { });
|
recordingEntry(fd, 1, 0, firstBlock, function () { });
|
||||||
ws.logfile = { fd: fd, lock: false };
|
ws.logfile = { fd: fd, lock: false };
|
||||||
if (req.query.p == 2) { ws.send(Buffer.from(String.fromCharCode(0xF0), 'binary')); } // Intel AMT Redirection: Indicate the session is being recorded
|
if (req.query.p == 2) { ws.send(Buffer.from(String.fromCharCode(0xF0), 'binary')); } // Intel AMT Redirection: Indicate the session is being recorded
|
||||||
@ -2213,7 +2213,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
// If error, close the associated TCP connection.
|
// If error, close the associated TCP connection.
|
||||||
ws.on('error', function (err) {
|
ws.on('error', function (err) {
|
||||||
console.log('CIRA server websocket error from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.');
|
console.log('CIRA server websocket error from ' + cleanRemoteAddr(req.ip) + ', ' + err.toString().split('\r')[0] + '.');
|
||||||
parent.debug('webrelay', 'Websocket relay closed on error.');
|
parent.debug('webrelay', 'Websocket relay closed on error.');
|
||||||
if (ws.forwardclient && ws.forwardclient.close) { ws.forwardclient.close(); } // TODO: If TLS is used, we need to close the socket that is wrapped by TLS
|
if (ws.forwardclient && ws.forwardclient.close) { ws.forwardclient.close(); } // TODO: If TLS is used, we need to close the socket that is wrapped by TLS
|
||||||
|
|
||||||
@ -2306,8 +2306,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
|
|
||||||
// If error, close the associated TCP connection.
|
// If error, close the associated TCP connection.
|
||||||
ws.on('error', function (err) {
|
ws.on('error', function (err) {
|
||||||
console.log('Error with relay web socket connection from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.');
|
console.log('Error with relay web socket connection from ' + cleanRemoteAddr(req.ip) + ', ' + err.toString().split('\r')[0] + '.');
|
||||||
parent.debug('webrelay', 'Error with relay web socket connection from ' + ws._socket.remoteAddress + '.');
|
parent.debug('webrelay', 'Error with relay web socket connection from ' + cleanRemoteAddr(req.ip) + '.');
|
||||||
if (ws.forwardclient) { try { ws.forwardclient.destroy(); } catch (e) { } }
|
if (ws.forwardclient) { try { ws.forwardclient.destroy(); } catch (e) { } }
|
||||||
|
|
||||||
// Close the recording file
|
// Close the recording file
|
||||||
@ -2419,7 +2419,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
if (mesh.mtype != 1) { ws.send(JSON.stringify({ errorText: 'Invalid device group type' })); ws.close(); return; }
|
if (mesh.mtype != 1) { ws.send(JSON.stringify({ errorText: 'Invalid device group type' })); ws.close(); return; }
|
||||||
|
|
||||||
// Fetch the remote IP:Port for logging
|
// Fetch the remote IP:Port for logging
|
||||||
ws.remoteaddr = (req.ip.startsWith('::ffff:')) ? (req.ip.substring(7)) : req.ip;
|
ws.remoteaddr = cleanRemoteAddr(req.ip);
|
||||||
ws.remoteaddrport = ws.remoteaddr + ':' + ws._socket.remotePort;
|
ws.remoteaddrport = ws.remoteaddr + ':' + ws._socket.remotePort;
|
||||||
|
|
||||||
// When data is received from the web socket, echo it back
|
// When data is received from the web socket, echo it back
|
||||||
@ -2606,7 +2606,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
});
|
});
|
||||||
|
|
||||||
// If error, do nothing.
|
// If error, do nothing.
|
||||||
ws.on('error', function (err) { console.log('Echo server error from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.'); });
|
ws.on('error', function (err) { console.log('Echo server error from ' + cleanRemoteAddr(req.ip) + ', ' + err.toString().split('\r')[0] + '.'); });
|
||||||
|
|
||||||
// If closed, do nothing
|
// If closed, do nothing
|
||||||
ws.on('close', function (req) { });
|
ws.on('close', function (req) { });
|
||||||
@ -3233,8 +3233,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Receive mesh agent connections
|
// Receive mesh agent connections
|
||||||
obj.app.ws(url + 'agent.ashx', function (ws, req) {
|
obj.app.ws(url + 'agent.ashx', function (ws, req) {
|
||||||
var domain = checkAgentIpAddress(ws, req);
|
var domain = checkAgentIpAddress(ws, req);
|
||||||
if (domain == null) { parent.debug('web', 'Got agent connection from blocked IP address ' + ws._socket.remoteAddress + ', holding.'); return; }
|
if (domain == null) { parent.debug('web', 'Got agent connection from blocked IP address ' + cleanRemoteAddr(req.ip) + ', holding.'); return; }
|
||||||
// console.log('Agent connect: ' + ws._socket.remoteAddress);
|
//console.log('Agent connect: ' + cleanRemoteAddr(req.ip));
|
||||||
try { obj.meshAgentHandler.CreateMeshAgent(obj, obj.db, ws, req, obj.args, domain); } catch (e) { console.log(e); }
|
try { obj.meshAgentHandler.CreateMeshAgent(obj, obj.db, ws, req, obj.args, domain); } catch (e) { console.log(e); }
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user