mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-15 00:34:59 -05:00
AMT manager improvements.
This commit is contained in:
parent
ae0be0b8d3
commit
eed1a5e233
@ -1,11 +1,11 @@
|
|||||||
/**
|
/** m
|
||||||
* @description Intel(r) AMT WSMAN communication using Node.js TLS
|
* @description Intel(r) AMT WSMAN communication using Node.js TLS
|
||||||
* @author Ylian Saint-Hilaire/Joko Sastriawan
|
* @author Ylian Saint-Hilaire/Joko Sastriawan
|
||||||
* @version v0.2.0b
|
* @version v0.2.0b
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// Construct a MeshServer object
|
// Construct a MeshServer object
|
||||||
var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transportServer) {
|
||||||
//console.log('CreateWsmanComm', host, port, user, pass, tls, tlsoptions);
|
//console.log('CreateWsmanComm', host, port, user, pass, tls, tlsoptions);
|
||||||
|
|
||||||
var obj = {};
|
var obj = {};
|
||||||
@ -38,7 +38,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
obj.pass = pass;
|
obj.pass = pass;
|
||||||
obj.xtls = tls;
|
obj.xtls = tls;
|
||||||
obj.xtlsoptions = tlsoptions;
|
obj.xtlsoptions = tlsoptions;
|
||||||
obj.mode = mode; // 1 = Direct, 2 = CIRA, 3 = APF relay
|
obj.transportServer = transportServer; // This can be a CIRA or APF server, if null, local sockets are used as transport.
|
||||||
obj.xtlsFingerprint;
|
obj.xtlsFingerprint;
|
||||||
obj.xtlsCertificate = null;
|
obj.xtlsCertificate = null;
|
||||||
obj.xtlsCheck = 0; // 0 = No TLS, 1 = CA Checked, 2 = Pinned, 3 = Untrusted
|
obj.xtlsCheck = 0; // 0 = No TLS, 1 = CA Checked, 2 = Pinned, 3 = Untrusted
|
||||||
@ -166,34 +166,32 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
obj.socketState = 1;
|
obj.socketState = 1;
|
||||||
obj.kerberosDone = 0;
|
obj.kerberosDone = 0;
|
||||||
|
|
||||||
if ((obj.parent != null) && ((obj.mode === 2) || (obj.mode === 3))) { // CIRA and APF
|
if (obj.transportServer != null) {
|
||||||
if (obj.mode == 2) { // CIRA
|
// CIRA or APF server
|
||||||
var ciraconn = obj.parent.mpsserver.ciraConnections[obj.host];
|
obj.socket = obj.transportServer.SetupCiraChannelToHost(obj.host, obj.port);
|
||||||
obj.socket = obj.parent.mpsserver.SetupCiraChannel(ciraconn, obj.port);
|
if (obj.socket == null) {
|
||||||
} else { // APF
|
try { obj.xxOnSocketClosed(); } catch (e) { }
|
||||||
var apfconn = obj.parent.apfserver.apfConnections[obj.host];
|
} else {
|
||||||
obj.socket = obj.parent.apfserver.SetupCiraChannel(apfconn, obj.port);
|
|
||||||
}
|
|
||||||
obj.socket.onData = function (ccon, data) { obj.xxOnSocketData(data); }
|
obj.socket.onData = function (ccon, data) { obj.xxOnSocketData(data); }
|
||||||
obj.socket.onStateChange = function (ccon, state) {
|
obj.socket.onStateChange = function (ccon, state) {
|
||||||
if (state == 0) {
|
if (state == 0) {
|
||||||
try {
|
// Channel closed
|
||||||
obj.socketParseState = 0;
|
obj.socketParseState = 0;
|
||||||
obj.socketAccumulator = '';
|
obj.socketAccumulator = '';
|
||||||
obj.socketHeader = null;
|
obj.socketHeader = null;
|
||||||
obj.socketData = '';
|
obj.socketData = '';
|
||||||
obj.socketState = 0;
|
obj.socketState = 0;
|
||||||
obj.xxOnSocketClosed();
|
try { obj.xxOnSocketClosed(); } catch (e) { }
|
||||||
} catch (e) { }
|
|
||||||
} else if (state == 2) {
|
} else if (state == 2) {
|
||||||
// channel open success
|
// Channel open success
|
||||||
obj.xxOnSocketConnected();
|
obj.xxOnSocketConnected();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
// Direct connection
|
// Direct connection
|
||||||
if (obj.xtls != 1) {
|
if (obj.xtls != 1) {
|
||||||
// Connect without TLS
|
// Direct connect without TLS
|
||||||
obj.socket = new obj.net.Socket();
|
obj.socket = new obj.net.Socket();
|
||||||
obj.socket.setEncoding('binary');
|
obj.socket.setEncoding('binary');
|
||||||
obj.socket.setTimeout(6000); // Set socket idle timeout
|
obj.socket.setTimeout(6000); // Set socket idle timeout
|
||||||
@ -203,7 +201,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
obj.socket.on('error', obj.xxOnSocketClosed);
|
obj.socket.on('error', obj.xxOnSocketClosed);
|
||||||
obj.socket.connect(obj.port, obj.host, obj.xxOnSocketConnected);
|
obj.socket.connect(obj.port, obj.host, obj.xxOnSocketConnected);
|
||||||
} else {
|
} else {
|
||||||
// Connect with TLS
|
// Direct connect with TLS
|
||||||
var options = { ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false };
|
var options = { ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false };
|
||||||
if (obj.xtlsMethod != 0) { options.secureProtocol = 'TLSv1_method'; }
|
if (obj.xtlsMethod != 0) { options.secureProtocol = 'TLSv1_method'; }
|
||||||
if (obj.xtlsoptions) {
|
if (obj.xtlsoptions) {
|
||||||
@ -231,7 +229,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
obj.xxOnSocketConnected = function () {
|
obj.xxOnSocketConnected = function () {
|
||||||
if (obj.socket == null) return;
|
if (obj.socket == null) return;
|
||||||
// check TLS certificate for webrelay and direct only
|
// check TLS certificate for webrelay and direct only
|
||||||
if (((obj.mode == null) || (obj.mode < 2)) && (obj.xtls == 1)) {
|
if ((obj.transportServer == null) && (obj.xtls == 1)) {
|
||||||
obj.xtlsCertificate = obj.socket.getPeerCertificate();
|
obj.xtlsCertificate = obj.socket.getPeerCertificate();
|
||||||
|
|
||||||
// ###BEGIN###{Certificates}
|
// ###BEGIN###{Certificates}
|
||||||
@ -350,7 +348,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
if (isNaN(s)) s = 500;
|
if (isNaN(s)) s = 500;
|
||||||
if (s == 401 && ++(obj.authcounter) < 3) {
|
if (s == 401 && ++(obj.authcounter) < 3) {
|
||||||
obj.challengeParams = obj.parseDigest(header['www-authenticate']); // Set the digest parameters, after this, the socket will close and we will auto-retry
|
obj.challengeParams = obj.parseDigest(header['www-authenticate']); // Set the digest parameters, after this, the socket will close and we will auto-retry
|
||||||
if (obj.mode == 1) { obj.socket.end(); }
|
if (obj.transportServer == null) { obj.socket.end(); }
|
||||||
} else {
|
} else {
|
||||||
var r = obj.pendingAjaxCall.shift();
|
var r = obj.pendingAjaxCall.shift();
|
||||||
if (r == null || r.length < 1) { console.log("pendingAjaxCall error, " + r); return; }
|
if (r == null || r.length < 1) { console.log("pendingAjaxCall error, " + r); return; }
|
||||||
@ -366,7 +364,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
obj.xxOnSocketClosed = function () {
|
obj.xxOnSocketClosed = function () {
|
||||||
//obj.Debug("xxOnSocketClosed");
|
//obj.Debug("xxOnSocketClosed");
|
||||||
obj.socketState = 0;
|
obj.socketState = 0;
|
||||||
if (((obj.mode == null) || (obj.mode == 1)) && (obj.socket != null)) { obj.socket.destroy(); obj.socket = null; }
|
if ((obj.transportServer == null) && (obj.socket != null)) { obj.socket.destroy(); obj.socket = null; }
|
||||||
if (obj.pendingAjaxCall.length > 0) {
|
if (obj.pendingAjaxCall.length > 0) {
|
||||||
var r = obj.pendingAjaxCall.shift(), retry = r[5];
|
var r = obj.pendingAjaxCall.shift(), retry = r[5];
|
||||||
setTimeout(function () { obj.PerformAjaxExNodeJS2(r[0], r[1], r[2], r[3], r[4], --retry) }, 500); // Wait half a second and try again
|
setTimeout(function () { obj.PerformAjaxExNodeJS2(r[0], r[1], r[2], r[3], r[4], --retry) }, 500); // Wait half a second and try again
|
||||||
@ -374,7 +372,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mode) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
obj.xxOnSocketTimeout = function () {
|
obj.xxOnSocketTimeout = function () {
|
||||||
if (((obj.mode == null) || (obj.mode == 1)) && (obj.socket != null)) { obj.socket.destroy(); obj.socket = null; }
|
if ((obj.transportServer == null) && (obj.socket != null)) { obj.socket.destroy(); obj.socket = null; }
|
||||||
}
|
}
|
||||||
|
|
||||||
// NODE.js specific private method
|
// NODE.js specific private method
|
||||||
|
@ -30,7 +30,6 @@ function WsmanStackCreateService(comm)
|
|||||||
obj.Address = '/wsman';
|
obj.Address = '/wsman';
|
||||||
obj.xmlParser = require('./amt-xml.js');
|
obj.xmlParser = require('./amt-xml.js');
|
||||||
obj.comm = comm;
|
obj.comm = comm;
|
||||||
obj.comm.parent = obj;
|
|
||||||
|
|
||||||
obj.PerformAjax = function PerformAjax(postdata, callback, tag, pri, namespaces) {
|
obj.PerformAjax = function PerformAjax(postdata, callback, tag, pri, namespaces) {
|
||||||
if (namespaces == null) namespaces = '';
|
if (namespaces == null) namespaces = '';
|
||||||
|
@ -866,6 +866,12 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
obj.SetupCiraChannelToHost = function (host, targetport) {
|
||||||
|
var ciraconn = obj.parent.mpsserver.ciraConnections[host];
|
||||||
|
if (ciraconn == null) return null;
|
||||||
|
return obj.SetupCiraChannel(ciraconn, targetport);
|
||||||
|
}
|
||||||
|
|
||||||
obj.SetupCiraChannel = function (socket, targetport) {
|
obj.SetupCiraChannel = function (socket, targetport) {
|
||||||
var sourceport = (socket.tag.nextsourceport++ % 30000) + 1024;
|
var sourceport = (socket.tag.nextsourceport++ % 30000) + 1024;
|
||||||
var cirachannel = { targetport: targetport, channelid: socket.tag.nextchannelid++, socket: socket, state: 1, sendcredits: 0, amtpendingcredits: 0, amtCiraWindow: 0, ciraWindow: 32768 };
|
var cirachannel = { targetport: targetport, channelid: socket.tag.nextchannelid++, socket: socket, state: 1, sendcredits: 0, amtpendingcredits: 0, amtCiraWindow: 0, ciraWindow: 32768 };
|
||||||
|
Loading…
Reference in New Issue
Block a user