mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-24 13:13:13 -05:00
Merge branch 'master' of https://github.com/Ylianst/MeshCentral into master
This commit is contained in:
commit
f00e565d8b
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -1,7 +1,7 @@
|
||||
3: MeshService-signed.exe
|
||||
16BA1ABBE4B84FC9A478E75361CF164FCEA4D4F53EC55BA7678696115C62CD1BB385E07FA7A5359F8600C0B0957D392A
|
||||
6FF49B8B81A503262F8CEB34A576862D9ED1F4B0F5FBB669887583C6CA5FF9D8581C900F6747755A45EE3E30E9F7E2D1
|
||||
4: MeshService64-signed.exe
|
||||
DBEF331A4332EBC3A3EFB9536DF39DBDBBB31650FD8502236753961F7CF2F3B4F36A897AB752D5181CDDEDD1EFB93297
|
||||
F51ADCD0AC511927BD3C18325FDD3750763A007A52AAF694E576B11F4D0FBEE06586179BED1AB7BA3BA7063BD2034B9C
|
||||
5: meshagent_x86
|
||||
08554B5CD498718781371208D91BA42B41A92E704D14F1A4352B9A12BF73426368A6C542362372AD80EC80631D644434
|
||||
6: meshagent_x86-64
|
||||
|
@ -287,7 +287,7 @@ function getServerTargetUrlEx(url) {
|
||||
|
||||
require('MeshAgent').on('Connected', function () {
|
||||
require('os').name().then(function (v) {
|
||||
sendConsoleText("Mesh Agent Receovery Console, OS: " + v);
|
||||
//sendConsoleText("Mesh Agent Receovery Console, OS: " + v);
|
||||
require('MeshAgent').SendCommand(meshCoreObj);
|
||||
});
|
||||
});
|
||||
|
58
meshagent.js
58
meshagent.js
@ -167,7 +167,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
// If we have a core, use it.
|
||||
if (corename != null) {
|
||||
const meshcorehash = parent.parent.defaultMeshCoresHash[corename];
|
||||
if (agentMeshCoreHash != meshcorehash) {
|
||||
if ((agentMeshCoreHash != meshcorehash) || (obj.agentCoreUpdate === true)) {
|
||||
if ((obj.agentCoreCheck < 5) || (obj.agentCoreCheck == 1001)) {
|
||||
if (meshcorehash == null) {
|
||||
// Clear the core
|
||||
@ -187,7 +187,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
obj.agentCoreUpdatePending = true;
|
||||
parent.parent.taskLimiter.launch(function (argument, taskid, taskLimiterQueue) {
|
||||
if (obj.authenticated == 2) {
|
||||
// Send the updated code.
|
||||
// Send the updated core.
|
||||
delete obj.agentCoreUpdatePending;
|
||||
obj.sendBinary(common.ShortToStr(10) + common.ShortToStr(0) + argument.hash + argument.core, function () { parent.parent.taskLimiter.completed(taskid); }); // MeshCommand_CoreModule, start core update
|
||||
parent.agentStats.updatingCoreCount++;
|
||||
@ -234,7 +234,15 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
else if (cmdid == 12) { // MeshCommand_AgentHash
|
||||
if ((msg.length == 52) && (obj.agentExeInfo != null) && (obj.agentExeInfo.update == true)) {
|
||||
const agenthash = msg.substring(4);
|
||||
if (compareAgentBinaryHash(obj.agentExeInfo, agenthash)) {
|
||||
const agentUpdateMethod = compareAgentBinaryHash(obj.agentExeInfo, agenthash)
|
||||
if (agentUpdateMethod === 2) { // Use meshcore agent update system
|
||||
// Send the recovery core to the agent, if the agent is capable of running one
|
||||
if (((obj.agentInfo.capabilities & 16) != 0) && (parent.parent.meshAgentsArchitectureNumbers[obj.agentInfo.agentId].core != null)) {
|
||||
obj.agentCoreCheck = 1001;
|
||||
obj.agentCoreUpdate = true;
|
||||
obj.sendBinary(common.ShortToStr(11) + common.ShortToStr(0)); // Command 11, ask for mesh core hash.
|
||||
}
|
||||
} else if (agentUpdateMethod === 1) { // Use native agent update system
|
||||
// Mesh agent update required, do it using task limiter so not to flood the network. Medium priority task.
|
||||
parent.parent.taskLimiter.launch(function (argument, taskid, taskLimiterQueue) {
|
||||
if (obj.authenticated != 2) { parent.parent.taskLimiter.completed(taskid); return; } // If agent disconnection, complete and exit now.
|
||||
@ -516,6 +524,9 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
} else if (cmd == 5) {
|
||||
// ServerID. Agent is telling us what serverid it expects. Useful if we have many server certificates.
|
||||
if ((msg.substring(2, 34) == parent.swarmCertificateHash256) || (msg.substring(2, 50) == parent.swarmCertificateHash384)) { obj.useSwarmCert = true; }
|
||||
} else if (cmd == 30) {
|
||||
// Agent Commit Date. This is future proofing. Can be used to change server behavior depending on the date range of the agent.
|
||||
//console.log('Connected Agent Commit Date: ' + msg.substring(2) + ", " + Date.parse(msg.substring(2)));
|
||||
}
|
||||
}
|
||||
});
|
||||
@ -531,11 +542,13 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
//console.log('Agent disconnect ' + obj.nodeid + ' (' + obj.remoteaddrport + ') id=' + agentId);
|
||||
parent.parent.debug('agent', 'Agent disconnect ' + obj.nodeid + ' (' + obj.remoteaddrport + ') id=' + agentId);
|
||||
|
||||
// Log the agent disconnection
|
||||
if (parent.wsagentsDisconnections[obj.nodeid] == null) {
|
||||
parent.wsagentsDisconnections[obj.nodeid] = 1;
|
||||
} else {
|
||||
parent.wsagentsDisconnections[obj.nodeid] = ++parent.wsagentsDisconnections[obj.nodeid];
|
||||
// Log the agent disconnection if we are not testing agent update
|
||||
if (args.agentupdatetest !== true) {
|
||||
if (parent.wsagentsDisconnections[obj.nodeid] == null) {
|
||||
parent.wsagentsDisconnections[obj.nodeid] = 1;
|
||||
} else {
|
||||
parent.wsagentsDisconnections[obj.nodeid] = ++parent.wsagentsDisconnections[obj.nodeid];
|
||||
}
|
||||
}
|
||||
}
|
||||
obj.close(0);
|
||||
@ -1135,8 +1148,21 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
}
|
||||
case 'coreinfo':
|
||||
{
|
||||
// Sent by the agent to update agent information
|
||||
ChangeAgentCoreInfo(command);
|
||||
if ((obj.agentCoreUpdate === true) && (obj.agentExeInfo != null)) {
|
||||
// Agent update. The recovery core was loaded in the agent, send a command to update the agent
|
||||
var cmd = { action: 'agentUpdate', url: obj.agentExeInfo.url, hash: obj.agentExeInfo.hashhex };
|
||||
// Add server TLS cert hash
|
||||
if (parent.parent.args.ignoreagenthashcheck !== true) {
|
||||
const tlsCertHash = parent.webCertificateFullHashs[domain.id];
|
||||
if (tlsCertHash != null) { cmd.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
|
||||
}
|
||||
// Send the agent update command
|
||||
obj.send(JSON.stringify(cmd));
|
||||
delete obj.agentCoreUpdate;
|
||||
} else {
|
||||
// Sent by the agent to update agent information
|
||||
ChangeAgentCoreInfo(command);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case 'smbios':
|
||||
@ -1664,13 +1690,19 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
}
|
||||
|
||||
// Check if we need to update this agent, return true if agent binary update required.
|
||||
// Return 0 is no update needed, 1 update using native system, 2 update using meshcore system
|
||||
function compareAgentBinaryHash(agentExeInfo, agentHash) {
|
||||
// If we are testing the agent update system, always return true
|
||||
if ((args.agentupdatetest === true) || (args.agentupdatetest === 1)) return 1;
|
||||
if (args.agentupdatetest === 2) return 2;
|
||||
// If the hash matches or is null, no update required.
|
||||
if ((agentExeInfo.hash == agentHash) || (agentHash == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0')) return false;
|
||||
if ((agentExeInfo.hash == agentHash) || (agentHash == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0')) return 0;
|
||||
// If this is a macOS x86 or ARM agent type and it matched the universal binary, no update required.
|
||||
if (((agentExeInfo.id == 16) || (agentExeInfo.id == 29)) && (parent.parent.meshAgentBinaries[10005].hash == agentHash)) return false;
|
||||
if (((agentExeInfo.id == 16) || (agentExeInfo.id == 29)) && (parent.parent.meshAgentBinaries[10005].hash == agentHash)) return 0;
|
||||
|
||||
// No match, update the agent.
|
||||
return true;
|
||||
if ((agentExeInfo.id == 3) && (agentExeInfo.id == 4)) return 2; // For Windows agents, use the meshcore update technique.
|
||||
return 1; // For all other agents, use the native update technique.
|
||||
}
|
||||
|
||||
// Request that the core dump file on this agent be uploaded to the server
|
||||
|
@ -138,7 +138,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
try { require('./pass').hash('test', function () { }, 0); } catch (e) { console.log('Old version of node, must upgrade.'); return; } // TODO: Not sure if this test works or not.
|
||||
|
||||
// Check for invalid arguments
|
||||
var validArguments = ['_', 'user', 'port', 'aliasport', 'mpsport', 'mpsaliasport', 'redirport', 'rediraliasport', 'cert', 'mpscert', 'deletedomain', 'deletedefaultdomain', 'showall', 'showusers', 'showitem', 'listuserids', 'showusergroups', 'shownodes', 'showallmeshes', 'showmeshes', 'showevents', 'showsmbios', 'showpower', 'clearpower', 'showiplocations', 'help', 'exactports', 'xinstall', 'xuninstall', 'install', 'uninstall', 'start', 'stop', 'restart', 'debug', 'filespath', 'datapath', 'noagentupdate', 'launch', 'noserverbackup', 'mongodb', 'mongodbcol', 'wanonly', 'lanonly', 'nousers', 'mpspass', 'ciralocalfqdn', 'dbexport', 'dbexportmin', 'dbimport', 'dbmerge', 'dbfix', 'dbencryptkey', 'selfupdate', 'tlsoffload', 'userallowedip', 'userblockedip', 'swarmallowedip', 'agentallowedip', 'agentblockedip', 'fastcert', 'swarmport', 'logintoken', 'logintokenkey', 'logintokengen', 'mailtokengen', 'admin', 'unadmin', 'sessionkey', 'sessiontime', 'minify', 'minifycore', 'dblistconfigfiles', 'dbshowconfigfile', 'dbpushconfigfiles', 'dbpullconfigfiles', 'dbdeleteconfigfiles', 'vaultpushconfigfiles', 'vaultpullconfigfiles', 'vaultdeleteconfigfiles', 'configkey', 'loadconfigfromdb', 'npmpath', 'serverid', 'recordencryptionrecode', 'vault', 'token', 'unsealkey', 'name', 'log', 'dbstats', 'translate', 'createaccount', 'resetaccount', 'pass', 'adminaccount', 'removeaccount', 'domain', 'email', 'configfile', 'maintenancemode', 'nedbtodb', 'removetestagents'];
|
||||
var validArguments = ['_', 'user', 'port', 'aliasport', 'mpsport', 'mpsaliasport', 'redirport', 'rediraliasport', 'cert', 'mpscert', 'deletedomain', 'deletedefaultdomain', 'showall', 'showusers', 'showitem', 'listuserids', 'showusergroups', 'shownodes', 'showallmeshes', 'showmeshes', 'showevents', 'showsmbios', 'showpower', 'clearpower', 'showiplocations', 'help', 'exactports', 'xinstall', 'xuninstall', 'install', 'uninstall', 'start', 'stop', 'restart', 'debug', 'filespath', 'datapath', 'noagentupdate', 'launch', 'noserverbackup', 'mongodb', 'mongodbcol', 'wanonly', 'lanonly', 'nousers', 'mpspass', 'ciralocalfqdn', 'dbexport', 'dbexportmin', 'dbimport', 'dbmerge', 'dbfix', 'dbencryptkey', 'selfupdate', 'tlsoffload', 'userallowedip', 'userblockedip', 'swarmallowedip', 'agentallowedip', 'agentblockedip', 'fastcert', 'swarmport', 'logintoken', 'logintokenkey', 'logintokengen', 'mailtokengen', 'admin', 'unadmin', 'sessionkey', 'sessiontime', 'minify', 'minifycore', 'dblistconfigfiles', 'dbshowconfigfile', 'dbpushconfigfiles', 'dbpullconfigfiles', 'dbdeleteconfigfiles', 'vaultpushconfigfiles', 'vaultpullconfigfiles', 'vaultdeleteconfigfiles', 'configkey', 'loadconfigfromdb', 'npmpath', 'serverid', 'recordencryptionrecode', 'vault', 'token', 'unsealkey', 'name', 'log', 'dbstats', 'translate', 'createaccount', 'resetaccount', 'pass', 'adminaccount', 'removeaccount', 'domain', 'email', 'configfile', 'maintenancemode', 'nedbtodb', 'removetestagents', 'agentupdatetest'];
|
||||
for (var arg in obj.args) { obj.args[arg.toLocaleLowerCase()] = obj.args[arg]; if (validArguments.indexOf(arg.toLocaleLowerCase()) == -1) { console.log('Invalid argument "' + arg + '", use --help.'); return; } }
|
||||
if (obj.args.mongodb == true) { console.log('Must specify: --mongodb [connectionstring] \r\nSee https://docs.mongodb.com/manual/reference/connection-string/ for MongoDB connection string.'); return; }
|
||||
for (i in obj.config.settings) { obj.args[i] = obj.config.settings[i]; } // Place all settings into arguments, arguments have already been placed into settings so arguments take precedence.
|
||||
|
Loading…
x
Reference in New Issue
Block a user