Merge pull request #4859 from silversword411/master

docs and typos
This commit is contained in:
Ylian Saint-Hilaire 2022-12-16 10:50:03 -08:00 committed by GitHub
commit f66d8616e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 136 additions and 34 deletions

View File

@ -3680,7 +3680,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
} }
case 'mousetrails': case 'mousetrails':
try { require('win-deskutils'); } catch (ex) { response = 'Unknown command "mousetrails", type "help" for list of avaialble commands.'; break; } try { require('win-deskutils'); } catch (ex) { response = 'Unknown command "mousetrails", type "help" for list of available commands.'; break; }
var id = require('user-sessions').getProcessOwnerName(process.pid).tsid == 0 ? 1 : null; var id = require('user-sessions').getProcessOwnerName(process.pid).tsid == 0 ? 1 : null;
switch (args['_'].length) switch (args['_'].length)
{ {
@ -3701,7 +3701,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
} }
break; break;
case 'deskbackground': case 'deskbackground':
try { require('win-deskutils'); } catch (ex) { response = 'Unknown command "deskbackground", type "help" for list of avaialble commands.'; break; } try { require('win-deskutils'); } catch (ex) { response = 'Unknown command "deskbackground", type "help" for list of available commands.'; break; }
var id = require('user-sessions').getProcessOwnerName(process.pid).tsid == 0 ? 1 : null; var id = require('user-sessions').getProcessOwnerName(process.pid).tsid == 0 ? 1 : null;
switch (args['_'].length) switch (args['_'].length)
{ {
@ -3718,7 +3718,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
} }
break; break;
case 'taskbar': case 'taskbar':
try { require('win-utils'); } catch (ex) { response = 'Unknown command "taskbar", type "help" for list of avaialble commands.'; break; } try { require('win-utils'); } catch (ex) { response = 'Unknown command "taskbar", type "help" for list of available commands.'; break; }
switch (args['_'].length) { switch (args['_'].length) {
case 1: case 1:
case 2: case 2:
@ -3741,7 +3741,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
case 'privacybar': case 'privacybar':
if (process.platform != 'win32' || require('notifybar-desktop').DefaultPinned == null) { if (process.platform != 'win32' || require('notifybar-desktop').DefaultPinned == null) {
response = 'Unknown command "privacybar", type "help" for list of avaialble commands.'; response = 'Unknown command "privacybar", type "help" for list of available commands.';
} }
else { else {
switch (args['_'].length) { switch (args['_'].length) {
@ -3774,7 +3774,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
case 'domaininfo': case 'domaininfo':
{ {
if (process.platform != 'win32') { if (process.platform != 'win32') {
response = 'Unknown command "cs", type "help" for list of avaialble commands.'; response = 'Unknown command "cs", type "help" for list of available commands.';
break; break;
} }
if (global._domainQuery != null) { if (global._domainQuery != null) {
@ -3822,7 +3822,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
case 'dhcp': // This command is only supported on Linux, this is because Linux does not give us the DNS suffix for each network adapter independently so we have to ask the DHCP server. case 'dhcp': // This command is only supported on Linux, this is because Linux does not give us the DNS suffix for each network adapter independently so we have to ask the DHCP server.
{ {
try { require('linux-dhcp'); } catch (ex) { response = 'Unknown command "dhcp", type "help" for list of avaialble commands.'; break; } try { require('linux-dhcp'); } catch (ex) { response = 'Unknown command "dhcp", type "help" for list of available commands.'; break; }
if (args['_'].length == 0) { if (args['_'].length == 0) {
var j = require('os').networkInterfaces(); var j = require('os').networkInterfaces();
var ifcs = []; var ifcs = [];
@ -3849,7 +3849,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
} }
case 'cs': case 'cs':
if (process.platform != 'win32') { if (process.platform != 'win32') {
response = 'Unknown command "cs", type "help" for list of avaialble commands.'; response = 'Unknown command "cs", type "help" for list of available commands.';
break; break;
} }
switch (args['_'].length) { switch (args['_'].length) {
@ -3929,7 +3929,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
case 'dnsinfo': case 'dnsinfo':
if (require('os').dns == null) { if (require('os').dns == null) {
response = "Unknown command \"" + cmd + "\", type \"help\" for list of avaialble commands."; response = "Unknown command \"" + cmd + "\", type \"help\" for list of available commands.";
} }
else { else {
response = 'DNS Servers: '; response = 'DNS Servers: ';
@ -4112,7 +4112,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
case 'uac': case 'uac':
if (process.platform != 'win32') { if (process.platform != 'win32') {
response = 'Unknown command "uac", type "help" for list of avaialble commands.'; response = 'Unknown command "uac", type "help" for list of available commands.';
break; break;
} }
if (args['_'].length != 1) { if (args['_'].length != 1) {
@ -4154,7 +4154,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
case 'kvmmode': case 'kvmmode':
if (require('MeshAgent').maxKvmTileSize == null) { if (require('MeshAgent').maxKvmTileSize == null) {
response = "Unknown command \"kvmmode\", type \"help\" for list of avaialble commands."; response = "Unknown command \"kvmmode\", type \"help\" for list of available commands.";
} }
else { else {
if (require('MeshAgent').maxKvmTileSize == 0) { if (require('MeshAgent').maxKvmTileSize == 0) {
@ -4967,7 +4967,7 @@ function processConsoleCommand(cmd, args, rights, sessionid) {
break; break;
} }
default: { // This is an unknown command, return an error message default: { // This is an unknown command, return an error message
response = "Unknown command \"" + cmd + "\", type \"help\" for list of avaialble commands."; response = "Unknown command \"" + cmd + "\", type \"help\" for list of available commands.";
break; break;
} }
} }

View File

@ -534,6 +534,7 @@ See description for information about each item.
"sms2factor": { "type": "boolean", "default": true, "description": "Set to false to disable SMS 2FA." }, "sms2factor": { "type": "boolean", "default": true, "description": "Set to false to disable SMS 2FA." },
"push2factor": { "type": "boolean", "default": true, "description": "Set to false to disable push notification 2FA." }, "push2factor": { "type": "boolean", "default": true, "description": "Set to false to disable push notification 2FA." },
"otp2factor": { "type": "boolean", "default": true, "description": "Set to false to disable one-time-password 2FA." }, "otp2factor": { "type": "boolean", "default": true, "description": "Set to false to disable one-time-password 2FA." },
"msg2factor": { "type": "boolean", "default": true, "description": "Set to false to disable user messaging 2FA." },
"backupcode2factor": { "type": "boolean", "default": true, "description": "Set to false to disable 2FA backup codes." }, "backupcode2factor": { "type": "boolean", "default": true, "description": "Set to false to disable 2FA backup codes." },
"single2factorWarning": { "type": "boolean", "default": true, "description": "Set to false to disable single 2FA warning." }, "single2factorWarning": { "type": "boolean", "default": true, "description": "Set to false to disable single 2FA warning." },
"lock2factor": { "type": "boolean", "default": false, "description": "When set to true, prevents any changes to 2FA." }, "lock2factor": { "type": "boolean", "default": false, "description": "When set to true, prevents any changes to 2FA." },
@ -1057,7 +1058,8 @@ See description for information about each item.
"properties": { "properties": {
"from": { "type": "string", "format": "email", "description": "Email address used in the messages from field." }, "from": { "type": "string", "format": "email", "description": "Email address used in the messages from field." },
"apikey": { "type": "string", "description": "The SendGrid API key." }, "apikey": { "type": "string", "description": "The SendGrid API key." },
"verifyemail": { "type": "boolean", "default": true, "description": "When set to false, the email format and DNS MX record are not checked." } "verifyemail": { "type": "boolean", "default": true, "description": "When set to false, the email format and DNS MX record are not checked." },
"emailDelaySeconds": { "type": "integer", "default": 300, "description": "Time to wait before sending a device connection/disconnection notification email. If many events occur, they will be merged into a single email."}
}, },
"required": [ "from", "apikey" ] "required": [ "from", "apikey" ]
}, },
@ -1099,11 +1101,8 @@ See description for information about each item.
}, },
"tlscertcheck": { "type": "boolean" }, "tlscertcheck": { "type": "boolean" },
"tlsstrict": { "type": "boolean" }, "tlsstrict": { "type": "boolean" },
"verifyemail": { "verifyemail": { "type": "boolean", "default": true, "description": "When set to false, the email format and DNS MX record are not checked." },
"type": "boolean", "emailDelaySeconds": { "type": "integer", "default": 300, "description": "Time to wait before sending a device connection/disconnection notification email. If many events occur, they will be merged into a single email."}
"default": true,
"description": "When set to false, the email format and DNS MX record are not checked."
}
}, },
"required": [ "from" ] "required": [ "from" ]
}, },
@ -1114,7 +1113,8 @@ See description for information about each item.
"properties": { "properties": {
"newline": { "type": "string", "default": "unix", "description": "Possible values are unix or windows" }, "newline": { "type": "string", "default": "unix", "description": "Possible values are unix or windows" },
"path": { "type": "string", "default": "sendmail", "description": "Path to the sendmail command" }, "path": { "type": "string", "default": "sendmail", "description": "Path to the sendmail command" },
"args": { "type": "array", "items": { "type": "string" }, "default": null, "description": "Array or arguments to pass to sendmail" } "args": { "type": "array", "items": { "type": "string" }, "default": null, "description": "Array or arguments to pass to sendmail" },
"emailDelaySeconds": { "type": "integer", "default": 300, "description": "Time to wait before sending a device connection/disconnection notification email. If many events occur, they will be merged into a single email."}
} }
}, },
"authStrategies": { "authStrategies": {
@ -1306,13 +1306,16 @@ See description for information about each item.
"required": [ "host", "port", "from", "tls" ] "required": [ "host", "port", "from", "tls" ]
}, },
"sms": { "sms": {
"title" : "SMS provider", "title": "SMS provider",
"description": "Connects MeshCentral to a SMS text messaging provider, allows MeshCentral to send SMS messages for 2FA or user notification.", "description": "Connects MeshCentral to a SMS text messaging provider, allows MeshCentral to send SMS messages for 2FA or user notification.",
"oneOf": [ "oneOf": [
{ {
"type": "object", "type": "object",
"properties": { "properties": {
"provider": { "type": "string", "enum": [ "twilio" ] }, "provider": {
"type": "string",
"enum": [ "twilio" ]
},
"sid": { "type": "string" }, "sid": { "type": "string" },
"auth": { "type": "string" }, "auth": { "type": "string" },
"from": { "type": "string" } "from": { "type": "string" }
@ -1322,7 +1325,10 @@ See description for information about each item.
{ {
"type": "object", "type": "object",
"properties": { "properties": {
"provider": { "type": "string", "enum": [ "plivo" ] }, "provider": {
"type": "string",
"enum": [ "plivo" ]
},
"id": { "type": "string" }, "id": { "type": "string" },
"token": { "type": "string" }, "token": { "type": "string" },
"from": { "type": "string" } "from": { "type": "string" }
@ -1332,7 +1338,10 @@ See description for information about each item.
{ {
"type": "object", "type": "object",
"properties": { "properties": {
"provider": { "type": "string", "enum": [ "telnyx" ] }, "provider": {
"type": "string",
"enum": [ "telnyx" ]
},
"apikey": { "type": "string" }, "apikey": { "type": "string" },
"from": { "type": "string" } "from": { "type": "string" }
}, },
@ -1341,14 +1350,93 @@ See description for information about each item.
{ {
"type": "object", "type": "object",
"properties": { "properties": {
"provider": { "type": "string", "enum": [ "url" ] }, "provider": {
"url": { "type": "string", "description": "A http or https URL with {{phone}} and {{message}} in the string. These will be replaced with the URL encoded target phone number and message." } "type": "string",
"enum": [ "url" ]
},
"url": {
"type": "string",
"description": "A http or https URL with {{phone}} and {{message}} in the string. These will be replaced with the URL encoded target phone number and message."
}
}, },
"required": [ "url" ] "required": [ "url" ]
} }
] ]
},
"messaging": {
"title" : "Messaging server",
"description": "This section allow MeshCentral to send messages over user messaging networks like Telegram",
"type": "object",
"properties": {
"telegram": {
"type": "object",
"description": "Configure Telegram messaging system",
"properties": {
"apiid": { "type": "number" },
"apihash": { "type": "string" },
"session": { "type": "string" }
}
},
"discord": {
"type": "object",
"description": "Configure Discord messaging system",
"properties": {
"serverurl": { "type": "string", "format": "uri", "description": "An optional HTTP link to the discord server the user must join to get notifications." },
"token": { "type": "string", "description": "A Discord bot token that MeshCentral will use to login to Discord." }
},
"required": [ "token" ]
},
"xmpp": {
"type": "object",
"description": "Configure XMPP messaging system",
"properties": {
"service": { "type": "string", "description": "Host name of the XMPP server." },
"credentials": {
"type": "object",
"description": "Login credentials for the XMPP server.",
"properties": {
"username": { "type": "string" },
"password": { "type": "string" }
}
}
},
"required": [ "credentials" ]
},
"callmebot": {
"type": "boolean",
"default": false,
"description": "Enabled CallMeBot integration support."
},
"pushover": {
"type": "object",
"description": "Configure Pushover messaging system",
"properties": {
"token": { "type": "string", "description": "A Pushover application token that MeshCentral will use to login." }
},
"required": [ "token" ]
},
"ntfy": {
"type": [ "boolean", "object" ],
"default": false,
"properties": {
"host": { "type": "string", "description": "Host name of the ntfy server." },
"userurl": { "type": "string", "description": "A URL given to users to help them setup this service." }
},
"description": "Enabled ntfy.sh integration support."
},
"zulip": {
"type": "object",
"properties": {
"site": { "type": "string", "format": "uri", "default": "https://api.zulip.com", "description": "URL to the Zulip server"},
"email": { "type": "string", "description": "Bot email address to login as." },
"api_key": { "type": "string", "description": "Bot api key." }
},
"description": "Enabled Zulip integration support."
}
}
} }
}, },
"required": [ "settings", "domains" ] "required": [ "settings", "domains" ]
} }
``` ```

Binary file not shown.

After

Width:  |  Height:  |  Size: 127 KiB

View File

@ -1308,6 +1308,8 @@ You can also customize the Agent to add your own logo.
} }
``` ```
![agent icon](images/agentico.png)
!!!note !!!note
You will need to reinstall the agent for agent customizations to take effect. You will need to reinstall the agent for agent customizations to take effect.
@ -1777,6 +1779,8 @@ The callback URL will be of the form “https://(servername)/auth-saml-callback
Enabling SAML will require MeshCentral to install extra modules from NPM, so depending on your server configuration, you may need to run MeshCentral once manually. Enabling SAML will require MeshCentral to install extra modules from NPM, so depending on your server configuration, you may need to run MeshCentral once manually.
!!!note
MeshCentral only supports "POST". [For example Authentik's](https://github.com/Ylianst/MeshCentral/issues/4725) default setting is to use "Redirect" as a "Service Provider Binding".
## Improvements to MeshCentral ## Improvements to MeshCentral
In 2007, the first version of MeshCentral was built. We will refer to it as “MeshCentral1”. When MeshCentral1 was designed, HTML5 did not exist and web sockets where not implemented in any of the major browsers. Many design decisions were made at the time that are no longer optimal today. With the advent of the latest MeshCentral, MeshCentral1 is no longer supported and MeshCentral v2 has been significantly redesigned and mostly re-written based of previous version. Here is a list of improvements made in MeshCentral when compared with MeshCentral1: In 2007, the first version of MeshCentral was built. We will refer to it as “MeshCentral1”. When MeshCentral1 was designed, HTML5 did not exist and web sockets where not implemented in any of the major browsers. Many design decisions were made at the time that are no longer optimal today. With the advent of the latest MeshCentral, MeshCentral1 is no longer supported and MeshCentral v2 has been significantly redesigned and mostly re-written based of previous version. Here is a list of improvements made in MeshCentral when compared with MeshCentral1:

View File

@ -17,3 +17,13 @@ Adjust these items in your `config.json`
``` ```
![](images/rate_limiting_logins.png) ![](images/rate_limiting_logins.png)
## Disabling TLS 1.0/1.1 for AMT
```json
{
"settings": {
"mpshighsecurity": true
}
}
```

View File

@ -575,7 +575,7 @@ module.exports.CreateMeshMail = function (parent, domain) {
} }
// //
// Device connetion and disconnection notifications // Device connection and disconnection notifications
// //
obj.deviceNotifications = {}; // UserId --> { timer, nodes: nodeid --> connectType } obj.deviceNotifications = {}; // UserId --> { timer, nodes: nodeid --> connectType }

View File

@ -469,7 +469,7 @@ module.exports.CreateServer = function (parent) {
// //
// Device connetion and disconnection notifications // Device connection and disconnection notifications
// //
obj.deviceNotifications = {}; // UserId --> { timer, nodes: nodeid --> connectType } obj.deviceNotifications = {}; // UserId --> { timer, nodes: nodeid --> connectType }

View File

@ -50,7 +50,7 @@ var Channel = {
}; };
/** /**
* Channel Definde * Channel Defined
*/ */
const RdpdrChannelDef = new type.Component({ const RdpdrChannelDef = new type.Component({
name: new type.BinaryString(Buffer.from('rdpdr' + '\x00\x00\x00', 'binary'), { readLength: new type.CallableValue(8) }), name: new type.BinaryString(Buffer.from('rdpdr' + '\x00\x00\x00', 'binary'), { readLength: new type.CallableValue(8) }),
@ -239,7 +239,7 @@ function Client(transport) {
this.clientNetworkData = gcc.clientNetworkData(new type.Component([RdpdrChannelDef, CliprdrChannelDef, RdpsndChannelDef])); this.clientNetworkData = gcc.clientNetworkData(new type.Component([RdpdrChannelDef, CliprdrChannelDef, RdpsndChannelDef]));
this.clientSecurityData = gcc.clientSecurityData(); this.clientSecurityData = gcc.clientSecurityData();
// must be readed from protocol // must be read from protocol
this.serverCoreData = null; this.serverCoreData = null;
this.serverSecurityData = null; this.serverSecurityData = null;
this.serverNetworkData = null; this.serverNetworkData = null;
@ -414,7 +414,7 @@ Client.prototype.connectChannels = function(s) {
self.recv(s); self.recv(s);
}); });
// send client and sever gcc informations // send client and sever gcc information
this.emit('connect', this.emit('connect',
{ {
core : this.clientCoreData.obj, core : this.clientCoreData.obj,
@ -497,7 +497,7 @@ Server.prototype.recvConnectInitial = function (s) {
}; };
/** /**
* State 2 in mcs server connetion automata * State 2 in mcs server connection automata
*/ */
Server.prototype.sendConnectResponse = function () { Server.prototype.sendConnectResponse = function () {
var ccReq = gcc.writeConferenceCreateResponse(new type.Component([ var ccReq = gcc.writeConferenceCreateResponse(new type.Component([