mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-11-22 22:17:31 +03:00
Fix formatting issues from merging (#5909)
* fix formatting issues in webserver.js * fix formatting issues is meshcentral.js
This commit is contained in:
parent
150e2337f5
commit
05fca6cb36
@ -618,7 +618,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
obj.performServerUpdate = function (version) {
|
||||
if (obj.serverSelfWriteAllowed != true) return false;
|
||||
if ((version == null) || (version == '') || (typeof version != 'string')) { console.log('Starting self upgrade...'); } else { console.log('Starting self upgrade to: ' + version); }
|
||||
process.exit(200);
|
||||
process.exit(200);
|
||||
return true;
|
||||
};
|
||||
|
||||
@ -648,7 +648,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
// Get new instance of the client
|
||||
const vault = require("node-vault")({ endpoint: obj.args.vault.endpoint, token: obj.args.vault.token });
|
||||
vault.unseal({ key: obj.args.vault.unsealkey })
|
||||
.then(function() {
|
||||
.then(function () {
|
||||
if (obj.args.vaultdeleteconfigfiles) {
|
||||
vault.delete('secret/data/' + obj.args.vault.name)
|
||||
.then(function (r) { console.log('Done.'); process.exit(); })
|
||||
@ -764,7 +764,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
}
|
||||
|
||||
// Check top level configuration for any unrecognized values
|
||||
if (config) { for (var i in config) { if ((typeof i == 'string') && (i.length > 0) && (i[0] != '_') && (['settings', 'domaindefaults', 'domains', 'configfiles', 'smtp', 'letsencrypt', 'peers', 'sms', 'messaging', 'sendgrid', 'sendmail', 'firebase', 'firebaserelay', '$schema'].indexOf(i) == -1)) { addServerWarning('Unrecognized configuration option \"' + i + '\".', 3, [ i ]); } } }
|
||||
if (config) { for (var i in config) { if ((typeof i == 'string') && (i.length > 0) && (i[0] != '_') && (['settings', 'domaindefaults', 'domains', 'configfiles', 'smtp', 'letsencrypt', 'peers', 'sms', 'messaging', 'sendgrid', 'sendmail', 'firebase', 'firebaserelay', '$schema'].indexOf(i) == -1)) { addServerWarning('Unrecognized configuration option \"' + i + '\".', 3, [i]); } } }
|
||||
|
||||
// Read IP lists from files if applicable
|
||||
config.settings.userallowedip = obj.args.userallowedip = readIpListFromFile(obj.args.userallowedip);
|
||||
@ -867,10 +867,10 @@ function CreateMeshCentralServer(config, args) {
|
||||
delete user.phone; delete user.otpekey; delete user.otpsecret; delete user.otpkeys; delete user.otphkeys; delete user.otpdev; delete user.otpsms; delete user.otpmsg; // Disable 2FA
|
||||
delete user.msghandle; // Disable users 2fa messaging too
|
||||
var config = getConfig(false);
|
||||
if(config.domains[user.domain].auth || config.domains[user.domain].authstrategies){
|
||||
if (config.domains[user.domain].auth || config.domains[user.domain].authstrategies) {
|
||||
console.log('This users domain has external authentication methods enabled so the password will not be changed if you set one')
|
||||
obj.db.Set(user, function () { console.log("Done."); process.exit(); return; });
|
||||
}else{
|
||||
} else {
|
||||
if (obj.args.hashpass && (typeof obj.args.hashpass == 'string')) {
|
||||
// Reset an account using a pre-hashed password. Use --hashpassword to pre-hash a password.
|
||||
var hashpasssplit = obj.args.hashpass.split(',');
|
||||
@ -878,14 +878,14 @@ function CreateMeshCentralServer(config, args) {
|
||||
user.salt = hashpasssplit[0];
|
||||
user.hash = hashpasssplit[1];
|
||||
obj.db.Set(user, function () { console.log("Done. This command will only work if MeshCentral is stopped."); process.exit(); return; });
|
||||
} else if(obj.args.pass && (typeof obj.args.pass == 'string')) {
|
||||
} else if (obj.args.pass && (typeof obj.args.pass == 'string')) {
|
||||
// Hash the password and reset the account.
|
||||
require('./pass').hash(String(obj.args.pass), user.salt, function (err, hash, tag) {
|
||||
if (err) { console.log("Unable to reset password: " + err); process.exit(); return; }
|
||||
user.hash = hash;
|
||||
obj.db.Set(user, function () { console.log("Done."); process.exit(); return; });
|
||||
}, 0);
|
||||
}else{
|
||||
} else {
|
||||
console.log('Not setting a users password');
|
||||
obj.db.Set(user, function () { console.log("Done."); process.exit(); return; });
|
||||
}
|
||||
@ -1107,7 +1107,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
for (var j in doc) { if (j.indexOf('.') >= 0) { console.log("Invalid field name (" + j + ") in document: " + json[i]); return; } }
|
||||
//if ((json[i].type == 'ifinfo') && (json[i].netif2 != null)) { for (var j in json[i].netif2) { var esc = obj.common.escapeFieldName(j); if (esc !== j) { json[i].netif2[esc] = json[i].netif2[j]; delete json[i].netif2[j]; } } }
|
||||
//if ((json[i].type == 'mesh') && (json[i].links != null)) { for (var j in json[i].links) { var esc = obj.common.escapeFieldName(j); if (esc !== j) { json[i].links[esc] = json[i].links[j]; delete json[i].links[j]; } } }
|
||||
}
|
||||
}
|
||||
//for (i in json) { if ((json[i].type == "node") && (json[i].host != null)) { json[i].rname = json[i].host; delete json[i].host; } } // DEBUG: Change host to rname
|
||||
setTimeout(function () { // If the Mongo database is being created for the first time, there is a race condition here. This will get around it.
|
||||
obj.db.RemoveAll(function () {
|
||||
@ -1386,7 +1386,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
if (i == '') {
|
||||
addServerWarning("Unable to load Intel AMT TLS root certificate for default domain.", 5);
|
||||
} else {
|
||||
addServerWarning("Unable to load Intel AMT TLS root certificate for domain " + i + ".", 6, [ i ]);
|
||||
addServerWarning("Unable to load Intel AMT TLS root certificate for domain " + i + ".", 6, [i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -2156,7 +2156,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
// Update the server state
|
||||
obj.updateServerState('state', "stopped");
|
||||
};
|
||||
|
||||
|
||||
// Event Dispatch
|
||||
obj.AddEventDispatch = function (ids, target) {
|
||||
obj.debug('dispatch', 'AddEventDispatch', ids);
|
||||
@ -2478,7 +2478,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
if (connectType == 1) { state.agentPower = powerState; } else if (connectType == 2) { state.ciraPower = powerState; } else if (connectType == 4) { state.amtPower = powerState; }
|
||||
var powerState = 0, oldPowerState = state.powerState;
|
||||
if ((state.connectivity & 1) != 0) { powerState = state.agentPower; } else if ((state.connectivity & 2) != 0) { powerState = state.ciraPower; } else if ((state.connectivity & 4) != 0) { powerState = state.amtPower; }
|
||||
if ((state.powerState == null)|| (state.powerState == undefined) || (state.powerState != powerState)) {
|
||||
if ((state.powerState == null) || (state.powerState == undefined) || (state.powerState != powerState)) {
|
||||
state.powerState = powerState;
|
||||
eventConnectChange = 1;
|
||||
|
||||
@ -2522,7 +2522,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
if (connectType == 1) { state.agentPower = powerState; } else if (connectType == 2) { state.ciraPower = powerState; } else if (connectType == 4) { state.amtPower = powerState; }
|
||||
var powerState = 0, oldPowerState = state.powerState;
|
||||
if ((state.connectivity & 1) != 0) { powerState = state.agentPower; } else if ((state.connectivity & 2) != 0) { powerState = state.ciraPower; } else if ((state.connectivity & 4) != 0) { powerState = state.amtPower; }
|
||||
if ((state.powerState == null)|| (state.powerState == undefined) || (state.powerState != powerState)) {
|
||||
if ((state.powerState == null) || (state.powerState == undefined) || (state.powerState != powerState)) {
|
||||
state.powerState = powerState;
|
||||
eventConnectChange = 1;
|
||||
|
||||
@ -2664,7 +2664,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
if (obj.fs.existsSync(obj.path.join(meshcorePath, 'meshcore.js')) == false) {
|
||||
meshcorePath = obj.path.join(__dirname, 'agents');
|
||||
if (obj.fs.existsSync(obj.path.join(meshcorePath, 'meshcore.js')) == false) {
|
||||
obj.defaultMeshCores = obj.defaultMeshCoresHash = { }; if (func != null) { func(false); } // meshcore.js not found
|
||||
obj.defaultMeshCores = obj.defaultMeshCoresHash = {}; if (func != null) { func(false); } // meshcore.js not found
|
||||
}
|
||||
}
|
||||
|
||||
@ -2730,7 +2730,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
// We are adding a JS file to the meshcores
|
||||
var moduleName = modulesDir[i].substring(0, modulesDir[i].length - 3);
|
||||
if (moduleName.endsWith('.min')) { moduleName = moduleName.substring(0, moduleName.length - 4); } // Remove the ".min" for ".min.js" files.
|
||||
const moduleData = [ 'try { addModule("', moduleName, '", "', obj.escapeCodeString(obj.fs.readFileSync(obj.path.join(moduleDirPath, modulesDir[i])).toString('binary')), '"); addedModules.push("', moduleName, '"); } catch (ex) { }\r\n' ];
|
||||
const moduleData = ['try { addModule("', moduleName, '", "', obj.escapeCodeString(obj.fs.readFileSync(obj.path.join(moduleDirPath, modulesDir[i])).toString('binary')), '"); addedModules.push("', moduleName, '"); } catch (ex) { }\r\n'];
|
||||
|
||||
// Merge this module
|
||||
// NOTE: "smbios" module makes some non-AI Linux segfault, only include for IA platforms.
|
||||
@ -2959,7 +2959,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
} catch (ex) { }
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
// List of possible mesh agents
|
||||
obj.meshAgentsArchitectureNumbers = {
|
||||
0: { id: 0, localname: 'Unknown', rname: 'meshconsole.exe', desc: 'Unknown agent', update: false, amt: true, platform: 'unknown', core: 'linux-noamt', rcore: 'linux-recovery', arcore: 'linux-agentrecovery', tcore: 'linux-tiny' },
|
||||
@ -3205,7 +3205,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
console.log(obj.common.format('Code signed {0}.', agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname));
|
||||
} else {
|
||||
// Failed to sign agent
|
||||
addServerWarning('Failed to sign \"' + agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname + '\": ' + err, 22, [ agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname, err ]);
|
||||
addServerWarning('Failed to sign \"' + agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname + '\": ' + err, 22, [agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname, err]);
|
||||
}
|
||||
if (--pendingOperations === 0) { agentSignedFunc.func(); }
|
||||
}
|
||||
@ -3759,7 +3759,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
try {
|
||||
const d = new Date(), month = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'][d.getMonth()];
|
||||
str = month + ' ' + d.getDate() + ' ' + obj.common.zeroPad(d.getHours(), 2) + ':' + obj.common.zeroPad(d.getMinutes(), 2) + ':' + d.getSeconds() + ' meshcentral ' + server + '[' + process.pid + ']: ' + msg + ((obj.platform == 'win32') ? '\r\n' : '\n');
|
||||
obj.fs.write(obj.authlogfile, str, function (err, written, string) { if (err) {console.error(err); } });
|
||||
obj.fs.write(obj.authlogfile, str, function (err, written, string) { if (err) { console.error(err); } });
|
||||
} catch (ex) { console.error(ex); }
|
||||
}
|
||||
}
|
||||
@ -3858,7 +3858,7 @@ function InstallModules(modules, args, func) {
|
||||
missingModules.push(moduleNameAndVersion);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (missingModules.length > 0) { if (args.debug) { console.log('Missing Modules: ' + missingModules.join(', ')); } InstallModuleEx(missingModules, args, func); } else { func(); }
|
||||
}
|
||||
}
|
||||
@ -4007,11 +4007,11 @@ function mainStart() {
|
||||
if ((typeof config.domains[i].authstrategies.github == 'object') && (typeof config.domains[i].authstrategies.github.clientid == 'string') && (typeof config.domains[i].authstrategies.github.clientsecret == 'string') && (passport.indexOf('passport-github2') == -1)) { passport.push('passport-github2'); }
|
||||
if ((typeof config.domains[i].authstrategies.azure == 'object') && (typeof config.domains[i].authstrategies.azure.clientid == 'string') && (typeof config.domains[i].authstrategies.azure.clientsecret == 'string') && (typeof config.domains[i].authstrategies.azure.tenantid == 'string') && (passport.indexOf('passport-azure-oauth2') == -1)) { passport.push('passport-azure-oauth2'); passport.push('jwt-simple'); }
|
||||
if ((typeof config.domains[i].authstrategies.oidc == 'object') && (passport.indexOf('openid-client') == -1)) {
|
||||
if ((nodeVersion >= 17)
|
||||
|| ((Math.floor(nodeVersion) == 16) && (nodeVersion >= 16.13))
|
||||
|| ((Math.floor(nodeVersion) == 14) && (nodeVersion >= 14.15))
|
||||
|| ((Math.floor(nodeVersion) == 12) && (nodeVersion >= 12.19))) {
|
||||
passport.push('openid-client');
|
||||
if ((nodeVersion >= 17)
|
||||
|| ((Math.floor(nodeVersion) == 16) && (nodeVersion >= 16.13))
|
||||
|| ((Math.floor(nodeVersion) == 14) && (nodeVersion >= 14.15))
|
||||
|| ((Math.floor(nodeVersion) == 12) && (nodeVersion >= 12.19))) {
|
||||
passport.push('openid-client');
|
||||
} else {
|
||||
addServerWarning('This NodeJS version does not support OpenID Connect on MeshCentral.', 25);
|
||||
delete config.domains[i].authstrategies.oidc;
|
||||
@ -4026,7 +4026,7 @@ function mainStart() {
|
||||
|
||||
// Build the list of required modules
|
||||
// NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN Dockerfile
|
||||
var modules = ['archiver@7.0.0','body-parser@1.20.2','cbor@5.2.0','compression@1.7.4','cookie-session@2.0.0','express@4.18.2','express-handlebars@5.3.5','express-ws@4.0.0','ipcheck@0.1.0','minimist@1.2.8','multiparty@4.2.3','@yetzt/nedb','node-forge@1.3.1','ua-parser-js@1.0.37','ws@8.14.2','yauzl@2.10.0'];
|
||||
var modules = ['archiver@7.0.0', 'body-parser@1.20.2', 'cbor@5.2.0', 'compression@1.7.4', 'cookie-session@2.0.0', 'express@4.18.2', 'express-handlebars@5.3.5', 'express-ws@4.0.0', 'ipcheck@0.1.0', 'minimist@1.2.8', 'multiparty@4.2.3', '@yetzt/nedb', 'node-forge@1.3.1', 'ua-parser-js@1.0.37', 'ws@8.14.2', 'yauzl@2.10.0'];
|
||||
if (require('os').platform() == 'win32') { modules.push('node-windows@0.1.14'); modules.push('loadavg-windows@1.1.1'); if (sspi == true) { modules.push('node-sspi@0.2.10'); } } // Add Windows modules
|
||||
if (ldap == true) { modules.push('ldapauth-fork@5.0.5'); }
|
||||
if (ssh == true) { modules.push('ssh2@1.15.0'); }
|
||||
|
95
webserver.js
95
webserver.js
@ -2841,7 +2841,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
// User credentials are being passed in the URL. WARNING: Putting credentials in a URL is bad security... but people are requesting this option.
|
||||
obj.authenticate(req.query.user, req.query.pass, domain, function (err, userid, passhint, loginOptions) {
|
||||
// 2FA is not supported in URL authentication method. If user has 2FA enabled, this login method fails.
|
||||
var user = obj.users[userid];
|
||||
var user = obj.users[userid];
|
||||
if ((err == null) && checkUserOneTimePasswordRequired(domain, user, req, loginOptions) == true) {
|
||||
handleRootRequestEx(req, res, domain, direct);
|
||||
} else if ((userid != null) && (err == null)) {
|
||||
@ -5899,11 +5899,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
zipfile.readEntry();
|
||||
});
|
||||
});
|
||||
} else if (entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/meshagent_osx64_LaunchAgent.plist' ||
|
||||
} else if (entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/meshagent_osx64_LaunchAgent.plist' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/meshagent_osx64_LaunchDaemon.plist' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/Info.plist' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/Resources/postflight' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/Resources/Postflight.sh' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Contents/Packages/internal.pkg/Contents/Resources/Postflight.sh' ||
|
||||
entry.fileName == 'MeshAgent.mpkg/Uninstall.command') {
|
||||
// This is a special file entry, we need to fix it.
|
||||
zipfile.openReadStream(entry, function (err, readStream) {
|
||||
@ -5915,7 +5915,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
zipfile.readEntry();
|
||||
});
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
} else {
|
||||
// Normal file entry
|
||||
zipfile.openReadStream(entry, function (err, readStream) {
|
||||
@ -6600,18 +6601,18 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
obj.app.post(url + 'pluginadmin.ashx', obj.bodyParser.urlencoded({ extended: false }), obj.handlePluginAdminPostReq);
|
||||
obj.app.get(url + 'pluginHandler.js', obj.handlePluginJS);
|
||||
}
|
||||
|
||||
|
||||
// New account CAPTCHA request
|
||||
if ((domain.newaccountscaptcha != null) && (domain.newaccountscaptcha !== false)) {
|
||||
obj.app.get(url + 'newAccountCaptcha.ashx', handleNewAccountCaptchaRequest);
|
||||
}
|
||||
|
||||
|
||||
// Check CrowdSec Bounser if configured
|
||||
if (parent.crowdSecBounser != null) {
|
||||
obj.app.get(url + 'captcha.ashx', handleCaptchaGetRequest);
|
||||
obj.app.post(url + 'captcha.ashx', obj.bodyParser.urlencoded({ extended: false }), handleCaptchaPostRequest);
|
||||
}
|
||||
|
||||
|
||||
// Setup IP-KVM relay if supported
|
||||
if (domain.ipkvm) {
|
||||
obj.app.ws(url + 'ipkvm.ashx/*', function (ws, req) {
|
||||
@ -6625,7 +6626,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
parent.ipKvmManager.handleIpKvmGet(domain, req, res, next);
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
// Setup RDP unless indicated as disabled
|
||||
if (domain.mstsc !== false) {
|
||||
obj.app.get(url + 'mstsc.html', function (req, res) { handleMSTSCRequest(req, res, 'mstsc'); });
|
||||
@ -6637,7 +6638,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
try { require('./apprelays.js').CreateMstscRelay(obj, obj.db, ws, req, obj.args, domain); } catch (ex) { console.log(ex); }
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
// Setup SSH if needed
|
||||
if (domain.ssh === true) {
|
||||
obj.app.get(url + 'ssh.html', function (req, res) { handleMSTSCRequest(req, res, 'ssh'); });
|
||||
@ -6659,7 +6660,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
// Setup firebase push only server
|
||||
if ((obj.parent.firebase != null) && (obj.parent.config.firebase)) {
|
||||
if (obj.parent.config.firebase.pushrelayserver) { parent.debug('email', 'Firebase-pushrelay-handler'); obj.app.post(url + 'firebaserelay.aspx', obj.bodyParser.urlencoded({ extended: false }), handleFirebasePushOnlyRelayRequest); }
|
||||
@ -6812,10 +6813,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}, handleStrategyLogin);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Server redirects
|
||||
if (parent.config.domains[i].redirects) { for (var j in parent.config.domains[i].redirects) { if (j[0] != '_') { obj.app.get(url + j, obj.handleDomainRedirect); } } }
|
||||
|
||||
|
||||
// Server picture
|
||||
obj.app.get(url + 'serverpic.ashx', function (req, res) {
|
||||
// Check if we have "server.jpg" in the data folder, if so, use that.
|
||||
@ -6843,7 +6844,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
// Receive mesh agent connections
|
||||
obj.app.ws(url + 'agent.ashx', function (ws, req) {
|
||||
var domain = checkAgentIpAddress(ws, req);
|
||||
@ -6852,7 +6853,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
//console.log('Agent connect: ' + req.clientIp);
|
||||
try { obj.meshAgentHandler.CreateMeshAgent(obj, obj.db, ws, req, obj.args, domain); } catch (e) { console.log(e); }
|
||||
});
|
||||
|
||||
|
||||
// Setup MQTT broker over websocket
|
||||
if (obj.parent.mqttbroker != null) {
|
||||
obj.app.ws(url + 'mqtt.ashx', function (ws, req) {
|
||||
@ -6868,11 +6869,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
obj.parent.mqttbroker.handle(serialtunnel); // Pass socket wrapper to MQTT broker
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
// Setup any .well-known folders
|
||||
var p = obj.parent.path.join(obj.parent.datapath, '.well-known' + ((parent.config.domains[i].id == '') ? '' : ('-' + parent.config.domains[i].id)));
|
||||
if (obj.parent.fs.existsSync(p)) { obj.app.use(url + '.well-known', obj.express.static(p)); }
|
||||
|
||||
|
||||
// Setup the alternative agent-only port
|
||||
if (obj.agentapp) {
|
||||
// Receive mesh agent connections on alternate port
|
||||
@ -6882,7 +6883,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
if (domain.agentkey && ((req.query.key == null) || (domain.agentkey.indexOf(req.query.key) == -1))) { return; } // If agent key is required and not provided or not valid, just hold the websocket and do nothing.
|
||||
try { obj.meshAgentHandler.CreateMeshAgent(obj, obj.db, ws, req, obj.args, domain); } catch (e) { console.log(e); }
|
||||
});
|
||||
|
||||
|
||||
// Setup mesh relay on alternative agent-only port
|
||||
obj.agentapp.ws(url + 'meshrelay.ashx', function (ws, req) {
|
||||
PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie, authData) {
|
||||
@ -6893,41 +6894,41 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
// Allows agents to transfer files
|
||||
obj.agentapp.ws(url + 'devicefile.ashx', function (ws, req) { obj.meshDeviceFileHandler.CreateMeshDeviceFile(obj, ws, null, req, domain); });
|
||||
|
||||
|
||||
// Setup agent to/from server file transfer handler
|
||||
obj.agentapp.ws(url + 'agenttransfer.ashx', handleAgentFileTransfer); // Setup agent to/from server file transfer handler
|
||||
|
||||
|
||||
// Setup agent downloads for meshcore updates
|
||||
obj.agentapp.get(url + 'meshagents', obj.handleMeshAgentRequest);
|
||||
}
|
||||
|
||||
|
||||
// Setup web relay on this web server if needed
|
||||
// We set this up when a DNS name is used as a web relay instead of a port
|
||||
if (obj.args.relaydns != null) {
|
||||
obj.webRelayRouter = require('express').Router();
|
||||
|
||||
|
||||
// This is the magic URL that will setup the relay session
|
||||
obj.webRelayRouter.get('/control-redirect.ashx', function (req, res, next) {
|
||||
if (obj.args.relaydns.indexOf(req.hostname) == -1) { res.sendStatus(404); return; }
|
||||
if ((req.session.userid == null) && obj.args.user && obj.users['user//' + obj.args.user.toLowerCase()]) { req.session.userid = 'user//' + obj.args.user.toLowerCase(); } // Use a default user if needed
|
||||
res.set({ 'Cache-Control': 'no-store' });
|
||||
parent.debug('web', 'webRelaySetup');
|
||||
|
||||
|
||||
// Decode the relay cookie
|
||||
if (req.query.c == null) { res.sendStatus(404); return; }
|
||||
|
||||
|
||||
// Decode and check if this relay cookie is valid
|
||||
var userid, domainid, domain, nodeid, addr, port, appid, webSessionId, expire, publicid;
|
||||
const urlCookie = obj.parent.decodeCookie(req.query.c, parent.loginCookieEncryptionKey, 32); // Allow cookies up to 32 minutes old. The web page will renew this cookie every 30 minutes.
|
||||
if (urlCookie == null) { res.sendStatus(404); return; }
|
||||
|
||||
|
||||
// Decode the incoming cookie
|
||||
if ((urlCookie.ruserid != null) && (urlCookie.x != null)) {
|
||||
if (parent.webserver.destroyedSessions[urlCookie.ruserid + '/' + urlCookie.x] != null) { res.sendStatus(404); return; }
|
||||
|
||||
|
||||
// This is a standard user, figure out what our web relay will be.
|
||||
if (req.session.x != urlCookie.x) { req.session.x = urlCookie.x; } // Set the sessionid if missing
|
||||
if (req.session.userid != urlCookie.ruserid) { req.session.userid = urlCookie.ruserid; } // Set the session userid if missing
|
||||
@ -6940,7 +6941,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
port = parseInt(req.query.p);
|
||||
appid = parseInt(req.query.appid);
|
||||
webSessionId = req.session.userid + '/' + req.session.x;
|
||||
|
||||
|
||||
// Check that all the required arguments are present
|
||||
if ((req.session.userid == null) || (req.session.x == null) || (req.query.n == null) || (req.query.p == null) || (parent.webserver.destroyedSessions[webSessionId] != null) || ((req.query.appid != 1) && (req.query.appid != 2))) { res.redirect('/'); return; }
|
||||
} else if (urlCookie.r == 8) {
|
||||
@ -6960,10 +6961,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
expire = urlCookie.expire;
|
||||
if ((expire != null) && (expire <= Date.now())) { parent.debug('webrelay', 'expired link'); res.sendStatus(404); return; }
|
||||
}
|
||||
|
||||
|
||||
// No session identifier was setup, exit now
|
||||
if (webSessionId == null) { res.sendStatus(404); return; }
|
||||
|
||||
|
||||
// Check that we have an exact session on any of the relay DNS names
|
||||
var xrelaySessionId, xrelaySession, freeRelayHost, oldestRelayTime, oldestRelayHost;
|
||||
for (var hostIndex in obj.args.relaydns) {
|
||||
@ -6987,7 +6988,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
// Keep a record of the oldest web relay session, this could be useful.
|
||||
if (oldestRelayHost == null) {
|
||||
// Oldest host not set yet, set it
|
||||
@ -7002,12 +7003,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Check that the user has rights to access this device
|
||||
parent.webserver.GetNodeWithRights(domain, userid, nodeid, function (node, rights, visible) {
|
||||
// If there is no remote control or relay rights, reject this web relay
|
||||
if ((rights & 0x00200008) == 0) { res.sendStatus(404); return; } // MESHRIGHT_REMOTECONTROL or MESHRIGHT_RELAY
|
||||
|
||||
|
||||
// Check if there is a free relay DNS name we can use
|
||||
var selectedHost = null;
|
||||
if (freeRelayHost != null) {
|
||||
@ -7018,12 +7019,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
selectedHost = oldestRelayHost;
|
||||
}
|
||||
xrelaySessionId = webSessionId + '/' + selectedHost;
|
||||
|
||||
|
||||
if (selectedHost == req.hostname) {
|
||||
// If this web relay session id is not free, close it now
|
||||
xrelaySession = webRelaySessions[xrelaySessionId];
|
||||
if (xrelaySession != null) { xrelaySession.close(); delete webRelaySessions[xrelaySessionId]; }
|
||||
|
||||
|
||||
// Create a web relay session
|
||||
const relaySession = require('./apprelays.js').CreateWebRelaySession(obj, db, req, args, domain, userid, nodeid, addr, port, appid, xrelaySessionId, expire, node.mtype);
|
||||
relaySession.xpublicid = publicid;
|
||||
@ -7033,13 +7034,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
// If there are not more relay sessions, clear the cleanup timer
|
||||
if ((Object.keys(webRelaySessions).length == 0) && (obj.cleanupTimer != null)) { clearInterval(webRelayCleanupTimer); obj.cleanupTimer = null; }
|
||||
}
|
||||
|
||||
|
||||
// Set the multi-tunnel session
|
||||
webRelaySessions[xrelaySessionId] = relaySession;
|
||||
|
||||
|
||||
// Setup the cleanup timer if needed
|
||||
if (obj.cleanupTimer == null) { webRelayCleanupTimer = setInterval(checkWebRelaySessionsTimeout, 10000); }
|
||||
|
||||
|
||||
// Redirect to root.
|
||||
res.redirect('/');
|
||||
} else {
|
||||
@ -7054,26 +7055,26 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.get('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.post('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.put('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.delete('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.options('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
|
||||
|
||||
// Handle all incoming requests as web relays
|
||||
obj.webRelayRouter.head('/*', function (req, res) { try { handleWebRelayRequest(req, res); } catch (ex) { console.log(ex); } })
|
||||
}
|
||||
|
||||
|
||||
// Indicates to ExpressJS that the override public folder should be used to serve static files.
|
||||
if (parent.config.domains[i].webpublicpath != null) {
|
||||
// Use domain public path
|
||||
@ -7082,10 +7083,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
// Use override path
|
||||
obj.app.use(url, obj.express.static(obj.parent.webPublicOverridePath));
|
||||
}
|
||||
|
||||
|
||||
// Indicates to ExpressJS that the default public folder should be used to serve static files.
|
||||
obj.app.use(url, obj.express.static(obj.parent.webPublicPath));
|
||||
|
||||
|
||||
// Start regular disconnection list flush every 2 minutes.
|
||||
obj.wsagentsDisconnectionsTimer = setInterval(function () { obj.wsagentsDisconnections = {}; }, 120000);
|
||||
}
|
||||
@ -7329,7 +7330,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
if (typeof strategy.custom.tenant_id == 'string') { strategy.custom.preset = preset = 'azure' }
|
||||
if (strategy.custom.customer_id || strategy.custom.identitysource || strategy.client.client_id.split('.')[2] == 'googleusercontent') { strategy.custom.preset = preset = 'google' }
|
||||
}
|
||||
|
||||
|
||||
// Check issuer url
|
||||
let presetIssuer
|
||||
if (preset == 'azure') { presetIssuer = 'https://login.microsoftonline.com/' + strategy.custom.tenant_id + '/v2.0'; }
|
||||
|
Loading…
Reference in New Issue
Block a user