From 5d4cf20e49eccff4f049a6a8a3490fa80ef1c95d Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Sat, 25 Jan 2020 12:14:14 -0800 Subject: [PATCH] Fixed GreenLock v4 --- agents/meshcore.js | 29 ++++++++--------------------- letsEncrypt.js | 5 ++++- meshcentral.js | 2 +- package.json | 3 ++- views/xterm.handlebars | 1 - webserver.js | 3 ++- 6 files changed, 17 insertions(+), 26 deletions(-) diff --git a/agents/meshcore.js b/agents/meshcore.js index 05503420..6fd7a6a1 100644 --- a/agents/meshcore.js +++ b/agents/meshcore.js @@ -39,7 +39,8 @@ var MESHRIGHT_LIMITEDINPUT = 4096; function createMeshCore(agent) { var obj = {}; - if (process.platform == 'win32' && require('user-sessions').isRoot()) { + if (process.platform == 'win32' && require('user-sessions').isRoot()) + { // Check the Agent Uninstall MetaData for correctness, as the installer may have written an incorrect value try { var writtenSize = 0, actualSize = Math.floor(require('fs').statSync(process.execPath).size / 1024); @@ -1198,8 +1199,7 @@ function createMeshCore(agent) { this.pipe(this.httprequest._term, { dataTypeSkip: 1, end: false }); this.prependListener('end', function () { this.httprequest._term.end(function () { console.log("Terminal was closed"); }); }); } - } - else { + } else { try { var bash = fs.existsSync('/bin/bash') ? '/bin/bash' : false; var sh = fs.existsSync('/bin/sh') ? '/bin/sh' : false; @@ -1223,28 +1223,21 @@ function createMeshCore(agent) { var options = { uid: (this.httprequest.protocol == 8) ? require('user-sessions').consoleUid() : null, env: env }; var setupcommands = ' alias ls=\'ls --color=auto\'\n'; if (shell == sh) setupcommands += ' stty erase ^H\n'; + setupcommands += ' clear\n'; if (script && shell && process.platform == 'linux') { this.httprequest.process = childProcess.execFile(script, ['script', '--return', '--quiet', '-c', '"' + shell + '"', '/dev/null'], options); // Start as active user - // Is child process the shell? Needed for resizing. - this.httprequest.process.isChildShell = true; this.httprequest.process.stdin.write(setupcommands); } else if (python && shell) { this.httprequest.process = childProcess.execFile(python, ['python', '-c', 'import pty; pty.spawn(["' + shell + '"])'], options); // Start as active user - // Is child process the shell? Needed for resizing. - this.httprequest.process.isChildShell = true; if (process.platform == 'linux') { this.httprequest.process.stdin.write(setupcommands); } } else if (bash) { options.type = childProcess.SpawnTypes.TERM; this.httprequest.process = childProcess.execFile(bash, ['bash', '-i'], options); // Start as active user - // Is child process the shell? Needed for resizing. - this.httprequest.process.isChildShell = false; if (process.platform == 'linux') { this.httprequest.process.stdin.write(setupcommands); } } else if (sh) { options.type = childProcess.SpawnTypes.TERM; this.httprequest.process = childProcess.execFile(sh, ['sh'], options); // Start as active user - // Is child process the shell? Needed for resizing. - this.httprequest.process.isChildShell = false; if (process.platform == 'linux') { this.httprequest.process.stdin.write(setupcommands + "PS1='$ '\n"); } } else { MeshServerLog("Failed to start remote terminal session, no shell found"); @@ -1797,15 +1790,8 @@ function createMeshCore(agent) { // TODO } else { if (ws.httprequest.process == null) return; - // ILibDuktape_ChildProcess kill doesn't support sending signals - if (fs.existsSync("/bin/kill")) - { - if (ws.httprequest.process.isChildShell) - // We need to send signal to the child of the process, since the child is the shell - childProcess.execFile('/bin/bash', ['bash', "-c", "kill -SIGWINCH $(pgrep -P " + ws.httprequest.process.pid + ")"]); - else - childProcess.execFile('/bin/bash', ['bash', "-c", "kill -SIGWINCH " + ws.httprequest.process.pid]); - } + //sendConsoleText('Linux-TermSize: ' + obj.cols + 'x' + obj.rows); + // TODO } } break; @@ -2239,7 +2225,8 @@ function createMeshCore(agent) { break; } case 'ps': { - processManager.getProcesses(function (plist) { + processManager.getProcesses(function (plist) + { var x = ''; for (var i in plist) { x += i + ((plist[i].user) ? (', ' + plist[i].user) : '') + ', ' + plist[i].cmd + '\r\n'; } sendConsoleText(x, sessionid); diff --git a/letsEncrypt.js b/letsEncrypt.js index 7f14e7bd..d2eda15d 100644 --- a/letsEncrypt.js +++ b/letsEncrypt.js @@ -14,6 +14,8 @@ /*jshint esversion: 6 */ 'use strict'; +var globalLetsEncrypt = null; + module.exports.CreateLetsEncrypt = function (parent) { try { // Get the GreenLock version @@ -40,6 +42,7 @@ module.exports.CreateLetsEncrypt = function (parent) { // Get GreenLock setup and running. const greenlock = require('greenlock'); var obj = {}; + globalLetsEncrypt = obj; obj.parent = parent; obj.path = require('path'); obj.redirWebServerHooked = false; @@ -258,7 +261,7 @@ module.exports.CreateLetsEncrypt = function (parent) { // GreenLock v3 Manager module.exports.create = function (options) { - var manager = { parent: options.parent }; + var manager = { parent: globalLetsEncrypt }; manager.find = async function (options) { //console.log('LE-FIND', options); return Promise.resolve([{ subject: options.servername, altnames: options.altnames }]); diff --git a/meshcentral.js b/meshcentral.js index 63d4fa42..d14cad53 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -2256,7 +2256,7 @@ function mainStart() { var modules = ['ws', 'cbor', 'nedb', 'https', 'yauzl', 'xmldom', 'ipcheck', 'express', 'archiver', 'multiparty', 'node-forge', 'express-ws', 'compression', 'body-parser', 'connect-redis', 'cookie-session', 'express-handlebars']; if (require('os').platform() == 'win32') { modules.push('node-windows'); if (sspi == true) { modules.push('node-sspi'); } } // Add Windows modules if (ldap == true) { modules.push('ldapauth-fork'); } - if (config.letsencrypt != null) { if ((nodeVersion < 10) || (require('crypto').generateKeyPair == null)) { addServerWarning("Let's Encrypt support requires Node v10.12 or higher.", !args.launch); } else { modules.push('greenlock@3.1.5'); } } // Add Greenlock Module + if (config.letsencrypt != null) { if ((nodeVersion < 10) || (require('crypto').generateKeyPair == null)) { addServerWarning("Let's Encrypt support requires Node v10.12 or higher.", !args.launch); } else { modules.push('greenlock'); } } // Add Greenlock Module if (config.settings.mqtt != null) { modules.push('aedes'); } // Add MQTT Modules if (config.settings.mongodb != null) { modules.push('mongodb'); } // Add MongoDB, official driver. if (config.settings.vault != null) { modules.push('node-vault'); } // Add official HashiCorp's Vault module. diff --git a/package.json b/package.json index c2688378..67f1a48d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.4.7-u", + "version": "0.4.7-v", "keywords": [ "Remote Management", "Intel AMT", @@ -37,6 +37,7 @@ "express": "^4.17.0", "express-handlebars": "^3.1.0", "express-ws": "^4.0.0", + "greenlock": "^4.0.4", "ipcheck": "^0.1.0", "meshcentral": "*", "minimist": "^1.2.0", diff --git a/views/xterm.handlebars b/views/xterm.handlebars index ab5abd69..fc1c9156 100644 --- a/views/xterm.handlebars +++ b/views/xterm.handlebars @@ -180,7 +180,6 @@ break; case 3: // Connected - tunnel.sendText(`mcresize() { old=$(stty -g);stty raw -echo min 0 time 5;printf '\\0337\\033[r\\033[999;999H\\033[6n\\0338' > /dev/tty;IFS='[;R' read -r _ rows cols _ < /dev/tty;stty "$old";stty cols "$cols" rows "$rows"; };trap mcresize SIGWINCH;clear\n`); term.focus(); break; default: diff --git a/webserver.js b/webserver.js index c15d824c..9dca3b88 100644 --- a/webserver.js +++ b/webserver.js @@ -3403,7 +3403,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (obj.tlsSniCredentials != null) { tlsOptions.SNICallback = TlsSniCallback; } // We have multiple web server certificate used depending on the domain name obj.tlsServer = require('https').createServer(tlsOptions, obj.app); obj.tlsServer.on('secureConnection', function () { /*console.log('tlsServer secureConnection');*/ }); - obj.tlsServer.on('error', function () { console.log('tlsServer error'); }); + obj.tlsServer.on('error', function (err) { console.log('tlsServer error', err); }); + //obj.tlsServer.on('tlsClientError', function (err) { console.log('tlsClientError', err); }); obj.tlsServer.on('newSession', function (id, data, cb) { if (tlsSessionStoreCount > 1000) { tlsSessionStoreCount = 0; tlsSessionStore = {}; } tlsSessionStore[id.toString('hex')] = data; tlsSessionStoreCount++; cb(); }); obj.tlsServer.on('resumeSession', function (id, cb) { cb(null, tlsSessionStore[id.toString('hex')] || null); }); obj.expressWs = require('express-ws')(obj.app, obj.tlsServer);