mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-22 21:31:35 +03:00
Cleaned up deprecation warning on NodeJS 10.x.
This commit is contained in:
parent
dac97f819a
commit
6ecba46362
Binary file not shown.
Binary file not shown.
@ -39,7 +39,7 @@ module.exports.CreateAmtScanner = function (parent) {
|
||||
|
||||
// Build a RMCP packet with a given tag field
|
||||
obj.buildRmcpPing = function (tag) {
|
||||
var packet = new Buffer(obj.common.hex2rstr('06000006000011BE80000000'), 'ascii');
|
||||
var packet = Buffer.from(obj.common.hex2rstr('06000006000011BE80000000'), 'ascii');
|
||||
packet[9] = tag;
|
||||
return packet;
|
||||
};
|
||||
|
@ -43,7 +43,7 @@ module.exports.CertificateOperations = function () {
|
||||
if (err) { func(url, null, tag); return; }
|
||||
var x1 = data.indexOf('-----BEGIN CERTIFICATE-----'), x2 = data.indexOf('-----END CERTIFICATE-----');
|
||||
if ((x1 >= 0) && (x2 > x1)) {
|
||||
func(url, new Buffer(data.substring(x1 + 27, x2), 'base64').toString('binary'), tag);
|
||||
func(url, Buffer.from(data.substring(x1 + 27, x2), 'base64').toString('binary'), tag);
|
||||
} else {
|
||||
func(url, data, tag);
|
||||
}
|
||||
@ -67,7 +67,7 @@ module.exports.CertificateOperations = function () {
|
||||
// If this is not an RSA certificate, hash the raw PKCS7 out of the PEM file
|
||||
var x1 = cert.indexOf('-----BEGIN CERTIFICATE-----'), x2 = cert.indexOf('-----END CERTIFICATE-----');
|
||||
if ((x1 >= 0) && (x2 > x1)) {
|
||||
return obj.crypto.createHash('sha384').update(new Buffer(cert.substring(x1 + 27, x2), 'base64')).digest('hex');
|
||||
return obj.crypto.createHash('sha384').update(Buffer.from(cert.substring(x1 + 27, x2), 'base64')).digest('hex');
|
||||
} else { console.log('ERROR: Unable to decode certificate.'); return null; }
|
||||
}
|
||||
};
|
||||
@ -89,7 +89,7 @@ module.exports.CertificateOperations = function () {
|
||||
// If this is not an RSA certificate, hash the raw PKCS7 out of the PEM file
|
||||
var x1 = cert.indexOf('-----BEGIN CERTIFICATE-----'), x2 = cert.indexOf('-----END CERTIFICATE-----');
|
||||
if ((x1 >= 0) && (x2 > x1)) {
|
||||
return obj.crypto.createHash('sha384').update(new Buffer(cert.substring(x1 + 27, x2), 'base64')).digest('binary');
|
||||
return obj.crypto.createHash('sha384').update(Buffer.from(cert.substring(x1 + 27, x2), 'base64')).digest('binary');
|
||||
} else { console.log('ERROR: Unable to decode certificate.'); return null; }
|
||||
}
|
||||
};
|
||||
@ -497,7 +497,7 @@ module.exports.CertificateOperations = function () {
|
||||
// No accelerators available
|
||||
if (typeof privatekey == "number") { privatekey = obj.acceleratorCertStore[privatekey].key; }
|
||||
const sign = obj.crypto.createSign("SHA384");
|
||||
sign.end(new Buffer(data, "binary"));
|
||||
sign.end(Buffer.from(data, "binary"));
|
||||
func(tag, sign.sign(privatekey).toString("binary"));
|
||||
} else {
|
||||
var acc = obj.getAccelerator();
|
||||
|
2
db.js
2
db.js
@ -55,7 +55,7 @@ module.exports.CreateDB = function (parent) {
|
||||
if ((docs.length == 1) && (docs[0].value != null)) {
|
||||
obj.identifier = docs[0].value;
|
||||
} else {
|
||||
obj.identifier = new Buffer(require('crypto').randomBytes(48), 'binary').toString('hex');
|
||||
obj.identifier = Buffer.from(require('crypto').randomBytes(48), 'binary').toString('hex');
|
||||
obj.Set({ _id: 'DatabaseIdentifier', value: obj.identifier });
|
||||
}
|
||||
});
|
||||
|
@ -23,7 +23,7 @@ process.on('message', function (message) {
|
||||
if (typeof message.key == 'number') { message.key = certStore[message.key].key; }
|
||||
try {
|
||||
const sign = crypto.createSign('SHA384');
|
||||
sign.end(new Buffer(message.data, 'binary'));
|
||||
sign.end(Buffer.from(message.data, 'binary'));
|
||||
process.send(sign.sign(message.key).toString('binary'));
|
||||
} catch (e) { process.send(null); }
|
||||
break;
|
||||
|
22
meshagent.js
22
meshagent.js
@ -45,7 +45,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
ws._socket.setKeepAlive(true, 240000); // Set TCP keep alive, 4 minutes
|
||||
|
||||
// Send a message to the mesh agent
|
||||
obj.send = function (data) { try { if (typeof data == 'string') { obj.ws.send(new Buffer(data, 'binary')); } else { obj.ws.send(data); } } catch (e) { } };
|
||||
obj.send = function (data) { try { if (typeof data == 'string') { obj.ws.send(Buffer.from(data, 'binary')); } else { obj.ws.send(data); } } catch (e) { } };
|
||||
|
||||
// Disconnect this agent
|
||||
obj.close = function (arg) {
|
||||
@ -159,7 +159,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
if (obj.nodeid != null) { obj.parent.parent.debug(1, 'Agent update required, NodeID=0x' + obj.nodeid.substring(0, 16) + ', ' + obj.agentExeInfo.desc); }
|
||||
obj.fs.open(obj.agentExeInfo.path, 'r', function (err, fd) {
|
||||
if (err) { return console.error(err); }
|
||||
obj.agentUpdate = { oldHash: agenthash, ptr: 0, buf: new Buffer(agentUpdateBlockSize + 4), fd: fd };
|
||||
obj.agentUpdate = { oldHash: agenthash, ptr: 0, buf: Buffer.from(agentUpdateBlockSize + 4), fd: fd };
|
||||
|
||||
// We got the agent file open on the server side, tell the agent we are sending an update starting with the SHA384 hash of the result
|
||||
//console.log("Agent update file open.");
|
||||
@ -229,7 +229,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
obj.send(obj.common.ShortToStr(1) + msg.substring(2, 50) + obj.nonce); // Command 1, hash + nonce. Use the web hash given by the agent.
|
||||
} else {
|
||||
// Check that the server hash matches our own web certificate hash (SHA384)
|
||||
if ((getWebCertHash(obj.domain) != msg.substring(2, 50)) && (getWebCertFullHash(obj.domain) != msg.substring(2, 50))) { console.log('Agent bad web cert hash (Agent:' + (new Buffer(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (new Buffer(getWebCertHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').'); return; }
|
||||
if ((getWebCertHash(obj.domain) != msg.substring(2, 50)) && (getWebCertFullHash(obj.domain) != msg.substring(2, 50))) { console.log('Agent bad web cert hash (Agent:' + (Buffer.from(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (new Buffer(getWebCertHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').'); return; }
|
||||
}
|
||||
|
||||
// Use our server private key to sign the ServerHash + AgentNonce + ServerNonce
|
||||
@ -266,8 +266,8 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
// Decode the certificate
|
||||
var certlen = obj.common.ReadShort(msg, 2);
|
||||
obj.unauth = {};
|
||||
try { obj.unauth.nodeid = new Buffer(obj.forge.pki.getPublicKeyFingerprint(obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(msg.substring(4, 4 + certlen))).publicKey, { md: obj.forge.md.sha384.create() }).data, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); } catch (e) { return; }
|
||||
obj.unauth.nodeCertPem = '-----BEGIN CERTIFICATE-----\r\n' + new Buffer(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
try { obj.unauth.nodeid = Buffer.from(obj.forge.pki.getPublicKeyFingerprint(obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(msg.substring(4, 4 + certlen))).publicKey, { md: obj.forge.md.sha384.create() }).data, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); } catch (e) { return; }
|
||||
obj.unauth.nodeCertPem = '-----BEGIN CERTIFICATE-----\r\n' + Buffer.from(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
|
||||
// Check the agent signature if we can
|
||||
if (obj.agentnonce == null) { obj.unauthsign = msg.substring(4 + certlen); } else { if (processAgentSignature(msg.substring(4 + certlen)) == false) { console.log('Agent connected with bad signature, holding connection (' + obj.remoteaddrport + ').'); return; } }
|
||||
@ -286,9 +286,9 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
obj.agentInfo.platformType = obj.common.ReadInt(msg, 14);
|
||||
if (obj.agentInfo.platformType > 6 || obj.agentInfo.platformType < 1) { obj.agentInfo.platformType = 1; }
|
||||
if (msg.substring(50, 66) == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0') {
|
||||
obj.meshid = new Buffer(msg.substring(18, 50), 'binary').toString('hex'); // Older HEX MeshID
|
||||
obj.meshid = Buffer.from(msg.substring(18, 50), 'binary').toString('hex'); // Older HEX MeshID
|
||||
} else {
|
||||
obj.meshid = new Buffer(msg.substring(18, 66), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); // New Base64 MeshID
|
||||
obj.meshid = Buffer.from(msg.substring(18, 66), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); // New Base64 MeshID
|
||||
}
|
||||
//console.log('MeshID', obj.meshid);
|
||||
obj.agentInfo.capabilities = obj.common.ReadInt(msg, 66);
|
||||
@ -464,11 +464,11 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
if (obj.args.ignoreagenthashcheck !== true) {
|
||||
// Verify the signature. This is the fast way, without using forge.
|
||||
const verify = obj.parent.crypto.createVerify('SHA384');
|
||||
verify.end(new Buffer(getWebCertHash(obj.domain) + obj.nonce + obj.agentnonce, 'binary')); // Test using the private key hash
|
||||
if (verify.verify(obj.unauth.nodeCertPem, new Buffer(msg, 'binary')) !== true) {
|
||||
verify.end(Buffer.from(getWebCertHash(obj.domain) + obj.nonce + obj.agentnonce, 'binary')); // Test using the private key hash
|
||||
if (verify.verify(obj.unauth.nodeCertPem, Buffer.from(msg, 'binary')) !== true) {
|
||||
const verify2 = obj.parent.crypto.createVerify('SHA384');
|
||||
verify2.end(new Buffer(getWebCertFullHash(obj.domain) + obj.nonce + obj.agentnonce, 'binary')); // Test using the full cert hash
|
||||
if (verify2.verify(obj.unauth.nodeCertPem, new Buffer(msg, 'binary')) !== true) { return false; }
|
||||
verify2.end(Buffer.from(getWebCertFullHash(obj.domain) + obj.nonce + obj.agentnonce, 'binary')); // Test using the full cert hash
|
||||
if (verify2.verify(obj.unauth.nodeCertPem, Buffer.from(msg, 'binary')) !== true) { return false; }
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -56,7 +56,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
obj.maintenanceTimer = null;
|
||||
obj.serverId = null;
|
||||
obj.currentVer = null;
|
||||
obj.serverKey = new Buffer(obj.crypto.randomBytes(48), 'binary');
|
||||
obj.serverKey = Buffer.from(obj.crypto.randomBytes(48), 'binary');
|
||||
obj.loginCookieEncryptionKey = null;
|
||||
obj.serverSelfWriteAllowed = true;
|
||||
try { obj.currentVer = JSON.parse(obj.fs.readFileSync(obj.path.join(__dirname, 'package.json'), 'utf8')).version; } catch (e) { } // Fetch server version
|
||||
@ -1138,7 +1138,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
|
||||
// Generate a cryptographic key used to encode and decode cookies
|
||||
obj.generateCookieKey = function () {
|
||||
return new Buffer(obj.crypto.randomBytes(80), 'binary');
|
||||
return Buffer.from(obj.crypto.randomBytes(80), 'binary');
|
||||
//return Buffer.alloc(80, 0); // Sets the key to zeros, debug only.
|
||||
};
|
||||
|
||||
@ -1147,7 +1147,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
try {
|
||||
if (key == null) { key = obj.serverKey; }
|
||||
o.time = Math.floor(Date.now() / 1000); // Add the cookie creation time
|
||||
const iv = new Buffer(obj.crypto.randomBytes(12), 'binary'), cipher = obj.crypto.createCipheriv('aes-256-gcm', key.slice(0, 32), iv);
|
||||
const iv = Buffer.from(obj.crypto.randomBytes(12), 'binary'), cipher = obj.crypto.createCipheriv('aes-256-gcm', key.slice(0, 32), iv);
|
||||
const crypted = Buffer.concat([cipher.update(JSON.stringify(o), 'utf8'), cipher.final()]);
|
||||
return Buffer.concat([iv, cipher.getAuthTag(), crypted]).toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
} catch (e) { return null; }
|
||||
@ -1164,7 +1164,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
obj.decodeCookieAESGCM = function (cookie, key, timeout) {
|
||||
try {
|
||||
if (key == null) { key = obj.serverKey; }
|
||||
cookie = new Buffer(cookie.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64');
|
||||
cookie = Buffer.from(cookie.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64');
|
||||
const decipher = obj.crypto.createDecipheriv('aes-256-gcm', key.slice(0, 32), cookie.slice(0, 12));
|
||||
decipher.setAuthTag(cookie.slice(12, 16));
|
||||
const o = JSON.parse(decipher.update(cookie.slice(28), 'binary', 'utf8') + decipher.final('utf8'));
|
||||
@ -1183,7 +1183,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
try {
|
||||
if (key == null) { key = obj.serverKey; }
|
||||
if (key.length < 80) { return null; }
|
||||
cookie = new Buffer(cookie.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64');
|
||||
cookie = Buffer.from(cookie.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64');
|
||||
const decipher = obj.crypto.createDecipheriv('aes-256-cbc', key.slice(48, 80), cookie.slice(0, 16));
|
||||
const rawmsg = decipher.update(cookie.slice(16), 'binary', 'binary') + decipher.final('binary');
|
||||
const hmac = obj.crypto.createHmac('sha384', key.slice(0, 48));
|
||||
@ -1238,7 +1238,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
obj.fs.open(filepath, 'r', function (err, fd) {
|
||||
if (fd == null) { func(null); return; }
|
||||
obj.fs.fstat(fd, function (err, stats) {
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = new Buffer(bufferSize), bytesRead = 0;
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.from(bufferSize), bytesRead = 0;
|
||||
while (bytesRead < bufferSize) {
|
||||
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
|
||||
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
|
||||
|
15
meshrelay.js
15
meshrelay.js
@ -191,14 +191,19 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
||||
}
|
||||
});
|
||||
|
||||
// If error, do nothing
|
||||
// If error, do nothing.
|
||||
ws.on('error', function (err) {
|
||||
console.log('Relay Error', err);
|
||||
obj.close();
|
||||
console.log('Relay error from ' + obj.remoteaddr + ', ' + err.toString().split('\r')[0] + '.');
|
||||
closeBothSides();
|
||||
});
|
||||
|
||||
// If the mesh relay web socket is closed
|
||||
// If the mesh relay web socket is closed.
|
||||
ws.on('close', function (req) {
|
||||
closeBothSides();
|
||||
});
|
||||
|
||||
// Close both our side and the peer side.
|
||||
function closeBothSides() {
|
||||
if (obj.id != null) {
|
||||
var relayinfo = parent.wsrelays[obj.id];
|
||||
if (relayinfo != null) {
|
||||
@ -217,7 +222,7 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie
|
||||
obj.peer = null;
|
||||
obj.id = null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// Mark this relay session as authenticated if this is the user end.
|
||||
obj.authenticated = (obj.user != null);
|
||||
|
@ -28,7 +28,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
obj.serverStatsTimer = null;
|
||||
|
||||
// Send a message to the user
|
||||
//obj.send = function (data) { try { if (typeof data == 'string') { obj.ws.send(new Buffer(data, 'binary')); } else { obj.ws.send(data); } } catch (e) { } }
|
||||
//obj.send = function (data) { try { if (typeof data == 'string') { obj.ws.send(Buffer.from(data, 'binary')); } else { obj.ws.send(data); } } catch (e) { } }
|
||||
|
||||
// Disconnect this user
|
||||
obj.close = function (arg) {
|
||||
@ -1391,7 +1391,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
try {
|
||||
obj.fs.open(filepath, 'r', function (err, fd) {
|
||||
obj.fs.fstat(fd, function (err, stats) {
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = new Buffer(bufferSize), bytesRead = 0;
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.from(bufferSize), bytesRead = 0;
|
||||
while (bytesRead < bufferSize) {
|
||||
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
|
||||
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
|
||||
|
@ -113,7 +113,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
|
||||
socket.on("timeout", () => { Debug(1, "MPS:CIRA timeout, disconnecting."); try { socket.end(); } catch (e) { } });
|
||||
|
||||
socket.addListener("data", function (data) {
|
||||
if (args.mpsdebug) { var buf = new Buffer(data, "binary"); console.log("MPS <-- (" + buf.length + "):" + buf.toString('hex')); } // Print out received bytes
|
||||
if (args.mpsdebug) { var buf = Buffer.from(data, "binary"); console.log("MPS <-- (" + buf.length + "):" + buf.toString('hex')); } // Print out received bytes
|
||||
socket.tag.accumulator += data;
|
||||
|
||||
// Detect if this is an HTTPS request, if it is, return a simple answer and disconnect. This is useful for debugging access to the MPS port.
|
||||
@ -249,7 +249,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
|
||||
if (mesh.mtype == 1) {
|
||||
// Intel AMT GUID (socket.tag.SystemId) will be used as NodeID
|
||||
var systemid = socket.tag.SystemId.split('-').join('');
|
||||
var nodeid = new Buffer(systemid + systemid + systemid, 'hex').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
var nodeid = Buffer.from(systemid + systemid + systemid, 'hex').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
socket.tag.name = '';
|
||||
socket.tag.nodeid = 'node/' + mesh.domain + '/' + nodeid; // Turn 16bit systemid guid into 48bit nodeid that is base64 encoded
|
||||
socket.tag.meshid = mesh._id;
|
||||
@ -630,11 +630,11 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
|
||||
function Write(socket, data) {
|
||||
if (args.mpsdebug) {
|
||||
// Print out sent bytes
|
||||
var buf = new Buffer(data, "binary");
|
||||
var buf = Buffer.from(data, "binary");
|
||||
console.log('MPS --> (' + buf.length + '):' + buf.toString('hex'));
|
||||
socket.write(buf);
|
||||
} else {
|
||||
socket.write(new Buffer(data, "binary"));
|
||||
socket.write(Buffer.from(data, "binary"));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -111,21 +111,21 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
case 2: {
|
||||
// Server certificate
|
||||
var certlen = obj.common.ReadShort(msg, 2), serverCert = null;
|
||||
var serverCertPem = '-----BEGIN CERTIFICATE-----\r\n' + new Buffer(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
var serverCertPem = '-----BEGIN CERTIFICATE-----\r\n' + Buffer.from(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
try { serverCert = obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(msg.substring(4, 4 + certlen))); } catch (e) { }
|
||||
if (serverCert == null) { obj.parent.parent.debug(1, 'OutPeer: Invalid server certificate.'); disconnect(); return; }
|
||||
var serverid = new Buffer(obj.forge.pki.getPublicKeyFingerprint(serverCert.publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
var serverid = Buffer.from(obj.forge.pki.getPublicKeyFingerprint(serverCert.publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
if (serverid !== obj.agentCertificateHashBase64) { obj.parent.parent.debug(1, 'OutPeer: Server hash mismatch.'); disconnect(); return; }
|
||||
|
||||
// Server signature, verify it. This is the fast way, without using forge. (TODO: Use accelerator for this?)
|
||||
const verify = obj.parent.crypto.createVerify('SHA384');
|
||||
verify.end(new Buffer(obj.serverCertHash + obj.nonce + obj.servernonce, 'binary'));
|
||||
if (verify.verify(serverCertPem, new Buffer(msg.substring(4 + certlen), 'binary')) !== true) { obj.parent.parent.debug(1, 'OutPeer: Server sign check failed.'); disconnect(); return; }
|
||||
verify.end(Buffer.from(obj.serverCertHash + obj.nonce + obj.servernonce, 'binary'));
|
||||
if (verify.verify(serverCertPem, Buffer.from(msg.substring(4 + certlen), 'binary')) !== true) { obj.parent.parent.debug(1, 'OutPeer: Server sign check failed.'); disconnect(); return; }
|
||||
|
||||
// Connection is a success, clean up
|
||||
delete obj.nonce;
|
||||
delete obj.servernonce;
|
||||
obj.serverCertHash = new Buffer(obj.serverCertHash, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); // Change this value to base64
|
||||
obj.serverCertHash = Buffer.from(obj.serverCertHash, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); // Change this value to base64
|
||||
obj.connectionState |= 4;
|
||||
obj.retryBackoff = 0; // Set backoff connection timer back to fast.
|
||||
obj.parent.parent.debug(1, 'OutPeer ' + obj.serverid + ': Verified peer connection to ' + obj.url);
|
||||
@ -189,7 +189,7 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
if (command.dbid != obj.parent.parent.db.identifier) { console.log('ERROR: Database ID mismatch. Trying to peer to a server with the wrong database. (' + obj.url + ', ' + command.serverid + ').'); return; }
|
||||
if (obj.serverCertHash != command.serverCertHash) { console.log('ERROR: Outer certificate hash mismatch (2). (' + obj.url + ', ' + command.serverid + ').'); return; }
|
||||
obj.peerServerId = command.serverid;
|
||||
obj.peerServerKey = new Buffer(command.key, 'hex');
|
||||
obj.peerServerKey = Buffer.from(command.key, 'hex');
|
||||
obj.authenticated = 3;
|
||||
obj.parent.SetupPeerServer(obj, obj.peerServerId);
|
||||
}
|
||||
@ -228,7 +228,7 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
// Send a message to the peer server
|
||||
obj.send = function (data) {
|
||||
try {
|
||||
if (typeof data == 'string') { obj.ws.send(new Buffer(data, 'binary')); return; }
|
||||
if (typeof data == 'string') { obj.ws.send(Buffer.from(data, 'binary')); return; }
|
||||
if (typeof data == 'object') { obj.ws.send(JSON.stringify(data)); return; }
|
||||
obj.ws.send(data);
|
||||
} catch (e) { }
|
||||
@ -282,8 +282,8 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
// Decode the certificate
|
||||
var certlen = obj.common.ReadShort(msg, 2);
|
||||
obj.unauth = {};
|
||||
try { obj.unauth.nodeid = new Buffer(obj.forge.pki.getPublicKeyFingerprint(obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(msg.substring(4, 4 + certlen))).publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); } catch (e) { console.log(e); return; }
|
||||
obj.unauth.nodeCertPem = '-----BEGIN CERTIFICATE-----\r\n' + new Buffer(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
try { obj.unauth.nodeid = Buffer.from(obj.forge.pki.getPublicKeyFingerprint(obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(msg.substring(4, 4 + certlen))).publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'); } catch (e) { console.log(e); return; }
|
||||
obj.unauth.nodeCertPem = '-----BEGIN CERTIFICATE-----\r\n' + Buffer.from(msg.substring(4, 4 + certlen), 'binary').toString('base64') + '\r\n-----END CERTIFICATE-----';
|
||||
|
||||
// Check the peer server signature if we can
|
||||
if (obj.peernonce == null) {
|
||||
@ -325,8 +325,8 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
function processPeerSignature(msg) {
|
||||
// Verify the signature. This is the fast way, without using forge.
|
||||
const verify = obj.parent.crypto.createVerify('SHA384');
|
||||
verify.end(new Buffer(obj.parent.parent.webserver.webCertificateHash + obj.nonce + obj.peernonce, 'binary'));
|
||||
if (verify.verify(obj.unauth.nodeCertPem, new Buffer(msg, 'binary')) !== true) { console.log('Peer sign fail 1'); return false; }
|
||||
verify.end(Buffer.from(obj.parent.parent.webserver.webCertificateHash + obj.nonce + obj.peernonce, 'binary'));
|
||||
if (verify.verify(obj.unauth.nodeCertPem, Buffer.from(msg, 'binary')) !== true) { console.log('Peer sign fail 1'); return false; }
|
||||
if (obj.unauth.nodeid !== obj.agentCertificateHashBase64) { console.log('Peer sign fail 2'); return false; }
|
||||
|
||||
// Connection is a success, clean up
|
||||
@ -353,7 +353,7 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
if (command.dbid != obj.parent.parent.db.identifier) { console.log('ERROR: Database ID mismatch. Trying to peer to a server with the wrong database. (' + obj.remoteaddr + ', ' + command.serverid + ').'); return; }
|
||||
if (obj.parent.peerConfig.servers[command.serverid] == null) { console.log('ERROR: Unknown peer serverid: ' + command.serverid + ' (' + obj.remoteaddr + ').'); return; }
|
||||
obj.peerServerId = command.serverid;
|
||||
obj.peerServerKey = new Buffer(command.key, 'hex');
|
||||
obj.peerServerKey = Buffer.from(command.key, 'hex');
|
||||
obj.serverCertHash = command.serverCertHash;
|
||||
obj.authenticated = 3;
|
||||
obj.parent.SetupPeerServer(obj, obj.peerServerId);
|
||||
@ -599,7 +599,7 @@ module.exports.CreateMultiServer = function (parent, args) {
|
||||
|
||||
// Get the peer server's certificate and compute the server public key hash
|
||||
var serverCert = obj.forge.pki.certificateFromAsn1(obj.forge.asn1.fromDer(peerTunnel.ws2._socket.getPeerCertificate().raw.toString('binary')));
|
||||
var serverCertHashHex = new Buffer(obj.forge.pki.getPublicKeyFingerprint(serverCert.publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
var serverCertHashHex = Buffer.from(obj.forge.pki.getPublicKeyFingerprint(serverCert.publicKey, { encoding: 'binary', md: obj.forge.md.sha384.create() }), 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
|
||||
// Check if the peer certificate is the expected one for this serverid
|
||||
if (obj.peerServers[serverid] == null || obj.peerServers[serverid].serverCertHash != serverCertHashHex) { console.log('ERROR: Outer certificate hash mismatch (1). (' + peerTunnel.url + ', ' + peerTunnel.serverid + ').'); peerTunnel.close(); return; }
|
||||
|
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.2.5-k",
|
||||
"version": "0.2.5-l",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
2
pass.js
2
pass.js
@ -53,7 +53,7 @@ exports.iishash = function (type, pwd, salt, fn) {
|
||||
fn(null, pwd);
|
||||
} else if (type == 1) {
|
||||
const hash = crypto.createHash('sha1');
|
||||
hash.update(Buffer.concat([new Buffer(salt, 'base64'), new Buffer(pwd, 'utf16le')]));
|
||||
hash.update(Buffer.concat([Buffer.from(salt, 'base64'), Buffer.from(pwd, 'utf16le')]));
|
||||
fn(null, hash.digest().toString('base64'));
|
||||
} else {
|
||||
fn('invalid type');
|
||||
|
@ -60,7 +60,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
|
||||
if (i >= 0) { rootcert = rootcert.substring(i + 29); }
|
||||
i = rootcert.indexOf("-----END CERTIFICATE-----");
|
||||
if (i >= 0) { rootcert = rootcert.substring(i, 0); }
|
||||
res.send(new Buffer(rootcert, "base64"));
|
||||
res.send(Buffer.from(rootcert, "base64"));
|
||||
} else {
|
||||
res.sendStatus(404);
|
||||
}
|
||||
|
@ -153,7 +153,7 @@ module.exports.CreateSwarmServer = function (parent, db, args, certificates) {
|
||||
Debug(1, 'SWARM:New legacy agent connection');
|
||||
|
||||
socket.addListener("data", function (data) {
|
||||
if (args.swarmdebug) { var buf = new Buffer(data, "binary"); console.log('SWARM <-- (' + buf.length + '):' + buf.toString('hex')); } // Print out received bytes
|
||||
if (args.swarmdebug) { var buf = Buffer.from(data, "binary"); console.log('SWARM <-- (' + buf.length + '):' + buf.toString('hex')); } // Print out received bytes
|
||||
socket.tag.accumulator += data;
|
||||
|
||||
// Detect if this is an HTTPS request, if it is, return a simple answer and disconnect. This is useful for debugging access to the MPS port.
|
||||
@ -333,11 +333,11 @@ module.exports.CreateSwarmServer = function (parent, db, args, certificates) {
|
||||
function Write(socket, data) {
|
||||
if (args.swarmdebug) {
|
||||
// Print out sent bytes
|
||||
var buf = new Buffer(data, "binary");
|
||||
var buf = Buffer.from(data, "binary");
|
||||
console.log('SWARM --> (' + buf.length + '):' + buf.toString('hex'));
|
||||
socket.write(buf);
|
||||
} else {
|
||||
socket.write(new Buffer(data, "binary"));
|
||||
socket.write(Buffer.from(data, "binary"));
|
||||
}
|
||||
}
|
||||
|
||||
|
File diff suppressed because one or more lines are too long
@ -1088,7 +1088,6 @@
|
||||
r += '</div></div>';
|
||||
}
|
||||
|
||||
//meshcount = count;
|
||||
QH('p3meshes', r);
|
||||
QV('p3noMeshFound', count == 0);
|
||||
}
|
||||
@ -1456,7 +1455,11 @@
|
||||
}
|
||||
}
|
||||
|
||||
if (count == 0) {
|
||||
QH('xdevices', '<div style="margin-top:50px;text-align:center"><span style="font-size:30px">No devices</span><br /><br />Use the desktop version of this website to add devices.</div>');
|
||||
} else {
|
||||
QH('xdevices', r);
|
||||
}
|
||||
deviceHeaderSet();
|
||||
for (var i in deviceHeaders) { QH(i, deviceHeaders[i]); }
|
||||
for (var i in deviceHeadersTitles) { Q(i).title = deviceHeadersTitles[i]; }
|
||||
|
64
webserver.js
64
webserver.js
@ -104,19 +104,19 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Perform hash on web certificate and agent certificate
|
||||
obj.webCertificateHash = parent.certificateOperations.getPublicKeyHashBinary(obj.certificates.web.cert);
|
||||
obj.webCertificateHashs = { '': obj.webCertificateHash };
|
||||
obj.webCertificateHashBase64 = new Buffer(obj.webCertificateHash, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
obj.webCertificateHashBase64 = Buffer.from(obj.webCertificateHash, 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
obj.webCertificateFullHash = parent.certificateOperations.getCertHashBinary(obj.certificates.web.cert);
|
||||
obj.webCertificateFullHashs = { '': obj.webCertificateFullHash };
|
||||
obj.agentCertificateHashHex = parent.certificateOperations.getPublicKeyHash(obj.certificates.agent.cert);
|
||||
obj.agentCertificateHashBase64 = new Buffer(obj.agentCertificateHashHex, 'hex').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
obj.agentCertificateHashBase64 = Buffer.from(obj.agentCertificateHashHex, 'hex').toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
|
||||
obj.agentCertificateAsn1 = parent.certificateOperations.forge.asn1.toDer(parent.certificateOperations.forge.pki.certificateToAsn1(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.agent.cert))).getBytes();
|
||||
|
||||
// Compute the hash of all of the web certificates for each domain
|
||||
for (var i in obj.parent.config.domains) {
|
||||
if (obj.parent.config.domains[i].certhash != null) {
|
||||
// If the web certificate hash is provided, use it.
|
||||
obj.webCertificateHashs[i] = obj.webCertificateFullHashs[i] = new Buffer(obj.parent.config.domains[i].certhash, 'hex').toString('binary');
|
||||
if (obj.parent.config.domains[i].certkeyhash != null) { obj.webCertificateHashs[i] = new Buffer(obj.parent.config.domains[i].certkeyhash, 'hex').toString('binary'); }
|
||||
obj.webCertificateHashs[i] = obj.webCertificateFullHashs[i] = Buffer.from(obj.parent.config.domains[i].certhash, 'hex').toString('binary');
|
||||
if (obj.parent.config.domains[i].certkeyhash != null) { obj.webCertificateHashs[i] = Buffer.from(obj.parent.config.domains[i].certkeyhash, 'hex').toString('binary'); }
|
||||
} else if ((obj.parent.config.domains[i].dns != null) && (obj.parent.config.domains[i].certs != null)) {
|
||||
// If the domain has a different DNS name, use a different certificate hash.
|
||||
// Hash the full certificate
|
||||
@ -181,8 +181,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
var tlsOptions = { cert: obj.certificates.web.cert, key: obj.certificates.web.key, ca: obj.certificates.web.ca, rejectUnauthorized: true, secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE | obj.constants.SSL_OP_NO_TLSv1 | obj.constants.SSL_OP_NO_TLSv11 };
|
||||
if (obj.tlsSniCredentials != null) { tlsOptions.SNICallback = TlsSniCallback; } // We have multiple web server certificate used depending on the domain name
|
||||
obj.tlsServer = require('https').createServer(tlsOptions, obj.app);
|
||||
obj.tlsServer.on('secureConnection', function () { });
|
||||
obj.tlsServer.on('error', function (a, b, c) { console.log('tlsServer error', a, b, c); });
|
||||
obj.tlsServer.on('secureConnection', function () { /*console.log('tlsServer secureConnection');*/ });
|
||||
obj.tlsServer.on('error', function () { console.log('tlsServer error'); });
|
||||
obj.expressWs = require('express-ws')(obj.app, obj.tlsServer);
|
||||
}
|
||||
|
||||
@ -783,14 +783,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (obj.args.minify && !req.query.nominify) {
|
||||
// Try to server the minified version if we can.
|
||||
try {
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile-min' : 'views/default-min'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: new Buffer(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile-min' : 'views/default-min'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: Buffer.from(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
} catch (ex) {
|
||||
// In case of an exception, serve the non-minified version.
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile' : 'views/default'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: new Buffer(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile' : 'views/default'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: Buffer.from(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
}
|
||||
} else {
|
||||
// Serve non-minified version of web pages.
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile' : 'views/default'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: new Buffer(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
res.render(obj.path.join(__dirname, isMobileBrowser(req) ? 'views/default-mobile' : 'views/default'), { viewmode: viewmode, currentNode: currentNode, logoutControl: logoutcontrol, title: domain.title, title2: domain.title2, domainurl: domain.url, domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, webcerthash: Buffer.from(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer });
|
||||
}
|
||||
} else {
|
||||
// Send back the login application
|
||||
@ -880,14 +880,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (i >= 0) { rootcert = rootcert.substring(i + 29); }
|
||||
i = rootcert.indexOf("-----END CERTIFICATE-----");
|
||||
if (i >= 0) { rootcert = rootcert.substring(i, 0); }
|
||||
return new Buffer(rootcert, 'base64').toString('base64');
|
||||
return Buffer.from(rootcert, 'base64').toString('base64');
|
||||
}
|
||||
|
||||
// Returns the mesh server root certificate
|
||||
function handleRootCertRequest(req, res) {
|
||||
if (checkUserIpAddress(req, res, true) == false) { return; }
|
||||
res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=' + certificates.RootName + '.cer' });
|
||||
res.send(new Buffer(getRootCertBase64(), 'base64'));
|
||||
res.send(Buffer.from(getRootCertBase64(), 'base64'));
|
||||
}
|
||||
|
||||
// Returns an mescript for Intel AMT configuration
|
||||
@ -922,11 +922,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Compile the script
|
||||
var scriptEngine = require('./amtscript.js').CreateAmtScriptEngine();
|
||||
var runscript = scriptEngine.script_blocksToScript(scriptFile.blocks, scriptFile.scriptBlocks);
|
||||
scriptFile.mescript = new Buffer(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.mescript = Buffer.from(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.scriptText = runscript;
|
||||
|
||||
// Send the script
|
||||
res.send(new Buffer(JSON.stringify(scriptFile, null, ' ')));
|
||||
res.send(Buffer.from(JSON.stringify(scriptFile, null, ' ')));
|
||||
});
|
||||
} else {
|
||||
// Server name is a hostname
|
||||
@ -948,11 +948,11 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
// Compile the script
|
||||
var scriptEngine = require('./amtscript.js').CreateAmtScriptEngine();
|
||||
var runscript = scriptEngine.script_blocksToScript(scriptFile.blocks, scriptFile.scriptBlocks);
|
||||
scriptFile.mescript = new Buffer(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.mescript = Buffer.from(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.scriptText = runscript;
|
||||
|
||||
// Send the script
|
||||
res.send(new Buffer(JSON.stringify(scriptFile, null, ' ')));
|
||||
res.send(Buffer.from(JSON.stringify(scriptFile, null, ' ')));
|
||||
});
|
||||
}
|
||||
}
|
||||
@ -962,7 +962,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
var filepath = obj.parent.path.join(__dirname, 'public/scripts/cira_cleanup.mescript');
|
||||
readEntireTextFile(filepath, function (data) {
|
||||
if (data == null) { res.sendStatus(404); return; }
|
||||
res.send(new Buffer(data));
|
||||
res.send(Buffer.from(data));
|
||||
});
|
||||
}
|
||||
}
|
||||
@ -1099,7 +1099,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if ((names.length == sizes.length) && (types.length == datas.length) && (names.length == types.length)) {
|
||||
for (var i = 0; i < names.length; i++) {
|
||||
if (obj.common.IsFilenameValid(names[i]) == false) { res.sendStatus(404); return; }
|
||||
var filedata = new Buffer(datas[i].split(',')[1], 'base64');
|
||||
var filedata = Buffer.from(datas[i].split(',')[1], 'base64');
|
||||
if ((xfile.quota == null) || ((totalsize + filedata.length) < xfile.quota)) { // Check if quota would not be broken if we add this file
|
||||
// Create the user folder if needed
|
||||
(function (fullpath, filename, filedata) {
|
||||
@ -1280,7 +1280,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
ws.forwardclient.onData = function (ciraconn, data) {
|
||||
Debug(4, 'Relay CIRA data', data.length);
|
||||
if (ws.interceptor) { data = ws.interceptor.processAmtData(data); } // Run data thru interceptor
|
||||
if (data.length > 0) { try { ws.send(new Buffer(data, 'binary')); } catch (e) { } } // TODO: Add TLS support
|
||||
if (data.length > 0) { try { ws.send(Buffer.from(data, 'binary')); } catch (e) { } } // TODO: Add TLS support
|
||||
};
|
||||
|
||||
ws.forwardclient.onSendOk = function (ciraconn) {
|
||||
@ -1315,7 +1315,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
}
|
||||
msg = msg.toString('binary');
|
||||
if (ws.interceptor) { msg = ws.interceptor.processBrowserData(msg); } // Run data thru interceptor
|
||||
ws.forwardclient.write(new Buffer(msg, 'binary')); // Forward data to the associated TCP connection.
|
||||
ws.forwardclient.write(Buffer.from(msg, 'binary')); // Forward data to the associated TCP connection.
|
||||
});
|
||||
|
||||
// If error, do nothing
|
||||
@ -1357,10 +1357,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
ws.forwardclient.on('data', function (data) {
|
||||
if (obj.parent.debugLevel >= 1) { // DEBUG
|
||||
Debug(1, 'TCP relay data from ' + node.host + ', ' + data.length + ' bytes.');
|
||||
if (obj.parent.debugLevel >= 4) { Debug(4, ' ' + new Buffer(data, 'binary').toString('hex')); }
|
||||
if (obj.parent.debugLevel >= 4) { Debug(4, ' ' + Buffer.from(data, 'binary').toString('hex')); }
|
||||
}
|
||||
if (ws.interceptor) { data = ws.interceptor.processAmtData(data); } // Run data thru interceptor
|
||||
try { ws.send(new Buffer(data, 'binary')); } catch (e) { }
|
||||
try { ws.send(Buffer.from(data, 'binary')); } catch (e) { }
|
||||
});
|
||||
|
||||
// If the TCP connection closes, disconnect the associated web socket.
|
||||
@ -1592,8 +1592,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (domain.id != mesh.domain) { res.sendStatus(401); return; }
|
||||
}
|
||||
|
||||
var meshidhex = new Buffer(req.query.meshid.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = new Buffer(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var meshidhex = Buffer.from(req.query.meshid.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = Buffer.from(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
|
||||
// Build the agent connection URL. If we are using a sub-domain or one with a DNS, we need to craft the URL correctly.
|
||||
@ -1637,7 +1637,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
res.sendFile(argentInfo.signedMeshCmdPath);
|
||||
} else {
|
||||
// Merge JavaScript to a unsigned agent and send that.
|
||||
obj.parent.exeHandler.streamExeWithJavaScript({ platform: argentInfo.platform, sourceFileName: argentInfo.path, destinationStream: res, js: new Buffer(obj.parent.defaultMeshCmd, 'utf8'), peinfo: argentInfo.pe });
|
||||
obj.parent.exeHandler.streamExeWithJavaScript({ platform: argentInfo.platform, sourceFileName: argentInfo.path, destinationStream: res, js: Buffer.from(obj.parent.defaultMeshCmd, 'utf8'), peinfo: argentInfo.pe });
|
||||
}
|
||||
} else if (req.query.meshaction != null) {
|
||||
var domain = checkUserIpAddress(req, res);
|
||||
@ -1657,7 +1657,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
username: '',
|
||||
password: '',
|
||||
serverId: obj.agentCertificateHashHex.toUpperCase(), // SHA384 of server HTTPS public key
|
||||
serverHttpsHash: new Buffer(obj.webCertificateHash, 'binary').toString('hex').toUpperCase(), // SHA384 of server HTTPS certificate
|
||||
serverHttpsHash: Buffer.from(obj.webCertificateHash, 'binary').toString('hex').toUpperCase(), // SHA384 of server HTTPS certificate
|
||||
debugLevel: 0
|
||||
};
|
||||
if (user != null) { meshaction.username = user.name; }
|
||||
@ -1672,7 +1672,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
username: '',
|
||||
password: '',
|
||||
serverId: obj.agentCertificateHashHex.toUpperCase(), // SHA384 of server HTTPS public key
|
||||
serverHttpsHash: new Buffer(obj.webCertificateHash, 'binary').toString('hex').toUpperCase(), // SHA384 of server HTTPS certificate
|
||||
serverHttpsHash: Buffer.from(obj.webCertificateHash, 'binary').toString('hex').toUpperCase(), // SHA384 of server HTTPS certificate
|
||||
debugLevel: 0
|
||||
};
|
||||
if (user != null) { meshaction.username = user.name; }
|
||||
@ -1730,8 +1730,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (domain.id != mesh.domain) { res.sendStatus(401); return; }
|
||||
}
|
||||
|
||||
var meshidhex = new Buffer(req.query.meshid.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = new Buffer(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var meshidhex = Buffer.from(req.query.meshid.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = Buffer.from(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
|
||||
// Build the agent connection URL. If we are using a sub-domain or one with a DNS, we need to craft the URL correctly.
|
||||
@ -1811,8 +1811,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
if (domain.id != mesh.domain) { res.sendStatus(401); return; }
|
||||
}
|
||||
|
||||
var meshidhex = new Buffer(req.query.id.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = new Buffer(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var meshidhex = Buffer.from(req.query.id.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
var serveridhex = Buffer.from(obj.agentCertificateHashBase64.replace(/\@/g, '+').replace(/\$/g, '/'), 'base64').toString('hex').toUpperCase();
|
||||
|
||||
// Build the agent connection URL. If we are using a sub-domain or one with a DNS, we need to craft the URL correctly.
|
||||
var xdomain = (domain.dns == null) ? domain.id : '';
|
||||
@ -2078,7 +2078,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
} else {
|
||||
agent.agentCoreCheck = 1000; // Tell the agent object we are not using a custom core.
|
||||
// Perform a SHA384 hash on the core module
|
||||
var hash = obj.crypto.createHash('sha384').update(new Buffer(core, 'binary')).digest().toString('binary');
|
||||
var hash = obj.crypto.createHash('sha384').update(Buffer.from(core, 'binary')).digest().toString('binary');
|
||||
|
||||
// Send the code module to the agent
|
||||
agent.send(obj.common.ShortToStr(10) + obj.common.ShortToStr(0) + hash + core);
|
||||
@ -2101,7 +2101,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
try {
|
||||
obj.fs.open(filepath, 'r', function (err, fd) {
|
||||
obj.fs.fstat(fd, function (err, stats) {
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = new Buffer(bufferSize), bytesRead = 0;
|
||||
var bufferSize = stats.size, chunkSize = 512, buffer = Buffer.alloc(bufferSize), bytesRead = 0;
|
||||
while (bytesRead < bufferSize) {
|
||||
if ((bytesRead + chunkSize) > bufferSize) { chunkSize = (bufferSize - bytesRead); }
|
||||
obj.fs.readSync(fd, buffer, bytesRead, chunkSize, bytesRead);
|
||||
|
Loading…
Reference in New Issue
Block a user