diff --git a/agents/meshcmd.js b/agents/meshcmd.js index e505e285..dab19ad5 100644 --- a/agents/meshcmd.js +++ b/agents/meshcmd.js @@ -271,7 +271,7 @@ function run(argv) { SMBiosTables.get(function (data) { var r = SMBiosTables.parse(data); var out = objToString(r, 0, '\r\n'); - if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, new Buffer(out, 'utf8')); fs.closeSync(file); } + if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, Buffer.from(out, 'utf8')); fs.closeSync(file); } exit(1); }); } else if (settings.action == 'rawsmbios') { @@ -280,7 +280,7 @@ function run(argv) { SMBiosTables.get(function (data) { var out = ''; for (var i in data) { var header = false; for (var j in data[i]) { if (data[i][j].length > 0) { if (header == false) { out += ('Table type #' + i + ((SMBiosTables.smTableTypes[i] == null) ? '' : (', ' + SMBiosTables.smTableTypes[i]))) + '\r\n'; header = true; } out += (' ' + data[i][j].toString('hex')) + '\r\n'; } } } - if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, new Buffer(out, 'utf8')); fs.closeSync(file); } + if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, Buffer.from(out, 'utf8')); fs.closeSync(file); } exit(1); }); } else if (settings.action == 'route') { @@ -568,7 +568,7 @@ function readAmtAuditLogEx2(stack, response, status) { var name = ((response[i].Initiator != '') ? (response[i].Initiator + ': ') : '') out += (response[i].Time + ' - ' + name + response[i].Event + '\r\n'); } - if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, new Buffer(out, 'utf8')); fs.closeSync(file); } + if (settings.output == null) { console.log(out); } else { var file = fs.openSync(settings.output, 'w'); fs.writeSync(file, Buffer.from(out, 'utf8')); fs.closeSync(file); } } exit(1); } @@ -802,7 +802,7 @@ function saveEntireAmtStateOk4(stack, messages, tag, status) { if (status == 600 function saveEntireAmtStateDone() { if (--IntelAmtEntireStateCalls != 0) return; var out = fs.openSync(settings.output, 'w'); - fs.writeSync(out, new Buffer(JSON.stringify(IntelAmtEntireState), 'utf8')); + fs.writeSync(out, Buffer.from(JSON.stringify(IntelAmtEntireState), 'utf8')); fs.closeSync(out); console.log('Done, results written to ' + settings.output + '.'); exit(1); @@ -1187,7 +1187,7 @@ function kvmCtrlData(channel, cmd) { // Send the next download block(s) while (sendNextBlock > 0) { sendNextBlock--; - var buf = new Buffer(4096); + var buf = Buffer.alloc(4096); var len = fs.readSync(this.filedownload.f, buf, 4, 4092, null); this.filedownload.ptr += len; if (len < 4092) { buf.writeInt32BE(0x01000001, 0); fs.closeSync(this.filedownload.f); delete this.filedownload; sendNextBlock = 0; } else { buf.writeInt32BE(0x01000000, 0); } @@ -1280,19 +1280,19 @@ function processLmsControlData(data) { case 1: // Request basic Intel AMT information (CMD = 1) { getAmtInfo(function (meinfo, socket) { meinfo.LoginMode = 2; socket.write(Buffer.concat([Buffer.from('0100', 'hex'), Buffer.from(JSON.stringify(meinfo))])); }, this); break; } case 2: // Intel AMT MEI Unprovision (CMD = 2) - { if (data.length < 6) break; amtMei.unprovision(data.readUInt32LE(2), function (status, socket) { var data = new Buffer(6); data.writeUInt16LE(2, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } + { if (data.length < 6) break; amtMei.unprovision(data.readUInt32LE(2), function (status, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(2, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } case 3: // Intel AMT MEI GetLocalSystemAccount (CMD = 3) { amtMei.getLocalSystemAccount(function (account, socket) { socket.write(Buffer.concat([Buffer.from('030000000000', 'hex'), account.raw])); }, this); break; } case 4: // Instruct Intel AMT to start remote configuration (CMD = 4) - { amtMei.startConfiguration(function (status, socket) { var data = new Buffer(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } + { amtMei.startConfiguration(function (status, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } case 5: // Instruct Intel AMT to stop remote configuration (CMD = 5) - { amtMei.stopConfiguration(function (status, socket) { var data = new Buffer(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } + { amtMei.stopConfiguration(function (status, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } case 6: // Instruct Intel AMT connect CIRA (CMD = 6) - { amtMei.openUserInitiatedConnection(function (status, socket) { var data = new Buffer(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } + { amtMei.openUserInitiatedConnection(function (status, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } case 7: // Instruct Intel AMT disconnect CIRA (CMD = 7) - { amtMei.closeUserInitiatedConnection(function (status, socket) { var data = new Buffer(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } + { amtMei.closeUserInitiatedConnection(function (status, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(7, 0); data.writeUInt32LE(status, 2); socket.write(data); }, this); break; } case 8: // Get Intel AMT CIRA State (CMD = 8) - { amtMei.getRemoteAccessConnectionStatus(function (state, socket) { var data = new Buffer(6); data.writeUInt16LE(8, 0); data.writeUInt32LE(state.status, 2); socket.write(Buffer.concat([data, state.raw])); }, this); break; } + { amtMei.getRemoteAccessConnectionStatus(function (state, socket) { var data = Buffer.alloc(6); data.writeUInt16LE(8, 0); data.writeUInt32LE(state.status, 2); socket.write(Buffer.concat([data, state.raw])); }, this); break; } } } diff --git a/agents/meshcore.js b/agents/meshcore.js index 9955c9d0..0da0f62d 100644 --- a/agents/meshcore.js +++ b/agents/meshcore.js @@ -1220,7 +1220,7 @@ function createMeshCore(agent) { var max = 4096; if ((args['_'].length > 1) && (typeof args['_'][1] == 'number')) { max = args['_'][1]; } if (max > 4096) max = 4096; - var buf = new Buffer(max), fd = fs.openSync(args['_'][0], "r"), r = fs.readSync(fd, buf, 0, max); // Read the file content + var buf = Buffer.alloc(max), fd = fs.openSync(args['_'][0], "r"), r = fs.readSync(fd, buf, 0, max); // Read the file content response = buf.toString(); var i = response.indexOf('\n'); if ((i > 0) && (response[i - 1] != '\r')) { response = response.split('\n').join('\r\n'); } @@ -1843,7 +1843,7 @@ function createMeshCore(agent) { // Send the next download block(s) while (sendNextBlock > 0) { sendNextBlock--; - var buf = new Buffer(4096); + var buf = Buffer.alloc(4096); var len = fs.readSync(this.filedownload.f, buf, 4, 4092, null); this.filedownload.ptr += len; if (len < 4092) { buf.writeInt32BE(0x01000001, 0); fs.closeSync(this.filedownload.f); delete this.filedownload; sendNextBlock = 0; } else { buf.writeInt32BE(0x01000000, 0); } diff --git a/agents/modules_meshcmd/amt-mei.js b/agents/modules_meshcmd/amt-mei.js index eb86b3c2..a7750fe7 100644 --- a/agents/modules_meshcmd/amt-mei.js +++ b/agents/modules_meshcmd/amt-mei.js @@ -256,7 +256,7 @@ function amt_heci() { var optional = []; for (var i = 2; i < arguments.length; ++i) { optional.push(arguments[i]); } - var data = new Buffer(4); + var data = Buffer.alloc(4); data.writeUInt32LE(handle, 0); this.sendCommand(0x2D, data, function (header, fn, opt) { @@ -356,7 +356,7 @@ function amt_heci() { this.unprovision = function unprovision(mode, callback) { var optional = []; for (var i = 2; i < arguments.length; ++i) { optional.push(arguments[i]); } - var data = new Buffer(4); + var data = Buffer.alloc(4); data.writeUInt32LE(mode, 0); this.sendCommand(16, data, function (header, fn, opt) { opt.unshift(header.Status); diff --git a/agents/modules_meshcmd/amt.js b/agents/modules_meshcmd/amt.js index 3b447e30..15ffe154 100644 --- a/agents/modules_meshcmd/amt.js +++ b/agents/modules_meshcmd/amt.js @@ -729,7 +729,7 @@ function AmtStackCreateService(wsmanStack) { e = null; try { es = atob(responses.Body['EventRecords'][i]); - e = new Buffer(es); + e = Buffer.from(es); } catch (ex) { console.log(ex + " " + responses.Body['EventRecords'][i]) } diff --git a/agents/modules_meshcore/amt-mei.js b/agents/modules_meshcore/amt-mei.js index eb86b3c2..a7750fe7 100644 --- a/agents/modules_meshcore/amt-mei.js +++ b/agents/modules_meshcore/amt-mei.js @@ -256,7 +256,7 @@ function amt_heci() { var optional = []; for (var i = 2; i < arguments.length; ++i) { optional.push(arguments[i]); } - var data = new Buffer(4); + var data = Buffer.alloc(4); data.writeUInt32LE(handle, 0); this.sendCommand(0x2D, data, function (header, fn, opt) { @@ -356,7 +356,7 @@ function amt_heci() { this.unprovision = function unprovision(mode, callback) { var optional = []; for (var i = 2; i < arguments.length; ++i) { optional.push(arguments[i]); } - var data = new Buffer(4); + var data = Buffer.alloc(4); data.writeUInt32LE(mode, 0); this.sendCommand(16, data, function (header, fn, opt) { opt.unshift(header.Status); diff --git a/agents/modules_meshcore/amt.js b/agents/modules_meshcore/amt.js index 3b447e30..15ffe154 100644 --- a/agents/modules_meshcore/amt.js +++ b/agents/modules_meshcore/amt.js @@ -729,7 +729,7 @@ function AmtStackCreateService(wsmanStack) { e = null; try { es = atob(responses.Body['EventRecords'][i]); - e = new Buffer(es); + e = Buffer.from(es); } catch (ex) { console.log(ex + " " + responses.Body['EventRecords'][i]) } diff --git a/meshagent.js b/meshagent.js index 75070d8c..20afd2b4 100644 --- a/meshagent.js +++ b/meshagent.js @@ -229,7 +229,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) { obj.send(obj.common.ShortToStr(1) + msg.substring(2, 50) + obj.nonce); // Command 1, hash + nonce. Use the web hash given by the agent. } else { // Check that the server hash matches our own web certificate hash (SHA384) - if ((getWebCertHash(obj.domain) != msg.substring(2, 50)) && (getWebCertFullHash(obj.domain) != msg.substring(2, 50))) { console.log('Agent bad web cert hash (Agent:' + (Buffer.from(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (new Buffer(getWebCertHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').'); return; } + if ((getWebCertHash(obj.domain) != msg.substring(2, 50)) && (getWebCertFullHash(obj.domain) != msg.substring(2, 50))) { console.log('Agent bad web cert hash (Agent:' + (Buffer.from(msg.substring(2, 50), 'binary').toString('hex').substring(0, 10)) + ' != Server:' + (Buffer.from(getWebCertHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + ' or ' + (new Buffer(getWebCertFullHash(obj.domain), 'binary').toString('hex').substring(0, 10)) + '), holding connection (' + obj.remoteaddrport + ').'); return; } } // Use our server private key to sign the ServerHash + AgentNonce + ServerNonce diff --git a/meshrelay.js b/meshrelay.js index 4c755db6..7499f66d 100644 --- a/meshrelay.js +++ b/meshrelay.js @@ -191,13 +191,13 @@ module.exports.CreateMeshRelay = function (parent, ws, req, domain, user, cookie } }); - // If error, do nothing. + // If error, close both sides of the relay. ws.on('error', function (err) { console.log('Relay error from ' + obj.remoteaddr + ', ' + err.toString().split('\r')[0] + '.'); closeBothSides(); }); - // If the mesh relay web socket is closed. + // If the relay web socket is closed, close both sides. ws.on('close', function (req) { closeBothSides(); }); diff --git a/redirserver.js b/redirserver.js index ddf761c9..2a10e698 100644 --- a/redirserver.js +++ b/redirserver.js @@ -98,7 +98,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) { function CheckListenPort(port, func) { var s = obj.net.createServer(function (socket) { }); obj.tcpServer = s.listen(port, function () { s.close(function () { if (func) { func(port); } }); }).on("error", function (err) { - if (args.exactports) { console.error("ERROR: MeshCentral HTTP web server port " + port + " not available."); process.exit(); } + if (args.exactports) { console.error("ERROR: MeshCentral HTTP server port " + port + " not available."); process.exit(); } else { if (port < 65535) { CheckListenPort(port + 1, func); } else { if (func) { func(0); } } } }); } @@ -108,7 +108,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) { if (port == 0 || port == 65535) { return; } obj.tcpServer = obj.app.listen(port, function () { obj.port = port; - console.log("MeshCentral HTTP redirection web server running on port " + port + "."); + console.log("MeshCentral HTTP redirection server running on port " + port + "."); obj.parent.updateServerState("redirect-port", port); func(obj.port); }).on("error", function (err) { diff --git a/webserver.js b/webserver.js index 7299ad31..9ed0bcd8 100644 --- a/webserver.js +++ b/webserver.js @@ -40,7 +40,7 @@ function SerialTunnel(options) { if (!String.prototype.startsWith) { String.prototype.startsWith = function (searchString, position) { position = position || 0; return this.substr(position, searchString.length) === searchString; }; } if (!String.prototype.endsWith) { String.prototype.endsWith = function (searchString, position) { var subjectString = this.toString(); if (typeof position !== 'number' || !isFinite(position) || Math.floor(position) !== position || position > subjectString.length) { position = subjectString.length; } position -= searchString.length; var lastIndex = subjectString.lastIndexOf(searchString, position); return lastIndex !== -1 && lastIndex === position; }; } -// Construct a HTTP web server object +// Construct a HTTP server object module.exports.CreateWebServer = function (parent, db, args, certificates) { var obj = {}, i = 0; @@ -1263,8 +1263,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (ws.forwardclient.xtls == 1) { ws.forwardclient.write(Buffer.from(msg, 'binary')); } else { ws.forwardclient.write(msg); } }); - // If error, do nothing - ws.on('error', function (err) { console.log('WEBSERVER WSERR1: ' + err); }); + // If error, close the associated TCP connection. + ws.on('error', function (err) { + console.log('CIRA server websocket error from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.'); + Debug(1, 'Websocket relay closed on error.'); + if (ws.forwardclient && ws.forwardclient.close) { ws.forwardclient.close(); } // TODO: If TLS is used, we need to close the socket that is wrapped by TLS + }); // If the web socket is closed, close the associated TCP connection. ws.on('close', function (req) { @@ -1318,8 +1322,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { ws.forwardclient.write(Buffer.from(msg, 'binary')); // Forward data to the associated TCP connection. }); - // If error, do nothing - ws.on('error', function (err) { console.log('WEBSERVER WSERR2: ' + err); }); + // If error, close the associated TCP connection. + ws.on('error', function (err) { + console.log('Error with relay web socket connection from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.'); + Debug(1, 'Error with relay web socket connection from ' + ws._socket.remoteAddress + '.'); + if (ws.forwardclient) { try { ws.forwardclient.destroy(); } catch (e) { } } + }); // If the web socket is closed, close the associated TCP connection. ws.on('close', function () { @@ -1409,8 +1417,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { } }); - // If error, do nothing - ws.on('error', function (err) { console.log('WEBSERVER WSERR3: ' + err); }); + // If error, do nothing. + ws.on('error', function (err) { console.log('Echo server error from ' + ws._socket.remoteAddress + ', ' + err.toString().split('\r')[0] + '.'); }); // If closed, do nothing ws.on('close', function (req) { }); @@ -1523,8 +1531,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if ((user.siteadmin & 1) == 0) { res.sendStatus(401); return; } // Check if we have server backup rights // Require modules - var fs = require('fs'); - var archive = require('archiver')('zip', { level: 9 }); // Sets the compression method to maximum. + const fs = require('fs'); + const archive = require('archiver')('zip', { level: 9 }); // Sets the compression method to maximum. // Good practice to catch this error explicitly archive.on('error', function (err) { throw err; }); @@ -2018,7 +2026,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { function CheckListenPort(port, func) { var s = obj.net.createServer(function (socket) { }); obj.tcpServer = s.listen(port, function () { s.close(function () { if (func) { func(port); } }); }).on('error', function (err) { - if (args.exactports) { console.error('ERROR: MeshCentral HTTPS web server port ' + port + ' not available.'); process.exit(); } + if (args.exactports) { console.error('ERROR: MeshCentral HTTPS server port ' + port + ' not available.'); process.exit(); } else { if (port < 65535) { CheckListenPort(port + 1, func); } else { if (func) { func(0); } } } }); } @@ -2029,15 +2037,15 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { obj.args.port = port; if (obj.tlsServer != null) { if (obj.args.lanonly == true) { - obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS web server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); + obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); } else { - obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS web server running on ' + certificates.CommonName + ':' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); + obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS server running on ' + certificates.CommonName + ':' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); obj.parent.updateServerState('servername', certificates.CommonName); } obj.parent.updateServerState('https-port', port); if (args.aliasport != null) { obj.parent.updateServerState('https-aliasport', args.aliasport); } } else { - obj.tcpServer = obj.app.listen(port, function () { console.log('MeshCentral HTTP web server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); + obj.tcpServer = obj.app.listen(port, function () { console.log('MeshCentral HTTP server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); }); obj.parent.updateServerState('http-port', port); if (args.aliasport != null) { obj.parent.updateServerState('http-aliasport', args.aliasport); } }