mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-11-27 02:04:30 +03:00
Removed mescript support.
This commit is contained in:
parent
c351923961
commit
7d0c18aa20
2
public/scripts/amt-wsman-0.2.0-min.js
vendored
2
public/scripts/amt-wsman-0.2.0-min.js
vendored
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
@ -4089,57 +4089,6 @@
|
||||
QE('idx_dlgOkButton', checkcount > 0);
|
||||
}
|
||||
|
||||
function addCiraDeviceToMesh(meshid) {
|
||||
if (xxdialogMode) return false;
|
||||
var mesh = meshes[meshid];
|
||||
|
||||
// Replace non alphabetic characters (@ and $) with 'X' because MPS username cannot accept it.
|
||||
var meshidx = meshid.split('/')[2].replace(/\@/g, 'X').replace(/\$/g, 'X');
|
||||
|
||||
var y = '<select id=dlgAddCiraSel onclick=dlgAddCiraSelClick() style=width:230px><option value=0>' + "MeshCommander Script" + '</option><option value=1>' + "Manual Username/Password" + '</option>';
|
||||
if ((features & 16) == 0) { y += ('<option value=2>' + "Manual Certificate" + '</option></select>'); } // Only display this option if Intel AMT CIRA with Mutual-Auth is allowed.
|
||||
|
||||
var x = '';
|
||||
x += addHtmlValue("Setup Method", y);
|
||||
x += '<hr>';
|
||||
|
||||
// Setup CIRA using a MeshCommander script (Pretty Simple)
|
||||
x += '<div id=dlgAddCira0>' + format("To add a new Intel® AMT device to device group \"{0}\" with CIRA, download the following script files and use <a href='http://meshcommander.com' rel='noreferrer noopener' target='_blank'>MeshCommander</a> to run the script to configure computers.", EscapeHtml(mesh.name)) + '<br /><br />';
|
||||
//x += addHtmlValue('Setup CIRA', '<a href="mescript.ashx?type=1' + (urlargs.key?('&key=' + urlargs.key):'') + '&meshid=' + meshidx.substring(0, 16) + '" download>cira_setup.mescript</a>');
|
||||
x += addHtmlValue("Setup CIRA", '<a onclick=downloadFile("mescript.ashx?type=1' + (urlargs.key?('&key=' + urlargs.key):'') + '&meshid=' + meshid + '")>cira_setup.mescript</a>');
|
||||
x += addHtmlValue("Cleanup CIRA", '<a onclick=downloadFile("mescript.ashx?type=2' + (urlargs.key?('&key=' + urlargs.key):'') + '")>cira_clean.mescript</a>');
|
||||
x += '</div>';
|
||||
|
||||
// Setup CIRA with user/pass authentication (Somewhat difficult)
|
||||
x += '<div id=dlgAddCira1 style=display:none>' + format("To add a new Intel® AMT device to device group \"{0}\" with CIRA, load the following certificate as trusted root within Intel® AMT", EscapeHtml(mesh.name));
|
||||
if (serverinfo.mpspass) { x += (" and authenticate to the server using this username and password." + '<br /><br />'); } else { x += (" and authenticate to the server using this username and any password." + '<br /><br />'); }
|
||||
x += addHtmlValue("Root Certificate", '<a onclick=downloadFile("' + "MeshServerRootCert.cer" + (urlargs.key?('?key=' + urlargs.key):'') + '")>' + "Root Certificate File" + '</a>');
|
||||
x += addHtmlValue("Username", '<input style=width:230px readonly value="' + meshidx.substring(0, 16) + '" />');
|
||||
if (serverinfo.mpspass) { x += addHtmlValue("Password", '<input style=width:230px readonly value="' + EscapeHtml(serverinfo.mpspass) + '" />'); }
|
||||
if (serverinfo != null) { x += addHtmlValue("MPS Server", '<input style=width:230px readonly value="' + EscapeHtml(serverinfo.mpsname) + ':' + serverinfo.mpsport + '" />'); }
|
||||
x += '</div>';
|
||||
|
||||
// Setup CIRA with certificate authentication (Really difficult, only if TLS offload is not used)
|
||||
if ((features & 16) == 0) {
|
||||
x += '<div id=dlgAddCira2 style=display:none>' + format("To add a new Intel® AMT device to device group \"{0}\" with CIRA, load the following certificate as trusted root within Intel® AMT, authenticate using a client certificate with the following common name and connect to the following server.", EscapeHtml(mesh.name)) + '<br /><br />';
|
||||
x += addHtmlValue("Root Certificate", '<a onclick=downloadFile("' + "MeshServerRootCert.cer" + (urlargs.key?('?key=' + urlargs.key):'') + '")>' + "Root Certificate File" + '</a>');
|
||||
x += addHtmlValue("Organization", '<input style=width:230px readonly value="' + meshidx + '" />');
|
||||
if (serverinfo != null) { x += addHtmlValue("MPS Server", '<input style=width:230px readonly value="' + EscapeHtml(serverinfo.mpsname) + ':' + serverinfo.mpsport + '" />'); }
|
||||
x += '</div>';
|
||||
}
|
||||
|
||||
setDialogMode(2, "Add Intel® AMT CIRA device", 2, null, x, 'fileDownload');
|
||||
Q('dlgAddCiraSel').focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
function dlgAddCiraSelClick() {
|
||||
var val = Q('dlgAddCiraSel').value;
|
||||
QV('dlgAddCira0', val == 0);
|
||||
QV('dlgAddCira1', val == 1);
|
||||
QV('dlgAddCira2', val == 2);
|
||||
}
|
||||
|
||||
// Return true is the input string looks like an email address
|
||||
function checkEmail(str) {
|
||||
var x = str.split('@');
|
||||
|
122
webserver.js
122
webserver.js
@ -2669,127 +2669,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
res.send(Buffer.from(getRootCertBase64(), 'base64'));
|
||||
}
|
||||
|
||||
// Return the CIRA configuration script
|
||||
obj.getCiraCleanupScript = function (func) {
|
||||
obj.fs.readFile(obj.parent.path.join(obj.parent.webPublicPath, 'scripts/cira_cleanup.mescript'), 'utf8', function (err, data) {
|
||||
if (err != null) { func(null); return; }
|
||||
func(Buffer.from(data));
|
||||
});
|
||||
}
|
||||
|
||||
// Return the CIRA configuration script
|
||||
obj.getCiraConfigurationScript = function (meshid, func) {
|
||||
var meshidx = meshid.split('/')[2].replace(/\@/g, 'X').replace(/\$/g, 'X').substring(0, 16);
|
||||
var serverNameSplit = obj.certificates.AmtMpsName.split('.');
|
||||
|
||||
// Figure out the MPS port, use the alias if set
|
||||
var mpsport = ((obj.args.mpsaliasport != null) ? obj.args.mpsaliasport : obj.args.mpsport);
|
||||
|
||||
if ((serverNameSplit.length == 4) && (parseInt(serverNameSplit[0]) == serverNameSplit[0]) && (parseInt(serverNameSplit[1]) == serverNameSplit[1]) && (parseInt(serverNameSplit[2]) == serverNameSplit[2]) && (parseInt(serverNameSplit[3]) == serverNameSplit[3])) {
|
||||
// Server name is an IPv4 address
|
||||
obj.fs.readFile(obj.parent.path.join(obj.parent.webPublicPath, 'scripts/cira_setup_script_ip.mescript'), 'utf8', function (err, data) {
|
||||
if (err != null) { func(null); return; }
|
||||
|
||||
// Randomize the environement detection
|
||||
var randomDnsName;
|
||||
do { randomDnsName = getRandomLowerCase(14); } while (randomDnsName == 'aabbccddeeffgg');
|
||||
while (data.indexOf('aabbccddeeffgg') >= 0) { data = data.replace('aabbccddeeffgg', randomDnsName); }
|
||||
var scriptFile = JSON.parse(data);
|
||||
|
||||
// Change a few things in the script
|
||||
scriptFile.scriptBlocks[2].vars.CertBin.value = getRootCertBase64(); // Set the root certificate
|
||||
scriptFile.scriptBlocks[3].vars.IP.value = obj.certificates.AmtMpsName; // Set the server IPv4 address name
|
||||
scriptFile.scriptBlocks[3].vars.ServerName.value = obj.certificates.AmtMpsName; // Set the server certificate name
|
||||
scriptFile.scriptBlocks[3].vars.Port.value = mpsport; // Set the server MPS port
|
||||
scriptFile.scriptBlocks[3].vars.username.value = meshidx; // Set the username
|
||||
scriptFile.scriptBlocks[3].vars.password.value = obj.args.mpspass ? obj.args.mpspass : 'A@xew9rt'; // Set the password
|
||||
scriptFile.scriptBlocks[4].vars.AccessInfo1.value = obj.certificates.AmtMpsName + ':' + mpsport; // Set the primary server name:port to set periodic timer
|
||||
//scriptFile.scriptBlocks[4].vars.AccessInfo2.value = obj.certificates.AmtMpsName + ':' + mpsport; // Set the secondary server name:port to set periodic timer
|
||||
if (obj.args.ciralocalfqdn != null) { scriptFile.scriptBlocks[6].vars.DetectionStrings.value = obj.args.ciralocalfqdn; } // Set the environment detection local FQDN's
|
||||
|
||||
// Compile the script
|
||||
var scriptEngine = require('./amtscript.js').CreateAmtScriptEngine();
|
||||
var runscript = scriptEngine.script_blocksToScript(scriptFile.blocks, scriptFile.scriptBlocks);
|
||||
scriptFile.mescript = Buffer.from(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.scriptText = runscript;
|
||||
|
||||
// Send the script
|
||||
func(Buffer.from(JSON.stringify(scriptFile, null, ' ')));
|
||||
});
|
||||
} else {
|
||||
// Server name is a hostname
|
||||
obj.fs.readFile(obj.parent.path.join(obj.parent.webPublicPath, 'scripts/cira_setup_script_dns.mescript'), 'utf8', function (err, data) {
|
||||
if (err != null) { res.sendStatus(404); return; }
|
||||
|
||||
// Randomize the environement detection
|
||||
var randomDnsName;
|
||||
do { randomDnsName = getRandomLowerCase(14); } while (randomDnsName == 'aabbccddeeffgg');
|
||||
while (data.indexOf('aabbccddeeffgg') >= 0) { data = data.replace('aabbccddeeffgg', randomDnsName); }
|
||||
var scriptFile = JSON.parse(data);
|
||||
|
||||
// Change a few things in the script
|
||||
scriptFile.scriptBlocks[2].vars.CertBin.value = getRootCertBase64(); // Set the root certificate
|
||||
scriptFile.scriptBlocks[3].vars.FQDN.value = obj.certificates.AmtMpsName; // Set the server DNS name
|
||||
scriptFile.scriptBlocks[3].vars.Port.value = mpsport; // Set the server MPS port
|
||||
scriptFile.scriptBlocks[3].vars.username.value = meshidx; // Set the username
|
||||
scriptFile.scriptBlocks[3].vars.password.value = obj.args.mpspass ? obj.args.mpspass : 'A@xew9rt'; // Set the password
|
||||
scriptFile.scriptBlocks[4].vars.AccessInfo1.value = obj.certificates.AmtMpsName + ':' + mpsport; // Set the primary server name:port to set periodic timer
|
||||
//scriptFile.scriptBlocks[4].vars.AccessInfo2.value = obj.certificates.AmtMpsName + ':' + mpsport; // Set the secondary server name:port to set periodic timer
|
||||
if (obj.args.ciralocalfqdn != null) { scriptFile.scriptBlocks[6].vars.DetectionStrings.value = obj.args.ciralocalfqdn; } // Set the environment detection local FQDN's
|
||||
|
||||
// Compile the script
|
||||
var scriptEngine = require('./amtscript.js').CreateAmtScriptEngine();
|
||||
var runscript = scriptEngine.script_blocksToScript(scriptFile.blocks, scriptFile.scriptBlocks);
|
||||
scriptFile.mescript = Buffer.from(scriptEngine.script_compile(runscript), 'binary').toString('base64');
|
||||
scriptFile.scriptText = runscript;
|
||||
|
||||
// Send the script
|
||||
func(Buffer.from(JSON.stringify(scriptFile, null, ' ')));
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// Returns an mescript for Intel AMT configuration
|
||||
function handleMeScriptRequest(req, res) {
|
||||
const domain = getDomain(req);
|
||||
if (domain == null) { parent.debug('web', 'handleMeScriptRequest: no domain'); res.sendStatus(404); return; }
|
||||
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { res.sendStatus(404); return; } // Check 3FA URL key
|
||||
if ((obj.userAllowedIp != null) && (checkIpAddressEx(req, res, obj.userAllowedIp, false) === false)) { return; } // Check server-wide IP filter only.
|
||||
|
||||
// Get the user and check user rights
|
||||
var authUserid = null;
|
||||
if ((req.session != null) && (typeof req.session.userid == 'string')) { authUserid = req.session.userid; }
|
||||
if (authUserid == null) { res.sendStatus(401); return; }
|
||||
const user = obj.users[authUserid];
|
||||
if (user == null) { res.sendStatus(401); return; }
|
||||
|
||||
if ((req.query.type == 1) && (req.query.meshid != null)) {
|
||||
// Get the CIRA install script
|
||||
if (obj.IsMeshViewable(user, req.query.meshid) == false) { res.sendStatus(404); return; }
|
||||
obj.getCiraConfigurationScript(req.query.meshid, function (script) {
|
||||
if (script == null) { res.sendStatus(404); } else {
|
||||
try {
|
||||
var cirafilename = obj.meshes[req.query.meshid].name.split('\\').join('').split('/').join('').split(':').join('').split('*').join('').split('?').join('').split('"').join('').split('<').join('').split('>').join('').split('|').join('').split(' ').join('').split('\'').join('');
|
||||
res.set({ 'Cache-Control': 'no-store', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename="cira_setup_' + cirafilename + '.mescript"' });
|
||||
} catch (ex) {
|
||||
res.set({ 'Cache-Control': 'no-store', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename="cira_setup.mescript"' });
|
||||
}
|
||||
res.send(script);
|
||||
}
|
||||
});
|
||||
} else if (req.query.type == 2) {
|
||||
// Get the CIRA cleanup script
|
||||
obj.getCiraCleanupScript(function (script) {
|
||||
if (script == null) { res.sendStatus(404); } else {
|
||||
res.set({ 'Cache-Control': 'no-store', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename="cira_cleanup.mescript"' });
|
||||
res.send(script);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
res.sendStatus(404);
|
||||
}
|
||||
}
|
||||
|
||||
// Handle user public file downloads
|
||||
function handleDownloadUserFiles(req, res) {
|
||||
const domain = checkUserIpAddress(req, res);
|
||||
@ -4831,7 +4710,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
||||
obj.app.post(url + 'tokenlogin', handleLoginRequest);
|
||||
obj.app.get(url + 'logout', handleLogoutRequest);
|
||||
obj.app.get(url + 'MeshServerRootCert.cer', handleRootCertRequest);
|
||||
obj.app.get(url + 'mescript.ashx', handleMeScriptRequest);
|
||||
obj.app.post(url + 'changepassword', handlePasswordChangeRequest);
|
||||
obj.app.post(url + 'deleteaccount', handleDeleteAccountRequest);
|
||||
obj.app.post(url + 'createaccount', handleCreateAccountRequest);
|
||||
|
Loading…
Reference in New Issue
Block a user