From b45b60fb134e50fd4096eaaae66b6fe1521397b5 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Fri, 15 Nov 2019 17:55:05 -0800 Subject: [PATCH] GreenLockv3 fixes --- .greenlockrc | 3 +++ letsEncrypt.js | 24 ++++++++------------ meshcentral.js | 4 +++- package.json | 3 ++- views/default-min.handlebars | 5 ++-- views/default.handlebars | 5 ++-- views/translations/default-min_fr.handlebars | 5 ++-- views/translations/default_fr.handlebars | 5 ++-- 8 files changed, 29 insertions(+), 25 deletions(-) create mode 100644 .greenlockrc diff --git a/.greenlockrc b/.greenlockrc new file mode 100644 index 00000000..0e959e84 --- /dev/null +++ b/.greenlockrc @@ -0,0 +1,3 @@ +{ + "manager": "C:\\Users\\Default.DESKTOP-M9I88C9\\Desktop\\AmtWebApp\\meshcentral\\letsencrypt.js" +} \ No newline at end of file diff --git a/letsEncrypt.js b/letsEncrypt.js index e0fe6555..2415044b 100644 --- a/letsEncrypt.js +++ b/letsEncrypt.js @@ -14,7 +14,7 @@ /*jshint esversion: 6 */ 'use strict'; -module.exports.CreateLetsEncrypt = function(parent) { +module.exports.CreateLetsEncrypt = function (parent) { try { parent.debug('cert', "Initializing Let's Encrypt support"); @@ -67,7 +67,7 @@ module.exports.CreateLetsEncrypt = function(parent) { // Latest NodeJS maintainerEmail = pkg.author.email; } - + // Create the main GreenLock code module. var greenlockargs = { parent: obj, @@ -110,16 +110,10 @@ module.exports.CreateLetsEncrypt = function(parent) { obj.parent.config.letsencrypt.names.map(function (s) { return s.trim(); }); // Trim each name if ((typeof obj.parent.config.letsencrypt.names != 'object') || (obj.parent.config.letsencrypt.names.length == null)) { console.log("ERROR: Let's Encrypt names must be an array in config.json."); func(certs); return; } obj.leDomains = obj.parent.config.letsencrypt.names; - obj.leDomains.sort(); // Sort the array so it's always going to be in the same order. } - // Get altnames - obj.altnames = []; - obj.servername = certs.CommonName; - for (var i in obj.leDomains) { if (obj.leDomains[i] != certs.CommonName) { obj.altnames.push(obj.leDomains[i]); } } - // Get the Let's Encrypt certificate from our own storage - obj.le.get({ servername: certs.CommonName }) + obj.le.get({ servername: obj.leDomains[0] }) .then(function (results) { // If we already have real certificates, use them. if (results) { @@ -156,14 +150,14 @@ module.exports.CreateLetsEncrypt = function(parent) { parent.debug('cert', "Checking certs"); // Setup renew options - var renewOptions = { servername: obj.servername }; - if (obj.altnames.length > 0) { renewOptions.altnames = obj.altnames; } + var renewOptions = { servername: obj.leDomains[0] }; + if (obj.leDomains.length > 0) { renewOptions.altnames = obj.leDomains; } obj.le.renew(renewOptions) .then(function (results) { parent.debug('cert', "Checks completed"); if (obj.performRestart === true) { parent.debug('cert', "Certs changed, restarting..."); obj.parent.performServerCertUpdate(); } // Reset the server, TODO: Reset all peers }) - .catch(function (e) { console.log(e); func(certs); }); + .catch(function (e) { console.log(e); }); } return obj; @@ -176,7 +170,7 @@ module.exports.create = function (options) { var manager = { parent: options.parent }; manager.find = async function (options) { //console.log('LE-FIND', options); - return Promise.resolve([ { subject: options.servername, altnames: options.altnames } ]); + return Promise.resolve([{ subject: options.servername, altnames: options.altnames }]); }; manager.set = function (options) { @@ -196,8 +190,8 @@ module.exports.create = function (options) { //console.log('LE-DEFAULTS', options); if (options != null) { for (var i in options) { if (manager.parent.leDefaults[i] == null) { manager.parent.leDefaults[i] = options[i]; } } } var r = manager.parent.leDefaults; - var mainsite = { subject: manager.parent.servername }; - if (manager.parent.altnames.length > 0) { mainsite.altnames = manager.parent.altnames; } + var mainsite = { subject: manager.parent.leDomains[0] }; + if (manager.parent.leDomains.length > 0) { mainsite.altnames = manager.parent.leDomains; } r.subscriberEmail = manager.parent.parent.config.letsencrypt.email; r.sites = { mainsite: mainsite }; return r; diff --git a/meshcentral.js b/meshcentral.js index 35a8cc74..342afdd1 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -830,7 +830,9 @@ function CreateMeshCentralServer(config, args) { // Load server certificates obj.certificateOperations = require('./certoperations.js').CertificateOperations(obj); obj.certificateOperations.GetMeshServerCertificate(obj.args, obj.config, function (certs) { - if ((obj.config.letsencrypt == null) || (obj.redirserver == null)) { + // Get the current node version + const nodeVersion = Number(process.version.match(/^v(\d+\.\d+)/)[1]); + if ((nodeVersion < 8) || (obj.config.letsencrypt == null) || (obj.redirserver == null)) { obj.StartEx3(certs); // Just use the configured certificates } else { var le = require('./letsencrypt.js'); diff --git a/package.json b/package.json index f040b0fd..2bd65768 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.4.4-c", + "version": "0.4.4-e", "keywords": [ "Remote Management", "Intel AMT", @@ -37,6 +37,7 @@ "express": "^4.17.0", "express-handlebars": "^3.1.0", "express-ws": "^4.0.0", + "greenlock": "^3.1.5", "ipcheck": "^0.1.0", "meshcentral": "*", "minimist": "^1.2.0", diff --git a/views/default-min.handlebars b/views/default-min.handlebars index 4df2d61b..330c9d7f 100644 --- a/views/default-min.handlebars +++ b/views/default-min.handlebars @@ -8197,6 +8197,7 @@ x += '
'; x += '
'; x += '
'; + x += '
'; x += '
' + "Web Server" + '
'; x += '
'; x += '
'; @@ -8213,8 +8214,8 @@ } function setServerTracingEx(b) { - var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent']; - if (b == 1) { for (var i = 1; i < 16; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } + var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent', 'cert']; + if (b == 1) { for (var i = 1; i < 17; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } meshserver.send({ action: 'traceinfo', traceSources: sources }); } diff --git a/views/default.handlebars b/views/default.handlebars index 0303b02b..6744695a 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -9179,6 +9179,7 @@ x += '
'; x += '
'; x += '
'; + x += '
'; x += '
' + "Web Server" + '
'; x += '
'; x += '
'; @@ -9195,8 +9196,8 @@ } function setServerTracingEx(b) { - var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent']; - if (b == 1) { for (var i = 1; i < 16; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } + var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent', 'cert']; + if (b == 1) { for (var i = 1; i < 17; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } meshserver.send({ action: 'traceinfo', traceSources: sources }); } diff --git a/views/translations/default-min_fr.handlebars b/views/translations/default-min_fr.handlebars index 4ac5b33f..dfe91c1a 100644 --- a/views/translations/default-min_fr.handlebars +++ b/views/translations/default-min_fr.handlebars @@ -8197,6 +8197,7 @@ x += '
'; x += '
'; x += '
'; + x += '
'; x += '
' + "Serveur Web" + '
'; x += '
'; x += '
'; @@ -8213,8 +8214,8 @@ } function setServerTracingEx(b) { - var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent']; - if (b == 1) { for (var i = 1; i < 16; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } + var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent', 'cert']; + if (b == 1) { for (var i = 1; i < 17; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } meshserver.send({ action: 'traceinfo', traceSources: sources }); } diff --git a/views/translations/default_fr.handlebars b/views/translations/default_fr.handlebars index 8235c4c0..9d39b2ec 100644 --- a/views/translations/default_fr.handlebars +++ b/views/translations/default_fr.handlebars @@ -9177,6 +9177,7 @@ x += '
'; x += '
'; x += '
'; + x += '
'; x += '
' + "Serveur Web" + '
'; x += '
'; x += '
'; @@ -9193,8 +9194,8 @@ } function setServerTracingEx(b) { - var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent']; - if (b == 1) { for (var i = 1; i < 16; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } + var sources = [], allsources = ['cookie', 'dispatch', 'main', 'peer', 'web', 'webrequest', 'relay', 'webrelaydata', 'webrelay', 'mps', 'mpscmd', 'swarm', 'swarmcmd', 'agentupdate', 'agent', 'cert']; + if (b == 1) { for (var i = 1; i < 17; i++) { try { if (Q('p41c' + i).checked) { sources.push(allsources[i - 1]); } } catch (ex) { } } } meshserver.send({ action: 'traceinfo', traceSources: sources }); }