diff --git a/agents/MeshCmd-signed.exe b/agents/MeshCmd.exe similarity index 99% rename from agents/MeshCmd-signed.exe rename to agents/MeshCmd.exe index aaec68a0..4def3c52 100644 Binary files a/agents/MeshCmd-signed.exe and b/agents/MeshCmd.exe differ diff --git a/agents/MeshCmd64-signed.exe b/agents/MeshCmd64.exe similarity index 99% rename from agents/MeshCmd64-signed.exe rename to agents/MeshCmd64.exe index 0cc2cc2d..bcc1e7f5 100644 Binary files a/agents/MeshCmd64-signed.exe and b/agents/MeshCmd64.exe differ diff --git a/meshcentral.js b/meshcentral.js index ad21a60e..aa43646b 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -2899,8 +2899,12 @@ function CreateMeshCentralServer(config, args) { 37: { id: 37, localname: 'meshagent_openbsd_x86-64', rname: 'meshagent', desc: 'OpenBSD x86-64', update: true, amt: false, platform: 'linux', core: 'linux-noamt', rcore: 'linux-recovery', arcore: 'linux-agentrecovery', tcore: 'linux-tiny' }, // OpenBSD x86-64 40: { id: 40, localname: 'meshagent_mipsel24kc', rname: 'meshagent', desc: 'Linux MIPSEL24KC (OpenWRT)', update: true, amt: false, platform: 'linux', core: 'linux-noamt', rcore: 'linux-recovery', arcore: 'linux-agentrecovery', tcore: 'linux-tiny' }, // MIPS Router with OpenWRT 41: { id: 41, localname: 'meshagent_aarch64-cortex-a53', rname: 'meshagent', desc: 'ARMADA/CORTEX-A53/MUSL (OpenWRT)', update: true, amt: false, platform: 'linux', core: 'linux-noamt', rcore: 'linux-recovery', arcore: 'linux-agentrecovery', tcore: 'linux-tiny' }, // OpenWRT Routers + 10003: { id: 10003, localname: 'MeshService.exe', rname: 'meshagent32.exe', desc: 'Windows x86-32 service', update: true, amt: true, platform: 'win32', core: 'windows-amt', rcore: 'windows-recovery', arcore: 'windows-agentrecovery', tcore: 'windows-tiny', unsigned: true }, + 10004: { id: 10004, localname: 'MeshService64.exe', rname: 'meshagent64.exe', desc: 'Windows x86-64 service', update: true, amt: true, platform: 'win32', core: 'windows-amt', rcore: 'windows-recovery', arcore: 'windows-agentrecovery', tcore: 'windows-tiny', unsigned: true }, 10005: { id: 10005, localname: 'meshagent_osx-universal-64', rname: 'meshagent', desc: 'Apple macOS Universal Binary', update: true, amt: false, platform: 'osx', core: 'linux-noamt', rcore: 'linux-recovery', arcore: 'linux-agentrecovery', tcore: 'linux-tiny' }, // Apple Silicon + x86 universal binary - 10006: { id: 10006, localname: 'MeshCentralAssistant.exe', rname: 'MeshCentralAssistant.exe', desc: 'MeshCentral Assistant for Windows', update: false, amt: false, platform: 'win32' } // MeshCentral Assistant + 10006: { id: 10006, localname: 'MeshCentralAssistant.exe', rname: 'MeshCentralAssistant.exe', desc: 'MeshCentral Assistant for Windows', update: false, amt: false, platform: 'win32' }, // MeshCentral Assistant + 11000: { id: 11000, localname: 'MeshCmd.exe', rname: 'MeshCmd.exe', desc: 'Windows x86-32 meshcmd', update: false, amt: true, platform: 'win32', codesign: true }, // MeshCMD for Windows 32-bit + 11001: { id: 11001, localname: 'MeshCmd64.exe', rname: 'MeshCmd64.exe', desc: 'Windows x86-64 meshcmd', update: false, amt: true, platform: 'win32', codesign: true } // MeshCMD for Windows 64-bit }; // Sign windows agents @@ -2965,7 +2969,7 @@ function CreateMeshCentralServer(config, args) { if (obj.fs.existsSync(agentpath2)) { agentpath = agentpath2; delete obj.meshAgentsArchitectureNumbers[archid].codesign; } // If the agent is present in "meshcentral-data/agents", use that one instead. } else { // When processing an extra domain, only load agents that are specific to that domain - var agentpath = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); + agentpath = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); if (obj.fs.existsSync(agentpath)) { delete obj.meshAgentsArchitectureNumbers[archid].codesign; } else { continue; } // If the agent is not present in "meshcentral-data/agents" skip. } @@ -3093,10 +3097,10 @@ function CreateMeshCentralServer(config, args) { const xagentSignedFunc = function agentSignedFunc(err, size) { if (err == null) { // Agent was signed succesfuly - console.log(obj.common.format('Code signed agent {0}.', agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname)); + console.log(obj.common.format('Code signed {0}.', agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname)); } else { // Failed to sign agent - addServerWarning('Failed to sign agent \"' + agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname + '\": ' + err, 22, [ agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname, err ]); + addServerWarning('Failed to sign \"' + agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname + '\": ' + err, 22, [ agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname, err ]); } if (--pendingOperations === 0) { agentSignedFunc.func(); } } @@ -3153,7 +3157,7 @@ function CreateMeshCentralServer(config, args) { } const signingArguments = { out: signeedagentpath, desc: signDesc, url: signUrl, time: timeStampUrl, proxy: timeStampProxy }; // Shallow clone - obj.debug('main', "Code signing agent with arguments: " + JSON.stringify(signingArguments)); + obj.debug('main', "Code signing with arguments: " + JSON.stringify(signingArguments)); if (resChanges == false) { // Sign the agent the simple way, without changing any resources. originalAgent.sign(agentSignCertInfo, signingArguments, xagentSignedFunc); @@ -3200,13 +3204,15 @@ function CreateMeshCentralServer(config, args) { if (domain.id == '') { // Load all agents when processing the default domain agentpath = obj.path.join(__dirname, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); - const agentpath2 = obj.path.join(obj.datapath, 'signedagents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); - if (obj.fs.existsSync(agentpath2)) { agentpath = agentpath2; } // If the agent is present in "meshcentral-data/signedagents", use that one instead. - const agentpath3 = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); - if (obj.fs.existsSync(agentpath3)) { agentpath = agentpath3; } // If the agent is present in "meshcentral-data/agents", use that one instead. + if (obj.meshAgentsArchitectureNumbers[archid].unsigned !== true) { + const agentpath2 = obj.path.join(obj.datapath, 'signedagents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); + if (obj.fs.existsSync(agentpath2)) { agentpath = agentpath2; } // If the agent is present in "meshcentral-data/signedagents", use that one instead. + const agentpath3 = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); + if (obj.fs.existsSync(agentpath3)) { agentpath = agentpath3; } // If the agent is present in "meshcentral-data/agents", use that one instead. + } } else { // When processing an extra domain, only load agents that are specific to that domain - var agentpath = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); + agentpath = obj.path.join(obj.datapath, 'agents' + suffix, obj.meshAgentsArchitectureNumbers[archid].localname); if (obj.fs.existsSync(agentpath)) { delete obj.meshAgentsArchitectureNumbers[archid].codesign; } else { continue; } // If the agent is not present in "meshcentral-data/agents" skip. } diff --git a/webserver.js b/webserver.js index c06a6b56..b9e7e8d6 100644 --- a/webserver.js +++ b/webserver.js @@ -5237,19 +5237,20 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF // Send meshcmd for a specific platform back var agentid = parseInt(req.query.meshcmd); + // If the agentid is 3 or 4, check if we have a signed MeshCmd.exe - if ((agentid == 3)) { // Signed Windows MeshCmd.exe x86 - var stats = null, meshCmdPath = obj.path.join(__dirname, 'agents', 'MeshCmd-signed.exe'); + if ((agentid == 3) && (obj.parent.meshAgentBinaries[11000] != null)) { // Signed Windows MeshCmd.exe x86 + var stats = null, meshCmdPath = obj.parent.meshAgentBinaries[11000].path; try { stats = obj.fs.statSync(meshCmdPath); } catch (e) { } if ((stats != null)) { - setContentDispositionHeader(res, 'application/octet-stream', 'meshcmd' + ((req.query.meshcmd <= 3) ? '.exe' : ''), null, 'meshcmd'); + setContentDispositionHeader(res, 'application/octet-stream', 'meshcmd.exe', null, 'meshcmd'); res.sendFile(meshCmdPath); return; } - } else if ((agentid == 4)) { // Signed Windows MeshCmd64.exe x64 - var stats = null, meshCmd64Path = obj.path.join(__dirname, 'agents', 'MeshCmd64-signed.exe'); + } else if ((agentid == 4) && (obj.parent.meshAgentBinaries[11001] != null)) { // Signed Windows MeshCmd64.exe x64 + var stats = null, meshCmd64Path = obj.parent.meshAgentBinaries[11001].path; try { stats = obj.fs.statSync(meshCmd64Path); } catch (e) { } if ((stats != null)) { - setContentDispositionHeader(res, 'application/octet-stream', 'meshcmd' + ((req.query.meshcmd <= 4) ? '.exe' : ''), null, 'meshcmd'); + setContentDispositionHeader(res, 'application/octet-stream', 'meshcmd.exe', null, 'meshcmd'); res.sendFile(meshCmd64Path); return; } } @@ -5267,6 +5268,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF res.sendFile(argentInfo.signedMeshCmdPath); } else { // Merge JavaScript to a unsigned agent and send that. + console.log('aa', argentInfo.path); obj.parent.exeHandler.streamExeWithJavaScript({ platform: argentInfo.platform, sourceFileName: argentInfo.path, destinationStream: res, js: Buffer.from(obj.parent.defaultMeshCmd, 'utf8'), peinfo: argentInfo.pe }); } return;