Merge branch 'master' of https://github.com/Ylianst/MeshCentral into master

This commit is contained in:
Bryan Roe 2021-01-14 17:08:40 -08:00
commit f00e565d8b
10 changed files with 49 additions and 17 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,7 +1,7 @@
3: MeshService-signed.exe
16BA1ABBE4B84FC9A478E75361CF164FCEA4D4F53EC55BA7678696115C62CD1BB385E07FA7A5359F8600C0B0957D392A
6FF49B8B81A503262F8CEB34A576862D9ED1F4B0F5FBB669887583C6CA5FF9D8581C900F6747755A45EE3E30E9F7E2D1
4: MeshService64-signed.exe
DBEF331A4332EBC3A3EFB9536DF39DBDBBB31650FD8502236753961F7CF2F3B4F36A897AB752D5181CDDEDD1EFB93297
F51ADCD0AC511927BD3C18325FDD3750763A007A52AAF694E576B11F4D0FBEE06586179BED1AB7BA3BA7063BD2034B9C
5: meshagent_x86
08554B5CD498718781371208D91BA42B41A92E704D14F1A4352B9A12BF73426368A6C542362372AD80EC80631D644434
6: meshagent_x86-64

View File

@ -287,7 +287,7 @@ function getServerTargetUrlEx(url) {
require('MeshAgent').on('Connected', function () {
require('os').name().then(function (v) {
sendConsoleText("Mesh Agent Receovery Console, OS: " + v);
//sendConsoleText("Mesh Agent Receovery Console, OS: " + v);
require('MeshAgent').SendCommand(meshCoreObj);
});
});

View File

@ -167,7 +167,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
// If we have a core, use it.
if (corename != null) {
const meshcorehash = parent.parent.defaultMeshCoresHash[corename];
if (agentMeshCoreHash != meshcorehash) {
if ((agentMeshCoreHash != meshcorehash) || (obj.agentCoreUpdate === true)) {
if ((obj.agentCoreCheck < 5) || (obj.agentCoreCheck == 1001)) {
if (meshcorehash == null) {
// Clear the core
@ -187,7 +187,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
obj.agentCoreUpdatePending = true;
parent.parent.taskLimiter.launch(function (argument, taskid, taskLimiterQueue) {
if (obj.authenticated == 2) {
// Send the updated code.
// Send the updated core.
delete obj.agentCoreUpdatePending;
obj.sendBinary(common.ShortToStr(10) + common.ShortToStr(0) + argument.hash + argument.core, function () { parent.parent.taskLimiter.completed(taskid); }); // MeshCommand_CoreModule, start core update
parent.agentStats.updatingCoreCount++;
@ -234,7 +234,15 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
else if (cmdid == 12) { // MeshCommand_AgentHash
if ((msg.length == 52) && (obj.agentExeInfo != null) && (obj.agentExeInfo.update == true)) {
const agenthash = msg.substring(4);
if (compareAgentBinaryHash(obj.agentExeInfo, agenthash)) {
const agentUpdateMethod = compareAgentBinaryHash(obj.agentExeInfo, agenthash)
if (agentUpdateMethod === 2) { // Use meshcore agent update system
// Send the recovery core to the agent, if the agent is capable of running one
if (((obj.agentInfo.capabilities & 16) != 0) && (parent.parent.meshAgentsArchitectureNumbers[obj.agentInfo.agentId].core != null)) {
obj.agentCoreCheck = 1001;
obj.agentCoreUpdate = true;
obj.sendBinary(common.ShortToStr(11) + common.ShortToStr(0)); // Command 11, ask for mesh core hash.
}
} else if (agentUpdateMethod === 1) { // Use native agent update system
// Mesh agent update required, do it using task limiter so not to flood the network. Medium priority task.
parent.parent.taskLimiter.launch(function (argument, taskid, taskLimiterQueue) {
if (obj.authenticated != 2) { parent.parent.taskLimiter.completed(taskid); return; } // If agent disconnection, complete and exit now.
@ -516,6 +524,9 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
} else if (cmd == 5) {
// ServerID. Agent is telling us what serverid it expects. Useful if we have many server certificates.
if ((msg.substring(2, 34) == parent.swarmCertificateHash256) || (msg.substring(2, 50) == parent.swarmCertificateHash384)) { obj.useSwarmCert = true; }
} else if (cmd == 30) {
// Agent Commit Date. This is future proofing. Can be used to change server behavior depending on the date range of the agent.
//console.log('Connected Agent Commit Date: ' + msg.substring(2) + ", " + Date.parse(msg.substring(2)));
}
}
});
@ -531,11 +542,13 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
//console.log('Agent disconnect ' + obj.nodeid + ' (' + obj.remoteaddrport + ') id=' + agentId);
parent.parent.debug('agent', 'Agent disconnect ' + obj.nodeid + ' (' + obj.remoteaddrport + ') id=' + agentId);
// Log the agent disconnection
if (parent.wsagentsDisconnections[obj.nodeid] == null) {
parent.wsagentsDisconnections[obj.nodeid] = 1;
} else {
parent.wsagentsDisconnections[obj.nodeid] = ++parent.wsagentsDisconnections[obj.nodeid];
// Log the agent disconnection if we are not testing agent update
if (args.agentupdatetest !== true) {
if (parent.wsagentsDisconnections[obj.nodeid] == null) {
parent.wsagentsDisconnections[obj.nodeid] = 1;
} else {
parent.wsagentsDisconnections[obj.nodeid] = ++parent.wsagentsDisconnections[obj.nodeid];
}
}
}
obj.close(0);
@ -1135,8 +1148,21 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
}
case 'coreinfo':
{
// Sent by the agent to update agent information
ChangeAgentCoreInfo(command);
if ((obj.agentCoreUpdate === true) && (obj.agentExeInfo != null)) {
// Agent update. The recovery core was loaded in the agent, send a command to update the agent
var cmd = { action: 'agentUpdate', url: obj.agentExeInfo.url, hash: obj.agentExeInfo.hashhex };
// Add server TLS cert hash
if (parent.parent.args.ignoreagenthashcheck !== true) {
const tlsCertHash = parent.webCertificateFullHashs[domain.id];
if (tlsCertHash != null) { cmd.servertlshash = Buffer.from(tlsCertHash, 'binary').toString('hex'); }
}
// Send the agent update command
obj.send(JSON.stringify(cmd));
delete obj.agentCoreUpdate;
} else {
// Sent by the agent to update agent information
ChangeAgentCoreInfo(command);
}
break;
}
case 'smbios':
@ -1664,13 +1690,19 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
}
// Check if we need to update this agent, return true if agent binary update required.
// Return 0 is no update needed, 1 update using native system, 2 update using meshcore system
function compareAgentBinaryHash(agentExeInfo, agentHash) {
// If we are testing the agent update system, always return true
if ((args.agentupdatetest === true) || (args.agentupdatetest === 1)) return 1;
if (args.agentupdatetest === 2) return 2;
// If the hash matches or is null, no update required.
if ((agentExeInfo.hash == agentHash) || (agentHash == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0')) return false;
if ((agentExeInfo.hash == agentHash) || (agentHash == '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0')) return 0;
// If this is a macOS x86 or ARM agent type and it matched the universal binary, no update required.
if (((agentExeInfo.id == 16) || (agentExeInfo.id == 29)) && (parent.parent.meshAgentBinaries[10005].hash == agentHash)) return false;
if (((agentExeInfo.id == 16) || (agentExeInfo.id == 29)) && (parent.parent.meshAgentBinaries[10005].hash == agentHash)) return 0;
// No match, update the agent.
return true;
if ((agentExeInfo.id == 3) && (agentExeInfo.id == 4)) return 2; // For Windows agents, use the meshcore update technique.
return 1; // For all other agents, use the native update technique.
}
// Request that the core dump file on this agent be uploaded to the server

View File

@ -138,7 +138,7 @@ function CreateMeshCentralServer(config, args) {
try { require('./pass').hash('test', function () { }, 0); } catch (e) { console.log('Old version of node, must upgrade.'); return; } // TODO: Not sure if this test works or not.
// Check for invalid arguments
var validArguments = ['_', 'user', 'port', 'aliasport', 'mpsport', 'mpsaliasport', 'redirport', 'rediraliasport', 'cert', 'mpscert', 'deletedomain', 'deletedefaultdomain', 'showall', 'showusers', 'showitem', 'listuserids', 'showusergroups', 'shownodes', 'showallmeshes', 'showmeshes', 'showevents', 'showsmbios', 'showpower', 'clearpower', 'showiplocations', 'help', 'exactports', 'xinstall', 'xuninstall', 'install', 'uninstall', 'start', 'stop', 'restart', 'debug', 'filespath', 'datapath', 'noagentupdate', 'launch', 'noserverbackup', 'mongodb', 'mongodbcol', 'wanonly', 'lanonly', 'nousers', 'mpspass', 'ciralocalfqdn', 'dbexport', 'dbexportmin', 'dbimport', 'dbmerge', 'dbfix', 'dbencryptkey', 'selfupdate', 'tlsoffload', 'userallowedip', 'userblockedip', 'swarmallowedip', 'agentallowedip', 'agentblockedip', 'fastcert', 'swarmport', 'logintoken', 'logintokenkey', 'logintokengen', 'mailtokengen', 'admin', 'unadmin', 'sessionkey', 'sessiontime', 'minify', 'minifycore', 'dblistconfigfiles', 'dbshowconfigfile', 'dbpushconfigfiles', 'dbpullconfigfiles', 'dbdeleteconfigfiles', 'vaultpushconfigfiles', 'vaultpullconfigfiles', 'vaultdeleteconfigfiles', 'configkey', 'loadconfigfromdb', 'npmpath', 'serverid', 'recordencryptionrecode', 'vault', 'token', 'unsealkey', 'name', 'log', 'dbstats', 'translate', 'createaccount', 'resetaccount', 'pass', 'adminaccount', 'removeaccount', 'domain', 'email', 'configfile', 'maintenancemode', 'nedbtodb', 'removetestagents'];
var validArguments = ['_', 'user', 'port', 'aliasport', 'mpsport', 'mpsaliasport', 'redirport', 'rediraliasport', 'cert', 'mpscert', 'deletedomain', 'deletedefaultdomain', 'showall', 'showusers', 'showitem', 'listuserids', 'showusergroups', 'shownodes', 'showallmeshes', 'showmeshes', 'showevents', 'showsmbios', 'showpower', 'clearpower', 'showiplocations', 'help', 'exactports', 'xinstall', 'xuninstall', 'install', 'uninstall', 'start', 'stop', 'restart', 'debug', 'filespath', 'datapath', 'noagentupdate', 'launch', 'noserverbackup', 'mongodb', 'mongodbcol', 'wanonly', 'lanonly', 'nousers', 'mpspass', 'ciralocalfqdn', 'dbexport', 'dbexportmin', 'dbimport', 'dbmerge', 'dbfix', 'dbencryptkey', 'selfupdate', 'tlsoffload', 'userallowedip', 'userblockedip', 'swarmallowedip', 'agentallowedip', 'agentblockedip', 'fastcert', 'swarmport', 'logintoken', 'logintokenkey', 'logintokengen', 'mailtokengen', 'admin', 'unadmin', 'sessionkey', 'sessiontime', 'minify', 'minifycore', 'dblistconfigfiles', 'dbshowconfigfile', 'dbpushconfigfiles', 'dbpullconfigfiles', 'dbdeleteconfigfiles', 'vaultpushconfigfiles', 'vaultpullconfigfiles', 'vaultdeleteconfigfiles', 'configkey', 'loadconfigfromdb', 'npmpath', 'serverid', 'recordencryptionrecode', 'vault', 'token', 'unsealkey', 'name', 'log', 'dbstats', 'translate', 'createaccount', 'resetaccount', 'pass', 'adminaccount', 'removeaccount', 'domain', 'email', 'configfile', 'maintenancemode', 'nedbtodb', 'removetestagents', 'agentupdatetest'];
for (var arg in obj.args) { obj.args[arg.toLocaleLowerCase()] = obj.args[arg]; if (validArguments.indexOf(arg.toLocaleLowerCase()) == -1) { console.log('Invalid argument "' + arg + '", use --help.'); return; } }
if (obj.args.mongodb == true) { console.log('Must specify: --mongodb [connectionstring] \r\nSee https://docs.mongodb.com/manual/reference/connection-string/ for MongoDB connection string.'); return; }
for (i in obj.config.settings) { obj.args[i] = obj.config.settings[i]; } // Place all settings into arguments, arguments have already been placed into settings so arguments take precedence.