mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-11-25 20:51:23 +03:00
Minor code signing improvements and clean up.
This commit is contained in:
parent
a429a42ecf
commit
fa13239d46
@ -1240,7 +1240,7 @@ function createAuthenticodeHandler(path) {
|
||||
if ((typeof args.desc == 'string') || (typeof args.url == 'string')) {
|
||||
var codeSigningAttributes = { 'tagClass': 0, 'type': 16, 'constructed': true, 'composed': true, 'value': [] };
|
||||
if (args.desc != null) { // Encode description as big-endian unicode.
|
||||
var desc = "", ucs = Buffer.from(args.desc, 'ucs2').toString()
|
||||
var desc = '', ucs = Buffer.from(args.desc, 'ucs2').toString()
|
||||
for (var k = 0; k < ucs.length; k += 2) { desc += String.fromCharCode(ucs.charCodeAt(k + 1), ucs.charCodeAt(k)); }
|
||||
codeSigningAttributes.value.push({ 'tagClass': 128, 'type': 0, 'constructed': true, 'composed': true, 'value': [{ 'tagClass': 128, 'type': 0, 'constructed': false, 'composed': false, 'value': desc }] });
|
||||
}
|
||||
|
@ -2867,14 +2867,12 @@ function CreateMeshCentralServer(config, args) {
|
||||
if (domain.id == '') { objx = obj; } else { suffix = '-' + domain.id; objx.meshAgentBinaries = {}; }
|
||||
|
||||
// Generate the agent signature description and URL
|
||||
var serverSignedAgentsPath, signDesc, signUrl;
|
||||
if (agentSignCertInfo != null) {
|
||||
serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
|
||||
signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
|
||||
var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
const serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
|
||||
const signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
|
||||
const httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
|
||||
var httpsHost = ((domain.dns != null) ? domain.dns : obj.certificates.CommonName);
|
||||
if (obj.args.agentaliasdns != null) { httpsHost = obj.args.agentaliasdns; }
|
||||
signUrl = 'https://' + httpsHost;
|
||||
var signUrl = 'https://' + httpsHost;
|
||||
if (httpsPort != 443) { signUrl += ':' + httpsPort; }
|
||||
var xdomain = (domain.dns == null) ? domain.id : '';
|
||||
if (xdomain != '') xdomain += '/';
|
||||
@ -2882,7 +2880,6 @@ function CreateMeshCentralServer(config, args) {
|
||||
|
||||
// If requested, lock the agent to this server
|
||||
if (obj.config.settings.agentsignlock) { signUrl += '?ServerID=' + obj.certificateOperations.getPublicKeyHash(obj.certificates.agent.cert).toUpperCase(); }
|
||||
}
|
||||
|
||||
// Setup the time server
|
||||
var timeStampUrl = 'http://timestamp.comodoca.com/authenticode';
|
||||
@ -2930,7 +2927,8 @@ function CreateMeshCentralServer(config, args) {
|
||||
// Agent was signed succesfuly
|
||||
console.log(obj.common.format('Code signed agent {0}.', agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname));
|
||||
} else {
|
||||
console.log(obj.common.format('Failed to sign agent {0}: ' + err, agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname));
|
||||
// Failed to sign agent
|
||||
addServerWarning('Failed to sign agent \"' + agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname + '\": ' + err, 22, [ agentSignedFunc.objx.meshAgentsArchitectureNumbers[agentSignedFunc.archid].localname, err ]);
|
||||
}
|
||||
if (--pendingOperations === 0) { agentSignedFunc.func(); }
|
||||
}
|
||||
@ -2939,6 +2937,7 @@ function CreateMeshCentralServer(config, args) {
|
||||
xagentSignedFunc.objx = objx;
|
||||
xagentSignedFunc.archid = archid;
|
||||
xagentSignedFunc.signeedagentpath = signeedagentpath;
|
||||
obj.debug('main', "Code signing agent with arguments: " + JSON.stringify({ out: signeedagentpath, desc: signDesc, url: signUrl, time: timeStampUrl }));
|
||||
originalAgent.sign(agentSignCertInfo, { out: signeedagentpath, desc: signDesc, url: signUrl, time: timeStampUrl }, xagentSignedFunc);
|
||||
} else {
|
||||
// Signed agent is already ok, use it.
|
||||
|
@ -2316,7 +2316,8 @@
|
||||
18: "SMTP server has limited use in LAN mode.",
|
||||
19: "SMS gateway has limited use in LAN mode.",
|
||||
20: "Invalid \"LoginCookieEncryptionKey\" in config.json.",
|
||||
21: "Backup path can't be set within meshcentral-data folder, backup settings ignored."
|
||||
21: "Backup path can't be set within meshcentral-data folder, backup settings ignored.",
|
||||
22: "Failed to sign agent {0}: {1}"
|
||||
};
|
||||
var x = '';
|
||||
for (var i in message.warnings) {
|
||||
@ -2325,7 +2326,7 @@
|
||||
x += '<div style=color:red;padding-bottom:6px><b>' + "WARNING: " + y + '</b></div>';
|
||||
} else {
|
||||
var z = ServerWarnings[y.id];
|
||||
if (z == null) { z = y.msg; } else { z = format(z, y.args); }
|
||||
if (z == null) { z = y.msg; } else { z = format(z, ...y.args); }
|
||||
x += '<div style=color:red;padding-bottom:6px><b>' + "WARNING: " + z + '</b></div>';
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user