diff --git a/amtscanner.js b/amtscanner.js index 2eff333e..6e61e8aa 100644 --- a/amtscanner.js +++ b/amtscanner.js @@ -24,8 +24,8 @@ module.exports.CreateAmtScanner = function (parent) { obj.pendingSendTimer = null; obj.mainTimer = null; obj.nextTag = 0; - var PeriodicScanTime = 30000; // Interval between scan sweeps - var PeriodicScanTimeout = 65000; // After this time, timeout the device. + const PeriodicScanTime = 30000; // Interval between scan sweeps + const PeriodicScanTimeout = 65000; // After this time, timeout the device. // Build a RMCP packet with a given tag field obj.buildRmcpPing = function (tag) { diff --git a/amtscript.js b/amtscript.js index 0024a8e8..1bc43f66 100644 --- a/amtscript.js +++ b/amtscript.js @@ -10,16 +10,16 @@ module.exports.CreateAmtScriptEngine = function () { var o = {}; // Core functions - script_functionTable1 = ['nop', 'jump', 'set', 'print', 'dialog', 'getitem', 'substr', 'indexof', 'split', 'join', 'length', 'jsonparse', 'jsonstr', 'add', 'substract', 'parseint', 'wsbatchenum', 'wsput', 'wscreate', 'wsdelete', 'wsexec', 'scriptspeed', 'wssubscribe', 'wsunsubscribe', 'readchar', 'signwithdummyca']; + const script_functionTable1 = ['nop', 'jump', 'set', 'print', 'dialog', 'getitem', 'substr', 'indexof', 'split', 'join', 'length', 'jsonparse', 'jsonstr', 'add', 'substract', 'parseint', 'wsbatchenum', 'wsput', 'wscreate', 'wsdelete', 'wsexec', 'scriptspeed', 'wssubscribe', 'wsunsubscribe', 'readchar', 'signwithdummyca']; // functions of type ARG1 = func(ARG2, ARG3, ARG4, ARG5, ARG6) - script_functionTable2 = ['encodeuri', 'decodeuri', 'passwordcheck', 'atob', 'btoa', 'hex2str', 'str2hex', 'random', 'md5', 'maketoarray', 'readshort', 'readshortx', 'readint', 'readsint', 'readintx', 'shorttostr', 'shorttostrx', 'inttostr', 'inttostrx']; + const script_functionTable2 = ['encodeuri', 'decodeuri', 'passwordcheck', 'atob', 'btoa', 'hex2str', 'str2hex', 'random', 'md5', 'maketoarray', 'readshort', 'readshortx', 'readint', 'readsint', 'readintx', 'shorttostr', 'shorttostrx', 'inttostr', 'inttostrx']; // functions of type ARG1 = func(ARG2, ARG3, ARG4, ARG5, ARG6) //script_functionTableX2 = [encodeURI, decodeURI, passwordcheck, window.atob.bind(window), window.btoa.bind(window), hex2rstr, rstr2hex, random, rstr_md5, MakeToArray, ReadShort, ReadShortX, ReadInt, ReadSInt, ReadIntX, ShortToStr, ShortToStrX, IntToStr, IntToStrX]; // Optional functions of type ARG1 = func(ARG2, ARG3, ARG4, ARG5, ARG6) - script_functionTable3 = ['pullsystemstatus', 'pulleventlog', 'pullauditlog', 'pullcertificates', 'pullwatchdog', 'pullsystemdefense', 'pullhardware', 'pulluserinfo', 'pullremoteaccess', 'highlightblock', 'disconnect', 'getsidstring', 'getsidbytearray']; + const script_functionTable3 = ['pullsystemstatus', 'pulleventlog', 'pullauditlog', 'pullcertificates', 'pullwatchdog', 'pullsystemdefense', 'pullhardware', 'pulluserinfo', 'pullremoteaccess', 'highlightblock', 'disconnect', 'getsidstring', 'getsidbytearray']; /* // Optional functions of type ARG1 = func(ARG2, ARG3, ARG4, ARG5, ARG6) diff --git a/common.js b/common.js index 29055817..e7ec77d4 100644 --- a/common.js +++ b/common.js @@ -6,7 +6,7 @@ * @version v0.0.1 */ -var crypto = require('crypto'); +const crypto = require('crypto'); // Binary encoding and decoding functions module.exports.ReadShort = function(v, p) { return (v.charCodeAt(p) << 8) + v.charCodeAt(p + 1); } diff --git a/interceptor.js b/interceptor.js index bc8d97c8..cf4e57fc 100644 --- a/interceptor.js +++ b/interceptor.js @@ -6,8 +6,8 @@ * @version v0.0.3 */ -var crypto = require('crypto'); -var common = require('./common.js'); +const crypto = require('crypto'); +const common = require('./common.js'); var HttpInterceptorAuthentications = {}; var RedirInterceptorAuthentications = {}; diff --git a/meshagent.js b/meshagent.js index 841e4565..17b426fd 100644 --- a/meshagent.js +++ b/meshagent.js @@ -27,7 +27,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) { obj.agentCoreCheck = 0; obj.agentInfo; obj.agentUpdate = null; - var agentUpdateBlockSize = 65520; + const agentUpdateBlockSize = 65520; obj.remoteaddr = obj.ws._socket.remoteAddress; obj.useSHA386 = false; if (obj.remoteaddr.startsWith('::ffff:')) { obj.remoteaddr = obj.remoteaddr.substring(7); } diff --git a/meshmail.js b/meshmail.js index c2008656..70801db5 100644 --- a/meshmail.js +++ b/meshmail.js @@ -17,19 +17,19 @@ module.exports.CreateMeshMain = function (parent) { const nodemailer = require('nodemailer'); // Default account email validation mail - var accountCheckSubject = '[[[SERVERNAME]]] - Email Verification'; - var accountCheckMailHtml = '
[[[SERVERNAME]]] - Verification

Hi [[[USERNAME]]], [[[SERVERNAME]]] is requesting email verification, click on the following link to complete the process.

Click here to verify your e-mail address.

If you did not initiate this request, please ignore this mail.
'; - var accountCheckMailText = '[[[SERVERNAME]]] - Verification\r\n\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is performing an e-mail verification. Nagivate to the following link to complete the process: [[[CALLBACKURL]]]\r\nIf you did not initiate this request, please ignore this mail.\r\n'; + const accountCheckSubject = '[[[SERVERNAME]]] - Email Verification'; + const accountCheckMailHtml = '
[[[SERVERNAME]]] - Verification

Hi [[[USERNAME]]], [[[SERVERNAME]]] is requesting email verification, click on the following link to complete the process.

Click here to verify your e-mail address.

If you did not initiate this request, please ignore this mail.
'; + const accountCheckMailText = '[[[SERVERNAME]]] - Verification\r\n\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is performing an e-mail verification. Nagivate to the following link to complete the process: [[[CALLBACKURL]]]\r\nIf you did not initiate this request, please ignore this mail.\r\n'; // Default account reset mail - var accountResetSubject = '[[[SERVERNAME]]] - Account Reset'; - var accountResetMailHtml = '
[[[SERVERNAME]]] - Verification

Hi [[[USERNAME]]], [[[SERVERNAME]]] is requesting an account password reset, click on the following link to complete the process.

Click here to reset your account password.

If you did not initiate this request, please ignore this mail.
'; - var accountResetMailText = '[[[SERVERNAME]]] - Account Reset\r\n\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting an account password reset. Nagivate to the following link to complete the process: [[[CALLBACKURL]]]\r\nIf you did not initiate this request, please ignore this mail.\r\n'; + const accountResetSubject = '[[[SERVERNAME]]] - Account Reset'; + const accountResetMailHtml = '
[[[SERVERNAME]]] - Verification

Hi [[[USERNAME]]], [[[SERVERNAME]]] is requesting an account password reset, click on the following link to complete the process.

Click here to reset your account password.

If you did not initiate this request, please ignore this mail.
'; + const accountResetMailText = '[[[SERVERNAME]]] - Account Reset\r\n\r\nHi [[[USERNAME]]], [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting an account password reset. Nagivate to the following link to complete the process: [[[CALLBACKURL]]]\r\nIf you did not initiate this request, please ignore this mail.\r\n'; // Default account invite mail - var accountInviteSubject = '[[[SERVERNAME]]] - Agent Installation Invitation'; - var accountInviteMailHtml = '
[[[SERVERNAME]]] - Agent Installation

User [[[USERNAME]]] on server [[[SERVERNAME]]] is requesting that you install a remote management agent. WARNING: this will allow the requester to take control of your computer. If you wish to do this, click on the following link to download the agent.

Click here to download the MeshAgent for Windows.

If you did not know about this request, please ignore this mail.
'; - var accountInviteMailText = '[[[SERVERNAME]]] - Agent Installation Invitation\r\n\r\nUser [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting you install a remote management agent. WARNING: This will allow the requester to take control of your computer. If you wish to do this, click on the following link to download the agent: [[[CALLBACKURL]]]\r\nIf you do not know about this request, please ignore this mail.\r\n'; + const accountInviteSubject = '[[[SERVERNAME]]] - Agent Installation Invitation'; + const accountInviteMailHtml = '
[[[SERVERNAME]]] - Agent Installation

User [[[USERNAME]]] on server [[[SERVERNAME]]] is requesting that you install a remote management agent. WARNING: this will allow the requester to take control of your computer. If you wish to do this, click on the following link to download the agent.

Click here to download the MeshAgent for Windows.

If you did not know about this request, please ignore this mail.
'; + const accountInviteMailText = '[[[SERVERNAME]]] - Agent Installation Invitation\r\n\r\nUser [[[USERNAME]]] on server [[[SERVERNAME]]] ([[[SERVERURL]]]) is requesting you install a remote management agent. WARNING: This will allow the requester to take control of your computer. If you wish to do this, click on the following link to download the agent: [[[CALLBACKURL]]]\r\nIf you do not know about this request, please ignore this mail.\r\n'; function EscapeHtml(x) { if (typeof x == "string") return x.replace(/&/g, '&').replace(/>/g, '>').replace(//g, '>').replace(/').replace(/\n/g, '').replace(/\t/g, '  '); if (typeof x == "boolean") return x; if (typeof x == "number") return x; } diff --git a/meshscanner.js b/meshscanner.js index f2f4331c..c484f262 100644 --- a/meshscanner.js +++ b/meshscanner.js @@ -16,9 +16,9 @@ module.exports.CreateMeshScanner = function (parent) { obj.servers4 = {}; obj.servers6 = {}; obj.mainTimer = null; - var periodicScanTime = (60000 * 20); // Interval between scans, 20 minutes. - var membershipIPv4 = '239.255.255.235'; - var membershipIPv6 = 'FF02:0:0:0:0:0:0:FE'; + const periodicScanTime = (60000 * 20); // Interval between scans, 20 minutes. + const membershipIPv4 = '239.255.255.235'; + const membershipIPv6 = 'FF02:0:0:0:0:0:0:FE'; obj.agentCertificateHashHex = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'hex' }).toUpperCase(); obj.error = 0; diff --git a/mpsserver.js b/mpsserver.js index 9951fcc2..584e42a6 100644 --- a/mpsserver.js +++ b/mpsserver.js @@ -14,9 +14,12 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) { obj.args = args; obj.certificates = certificates; obj.ciraConnections = {}; - var common = require('./common.js'); - var net = require('net'); - var tls = require('tls'); + const common = require('./common.js'); + const net = require('net'); + const tls = require('tls'); + + const MAX_IDLE = 90000; // 90 seconds max idle time, higher than the typical KEEP-ALIVE periode of 60 seconds + const CHECK_INTERVAL = 30000; // 30 seconds check interval if (obj.args.tlsoffload) { obj.server = net.createServer(onConnection); @@ -96,7 +99,15 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) { } socket.setEncoding('binary'); Debug(1, 'MPS:New CIRA connection'); - + + // Setup the CIRA keep alive timer + socket.lastping = new Date().getTime(); // Get current time in milliseconds from epoch + socket.timer = setInterval(function () { + const now = new Date().getTime(); + Debug(3, "MPS:Check interval:" + (socket.lastping && (socket.lastping + MAX_IDLE) < now)); + if (socket.lastping && ((socket.lastping + MAX_IDLE) < now)) { Debug(1, "MPS:CIRA timeout, disconnecting."); try { socket.end(); } catch (e) { } } + }, CHECK_INTERVAL); + socket.addListener("data", function (data) { if (args.mpsdebug) { var buf = new Buffer(data, "binary"); console.log('MPS <-- (' + buf.length + '):' + buf.toString('hex')); } // Print out received bytes socket.tag.accumulator += data; @@ -167,6 +178,9 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) { } try { + // Set the last time we received data on the CIRA channel + socket.lastping = new Date().getTime(); + // Parse all of the APF data we can var l = 0; do { l = ProcessCommand(socket); if (l > 0) { socket.tag.accumulator = socket.tag.accumulator.substring(l); } } while (l > 0); @@ -530,6 +544,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) { socket.addListener("close", function () { Debug(1, 'MPS:CIRA connection closed'); + if (socket.timer) { try { clearInterval(socket.timer); } catch (e) { } socket.timer = null; } try { delete obj.ciraConnections[socket.tag.nodeid]; } catch (e) { } obj.parent.ClearConnectivityState(socket.tag.meshid, socket.tag.nodeid, 2); }); diff --git a/package.json b/package.json index 4fc6c613..8bb8ebdd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.1.7-g", + "version": "0.1.7-h", "keywords": [ "Remote Management", "Intel AMT", diff --git a/pass.js b/pass.js index 33ec419c..e8b8d9c2 100644 --- a/pass.js +++ b/pass.js @@ -1,13 +1,13 @@ // check out https://github.com/tj/node-pwd // Module dependencies. -var crypto = require('crypto'); +const crypto = require('crypto'); // Bytesize. -var len = 128; +const len = 128; // Iterations. ~300ms -var iterations = 12000; +const iterations = 12000; /** * Hashes a password with optional `salt`, otherwise diff --git a/swarmserver.js b/swarmserver.js index bee28148..10b869e6 100644 --- a/swarmserver.js +++ b/swarmserver.js @@ -15,12 +15,12 @@ module.exports.CreateSwarmServer = function (parent, db, args, certificates) { obj.certificates = certificates; obj.legacyAgentConnections = {}; obj.migrationAgents = {}; - var common = require('./common.js'); - var net = require('net'); - var tls = require('tls'); - var forge = require('node-forge'); + const common = require('./common.js'); + const net = require('net'); + const tls = require('tls'); + const forge = require('node-forge'); - var LegacyMeshProtocol = { + const LegacyMeshProtocol = { NODEPUSH: 1, // Used to send a node block to another peer. NODEPULL: 2, // Used to send a pull block to another peer. NODENOTIFY: 3, // Used to indicate the node ID to other peers.