diff --git a/MeshCentralServer.njsproj b/MeshCentralServer.njsproj
index ed8d488b..a006dcc6 100644
--- a/MeshCentralServer.njsproj
+++ b/MeshCentralServer.njsproj
@@ -36,6 +36,7 @@
+
diff --git a/certoperations.js b/certoperations.js
index b140767a..afa142e3 100644
--- a/certoperations.js
+++ b/certoperations.js
@@ -130,7 +130,7 @@ module.exports.CertificateOperations = function () {
}
// Returns the web server TLS certificate and private key, if not present, create demonstration ones.
- obj.GetMeshServerCertificate = function (directory, args, config, func) {
+ obj.GetMeshServerCertificate = function (directory, args, config, parent, func) {
var certargs = args.cert;
var mpscertargs = args.mpscert;
var strongCertificate = (args.fastcert ? false : true);
@@ -304,6 +304,7 @@ module.exports.CertificateOperations = function () {
}
}
console.log('Generating certificates, may take a few minutes...');
+ parent.updateServerState('state', 'generatingcertificates');
// If a certificate is missing, but web certificate is present and --cert is not used, set the names to be the same as the web certificate
if ((certargs == null) && (r.web != null)) {
diff --git a/meshcentral.js b/meshcentral.js
index bba58517..85ad25e9 100644
--- a/meshcentral.js
+++ b/meshcentral.js
@@ -196,6 +196,9 @@ function CreateMeshCentralServer(config) {
obj.performServerCertUpdate = function () { console.log('Updating server certificates...'); process.exit(200); }
obj.StartEx = function () {
+ // Write the server state
+ obj.updateServerState('state', 'starting');
+
// Look to see if data and/or file path is specified
if (obj.args.datapath) { obj.datapath = obj.args.datapath; }
if (obj.args.filespath) { obj.filespath = obj.args.filespath; }
@@ -323,7 +326,7 @@ function CreateMeshCentralServer(config) {
obj.StartEx2 = function () {
// Load server certificates
obj.certificateOperations = require('./certoperations.js').CertificateOperations()
- obj.certificateOperations.GetMeshServerCertificate(obj.datapath, obj.args, obj.config, function (certs) {
+ obj.certificateOperations.GetMeshServerCertificate(obj.datapath, obj.args, obj.config, obj, function (certs) {
if (obj.config.letsencrypt == null) {
obj.StartEx3(certs); // Just use the configured certificates
} else {
@@ -425,6 +428,7 @@ function CreateMeshCentralServer(config) {
}
obj.debug(1, 'Server started');
+ obj.updateServerState('state', 'running');
});
});
}
@@ -474,6 +478,9 @@ function CreateMeshCentralServer(config) {
process.exit(0);
}
});
+
+ // Update the server state
+ obj.updateServerState('state', 'stopped');
}
// Event Dispatch
@@ -994,6 +1001,19 @@ function CreateMeshCentralServer(config) {
else if (arguments.length == 4) { console.log(arguments[1], arguments[2], arguments[3]); }
else if (arguments.length == 5) { console.log(arguments[1], arguments[2], arguments[3], arguments[4]); }
}
+
+ // Update server state. Writes a server state file.
+ var meshServerState = {};
+ obj.updateServerState = function(name, val) {
+ if ((name != null) && (val != null)) {
+ var changed = false;
+ if ((name != null) && (meshServerState[name] != val)) { if ((val == null) && (meshServerState[name] != null)) { delete meshServerState[name]; changed = true; } else { if (meshServerState[name] != val) { meshServerState[name] = val; changed = true; } } }
+ if (changed == false) return;
+ }
+ r = 'time=' + Date.now() + '\r\n';
+ for (var i in meshServerState) { r += (i + '=' + meshServerState[i] + '\r\n'); }
+ obj.fs.writeFileSync(obj.path.join(obj.datapath, 'serverstate.txt'), r);
+ }
// Logging funtions
function logException(e) { e += ''; logErrorEvent(e); }
diff --git a/mpsserver.js b/mpsserver.js
index 8281d993..414e9356 100644
--- a/mpsserver.js
+++ b/mpsserver.js
@@ -25,7 +25,10 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
}
obj.server.listen(args.mpsport, function () { console.log('MeshCentral Intel(R) AMT server running on ' + certificates.AmtMpsName + ':' + args.mpsport + ((args.mpsaliasport != null) ? (', alias port ' + args.mpsaliasport):'') + '.'); }).on('error', function (err) { console.error('ERROR: MeshCentral Intel(R) AMT server port ' + args.mpsport + ' is not available.'); if (args.exactports) { process.exit(); } });
-
+ obj.parent.updateServerState('mps-port', args.mpsport);
+ obj.parent.updateServerState('mps-name', certificates.AmtMpsName);
+ if (args.mpsaliasport != null) { obj.parent.updateServerState('mps-alias-port', args.mpsaliasport); }
+
var APFProtocol = {
UNKNOWN: 0,
DISCONNECT: 1,
diff --git a/package.json b/package.json
index ce90b447..d14a5e45 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "meshcentral",
- "version": "0.1.4-y",
+ "version": "0.1.5-a",
"keywords": [
"Remote Management",
"Intel AMT",
diff --git a/redirserver.js b/redirserver.js
index bdbef140..23ea9518 100644
--- a/redirserver.js
+++ b/redirserver.js
@@ -95,6 +95,7 @@ module.exports.CreateRedirServer = function (parent, db, args, func) {
obj.tcpServer = obj.app.listen(port, function () {
obj.port = port;
console.log('MeshCentral HTTP redirection web server running on port ' + port + '.');
+ obj.parent.updateServerState('redirect-port', port);
func(obj.port);
}).on('error', function (err) {
if ((err.code == 'EACCES') && (port < 65535)) { StartRedirServer(port + 1); } else { console.log(err); func(obj.port); }
diff --git a/swarmserver.js b/swarmserver.js
index 3c3515cb..bee28148 100644
--- a/swarmserver.js
+++ b/swarmserver.js
@@ -116,7 +116,7 @@ module.exports.CreateSwarmServer = function (parent, db, args, certificates) {
}
obj.server = tls.createServer({ key: certificates.swarmserver.key, cert: certificates.swarmserver.cert, requestCert: true }, onConnection);
- obj.server.listen(args.swarmport, function () { console.log('MeshCentral Legacy Swarm Server running on ' + certificates.CommonName + ':' + args.swarmport + '.'); }).on('error', function (err) { console.error('ERROR: MeshCentral Swarm Server server port ' + args.swarmport + ' is not available.'); if (args.exactports) { process.exit(); } });
+ obj.server.listen(args.swarmport, function () { console.log('MeshCentral Legacy Swarm Server running on ' + certificates.CommonName + ':' + args.swarmport + '.'); obj.parent.updateServerState('swarm-port', args.swarmport); }).on('error', function (err) { console.error('ERROR: MeshCentral Swarm Server server port ' + args.swarmport + ' is not available.'); if (args.exactports) { process.exit(); } });
loadMigrationAgents();
// Load all migration agents along with full executable in memory
diff --git a/webserver.js b/webserver.js
index ce4e4ff4..b332eae7 100644
--- a/webserver.js
+++ b/webserver.js
@@ -1604,13 +1604,16 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
// Two more headers to take a look at:
// 'Public-Key-Pins': 'pin-sha256="X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg="; max-age=10'
// 'strict-transport-security': 'max-age=31536000; includeSubDomains'
+ var headers = null;
if (obj.args.notls) {
// Default headers if no TLS is used
- res.set({ 'Referrer-Policy': 'no-referrer', 'x-frame-options': 'SAMEORIGIN', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': "default-src http: ws: data: 'self';script-src http: 'unsafe-inline';style-src http: 'unsafe-inline'" });
+ headers = { 'Referrer-Policy': 'no-referrer', 'x-frame-options': 'SAMEORIGIN', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': "default-src http: ws: data: 'self';script-src http: 'unsafe-inline';style-src http: 'unsafe-inline'" };
} else {
// Default headers if TLS is used
- res.set({ 'Referrer-Policy': 'no-referrer', 'x-frame-options': 'SAMEORIGIN', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': "default-src https: wss: data: 'self';script-src https: 'unsafe-inline';style-src https: 'unsafe-inline'" });
+ headers = { 'Referrer-Policy': 'no-referrer', 'x-frame-options': 'SAMEORIGIN', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Security-Policy': "default-src https: wss: data: 'self';script-src https: 'unsafe-inline';style-src https: 'unsafe-inline'" };
}
+ if (parent.config.settings.accesscontrolalloworigin != null) { headers['Access-Control-Allow-Origin'] = parent.config.settings.accesscontrolalloworigin; }
+ res.set(headers);
return next();
}
});
@@ -1673,9 +1676,14 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS web server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
} else {
obj.tcpServer = obj.tlsServer.listen(port, function () { console.log('MeshCentral HTTPS web server running on ' + certificates.CommonName + ':' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
+ obj.parent.updateServerState('servername', certificates.CommonName);
}
+ obj.parent.updateServerState('https-port', port);
+ if (args.aliasport != null) { obj.parent.updateServerState('https-aliasport', args.aliasport); }
} else {
obj.tcpServer = obj.app.listen(port, function () { console.log('MeshCentral HTTP web server running on port ' + port + ((args.aliasport != null) ? (', alias port ' + args.aliasport) : '') + '.'); });
+ obj.parent.updateServerState('http-port', port);
+ if (args.aliasport != null) { obj.parent.updateServerState('http-aliasport', args.aliasport); }
}
}