MPS certificate name fix, added MeshType to .msh.

2025-03-09 15:40:18 +00:00 · 2017-10-11 12:20:59 -07:00 · 2017-10-11 12:20:59 -07:00 · 3632741d9e
commit 3632741d9e
parent 66bb176a12
4 changed files with 12 additions and 9 deletions
--- a/certoperations.js
+++ b/certoperations.js
@ -219,6 +219,9 @@ module.exports.CertificateOperations = function () {
            // Fetch the Intel AMT console name
            var consoleCertificate = obj.pki.certificateFromPem(r.console.cert);
            r.AmtConsoleName = consoleCertificate.subject.getField('CN').value;
+            // Fetch the Intel AMT MPS common name
+            var mpsCertificate = obj.pki.certificateFromPem(r.mps.cert);
+            r.AmtMpsName = mpsCertificate.subject.getField('CN').value;
            // Fetch the name of the server
            var webCertificate = obj.pki.certificateFromPem(r.web.cert);
            r.CommonName = webCertificate.subject.getField('CN').value;
@ -229,7 +232,7 @@ module.exports.CertificateOperations = function () {
            if (xcountryField != null) { xcountry = xcountryField.value; }
            var xorganization, xorganizationField = webCertificate.subject.getField('O');
            if (xorganizationField != null) { xorganization = xorganizationField.value; }
-            if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it.
+            if ((r.CommonName == commonName) && (xcountry == country) && (xorganization == organization) && (r.AmtMpsName == commonName)) { if (func != undefined) { func(r); } return r; } else { forceWebCertGen = 1; } // If the certificate matches what we want, keep it.
        }
        console.log('Generating certificates...');
        
@ -251,7 +254,7 @@ module.exports.CertificateOperations = function () {

        // If the web certificate does not exist, create one
        var webCertAndKey, webCertificate, webPrivateKey;
-        if ((r.web == undefined) || (forceWebCertGen == 1)) {
+        if ((r.web == null) || (forceWebCertGen == 1)) {
            webCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization);
            webCertificate = obj.pki.certificateToPem(webCertAndKey.cert);
            webPrivateKey = obj.pki.privateKeyToPem(webCertAndKey.key);
@ -266,7 +269,7 @@ module.exports.CertificateOperations = function () {

        // If the Intel AMT MPS certificate does not exist, create one
        var mpsCertAndKey, mpsCertificate, mpsPrivateKey;
-        if (r.console == undefined) {
+        if ((r.mps == null) || (forceWebCertGen == 1)) {
            mpsCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, commonName, country, organization);
            mpsCertificate = obj.pki.certificateToPem(mpsCertAndKey.cert);
            mpsPrivateKey = obj.pki.privateKeyToPem(mpsCertAndKey.key);
@ -281,7 +284,7 @@ module.exports.CertificateOperations = function () {

        // If the Intel AMT console certificate does not exist, create one
        var consoleCertAndKey, consoleCertificate, consolePrivateKey, amtConsoleName = 'MeshCentral';
-        if (r.console == undefined) {
+        if (r.console == null) {
            consoleCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, false, amtConsoleName, country, organization, { name: 'extKeyUsage', clientAuth: true, '2.16.840.1.113741.1.2.1': true, '2.16.840.1.113741.1.2.2': true, '2.16.840.1.113741.1.2.3': true }); // Intel AMT Remote, Agent and Activation usages
            consoleCertificate = obj.pki.certificateToPem(consoleCertAndKey.cert);
            consolePrivateKey = obj.pki.privateKeyToPem(consoleCertAndKey.key);
@ -297,7 +300,7 @@ module.exports.CertificateOperations = function () {

        // If the mesh agent server certificate does not exist, create one
        var agentCertAndKey, agentCertificate, agentPrivateKey;
-        if (r.agent == undefined) {
+        if (r.agent == null) {
            agentCertAndKey = obj.IssueWebServerCertificate(rootCertAndKey, true, 'MeshCentralAgentServer');
            agentCertificate = obj.pki.certificateToPem(agentCertAndKey.cert);
            agentPrivateKey = obj.pki.privateKeyToPem(agentCertAndKey.key);
--- a/meshcentral.js
+++ b/meshcentral.js
@ -127,7 +127,7 @@ function CreateMeshCentralServer() {
    // Launch MeshCentral as a child server and monitor it.
    obj.launchChildServer = function (startLine) {
        var child_process = require('child_process');
-        var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: 512000 }, function (error, stdout, stderr) {
+        var xprocess = child_process.exec(startLine + ' --launch', { maxBuffer: Infinity }, function (error, stdout, stderr) {
            if (xprocess.xrestart == 1) {
                setTimeout(function () { obj.launchChildServer(startLine); }, 500); // This is an expected restart.
            } else if (xprocess.xrestart == 2) {
@ -136,7 +136,7 @@ function CreateMeshCentralServer() {
            } else if (xprocess.xrestart == 3) {
                // Server self-update exit
                var child_process = require('child_process');
-                var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: 512000, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { });
+                var xxprocess = child_process.exec('npm install meshcentral', { maxBuffer: Infinity, cwd: obj.path.join(__dirname, '../..') }, function (error, stdout, stderr) { });
                xxprocess.data = '';
                xxprocess.stdout.on('data', function (data) { xxprocess.data += data; });
                xxprocess.stderr.on('data', function (data) { xxprocess.data += data; });
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "meshcentral",
-  "version": "0.0.8-s",
+  "version": "0.0.8-u",
  "keywords": [
    "Remote Management",
    "Intel AMT",
--- a/webserver.js
+++ b/webserver.js
@ -1951,7 +1951,7 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
                        
            var xdomain = domain.id;
            if (xdomain != '') xdomain += "/";
-            var meshsettings = "MeshName=" + mesh.name + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n";
+            var meshsettings = "MeshName=" + mesh.name + "\r\nMeshType=" + mesh.mtype + "\r\nMeshID=0x" + req.query.id.toUpperCase() + "\r\nServerID=" + obj.agentCertificatHashHex.toUpperCase() + "\r\n";
            if (obj.args.lanonly != true) { meshsettings += "MeshServer=ws" + (obj.args.notls ? '' : 's') + "://" + certificates.CommonName + ":" + obj.args.port + "/" + xdomain + "agent.ashx\r\n"; } else { meshsettings += "MeshServer=local"; }

            res.set({ 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0', 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment; filename=meshagent.msh' });