From 4e2b334f025a7ed3e32fed10a08c1aae56f5057b Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Mon, 18 Apr 2022 16:06:36 -0700 Subject: [PATCH] More work on IP-KVM/PowerSwitch relay. --- meshipkvm.js | 4 ++-- meshrelay.js | 11 +++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/meshipkvm.js b/meshipkvm.js index fb054a62..c4b52ff4 100644 --- a/meshipkvm.js +++ b/meshipkvm.js @@ -1005,9 +1005,9 @@ function CreateMiniRouter(parent, nodeid, targetHost, targetPort) { socket.on('end', function () { close(this); }); socket.on('error', function (err) { close(this); }); - // Encode the device relay cookie. Note that there si no userid in this cookie. + // Encode the device relay cookie. Note that there is no userid in this cookie. const domainid = obj.nodeid.split('/')[1]; - const cookie = parent.parent.encodeCookie({ domainid: domainid, nodeid: obj.nodeid, tcpaddr: obj.targetHost, tcpport: obj.targetPort }, parent.parent.loginCookieEncryptionKey); + const cookie = parent.parent.encodeCookie({ nouser: 1, domainid: domainid, nodeid: obj.nodeid, tcpaddr: obj.targetHost, tcpport: obj.targetPort }, parent.parent.loginCookieEncryptionKey); const domain = parent.parent.config.domains[domainid]; // Setup the correct URL with domain and use TLS only if needed. diff --git a/meshrelay.js b/meshrelay.js index f0d6f009..ffc3b0d3 100644 --- a/meshrelay.js +++ b/meshrelay.js @@ -867,16 +867,19 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) { const node = docs[0]; // Check if this user has permission to manage this computer - if ((parent.GetNodeRights(user, node.meshid, node._id) & MESHRIGHT_REMOTECONTROL) == 0) { console.log('ERR: Access denied (1)'); try { obj.close(); } catch (e) { } return; } + if ((obj.nouser !== true) && ((parent.GetNodeRights(user, node.meshid, node._id) & MESHRIGHT_REMOTECONTROL) == 0)) { console.log('ERR: Access denied (1)'); try { obj.close(); } catch (e) { } return; } // Set nodeid and meshid obj.nodeid = node._id; obj.meshid = node.meshid; // Send connection request to agent - const rcookie = parent.parent.encodeCookie({ ruserid: user._id }, parent.parent.loginCookieEncryptionKey); + const rcookieData = {}; + if (user != null) { rcookieData.ruserid = user._id; } else if (obj.nouser === true) { rcookieData.nouser = 1; } + const rcookie = parent.parent.encodeCookie(rcookieData, parent.parent.loginCookieEncryptionKey); if (obj.id == null) { obj.id = ('' + Math.random()).substring(2); } // If there is no connection id, generate one. - const command = { nodeid: cookie.nodeid, action: 'msg', type: 'tunnel', userid: user._id, value: '*/' + xdomain + 'meshrelay.ashx?id=' + obj.id + '&rauth=' + rcookie, tcpport: cookie.tcpport, tcpaddr: cookie.tcpaddr, soptions: {} }; + const command = { nodeid: cookie.nodeid, action: 'msg', type: 'tunnel', value: '*/' + xdomain + 'meshrelay.ashx?id=' + obj.id + '&rauth=' + rcookie, tcpport: cookie.tcpport, tcpaddr: cookie.tcpaddr, soptions: {} }; + if (user) { command.userid = user._id; } if (typeof domain.consentmessages == 'object') { if (typeof domain.consentmessages.title == 'string') { command.soptions.consentTitle = domain.consentmessages.title; } if (typeof domain.consentmessages.desktop == 'string') { command.soptions.consentMsgDesktop = domain.consentmessages.desktop; } @@ -892,7 +895,7 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) { if (typeof domain.notificationmessages.files == 'string') { command.soptions.notifyMsgFiles = domain.notificationmessages.files; } } parent.parent.debug('relay', 'Relay: Sending agent tunnel command: ' + JSON.stringify(command)); - if (obj.sendAgentMessage(command, user._id, cookie.domainid) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + obj.req.clientIp + ')'); } + if (obj.sendAgentMessage(command, user?user._id:null, cookie.domainid) == false) { delete obj.id; parent.parent.debug('relay', 'Relay: Unable to contact this agent (' + obj.req.clientIp + ')'); } performRelay(); }); return obj;