123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 |
- /**
- * @description MeshCentral Mesh Agent Local Scanner
- * @author Ylian Saint-Hilaire
- * @copyright Intel Corporation 2018-2022
- * @license Apache-2.0
- * @version v0.0.1
- */
- /*jslint node: true */
- /*jshint node: true */
- /*jshint strict:false */
- /*jshint -W097 */
- /*jshint esversion: 6 */
- "use strict";
- // Construct a Mesh Scanner object
- // TODO: We need once "server4" and "server6" per interface, or change the default multicast interface as we send.
- module.exports.CreateMeshScanner = function (parent) {
- var obj = {};
- obj.parent = parent;
- obj.dgram = require('dgram');
- obj.common = require('./common.js');
- obj.servers4 = {};
- obj.servers6 = {};
- obj.mainTimer = null;
- const periodicScanTime = (60000 * 20); // Interval between scans, 20 minutes.
- const membershipIPv4 = '239.255.255.235';
- const membershipIPv6 = 'FF02:0:0:0:0:0:0:FE';
- obj.agentCertificateHashHex = parent.certificateOperations.forge.pki.getPublicKeyFingerprint(parent.certificateOperations.forge.pki.certificateFromPem(parent.certificates.agent.cert).publicKey, { md: parent.certificateOperations.forge.md.sha384.create(), encoding: 'hex' }).toUpperCase();
- obj.error = 0;
- obj.pendingOutboundPackets = [];
- obj.pendingOutboundTimer = null;
- // Setup the multicast key if present
- if ((typeof obj.parent.args.localdiscovery == 'object') && (typeof obj.parent.args.localdiscovery.key == 'string') && (obj.parent.args.localdiscovery.key.length > 0)) {
- obj.multicastKey = parent.crypto.createHash('sha384').update(obj.parent.args.localdiscovery.key).digest('raw').slice(0, 32);
- }
- // Encrypt UDP packet
- function encryptPacket(plainPacket) {
- if (obj.multicastKey == null) { return plainPacket; }
- const iv = parent.crypto.randomBytes(16), aes = parent.crypto.createCipheriv('aes-256-cbc', obj.multicastKey, iv);
- var ciphertext = aes.update(plainPacket);
- return Buffer.concat([iv, ciphertext, aes.final()]);
- }
- // Decrypt UDP packet
- function decryptPacket(packet) {
- if (obj.multicastKey == null) { return packet; }
- if (packet.length < 17) { return null; }
- try {
- const iv = packet.slice(0, 16), data = packet.slice(16);
- const aes = parent.crypto.createDecipheriv('aes-256-cbc', obj.multicastKey, iv);
- var plaintextBytes = Buffer.from(aes.update(data));
- return Buffer.concat([plaintextBytes, aes.final()]);
- } catch (ex) { return null; }
- }
- // Get a list of IPv4 and IPv6 interface addresses
- function getInterfaceList() {
- var i;
- var ipv4 = ['*'], ipv6 = ['*']; // Bind to IN_ADDR_ANY always
- var interfaces = require('os').networkInterfaces();
- for (i in interfaces) {
- var xinterface = interfaces[i];
- for (var j in xinterface) {
- var interface2 = xinterface[j];
- if ((interface2.mac != '00:00:00:00:00:00') && (interface2.internal == false)) {
- if (interface2.family == 'IPv4') { ipv4.push(interface2.address); }
- if (interface2.family == 'IPv6') { ipv6.push(interface2.address + '%' + i); }
- }
- }
- }
- return { ipv4: ipv4, ipv6: ipv6 };
- }
- // Setup all IPv4 and IPv6 servers
- function setupServers() {
- var addresses = getInterfaceList(), i, localAddress, bindOptions;
- for (i in obj.servers4) { obj.servers4[i].xxclear = true; }
- for (i in obj.servers6) { obj.servers6[i].xxclear = true; }
- for (i in addresses.ipv4) {
- localAddress = addresses.ipv4[i];
- if (obj.servers4[localAddress] != null) {
- // Server already exists
- obj.servers4[localAddress].xxclear = false;
- } else {
- // Create a new IPv4 server
- try {
- var server4 = obj.dgram.createSocket({ type: 'udp4', reuseAddr: true });
- server4.xxclear = false;
- server4.xxtype = 4;
- server4.xxlocal = localAddress;
- server4.on('error', function (err) { /*if (this.xxlocal == '*') { console.log("ERROR: Server port 16989 not available, check if server is running twice."); } this.close(); delete obj.servers6[this.xxlocal];*/ });
- bindOptions = { port: 16989, exclusive: true };
- if (server4.xxlocal != '*') { bindOptions.address = server4.xxlocal; }
- server4.bind(bindOptions, function () {
- try {
- var doscan = true;
- try { this.setBroadcast(true); this.setMulticastTTL(128); this.addMembership(membershipIPv4, this.xxlocal); } catch (e) { doscan = false; }
- this.on('error', function (error) { /*console.log('Error: ' + error);*/ });
- this.on('message', function (msg, info) { onUdpPacket(msg, info, this); });
- if (doscan == true) { obj.performScan(this); obj.performScan(this); }
- } catch (e) { console.log(e); }
- });
- obj.servers4[localAddress] = server4;
- } catch (e) {
- console.log(e);
- }
- }
- }
- for (i in addresses.ipv6) {
- localAddress = addresses.ipv6[i];
- if (obj.servers6[localAddress] != null) {
- // Server already exists
- obj.servers6[localAddress].xxclear = false;
- } else {
- // Create a new IPv6 server
- try {
- var server6 = obj.dgram.createSocket({ type: 'udp6', reuseAddr: true });
- server6.xxclear = false;
- server6.xxtype = 6;
- server6.xxlocal = localAddress;
- server6.on('error', function (err) { /*this.close(); delete obj.servers6[this.xxlocal];*/ });
- bindOptions = { port: 16989, exclusive: true };
- if (server6.xxlocal != '*') { bindOptions.address = server6.xxlocal; }
- server6.bind(bindOptions, function () {
- try {
- var doscan = true;
- try { this.setBroadcast(true); this.setMulticastTTL(128); this.addMembership(membershipIPv6, this.xxlocal); } catch (e) { doscan = false; }
- this.on('error', function (error) { console.log('Error: ' + error); });
- this.on('message', function (msg, info) { onUdpPacket(msg, info, this); });
- if (doscan == true) { obj.performScan(this); obj.performScan(this); }
- } catch (e) { console.log(e); }
- });
- obj.servers6[localAddress] = server6;
- } catch (e) {
- console.log(e);
- }
- }
- }
- for (i in obj.servers4) { if (obj.servers4[i].xxclear == true) { obj.servers4[i].close(); delete obj.servers4[i]; } }
- for (i in obj.servers6) { if (obj.servers6[i].xxclear == true) { obj.servers6[i].close(); delete obj.servers6[i]; } }
- }
- // Clear all IPv4 and IPv6 servers
- function clearServers() {
- var i;
- for (i in obj.servers4) { obj.servers4[i].close(); delete obj.servers4[i]; }
- for (i in obj.servers6) { obj.servers6[i].close(); delete obj.servers6[i]; }
- }
- // Start scanning for local network Mesh Agents
- obj.start = function () {
- if (obj.server4 != null) return;
- // Setup the local discovery values
- var name = 'MeshCentral';
- var info = '';
- try {
- if ((typeof obj.parent.config.domains[''].title == 'string') && (obj.parent.config.domains[''].title.length > 0)) {
- name = obj.parent.config.domains[''].title; info = '';
- try { if ((typeof obj.parent.config.domains[''].title2 == 'string') && (obj.parent.config.domains[''].title2.length > 0)) { info = obj.parent.config.domains[''].title2; } } catch (ex) { }
- }
- } catch (ex) { }
- try {
- if ((typeof obj.parent.args.localdiscovery.name == 'string') && (obj.parent.args.localdiscovery.name.length > 0)) {
- name = obj.parent.args.localdiscovery.name; info = '';
- try { if ((typeof obj.parent.args.localdiscovery.info == 'string') && (obj.parent.args.localdiscovery.info.length > 0)) { info = obj.parent.args.localdiscovery.info; } } catch (ex) { }
- }
- } catch (ex) { }
- if (info == '') { info = parent.certificates.CommonName; }
- // Figure out the correct websocket port
- var port = (parent.args.aliasport)?parent.args.aliasport:parent.args.port;
- // Build the IPv4 response
- var url = 'wss://%s:' + port + '/agent.ashx';
- obj.multicastPacket4 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
- if (parent.certificates.CommonName.indexOf('.') != -1) { url = 'wss://' + parent.certificates.CommonName + ':' + port + '/agent.ashx'; }
- obj.multicastPacket4x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
- // Build the IPv6 response
- url = 'wss://[%s]:' + port + '/agent.ashx';
- obj.multicastPacket6 = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url, 'ascii');
- if (parent.certificates.CommonName.indexOf('.') != -1) { url = 'wss://' + parent.certificates.CommonName + ':' + port + '/agent.ashx'; }
- obj.multicastPacket6x = Buffer.from("MeshCentral2|" + obj.agentCertificateHashHex + '|' + url + '|' + name + '|' + info, 'ascii');
- setupServers();
- obj.mainTimer = setInterval(obj.performScan, periodicScanTime);
- return obj;
- };
- // Stop scanning for local network Mesh Agents
- obj.stop = function () {
- if (obj.mainTimer != null) { clearInterval(obj.mainTimer); obj.mainTimer = null; }
- clearServers();
- };
- // Look for all Mesh Agents that may be locally reachable, indicating the presense of this server.
- obj.performScan = function (server) {
- var i;
- if (server != null) {
- if (server.xxtype == 4) { var p = encryptPacket(obj.multicastPacket4); try { server.send(p, 0, p.length, 16990, membershipIPv4); } catch (e) { } }
- if (server.xxtype == 6) { var p = encryptPacket(obj.multicastPacket6); try { server.send(p, 0, p.length, 16990, membershipIPv6); } catch (e) { } }
- if ((server.xxtype == 4) && (server.xxlocal == '*')) { var p = encryptPacket(obj.multicastPacket4); try { server.send(p, 0, p.length, 16990, '127.0.0.1'); } catch (e) { } try { server.send(p, 0, p.length, 16990, '255.255.255.255'); } catch (e) { } }
- if ((server.xxtype == 6) && (server.xxlocal == '*')) { var p = encryptPacket(obj.multicastPacket6); try { server.send(p, 0, p.length, 16990, '::1'); } catch (e) { } }
- } else {
- for (i in obj.servers4) { var p = encryptPacket(obj.multicastPacket4); try { obj.servers4[i].send(p, 0, p.length, 16990, membershipIPv4); } catch (e) { } }
- for (i in obj.servers6) { var p = encryptPacket(obj.multicastPacket6); try { obj.servers6[i].send(p, 0, p.length, 16990, membershipIPv6); } catch (e) { } }
- setupServers(); // Check if any network interfaces where added or removed
- }
- };
- // Called when a UDP packet is received from an agent.
- function onUdpPacket(msg, info, server) {
- // Decrypt the packet if needed
- if ((msg = decryptPacket(msg)) == null) return;
- //console.log('Received ' + msg.length + ' bytes from ' + info.address + ':' + info.port + ', on interface: ' + server.xxlocal + '.');
- if ((msg.length == 96) && (msg.toString('ascii') == obj.agentCertificateHashHex)) {
- if (server.xxtype == 4) { var p = encryptPacket(obj.multicastPacket4); try { server.send(p, 0, p.length, info.port, info.address); } catch (e) { } }
- if (server.xxtype == 6) { var p = encryptPacket(obj.multicastPacket6); try { server.send(p, 0, p.length, info.port, info.address); } catch (e) { } }
- } else if (msg.toString('ascii') == 'MeshServerScan') {
- if (server.xxtype == 4) { var p = encryptPacket(obj.multicastPacket4x); try { server.send(p, 0, p.length, info.port, info.address); } catch (e) { } }
- if (server.xxtype == 6) { var p = encryptPacket(obj.multicastPacket6x); try { server.send(p, 0, p.length, info.port, info.address); } catch (e) { } }
- }
- }
- // Send the next packet in the pending list, stop the timer if we are done.
- function sendPendingPacket() {
- if (obj.pendingOutboundPackets.length == 0) { if (obj.pendingOutboundTimer != null) { clearInterval(obj.pendingOutboundTimer); obj.pendingOutboundTimer = null; } return; }
- var packet = obj.pendingOutboundPackets.shift();
- if (packet != null) { packet[0].send(packet[1], 0, packet[1].length, packet[2], packet[3]); }
- }
- // As a side job, we also send server wake-on-lan packets
- obj.wakeOnLan = function (macs, host) {
- var i, j, futureTime = 0;
- for (i in macs) {
- var mac = macs[i].split(':').join('');
- var hexpacket = 'FFFFFFFFFFFF';
- for (j = 0; j < 16; j++) { hexpacket += mac; }
- var wakepacket = Buffer.from(hexpacket, 'hex');
- // Add all wake packets to the pending list
- for (var k = 0; k < 5; k++) {
- for (j in obj.servers4) {
- obj.pendingOutboundPackets.push([obj.servers4[j], wakepacket, 7, '255.255.255.255']); // IPv4 Broadcast
- obj.pendingOutboundPackets.push([obj.servers4[j], wakepacket, 16990, membershipIPv4]); // IPv4 Multicast
- if (host != null) { obj.pendingOutboundPackets.push([obj.servers4[j], wakepacket, 7, host]); } // IPv4 Directed
- }
- for (j in obj.servers6) {
- obj.pendingOutboundPackets.push([obj.servers6[j], wakepacket, 16990, membershipIPv6]); // IPv6 Multicast
- }
- }
- // Send each packet at 10ms interval
- // This packet spacing is absolutly required, otherwise the outbound buffer gets filled up and packets get lost which often causes the machine not to wake.
- if (obj.pendingOutboundTimer == null) { obj.pendingOutboundTimer = setInterval(sendPendingPacket, 10); }
- }
- };
- return obj;
- };
|