add insecure flag to allow self-signed certs to work
This commit is contained in:
parent
0777195423
commit
90d0bbf020
@ -14,6 +14,7 @@ package agent
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"math"
|
"math"
|
||||||
@ -73,6 +74,7 @@ type Agent struct {
|
|||||||
NatsProxyPort string
|
NatsProxyPort string
|
||||||
NatsPingInterval int
|
NatsPingInterval int
|
||||||
NatsWSCompression bool
|
NatsWSCompression bool
|
||||||
|
Insecure bool
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -125,12 +127,20 @@ func New(logger *logrus.Logger, version string) *Agent {
|
|||||||
headers["Authorization"] = fmt.Sprintf("Token %s", ac.Token)
|
headers["Authorization"] = fmt.Sprintf("Token %s", ac.Token)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
insecure := ac.Insecure == "true"
|
||||||
|
|
||||||
restyC := resty.New()
|
restyC := resty.New()
|
||||||
restyC.SetBaseURL(ac.BaseURL)
|
restyC.SetBaseURL(ac.BaseURL)
|
||||||
restyC.SetCloseConnection(true)
|
restyC.SetCloseConnection(true)
|
||||||
restyC.SetHeaders(headers)
|
restyC.SetHeaders(headers)
|
||||||
restyC.SetTimeout(15 * time.Second)
|
restyC.SetTimeout(15 * time.Second)
|
||||||
restyC.SetDebug(logger.IsLevelEnabled(logrus.DebugLevel))
|
restyC.SetDebug(logger.IsLevelEnabled(logrus.DebugLevel))
|
||||||
|
if insecure {
|
||||||
|
insecureConf := &tls.Config{
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
}
|
||||||
|
restyC.SetTLSClientConfig(insecureConf)
|
||||||
|
}
|
||||||
|
|
||||||
if len(ac.Proxy) > 0 {
|
if len(ac.Proxy) > 0 {
|
||||||
restyC.SetProxy(ac.Proxy)
|
restyC.SetProxy(ac.Proxy)
|
||||||
@ -236,6 +246,7 @@ func New(logger *logrus.Logger, version string) *Agent {
|
|||||||
NatsProxyPort: natsProxyPort,
|
NatsProxyPort: natsProxyPort,
|
||||||
NatsPingInterval: natsPingInterval,
|
NatsPingInterval: natsPingInterval,
|
||||||
NatsWSCompression: natsWsCompression,
|
NatsWSCompression: natsWsCompression,
|
||||||
|
Insecure: insecure,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -477,6 +488,12 @@ func (a *Agent) setupNatsOptions() []nats.Option {
|
|||||||
a.Logger.Errorln("NATS error:", err)
|
a.Logger.Errorln("NATS error:", err)
|
||||||
a.Logger.Errorf("%+v\n", sub)
|
a.Logger.Errorf("%+v\n", sub)
|
||||||
}))
|
}))
|
||||||
|
if a.Insecure {
|
||||||
|
insecureConf := &tls.Config{
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
}
|
||||||
|
opts = append(opts, nats.Secure(insecureConf))
|
||||||
|
}
|
||||||
return opts
|
return opts
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -16,6 +16,7 @@ package agent
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"bufio"
|
"bufio"
|
||||||
|
"crypto/tls"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
@ -160,6 +161,7 @@ func NewAgentConfig() *rmm.AgentConfig {
|
|||||||
NatsProxyPort: viper.GetString("natsproxyport"),
|
NatsProxyPort: viper.GetString("natsproxyport"),
|
||||||
NatsStandardPort: viper.GetString("natsstandardport"),
|
NatsStandardPort: viper.GetString("natsstandardport"),
|
||||||
NatsPingInterval: viper.GetInt("natspinginterval"),
|
NatsPingInterval: viper.GetInt("natspinginterval"),
|
||||||
|
Insecure: viper.GetString("insecure"),
|
||||||
}
|
}
|
||||||
return ret
|
return ret
|
||||||
}
|
}
|
||||||
@ -248,6 +250,12 @@ func (a *Agent) AgentUpdate(url, inno, version string) error {
|
|||||||
if len(a.Proxy) > 0 {
|
if len(a.Proxy) > 0 {
|
||||||
rClient.SetProxy(a.Proxy)
|
rClient.SetProxy(a.Proxy)
|
||||||
}
|
}
|
||||||
|
if a.Insecure {
|
||||||
|
insecureConf := &tls.Config{
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
}
|
||||||
|
rClient.SetTLSClientConfig(insecureConf)
|
||||||
|
}
|
||||||
|
|
||||||
r, err := rClient.R().SetOutput(f.Name()).Get(url)
|
r, err := rClient.R().SetOutput(f.Name()).Get(url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -14,6 +14,7 @@ package agent
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
@ -68,6 +69,7 @@ func NewAgentConfig() *rmm.AgentConfig {
|
|||||||
natsStandardPort, _, _ := k.GetStringValue("NatsStandardPort")
|
natsStandardPort, _, _ := k.GetStringValue("NatsStandardPort")
|
||||||
natsPingInterval, _, _ := k.GetStringValue("NatsPingInterval")
|
natsPingInterval, _, _ := k.GetStringValue("NatsPingInterval")
|
||||||
npi, _ := strconv.Atoi(natsPingInterval)
|
npi, _ := strconv.Atoi(natsPingInterval)
|
||||||
|
insecure, _, _ := k.GetStringValue("Insecure")
|
||||||
|
|
||||||
return &rmm.AgentConfig{
|
return &rmm.AgentConfig{
|
||||||
BaseURL: baseurl,
|
BaseURL: baseurl,
|
||||||
@ -85,6 +87,7 @@ func NewAgentConfig() *rmm.AgentConfig {
|
|||||||
NatsProxyPort: natsProxyPort,
|
NatsProxyPort: natsProxyPort,
|
||||||
NatsStandardPort: natsStandardPort,
|
NatsStandardPort: natsStandardPort,
|
||||||
NatsPingInterval: npi,
|
NatsPingInterval: npi,
|
||||||
|
Insecure: insecure,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -615,6 +618,12 @@ func (a *Agent) AgentUpdate(url, inno, version string) error {
|
|||||||
if len(a.Proxy) > 0 {
|
if len(a.Proxy) > 0 {
|
||||||
rClient.SetProxy(a.Proxy)
|
rClient.SetProxy(a.Proxy)
|
||||||
}
|
}
|
||||||
|
if a.Insecure {
|
||||||
|
insecureConf := &tls.Config{
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
}
|
||||||
|
rClient.SetTLSClientConfig(insecureConf)
|
||||||
|
}
|
||||||
r, err := rClient.R().SetOutput(updater).Get(url)
|
r, err := rClient.R().SetOutput(updater).Get(url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
a.Logger.Errorln(err)
|
a.Logger.Errorln(err)
|
||||||
|
@ -12,6 +12,7 @@ https://license.tacticalrmm.com
|
|||||||
package agent
|
package agent
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/tls"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net/url"
|
"net/url"
|
||||||
@ -47,6 +48,8 @@ type Installer struct {
|
|||||||
NoMesh bool
|
NoMesh bool
|
||||||
MeshDir string
|
MeshDir string
|
||||||
MeshNodeID string
|
MeshNodeID string
|
||||||
|
Insecure bool
|
||||||
|
NatsStandardPort string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *Agent) Install(i *Installer) {
|
func (a *Agent) Install(i *Installer) {
|
||||||
@ -97,6 +100,14 @@ func (a *Agent) Install(i *Installer) {
|
|||||||
iClient.SetProxy(i.Proxy)
|
iClient.SetProxy(i.Proxy)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
insecureConf := &tls.Config{
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
}
|
||||||
|
|
||||||
|
if i.Insecure {
|
||||||
|
iClient.SetTLSClientConfig(insecureConf)
|
||||||
|
}
|
||||||
|
|
||||||
creds, cerr := iClient.R().Get(fmt.Sprintf("%s/api/v3/installer/", baseURL))
|
creds, cerr := iClient.R().Get(fmt.Sprintf("%s/api/v3/installer/", baseURL))
|
||||||
if cerr != nil {
|
if cerr != nil {
|
||||||
a.installerMsg(cerr.Error(), "error", i.Silent)
|
a.installerMsg(cerr.Error(), "error", i.Silent)
|
||||||
@ -133,6 +144,10 @@ func (a *Agent) Install(i *Installer) {
|
|||||||
rClient.SetProxy(i.Proxy)
|
rClient.SetProxy(i.Proxy)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if i.Insecure {
|
||||||
|
rClient.SetTLSClientConfig(insecureConf)
|
||||||
|
}
|
||||||
|
|
||||||
var installerMeshSystemEXE string
|
var installerMeshSystemEXE string
|
||||||
if len(i.MeshDir) > 0 {
|
if len(i.MeshDir) > 0 {
|
||||||
installerMeshSystemEXE = filepath.Join(i.MeshDir, "MeshAgent.exe")
|
installerMeshSystemEXE = filepath.Join(i.MeshDir, "MeshAgent.exe")
|
||||||
@ -230,7 +245,7 @@ func (a *Agent) Install(i *Installer) {
|
|||||||
a.Logger.Debugln("Agent token:", agentToken)
|
a.Logger.Debugln("Agent token:", agentToken)
|
||||||
a.Logger.Debugln("Agent PK:", agentPK)
|
a.Logger.Debugln("Agent PK:", agentPK)
|
||||||
|
|
||||||
createAgentConfig(baseURL, a.AgentID, i.SaltMaster, agentToken, strconv.Itoa(agentPK), i.Cert, i.Proxy, i.MeshDir)
|
createAgentConfig(baseURL, a.AgentID, i.SaltMaster, agentToken, strconv.Itoa(agentPK), i.Cert, i.Proxy, i.MeshDir, i.NatsStandardPort, i.Insecure)
|
||||||
time.Sleep(1 * time.Second)
|
time.Sleep(1 * time.Second)
|
||||||
// refresh our agent with new values
|
// refresh our agent with new values
|
||||||
a = New(a.Logger, a.Version)
|
a = New(a.Logger, a.Version)
|
||||||
|
@ -33,7 +33,7 @@ func (a *Agent) installerMsg(msg, alert string, silent bool) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir string) {
|
func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir, natsport string, insecure bool) {
|
||||||
viper.SetConfigType("json")
|
viper.SetConfigType("json")
|
||||||
viper.Set("baseurl", baseurl)
|
viper.Set("baseurl", baseurl)
|
||||||
viper.Set("agentid", agentid)
|
viper.Set("agentid", agentid)
|
||||||
@ -43,6 +43,10 @@ func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, me
|
|||||||
viper.Set("cert", cert)
|
viper.Set("cert", cert)
|
||||||
viper.Set("proxy", proxy)
|
viper.Set("proxy", proxy)
|
||||||
viper.Set("meshdir", meshdir)
|
viper.Set("meshdir", meshdir)
|
||||||
|
viper.Set("natsstandardport", natsport)
|
||||||
|
if insecure {
|
||||||
|
viper.Set("insecure", "true")
|
||||||
|
}
|
||||||
viper.SetConfigPermissions(0660)
|
viper.SetConfigPermissions(0660)
|
||||||
err := viper.SafeWriteConfigAs(etcConfig)
|
err := viper.SafeWriteConfigAs(etcConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
"golang.org/x/sys/windows/registry"
|
"golang.org/x/sys/windows/registry"
|
||||||
)
|
)
|
||||||
|
|
||||||
func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir string) {
|
func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir, natsport string, insecure bool) {
|
||||||
k, _, err := registry.CreateKey(registry.LOCAL_MACHINE, `SOFTWARE\TacticalRMM`, registry.ALL_ACCESS)
|
k, _, err := registry.CreateKey(registry.LOCAL_MACHINE, `SOFTWARE\TacticalRMM`, registry.ALL_ACCESS)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalln("Error creating registry key:", err)
|
log.Fatalln("Error creating registry key:", err)
|
||||||
@ -73,6 +73,20 @@ func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, me
|
|||||||
log.Fatalln("Error creating MeshDir registry key:", err)
|
log.Fatalln("Error creating MeshDir registry key:", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(natsport) > 0 {
|
||||||
|
err = k.SetStringValue("NatsStandardPort", natsport)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatalln("Error creating NatsStandardPort registry key:", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if insecure {
|
||||||
|
err = k.SetStringValue("Insecure", "true")
|
||||||
|
if err != nil {
|
||||||
|
log.Fatalln("Error creating Insecure registry key:", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *Agent) checkExistingAndRemove(silent bool) {
|
func (a *Agent) checkExistingAndRemove(silent bool) {
|
||||||
|
6
main.go
6
main.go
@ -25,7 +25,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
version = "2.4.11"
|
version = "2.4.12-dev"
|
||||||
log = logrus.New()
|
log = logrus.New()
|
||||||
logFile *os.File
|
logFile *os.File
|
||||||
)
|
)
|
||||||
@ -53,6 +53,8 @@ func main() {
|
|||||||
cert := flag.String("cert", "", "Path to domain CA .pem")
|
cert := flag.String("cert", "", "Path to domain CA .pem")
|
||||||
silent := flag.Bool("silent", false, "Do not popup any message boxes during installation")
|
silent := flag.Bool("silent", false, "Do not popup any message boxes during installation")
|
||||||
proxy := flag.String("proxy", "", "Use a http proxy")
|
proxy := flag.String("proxy", "", "Use a http proxy")
|
||||||
|
insecure := flag.Bool("insecure", false, "Insecure for testing only")
|
||||||
|
natsport := flag.String("natsport", "", "nats standard port")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
if *ver {
|
if *ver {
|
||||||
@ -158,6 +160,8 @@ func main() {
|
|||||||
NoMesh: *noMesh,
|
NoMesh: *noMesh,
|
||||||
MeshDir: *meshDir,
|
MeshDir: *meshDir,
|
||||||
MeshNodeID: *meshNodeID,
|
MeshNodeID: *meshNodeID,
|
||||||
|
Insecure: *insecure,
|
||||||
|
NatsStandardPort: *natsport,
|
||||||
})
|
})
|
||||||
default:
|
default:
|
||||||
agent.ShowStatus(version)
|
agent.ShowStatus(version)
|
||||||
|
@ -48,6 +48,7 @@ type AgentConfig struct {
|
|||||||
NatsProxyPort string
|
NatsProxyPort string
|
||||||
NatsStandardPort string
|
NatsStandardPort string
|
||||||
NatsPingInterval int
|
NatsPingInterval int
|
||||||
|
Insecure string
|
||||||
}
|
}
|
||||||
|
|
||||||
type RunScriptResp struct {
|
type RunScriptResp struct {
|
||||||
|
Loading…
Reference in New Issue
Block a user