Release 2.5.0

LICENSE.md

@@ -1,11 +1,11 @@
 ### Tactical RMM License Version 1.0
 
-Text of license:&emsp;&emsp;&emsp;Copyright © 2022 AmidaWare LLC.  All rights reserved.<br>
+Text of license:&emsp;&emsp;&emsp;Copyright © 2023 AmidaWare Inc.  All rights reserved.<br>
 &emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&nbsp;Amending the text of this license is not permitted.
 
-Trade Mark:&emsp;&emsp;&emsp;&emsp;"Tactical RMM" is a trade mark of AmidaWare LLC.
+Trade Mark:&emsp;&emsp;&emsp;&emsp;"Tactical RMM" is a trade mark of AmidaWare Inc.
 
-Licensor:&emsp;&emsp;&emsp;&emsp;&emsp;&nbsp;&nbsp;AmidaWare LLC of 1968 S Coast Hwy PMB 3847 Laguna Beach, CA, USA.
+Licensor:&emsp;&emsp;&emsp;&emsp;&emsp;&nbsp;&nbsp;AmidaWare Inc. of 1968 S Coast Hwy PMB 3847 Laguna Beach, CA, USA.
 
 Licensed Software:&emsp;&nbsp;The software known as Tactical RMM Version v0.12.0 (and all subsequent releases and versions) and the Tactical RMM Agent v2.0.0 (and all subsequent releases and versions).
 
@@ -26,7 +26,7 @@ This license does not allow the functionality of the Licensed Software (whether
 * the offering of installation and/or configuration services;
 * the offer for sale, distribution or sale of any service or product (whether or not branded as Tactical RMM).
 
-The prior written approval of AmidaWare LLC must be obtained for all commercial use and/or for-profit service use of the (i) Licensed Software (whether in whole or in part), (ii) a modified version of the Licensed Software and/or (iii) a derivative work.
+The prior written approval of AmidaWare Inc. must be obtained for all commercial use and/or for-profit service use of the (i) Licensed Software (whether in whole or in part), (ii) a modified version of the Licensed Software and/or (iii) a derivative work.
 
 The terms of this license apply to all copies of the Licensed Software (including modified versions) and derivative works.
 
@@ -38,7 +38,7 @@ If a derivative work is created which is based on or otherwise incorporates all
 ### 4. Copyright Notice
 The following copyright notice shall be included in all copies of the Licensed Software:
 
-&emsp;&emsp;&emsp;Copyright © 2022 AmidaWare LLC.
+&emsp;&emsp;&emsp;Copyright © 2023 AmidaWare Inc.
 
 &emsp;&emsp;&emsp;Licensed under the Tactical RMM License Version 1.0 (the “License”).<br>
 &emsp;&emsp;&emsp;You may only use the Licensed Software in accordance with the License.<br>
@@ -54,13 +54,13 @@ THE FOLLOWING EXCLUSIONS SHALL APPLY TO THE FULLEST EXTENT PERMISSIBLE AT LAW.
 This license shall terminate with immediate effect if there is a material breach of any of its terms.
 
 ### 8. No partnership, agency or joint venture
-Nothing in this license agreement is intended to, or shall be deemed to, establish any partnership or joint venture or any relationship of agency between AmidaWare LLC and any other person.
+Nothing in this license agreement is intended to, or shall be deemed to, establish any partnership or joint venture or any relationship of agency between AmidaWare Inc. and any other person.
 
 ### 9. No endorsement
 The names of the authors and/or the copyright holders must not be used to promote or endorse any products or services which are in any way derived from the Licensed Software without prior written consent.
 
 ### 10. Trademarks
-No permission is granted to use the trademark “Tactical RMM” or any other trade name, trademark, service mark or product name of AmidaWare LLC except to the extent necessary to comply with the notice requirements in Section 4 (Copyright Notice).
+No permission is granted to use the trademark “Tactical RMM” or any other trade name, trademark, service mark or product name of AmidaWare Inc. except to the extent necessary to comply with the notice requirements in Section 4 (Copyright Notice).
 
 ### 11. Entire agreement
 This license contains the whole agreement relating to its subject matter.

agent/agent.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.
@@ -14,6 +14,7 @@ package agent
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"math"
@@ -73,6 +74,7 @@ type Agent struct {
 	NatsProxyPort      string
 	NatsPingInterval   int
 	NatsWSCompression  bool
+	Insecure           bool
 }
 
 const (
@@ -125,12 +127,20 @@ func New(logger *logrus.Logger, version string) *Agent {
 		headers["Authorization"] = fmt.Sprintf("Token %s", ac.Token)
 	}
 
+	insecure := ac.Insecure == "true"
+
 	restyC := resty.New()
 	restyC.SetBaseURL(ac.BaseURL)
 	restyC.SetCloseConnection(true)
 	restyC.SetHeaders(headers)
 	restyC.SetTimeout(15 * time.Second)
 	restyC.SetDebug(logger.IsLevelEnabled(logrus.DebugLevel))
+	if insecure {
+		insecureConf := &tls.Config{
+			InsecureSkipVerify: true,
+		}
+		restyC.SetTLSClientConfig(insecureConf)
+	}
 
 	if len(ac.Proxy) > 0 {
 		restyC.SetProxy(ac.Proxy)
@@ -236,6 +246,7 @@ func New(logger *logrus.Logger, version string) *Agent {
 		NatsProxyPort:      natsProxyPort,
 		NatsPingInterval:   natsPingInterval,
 		NatsWSCompression:  natsWsCompression,
+		Insecure:           insecure,
 	}
 }
 
@@ -477,6 +488,12 @@ func (a *Agent) setupNatsOptions() []nats.Option {
 		a.Logger.Errorln("NATS error:", err)
 		a.Logger.Errorf("%+v\n", sub)
 	}))
+	if a.Insecure {
+		insecureConf := &tls.Config{
+			InsecureSkipVerify: true,
+		}
+		opts = append(opts, nats.Secure(insecureConf))
+	}
 	return opts
 }
 

agent/agent_unix.go

@@ -2,7 +2,7 @@
 // +build !windows
 
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.
@@ -16,6 +16,7 @@ package agent
 
 import (
 	"bufio"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"os"
@@ -160,6 +161,7 @@ func NewAgentConfig() *rmm.AgentConfig {
 		NatsProxyPort:    viper.GetString("natsproxyport"),
 		NatsStandardPort: viper.GetString("natsstandardport"),
 		NatsPingInterval: viper.GetInt("natspinginterval"),
+		Insecure:         viper.GetString("insecure"),
 	}
 	return ret
 }
@@ -248,6 +250,12 @@ func (a *Agent) AgentUpdate(url, inno, version string) error {
 	if len(a.Proxy) > 0 {
 		rClient.SetProxy(a.Proxy)
 	}
+	if a.Insecure {
+		insecureConf := &tls.Config{
+			InsecureSkipVerify: true,
+		}
+		rClient.SetTLSClientConfig(insecureConf)
+	}
 
 	r, err := rClient.R().SetOutput(f.Name()).Get(url)
 	if err != nil {

agent/agent_windows.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.
@@ -14,6 +14,7 @@ package agent
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"os"
@@ -68,6 +69,7 @@ func NewAgentConfig() *rmm.AgentConfig {
 	natsStandardPort, _, _ := k.GetStringValue("NatsStandardPort")
 	natsPingInterval, _, _ := k.GetStringValue("NatsPingInterval")
 	npi, _ := strconv.Atoi(natsPingInterval)
+	insecure, _, _ := k.GetStringValue("Insecure")
 
 	return &rmm.AgentConfig{
 		BaseURL:            baseurl,
@@ -85,6 +87,7 @@ func NewAgentConfig() *rmm.AgentConfig {
 		NatsProxyPort:      natsProxyPort,
 		NatsStandardPort:   natsStandardPort,
 		NatsPingInterval:   npi,
+		Insecure:           insecure,
 	}
 }
 
@@ -158,21 +161,36 @@ func (a *Agent) RunScript(code string, shell string, args []string, timeout int,
 	defer cancel()
 
 	var timedOut = false
+	var token *wintoken.Token
+	var envBlock *uint16
+	usingEnvVars := len(envVars) > 0
 	cmd := exec.Command(exe, cmdArgs...)
 	if runasuser {
-		token, err := wintoken.GetInteractiveToken(wintoken.TokenImpersonation)
+		token, err = wintoken.GetInteractiveToken(wintoken.TokenImpersonation)
 		if err == nil {
 			defer token.Close()
 			cmd.SysProcAttr = &syscall.SysProcAttr{Token: syscall.Token(token.Token()), HideWindow: true}
+
+			if usingEnvVars {
+				envBlock, err = CreateEnvironmentBlock(syscall.Token(token.Token()))
+				if err == nil {
+					defer DestroyEnvironmentBlock(envBlock)
+					userEnv := EnvironmentBlockToSlice(envBlock)
+					cmd.Env = userEnv
+				} else {
+					cmd.Env = os.Environ()
+				}
+			}
 		}
+	} else if usingEnvVars {
+		cmd.Env = os.Environ()
 	}
-	cmd.Stdout = &outb
-	cmd.Stderr = &errb
 
-	if len(envVars) > 0 {
-		cmd.Env = os.Environ()
+	if usingEnvVars {
 		cmd.Env = append(cmd.Env, envVars...)
 	}
+	cmd.Stdout = &outb
+	cmd.Stderr = &errb
 
 	if cmdErr := cmd.Start(); cmdErr != nil {
 		a.Logger.Debugln(cmdErr)
@@ -615,6 +633,12 @@ func (a *Agent) AgentUpdate(url, inno, version string) error {
 	if len(a.Proxy) > 0 {
 		rClient.SetProxy(a.Proxy)
 	}
+	if a.Insecure {
+		insecureConf := &tls.Config{
+			InsecureSkipVerify: true,
+		}
+		rClient.SetTLSClientConfig(insecureConf)
+	}
 	r, err := rClient.R().SetOutput(updater).Get(url)
 	if err != nil {
 		a.Logger.Errorln(err)

agent/checkin.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.

agent/checks.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.

agent/choco_windows.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.

agent/eventlog_windows.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.

agent/install.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.
@@ -12,6 +12,7 @@ https://license.tacticalrmm.com
 package agent
 
 import (
+	"crypto/tls"
 	"fmt"
 	"io"
 	"net/url"
@@ -28,25 +29,27 @@ import (
 )
 
 type Installer struct {
-	Headers     map[string]string
-	RMM         string
-	ClientID    int
-	SiteID      int
-	Description string
-	AgentType   string
-	Power       bool
-	RDP         bool
-	Ping        bool
-	Token       string
-	LocalMesh   string
-	Cert        string
-	Proxy       string
-	Timeout     time.Duration
-	SaltMaster  string
-	Silent      bool
-	NoMesh      bool
-	MeshDir     string
-	MeshNodeID  string
+	Headers          map[string]string
+	RMM              string
+	ClientID         int
+	SiteID           int
+	Description      string
+	AgentType        string
+	Power            bool
+	RDP              bool
+	Ping             bool
+	Token            string
+	LocalMesh        string
+	Cert             string
+	Proxy            string
+	Timeout          time.Duration
+	SaltMaster       string
+	Silent           bool
+	NoMesh           bool
+	MeshDir          string
+	MeshNodeID       string
+	Insecure         bool
+	NatsStandardPort string
 }
 
 func (a *Agent) Install(i *Installer) {
@@ -97,6 +100,14 @@ func (a *Agent) Install(i *Installer) {
 		iClient.SetProxy(i.Proxy)
 	}
 
+	insecureConf := &tls.Config{
+		InsecureSkipVerify: true,
+	}
+
+	if i.Insecure {
+		iClient.SetTLSClientConfig(insecureConf)
+	}
+
 	creds, cerr := iClient.R().Get(fmt.Sprintf("%s/api/v3/installer/", baseURL))
 	if cerr != nil {
 		a.installerMsg(cerr.Error(), "error", i.Silent)
@@ -133,6 +144,10 @@ func (a *Agent) Install(i *Installer) {
 		rClient.SetProxy(i.Proxy)
 	}
 
+	if i.Insecure {
+		rClient.SetTLSClientConfig(insecureConf)
+	}
+
 	var installerMeshSystemEXE string
 	if len(i.MeshDir) > 0 {
 		installerMeshSystemEXE = filepath.Join(i.MeshDir, "MeshAgent.exe")
@@ -230,7 +245,7 @@ func (a *Agent) Install(i *Installer) {
 	a.Logger.Debugln("Agent token:", agentToken)
 	a.Logger.Debugln("Agent PK:", agentPK)
 
-	createAgentConfig(baseURL, a.AgentID, i.SaltMaster, agentToken, strconv.Itoa(agentPK), i.Cert, i.Proxy, i.MeshDir)
+	createAgentConfig(baseURL, a.AgentID, i.SaltMaster, agentToken, strconv.Itoa(agentPK), i.Cert, i.Proxy, i.MeshDir, i.NatsStandardPort, i.Insecure)
 	time.Sleep(1 * time.Second)
 	// refresh our agent with new values
 	a = New(a.Logger, a.Version)

agent/install_unix.go

@@ -2,7 +2,7 @@
 // +build !windows
 
 /*
-Copyright 2022 AmidaWare LLC.
+Copyright 2023 AmidaWare Inc.
 
 Licensed under the Tactical RMM License Version 1.0 (the “License”).
 You may only use the Licensed Software in accordance with the License.
@@ -33,7 +33,7 @@ func (a *Agent) installerMsg(msg, alert string, silent bool) {
 	}
 }
 
-func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir string) {
+func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, meshdir, natsport string, insecure bool) {
 	viper.SetConfigType("json")
 	viper.Set("baseurl", baseurl)
 	viper.Set("agentid", agentid)
@@ -43,6 +43,10 @@ func createAgentConfig(baseurl, agentid, apiurl, token, agentpk, cert, proxy, me
 	viper.Set("cert", cert)
 	viper.Set("proxy", proxy)
 	viper.Set("meshdir", meshdir)
+	viper.Set("natsstandardport", natsport)
+	if insecure {
+		viper.Set("insecure", "true")
+	}
 	viper.SetConfigPermissions(0660)
 	err := viper.SafeWriteConfigAs(etcConfig)
 	if err != nil {