Bump version

CHANGELOG.rst

@@ -2,10 +2,19 @@
 Changelog
 =========
 
+version 1.3.3
+=============
+
+Improvements:
+	* Dependency bumps
+
+Bugs:
+	* Fix run_commands having an issue with ignore_output
+
 version 1.3.2
 =============
 
-Improvments:
+Improvements:
 	* Fix race condition that could occur when running `run_command` or `run_console_command`
 
 version 1.3.1

docs/requirements.txt

@@ -6,7 +6,7 @@ sphinx-jinja2-compat>=0.1.1
 sphinx-toolbox>=2.16.0
 # sphinx_rtd_theme
 cffi~=1.17.1
-cryptography~=44.0.1
 pycparser~=2.22
-websockets~=15.0.0
+enum_tools
-enum_tools
+cryptography~=46.0.5
+websockets~=16.0.0

setup.cfg

@@ -44,9 +44,9 @@ python_requires = >=3.8
 # For more information, check out https://semver.org/.
 install_requires =
     importlib-metadata
-    cryptography~=44.0.1
+    cryptography~=46.0.5
-    websockets~=15.0.0
+    websockets~=16.0.0
-    python-socks[asyncio]~=2.5.3
+    python-socks[asyncio]~=2.8.1
 
 
 [options.packages.find]

src/meshctrl/session.py

@@ -1501,7 +1501,7 @@ class Session(object):
                 if (f"node//{nid}" == id):
                     return nid
 
-        result = None
+        result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
         console_result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
         reply_result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
         async def _console():
@@ -1536,49 +1536,52 @@ class Session(object):
         async def __(command, tg, tasks):
             nonlocal result
             responseid = self._generate_response_id("run_command")
+            
             if not ignore_output:
                 reply_task = tg.create_task(asyncio.wait_for(_reply(responseid), timeout=timeout))
-                console_task = tg.create_task(asyncio.wait_for(_console(), timeout=timeout))
+            # We still need to parse the console results because it sends them without namespace, this will likely break older versions of meshcentral
+            console_task = tg.create_task(asyncio.wait_for(_console(), timeout=timeout))
             data = await self._send_command(command, "run_command", timeout=timeout, responseid=responseid)
 
             if data.get("type", None) != "runcommands" and data.get("result", "ok").lower() != "ok":
                 raise exceptions.ServerError(data["result"])
             elif data.get("type", None) != "runcommands" and data.get("result", "ok").lower() == "ok":
-                reply_task.cancel()
-                result = console_result
                 expect_response = False
                 if not ignore_output:
-                    userid = (await self.user_info())["_id"]
+                    reply_task.cancel()
-                    for n in nodeids:
+                    result = console_result
-                        device_info = await self.device_info(n, timeout=timeout)
+                userid = (await self.user_info())["_id"]
-                        try:
+                for n in nodeids:
-                            permissions = device_info.mesh.links.get(userid, {}).get("rights",constants.DeviceRights.norights)\
+                    device_info = await self.device_info(n, timeout=timeout)
-                            # This should work for device rights, but it only seems to work for mesh rights. Not sure why, but I can't get the events to show up when the user only has individual device rights
+                    try:
-                            # |device_info.get("links", {}).get(userid, {}).get("rights", constants.DeviceRights.norights)
+                        permissions = device_info.mesh.links.get(userid, {}).get("rights",constants.DeviceRights.norights)
-                            # If we don't have agentconsole rights, we won't be able te read the output, so fill in blanks on this node
+                        # This should work for device rights, but it only seems to work for mesh rights. Not sure why, but I can't get the events to show up when the user only has individual device rights
-                            if not permissions&constants.DeviceRights.agentconsole:
+                        # |device_info.get("links", {}).get(userid, {}).get("rights", constants.DeviceRights.norights)
-                                result[n]["complete"] = True
+                        # If we don't have agentconsole rights, we won't be able te read the output, so fill in blanks on this node
-                            else:
+                        if not permissions&constants.DeviceRights.agentconsole:
-                                expect_response = True
-                        except AttributeError:
                             result[n]["complete"] = True
+                        else:
+                            expect_response = True
+                    except AttributeError:
+                        result[n]["complete"] = True
                 if expect_response:
                     tasks.append(console_task)
                 else:
                     console_task.cancel()
-            elif data.get("type", None) == "runcommands" and not ignore_output:
+            elif data.get("type", None) == "runcommands":
-                result = reply_result
                 console_task.cancel()
-                tasks.append(reply_task)
-            else:
                 if not ignore_output:
-                    console_task.cancel()
+                    result = reply_result
-                    reply_task.cancel()
+                    tasks.append(reply_task)
+            else:
+                # if not ignore_output:
+                console_task.cancel()
+                reply_task.cancel()
                 raise exceptions.ServerError(f"Unrecognized response: {data}")
 
         tasks = []
         async with asyncio.TaskGroup() as tg:
-            tasks.append(tg.create_task(__({ "action": 'runcommands', "nodeids": nodeids, "type": (2 if powershell else 0), "cmds": command, "runAsUser": runAsUser, "reply": not ignore_output}, tg, tasks)))
+            tasks.append(tg.create_task(__({ "action": 'runcommands', "nodeids": nodeids, "type": (2 if powershell else 0), "cmds": command, "runAsUser": runAsUser, "reply": True}, tg, tasks)))
 
         return {n: v | {"result": "".join(v["result"])} for n,v in result.items()}
 

tests/environment/__init__.py

@@ -4,7 +4,10 @@ import subprocess
 import time
 import json
 import atexit
-import pytest
+try:
+    import pytest
+except:
+    pass
 import requests
 thisdir = os.path.abspath(os.path.dirname(__file__))
 
@@ -68,6 +71,9 @@ class TestEnvironment(object):
         if not self._wait_for_meshcentral():
             self.__exit__(None, None, None)
             raise Exception("Failed to create docker instance")
+        if not self._wait_for_client_server():
+            self.__exit__(None, None, None)
+            raise Exception("Failed to create client server")
         return self
 
     def _wait_for_meshcentral(self, timeout=30):
@@ -90,6 +96,26 @@ class TestEnvironment(object):
             return False
         return True
 
+    def _wait_for_client_server(self, timeout=30):
+        start = time.time()
+        while time.time() - start < timeout:
+            try:
+                data = subprocess.check_output(["docker", "inspect", "meshctrl-client", "--format='{{json .State.Health}}'"], cwd=thisdir, stderr=subprocess.DEVNULL)
+                # docker outputs for humans, not computers. This is the easiest way to chop off the ends
+                data = json.loads(data.strip()[1:-1])
+            except Exception as e:
+                time.sleep(1)
+                continue
+            try:
+                if data["Status"] == "healthy":
+                    break
+            except:
+                pass
+            time.sleep(1)
+        else:
+            return False
+        return True
+
     def __exit__(self, exc_t, exc_v, exc_tb):
         pass
 
@@ -112,10 +138,13 @@ def _kill_docker_process():
 
 atexit.register(_kill_docker_process)
 
-@pytest.fixture(scope="session")
+try:
-def env():
+    @pytest.fixture(scope="session")
-    with TestEnvironment() as e:
+    def env():
-        yield e
+        with TestEnvironment() as e:
+            yield e
+except:
+    pass
 
 
 if __name__ == "__main__":

tests/environment/compose.yaml

@@ -9,6 +9,8 @@ services:
     image: client
     build:
       dockerfile: client.dockerfile
+    sysctls:
+      net.ipv6.conf.all.disable_ipv6: 1
     ports:
       - 5000:5000
     depends_on:
@@ -20,6 +22,10 @@ services:
     #   - ./meshcentral/mongodb_data:/data/db
     networks:
       - meshctrl
+    healthcheck:
+      test: curl --fail http://localhost:5000/ || exit 1
+      interval: 5s
+      timeout: 120s
     extra_hosts:
       - "host.docker.internal:host-gateway"
 
@@ -28,6 +34,8 @@ services:
     container_name: meshctrl-meshcentral
     # use the official meshcentral container
     image: meshcentral
+    sysctls:
+      net.ipv6.conf.all.disable_ipv6: 1
     build:
       dockerfile: meshcentral.dockerfile
     ports:
@@ -55,6 +63,8 @@ services:
     image: ubuntu/squid:latest
     restart: unless-stopped
     container_name: meshctrl-squid
+    sysctls:
+      net.ipv6.conf.all.disable_ipv6: 1
     ports:
       - 3128:3128
 

tests/environment/config/squid/conf.d/meshctrl.conf

@@ -1,9 +1,19 @@
 # Logs are managed by logrotate on Debian
 logfile_rotate 0
 
-acl all src all
+acl to_ipv6 dst ipv6
+acl from_ipv6 src ipv6
+
+acl to_ipv4 dst ipv4
+acl from_ipv4 src ipv4
+
+#acl all src all
 acl Safe_ports port 8086
 acl SSS_ports port 8086
+http_access allow to_ipv4
+http_access allow from_ipv4
+http_access deny to_ipv6
+http_access deny from_ipv6
 http_access allow all
 debug_options ALL,0 85,2 88,2
 

tests/environment/meshcentral.dockerfile

@@ -1,4 +1,4 @@
-FROM ghcr.io/ylianst/meshcentral:1.1.50
+FROM ghcr.io/ylianst/meshcentral:1.1.56
 RUN apk add curl
 RUN apk add python3
 WORKDIR /opt/meshcentral/

tests/environment/scripts/client/agent_server.py

@@ -62,7 +62,7 @@ def remove_agent(agentid):
 
 @api.route('/', methods=['GET'])
 def slash():
-    return [_["id"] for _ in agents]
+    return [value["id"] for key, value in agents.items()]
 
 if __name__ == '__main__':
     api.run()

tests/requirements.txt

@@ -1,6 +1,6 @@
 requests
 pytest-asyncio
 cffi==1.17.1
-cryptography~=44.0.1
 pycparser==2.22
-websockets~=15.0.0
+cryptography~=46.0.5
+websockets~=16.0.0

tests/test_session.py

@@ -251,6 +251,12 @@ async def test_mesh_device(env):
             assert "Run commands completed." not in r[agent2.nodeid]["result"], "Didn't parse run command ending correctly"
             assert "meshagent" in (await privileged_session.run_command(agent.nodeid, "ls", timeout=10))[agent.nodeid]["result"], "ls gave incorrect data"
 
+            # Test run_commands ignore output
+            r = await admin_session.run_command([agent.nodeid, agent2.nodeid], "ls", ignore_output=True, timeout=10)
+            print("\ninfo run_command ignore_output: {}\n".format(r))
+            assert r[agent.nodeid]["result"] == '', "Ignore output returned an output"
+            assert r[agent2.nodeid]["result"] == '', "Ignore output returned an output"
+
             # Test run_commands missing device
             try:
                 await admin_session.run_command([agent.nodeid, "notanid"], "ls", timeout=10)
@@ -259,11 +265,18 @@ async def test_mesh_device(env):
             else:
                 raise Exception("Run command on a device that doesn't exist did not raise an exception")
 
+            # Test run_console_command
             r = await admin_session.run_console_command([agent.nodeid, agent2.nodeid], "info", timeout=10)
             print("\ninfo run_console_command: {}\n".format(r))
             assert agent.nodeid in r[agent.nodeid]["result"], "Run console command gave bad response"
             assert agent2.nodeid in r[agent2.nodeid]["result"], "Run console command gave bad response"
 
+            # Test run_console_command ignore output
+            r = await admin_session.run_console_command([agent.nodeid, agent2.nodeid], "info", timeout=10, ignore_output=True)
+            print("\ninfo run_console_command ignore_output: {}\n".format(r))
+            assert r[agent.nodeid]["result"] == '', "Ignore output returned an output"
+            assert r[agent2.nodeid]["result"] == '', "Ignore output returned an output"
+
             # Test run_commands missing device
             try:
                 await admin_session.run_console_command([agent.nodeid, "notanid"], "info", timeout=10)