Merge pull request #24 from sphen13/dev2

v2.3.2
BlueSkyTools · Dec 29, 2020 · b17689e · b17689e
2 parents 8e7a181 + 071c644
commit b17689e
Show file tree

Hide file tree

Showing 12 changed files with 100 additions and 9 deletions.
diff --git a/Admin Tools/temporary client/corkscrew b/Admin Tools/temporary client/corkscrew
diff --git a/Admin Tools/temporary client/proxy-config b/Admin Tools/temporary client/proxy-config
diff --git a/Client/autossh b/Client/autossh
diff --git a/Client/bluesky.sh b/Client/bluesky.sh
@@ -22,7 +22,7 @@
 # Set this to a different location if you'd prefer it live somewhere else
 ourHome="/var/bluesky"
 
-bVer="2.3.1"
+bVer="2.3.2"
 
 # planting a debug flag runs bash in -x so you get all the output
 if [ -e "$ourHome/.debug" ]; then
@@ -122,7 +122,7 @@ function startMeUp {
     logMe "SSH port is set to $altPort per settings"
   fi
   # is this 10.6 which doesn't support UseRoaming or 10.12+ which doesn't need the flag?
-  if [ "$osVersion" != "6" ] && [ ${osVersion:-0} -lt 12 ]; then
+  if [ ${osVersionMajor:-0} -eq 10 ] && [ "$osVersionMinor" != "6" ] && [ ${osVersionMinor:-0} -lt 12 ]; then
     noRoam="-o UseRoaming=no"
   fi
   ## main command right here
@@ -282,10 +282,11 @@ fi
 
 # get the version of the OS so we can ensure compatiblity
 osRaw=`sw_vers -productVersion`
-osVersion=`echo "$osRaw" | awk -F . '{ print $2 }'`
+osVersionMajor=`echo "$osRaw" | awk -F . '{ print $1 }'`
+osVersionMinor=`echo "$osRaw" | awk -F . '{ print $2 }'`
 
 # select all of our algorithms - treating OS X 10.10 and below as insecure, defaulting to secure
-if [ ${osVersion:-0} -lt 11 ] && [ ${osVersion:-0} -ne 0 ]; then
+if [ ${osVersionMajor:-0} -eq 10 ] && [ ${osVersionMinor:-0} -lt 11 ] && [ ${osVersionMinor:-0} -ne 0 ]; then
   keyAlg="ssh-rsa"
   serverKey="serverkeyrsa"
   prefCipher="aes256-ctr"

diff --git a/Client/com.solarwindsmsp.bluesky.reconnect.plist b/Client/com.solarwindsmsp.bluesky.reconnect.plist
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
+        "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+		<key>Disabled</key>
+		<false/>
+		<key>Label</key>
+		<string>com.solarwindsmsp.bluesky.reconnect</string>
+		<key>ProgramArguments</key>
+		<array>
+			<string>/var/bluesky/reconnect.sh</string>
+		</array>
+		<key>WatchPaths</key>
+		<array>
+			<string>/private/var/db/dhcpclient/leases</string>
+		</array>
+		<key>RunAtLoad</key>
+		<false/>
+</dict>
+</plist>
diff --git a/Client/com.solarwindsmsp.bluesky.sleepwatcher.plist b/Client/com.solarwindsmsp.bluesky.sleepwatcher.plist
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
+        "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+		<key>Disabled</key>
+		<false/>
+		<key>Label</key>
+		<string>com.solarwindsmsp.bluesky.sleepwatcher</string>
+		<key>ProgramArguments</key>
+		<array>
+      <string>/var/bluesky/sleepwatcher</string>
+      <string>-w</string>
+      <string>/var/bluesky/reconnect.sh wake</string>
+		</array>
+		<key>RunAtLoad</key>
+		<true/>
+    <key>KeepAlive</key>
+    <true/>
+</dict>
+</plist>
diff --git a/Client/corkscrew b/Client/corkscrew
diff --git a/Client/helper.sh b/Client/helper.sh
@@ -19,7 +19,7 @@
 # helper script performs privileged tasks for BlueSky, does initial client setup
 
 ourHome="/var/bluesky"
-bVer="2.3.1"
+bVer="2.3.2"
 
 if [ -e "$ourHome/.debug" ]; then
   set -x
@@ -85,7 +85,8 @@ fi
 
 # get the version of the OS so we can ensure compatiblity
 osRaw=`sw_vers -productVersion`
-osVersion=`echo "$osRaw" | awk -F . '{ print $2 }'`
+osVersionMajor=`echo "$osRaw" | awk -F . '{ print $1 }'`
+osVersionMinor=`echo "$osRaw" | awk -F . '{ print $2 }'`
 
 #check if user exists and create if necessary
 userCheck=`dscl . -read /Users/bluesky RealName`
@@ -127,6 +128,11 @@ chown -R bluesky "$ourHome"
 #help me help you.  help me... help you.
 dseditgroup -o edit -a bluesky -t user com.apple.access_ssh 2> /dev/null
 systemsetup -setremotelogin on &> /dev/null
+if [ ${osVersionMajor:-10} -eq 10 && ${osVersionMinor} -lt 15 ]; then
+  systemsetup -setremotelogin on &> /dev/null
+else
+  launchctl load -w /System/Library/LaunchDaemons/ssh.plist
+fi
 
 # commenting out on 1.12
 # re-intro when we can test a more reliable method of determining a VNC server
@@ -145,7 +151,7 @@ fi
 
 #GSS API config lines mess up client connections in 10.12+
 gssCheck=`grep -e ^'GSSAPIKeyExchange' -e ^'GSSAPITrustDNS' -e ^'GSSAPIDelegateCredentials' /etc/ssh/ssh_config`
-if [ "$gssCheck" != "" ] && [ ${osVersion:-0} -gt 11 ]; then
+if [ "$gssCheck" != "" ] && ( ([ ${osVersionMajor:-10} -eq 10 ] && [ ${osVersionMinor:-0} -gt 11 ]) || [ ${osVersionMajor:-10} -gt 10 ]); then
   grep -v ^'GSSAPIKeyExchange' /etc/ssh/ssh_config | grep -v ^'GSSAPITrustDNS' | grep -v ^'GSSAPIDelegateCredentials' > /tmp/ssh_config && mv /tmp/ssh_config /etc/ssh/ssh_config
 fi
 
@@ -196,14 +202,20 @@ fi
 
 # if main launchd is not running, let's check perms and start it
 weLaunched=`launchctl list | grep com.solarwindsmsp.bluesky | wc -l`
-if [ ${weLaunched:-0} -lt 2 ]; then
+if [ ${weLaunched:-0} -lt 4 ]; then
   logMe "LaunchDaemons don't appear to be loaded.  Fixing."
   if [ ! -e /Library/LaunchDaemons/com.solarwindsmsp.bluesky.plist ]; then
     cp /var/bluesky/com.solarwindsmsp.bluesky.plist /Library/LaunchDaemons/com.solarwindsmsp.bluesky.plist
   fi
   if [ ! -e /Library/LaunchDaemons/com.solarwindsmsp.bluesky.helper.plist ]; then
     cp /var/bluesky/com.solarwindsmsp.bluesky.helper.plist /Library/LaunchDaemons/com.solarwindsmsp.bluesky.helper.plist
   fi
+  if [ ! -e /Library/LaunchDaemons/com.solarwindsmsp.bluesky.reconnect.plist ]; then
+    cp /var/bluesky/com.solarwindsmsp.bluesky.reconnect.plist /Library/LaunchDaemons/com.solarwindsmsp.bluesky.reconnect.plist
+  fi
+  if [ ! -e /Library/LaunchDaemons/com.solarwindsmsp.bluesky.sleepwatcher.plist ]; then
+    cp /var/bluesky/com.solarwindsmsp.bluesky.sleepwatcher.plist /Library/LaunchDaemons/com.solarwindsmsp.bluesky.sleepwatcher.plist
+  fi
   chmod 644 /Library/LaunchDaemons/com.solarwindsmsp.bluesky.*
   chown root:wheel /Library/LaunchDaemons/com.solarwindsmsp.bluesky.*
   launchctl load -w /Library/LaunchDaemons/com.solarwindsmsp.bluesky.*

diff --git a/Client/reconnect.sh b/Client/reconnect.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# script that reloads bluesky upon network event in hopes of faster reconnection
+
+ourHome="/var/bluesky"
+
+if [ -e "$ourHome/.debug" ]; then
+  set -x
+fi
+
+function logMe {
+  logMsg="$1"
+  logFile="$ourHome/reconnect.txt"
+  if [ ! -e "$logFile" ]; then
+    touch "$logFile"
+  fi
+  dateStamp=`date '+%Y-%m-%d %H:%M:%S'`
+  echo "$dateStamp - $logMsg" >> "$logFile"
+  if [ -e "$ourHome/.debug" ]; then
+    echo "$logMsg"
+  fi
+}
+
+if [ "$1" == "wake" ]; then
+  logMe "System wake detected, Reloading bluesky service..."
+else
+  logMe "Network state change detected, Reloading bluesky service..."
+fi
+sleep 3
+launchctl unload /Library/LaunchDaemons/com.solarwindsmsp.bluesky.plist
+launchctl load -w /Library/LaunchDaemons/com.solarwindsmsp.bluesky.plist
+
+exit 0
diff --git a/Client/sleepwatcher b/Client/sleepwatcher
diff --git a/Dockerfile b/Dockerfile
@@ -9,7 +9,7 @@ ENV IN_DOCKER=1 \
     EMAILALERT=root@localhost \
     LANG=C.UTF-8 \
     LC_ALL=C.UTF-8 \
-    BLUESKY_VERSION=2.3.1
+    BLUESKY_VERSION=2.3.2
 
 RUN apt-get update && \
     apt-get install --no-install-recommends -y apache2 \

diff --git a/Server/server-config.sh b/Server/server-config.sh
@@ -129,6 +129,9 @@ else
   echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config
   echo 'ChallengeResponseAuthentication no' >> /etc/ssh/sshd_config
 fi
+# set shorter tunnel timeouts
+echo 'ClientAliveInterval 10' >> /etc/ssh/sshd_config
+echo 'ClientAliveCountMax 3' >> /etc/ssh/sshd_config
 
 ## setup local firewall
 if [[ -z ${IN_DOCKER} ]]; then