mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-31 18:16:15 +03:00
AMT manager will now clear device credentials if they don't work.
This commit is contained in:
parent
1d81b15d97
commit
7fc98cc804
@ -88,8 +88,6 @@ module.exports.CreateAmtManager = function(parent) {
|
|||||||
if (dev == null) { dev = obj.amtDevices[nodeid]; }
|
if (dev == null) { dev = obj.amtDevices[nodeid]; }
|
||||||
if (dev == null) return;
|
if (dev == null) return;
|
||||||
|
|
||||||
//if (dev.host != '192.168.2.136') return;
|
|
||||||
|
|
||||||
if ((dev.acctry == null) && ((typeof dev.intelamt.user != 'string') || (typeof dev.intelamt.pass != 'string'))) {
|
if ((dev.acctry == null) && ((typeof dev.intelamt.user != 'string') || (typeof dev.intelamt.pass != 'string'))) {
|
||||||
if (obj.amtAdminAccounts.length > 0) { dev.acctry = 0; } else { return; }
|
if (obj.amtAdminAccounts.length > 0) { dev.acctry = 0; } else { return; }
|
||||||
}
|
}
|
||||||
@ -155,6 +153,9 @@ module.exports.CreateAmtManager = function(parent) {
|
|||||||
// Authentication error, see if we can use alternative credentials
|
// Authentication error, see if we can use alternative credentials
|
||||||
if ((dev.acctry == null) && (obj.amtAdminAccounts.length > 0)) { dev.acctry = 0; attemptInitialContact(dev.nodeid, dev); return; }
|
if ((dev.acctry == null) && (obj.amtAdminAccounts.length > 0)) { dev.acctry = 0; attemptInitialContact(dev.nodeid, dev); return; }
|
||||||
if ((dev.acctry != null) && (obj.amtAdminAccounts.length > (dev.acctry + 1))) { dev.acctry++; attemptInitialContact(dev.nodeid, dev); return; }
|
if ((dev.acctry != null) && (obj.amtAdminAccounts.length > (dev.acctry + 1))) { dev.acctry++; attemptInitialContact(dev.nodeid, dev); return; }
|
||||||
|
|
||||||
|
// We are unable to authenticate to this device, clear Intel AMT credentials.
|
||||||
|
ClearDeviceCredentials(dev);
|
||||||
}
|
}
|
||||||
//console.log(dev.nodeid, dev.name, dev.host, status, 'Bad response');
|
//console.log(dev.nodeid, dev.name, dev.host, status, 'Bad response');
|
||||||
removeDevice(dev.nodeid);
|
removeDevice(dev.nodeid);
|
||||||
@ -210,6 +211,42 @@ module.exports.CreateAmtManager = function(parent) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Change the current core information string and event it
|
||||||
|
function ClearDeviceCredentials(dev) {
|
||||||
|
if (obj.amtDevices[dev.nodeid] == null) return; // Device no longer exists, ignore this request.
|
||||||
|
|
||||||
|
// Check that the mesh exists
|
||||||
|
const mesh = parent.webserver.meshes[dev.meshid];
|
||||||
|
if (mesh == null) { removeDevice(dev.nodeid); return; }
|
||||||
|
|
||||||
|
// Get the node and change it if needed
|
||||||
|
parent.db.Get(dev.nodeid, function (err, nodes) {
|
||||||
|
if ((nodes == null) || (nodes.length != 1)) return;
|
||||||
|
const device = nodes[0];
|
||||||
|
var changes = [], change = 0, log = 0;
|
||||||
|
var domain = parent.config.domains[device.domain];
|
||||||
|
if (domain == null) return;
|
||||||
|
|
||||||
|
// Check if anything changes
|
||||||
|
if (device.intelamt == null) return;
|
||||||
|
if (device.intelamt.user != null) { change = 1; log = 1; delete device.intelamt.user; changes.push('AMT user'); }
|
||||||
|
if (device.intelamt.pass != null) { change = 1; log = 1; delete device.intelamt.pass; changes.push('AMT pass'); }
|
||||||
|
|
||||||
|
// If there are changes, event the new device
|
||||||
|
if (change == 1) {
|
||||||
|
// Save to the database
|
||||||
|
parent.db.Set(device);
|
||||||
|
|
||||||
|
// Event the node change
|
||||||
|
var event = { etype: 'node', action: 'changenode', nodeid: device._id, domain: domain.id, node: parent.webserver.CloneSafeNode(device) };
|
||||||
|
if (changes.length > 0) { event.msg = 'Changed device ' + device.name + ' from group ' + mesh.name + ': ' + changes.join(', '); }
|
||||||
|
if ((log == 0) || ((obj.agentInfo) && (obj.agentInfo.capabilities) && (obj.agentInfo.capabilities & 0x20)) || (changes.length == 0)) { event.nolog = 1; } // If this is a temporary device, don't log changes
|
||||||
|
if (parent.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
|
||||||
|
parent.DispatchEvent(parent.webserver.CreateMeshDispatchTargets(device.meshid, [device._id]), obj, event);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
function attemptFetchHardwareInventory(dev) {
|
function attemptFetchHardwareInventory(dev) {
|
||||||
if (obj.amtDevices[dev.nodeid] == null) return false; // Device no longer exists, ignore this request.
|
if (obj.amtDevices[dev.nodeid] == null) return false; // Device no longer exists, ignore this request.
|
||||||
const mesh = parent.webserver.meshes[dev.meshid];
|
const mesh = parent.webserver.meshes[dev.meshid];
|
||||||
|
@ -2777,7 +2777,7 @@
|
|||||||
if (node.intelamt == null) node.intelamt = {};
|
if (node.intelamt == null) node.intelamt = {};
|
||||||
if (message.event.node.intelamt.state != null) { node.intelamt.state = message.event.node.intelamt.state; }
|
if (message.event.node.intelamt.state != null) { node.intelamt.state = message.event.node.intelamt.state; }
|
||||||
if (message.event.node.intelamt.host != null) { node.intelamt.user = message.event.node.intelamt.host; }
|
if (message.event.node.intelamt.host != null) { node.intelamt.user = message.event.node.intelamt.host; }
|
||||||
if (message.event.node.intelamt.user != null) { node.intelamt.user = message.event.node.intelamt.user; }
|
if (message.event.node.intelamt.user != null) { node.intelamt.user = message.event.node.intelamt.user; } else { delete node.intelamt.user; }
|
||||||
if (message.event.node.intelamt.tls != null) { node.intelamt.tls = message.event.node.intelamt.tls; }
|
if (message.event.node.intelamt.tls != null) { node.intelamt.tls = message.event.node.intelamt.tls; }
|
||||||
if (message.event.node.intelamt.ver != null) { node.intelamt.ver = message.event.node.intelamt.ver; }
|
if (message.event.node.intelamt.ver != null) { node.intelamt.ver = message.event.node.intelamt.ver; }
|
||||||
if (message.event.node.intelamt.tag != null) { node.intelamt.tag = message.event.node.intelamt.tag; }
|
if (message.event.node.intelamt.tag != null) { node.intelamt.tag = message.event.node.intelamt.tag; }
|
||||||
|
Loading…
Reference in New Issue
Block a user