diff --git a/agents/MeshCmd-signed.exe b/agents/MeshCmd-signed.exe
index 976b8b65..d8bed848 100644
Binary files a/agents/MeshCmd-signed.exe and b/agents/MeshCmd-signed.exe differ
diff --git a/agents/MeshCmd64-signed.exe b/agents/MeshCmd64-signed.exe
index 5fc70904..01554745 100644
Binary files a/agents/MeshCmd64-signed.exe and b/agents/MeshCmd64-signed.exe differ
diff --git a/agents/meshcmd.js b/agents/meshcmd.js
index 29e01743..aa53eb5f 100644
--- a/agents/meshcmd.js
+++ b/agents/meshcmd.js
@@ -1161,7 +1161,7 @@ function configureAmt2() {
console.log("Unable to get Intel AMT UUID: " + apfarg.clientuuid);
exit(1); return;
} else {
- settings.apftunnel = require('apfclient')({ debug: (settings.debuglevel > 0) }, apfarg);
+ settings.apftunnel = require('amt-apfclient')({ debug: (settings.debuglevel > 0) }, apfarg);
settings.apftunnel.onJsonControl = configureJsonControl;
settings.apftunnel.onChannelClosed = function () { exit(0); }
try {
diff --git a/agents/meshcore.js b/agents/meshcore.js
index cde06193..5c26e491 100644
--- a/agents/meshcore.js
+++ b/agents/meshcore.js
@@ -213,7 +213,7 @@ function createMeshCore(agent) {
if (amt == null) return;
var func = function amtStateFunc(state) { if (state != null) { amtStateFunc.pipe._send({ cmd: 'amtstate', value: state }); } }
func.pipe = this;
- amt.getAmtInfo(func);
+ amt.getMeiState(11, func);
break;
case 'sessions':
this._send({ cmd: 'sessions', sessions: tunnelUserCount });
@@ -408,7 +408,6 @@ function createMeshCore(agent) {
var wifiScannerLib = null;
var wifiScanner = null;
var networkMonitor = null;
- var amtscanner = null;
var nextTunnelIndex = 1;
var apftunnel = null;
var tunnelUserCount = { terminal: {}, files: {}, tcp: {}, udp: {}, msg: {} }; // List of userid->count sessions for terminal, files and TCP/UDP routing
@@ -471,22 +470,6 @@ function createMeshCore(agent) {
mesh.DAIPC = obj.DAIPC;
- /*
- var AMTScanner = require("AMTScanner");
- var scan = new AMTScanner();
-
- scan.on("found", function (data) {
- if (typeof data === 'string') {
- console.log(data);
- } else {
- console.log(JSON.stringify(data, null, " "));
- }
- });
- scan.scan("10.2.55.140", 1000);
- scan.scan("10.2.55.139-10.2.55.145", 1000);
- scan.scan("10.2.55.128/25", 2000);
- */
-
/*
// Try to load up the network monitor
try {
@@ -497,13 +480,6 @@ function createMeshCore(agent) {
} catch (e) { networkMonitor = null; }
*/
- // Try to load up the Intel AMT scanner
- try {
- var AMTScannerModule = require('amt-scanner');
- amtscanner = new AMTScannerModule();
- //amtscanner.on('found', function (data) { if (typeof data != 'string') { data = JSON.stringify(data, null, " "); } sendConsoleText(data); });
- } catch (e) { amtscanner = null; }
-
// Fetch the SMBios Tables
var SMBiosTables = null;
var SMBiosTablesRaw = null;
@@ -547,7 +523,7 @@ function createMeshCore(agent) {
mesh.SendCommand(meshCoreObj);
});
amt.onStateChange = function (state) { if (state == 2) { sendPeriodicServerUpdate(1); } }
- amt.start();
+ amt.reset();
}
}
});
@@ -1086,7 +1062,7 @@ function createMeshCore(agent) {
case 'amtconfig': {
// Perform Intel AMT activation and/or configuration
if ((apftunnel != null) || (amt == null) || (typeof data.user != 'string') || (typeof data.pass != 'string')) break;
- getMeiState(15, function (state) {
+ amt.getMeiState(15, function (state) {
if ((apftunnel != null) || (amt == null)) return;
if ((state == null) || (state.ProvisioningState == null)) return;
if ((state.UUID == null) || (state.UUID.length != 36)) return; // Bad UUID
@@ -1102,10 +1078,10 @@ function createMeshCore(agent) {
meiState: state // MEI state will be passed to MPS server
};
addAmtEvent('LMS tunnel start.');
- apftunnel = require('apfclient')({ debug: false }, apfarg);
+ apftunnel = require('amt-apfclient')({ debug: false }, apfarg);
apftunnel.onJsonControl = function (data) {
if (data.action == 'console') { addAmtEvent(data.msg); } // Add console message to AMT event log
- if (data.action == 'mestate') { getMeiState(15, function (state) { apftunnel.updateMeiState(state); }); } // Update the MEI state
+ if (data.action == 'mestate') { amt.getMeiState(15, function (state) { apftunnel.updateMeiState(state); }); } // Update the MEI state
if (data.action == 'deactivate') { // Request CCM deactivation
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { if (apftunnel) apftunnel.sendMeiDeactivationState(1); return; }
@@ -2614,8 +2590,9 @@ function createMeshCore(agent) {
var response = null;
switch (cmd) {
case 'help': { // Displays available commands
- var fin = '', f = '', availcommands = 'amtconfig,amtevents,coredump,service,fdsnapshot,fdcount,startupoptions,alert,agentsize,versions,help,info,osinfo,args,print,type,dbkeys,dbget,dbset,dbcompact,eval,parseuri,httpget,nwslist,plugin,wsconnect,wssend,wsclose,notify,ls,ps,kill,amt,netinfo,location,power,wakeonlan,setdebug,smbios,rawsmbios,toast,lock,users,sendcaps,openurl,getscript,getclip,setclip,log,av,cpuinfo,sysinfo,apf,scanwifi,scanamt,wallpaper,agentmsg';
+ var fin = '', f = '', availcommands = 'coredump,service,fdsnapshot,fdcount,startupoptions,alert,agentsize,versions,help,info,osinfo,args,print,type,dbkeys,dbget,dbset,dbcompact,eval,parseuri,httpget,nwslist,plugin,wsconnect,wssend,wsclose,notify,ls,ps,kill,netinfo,location,power,wakeonlan,setdebug,smbios,rawsmbios,toast,lock,users,sendcaps,openurl,getscript,getclip,setclip,log,av,cpuinfo,sysinfo,apf,scanwifi,wallpaper,agentmsg';
if (process.platform == 'win32') { availcommands += ',safemode,wpfhwacceleration,uac'; }
+ if (amt != null) { availcommands += ',amt,amtconfig,amtevents'; }
if (process.platform != 'freebsd') { availcommands += ',vm';}
if (require('MeshAgent').maxKvmTileSize != null) { availcommands += ',kvmmode'; }
try { require('zip-reader'); availcommands += ',zip,unzip'; } catch (e) { }
@@ -3431,13 +3408,13 @@ function createMeshCore(agent) {
}
case 'amt': { // Show Intel AMT status
if (amt != null) {
- amt.getAmtInfo(function (state) {
- var resp = 'Intel AMT not detected.';
+ amt.getMeiState(9, function (state) {
+ var resp = "Intel AMT not detected.";
if (state != null) { resp = objToString(state, 0, ' ', true); }
sendConsoleText(resp, sessionid);
});
} else {
- response = 'Intel AMT not detected.';
+ response = "Intel AMT not detected.";
}
break;
}
@@ -3489,32 +3466,6 @@ function createMeshCore(agent) {
} else { response = "Wifi module not present."; }
break;
}
- case 'scanamt': {
- if (amtscanner != null) {
- if (args['_'].length != 1) {
- response = 'Usage examples:\r\n scanamt 1.2.3.4\r\n scanamt 1.2.3.0-1.2.3.255\r\n scanamt 1.2.3.0/24\r\n'; // Display correct command usage
- } else {
- response = 'Scanning: ' + args['_'][0] + '...';
- amtscanner.scan(args['_'][0], 2000, function (data) {
- if (data.length > 0) {
- var r = '', pstates = ['NotActivated', 'InActivation', 'Activated'];
- for (var i in data) {
- var x = data[i];
- if (r != '') { r += '\r\n'; }
- r += x.address + ' - Intel AMT v' + x.majorVersion + '.' + x.minorVersion;
- if (x.provisioningState < 3) { r += (', ' + pstates[x.provisioningState]); }
- if (x.provisioningState == 2) { r += (', ' + x.openPorts.join(', ')); }
- r += '.';
- }
- } else {
- r = 'No Intel AMT found.';
- }
- sendConsoleText(r);
- });
- }
- } else { response = "Intel AMT scanner module not present."; }
- break;
- }
case 'modules': {
response = JSON.stringify(addedModules);
break;
@@ -3570,9 +3521,9 @@ function createMeshCore(agent) {
break;
}
case 'amtconfig': {
+ if (amt == null) { response = "Intel AMT not detected."; break; }
if (apftunnel != null) { response = "Intel AMT server tunnel already active"; break; }
- if (amt == null) { response = "No Intel AMT support delected"; break; }
- getMeiState(15, function (state) {
+ amt.getMeiState(15, function (state) {
var rx = '';
if ((state == null) || (state.ProvisioningState == null)) { rx = "Intel AMT not ready for configuration."; } else {
var apfarg = {
@@ -3590,10 +3541,10 @@ function createMeshCore(agent) {
rx = "Unable to get Intel AMT UUID";
} else {
addAmtEvent('User LMS tunnel start.');
- apftunnel = require('apfclient')({ debug: false }, apfarg);
+ apftunnel = require('amt-apfclient')({ debug: false }, apfarg);
apftunnel.onJsonControl = function (data) {
if (data.action == 'console') { addAmtEvent(data.msg); require('MeshAgent').SendCommand({ action: 'msg', type: 'console', value: data.msg }); } // Display a console message
- if (data.action == 'mestate') { getMeiState(15, function (state) { apftunnel.updateMeiState(state); }); } // Update the MEI state
+ if (data.action == 'mestate') { amt.getMeiState(15, function (state) { apftunnel.updateMeiState(state); }); } // Update the MEI state
if (data.action == 'deactivate') { // Request CCM deactivation
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { apftunnel.sendMeiDeactivationState(1); return; }
@@ -3637,7 +3588,7 @@ function createMeshCore(agent) {
if ((apfarg.clientuuid == null) || (apfarg.clientuuid.length != 36)) {
response = "Unable to get Intel AMT UUID: " + apfarg.clientuuid;
} else {
- apftunnel = require('apfclient')({ debug: false }, apfarg);
+ apftunnel = require('amt-apfclient')({ debug: false }, apfarg);
apftunnel.onJsonControl = function (data) {
if (data.action == 'console') { require('MeshAgent').SendCommand({ action: 'msg', type: 'console', value: data.msg }); }
if (data.action == 'close') { try { apftunnel.disconnect(); } catch (e) { } apftunnel = null; }
@@ -3761,7 +3712,7 @@ function createMeshCore(agent) {
if ((flags & 1) && (amt != null)) {
// If we have a connected MEI, get Intel ME information
- amt.getAmtInfo(function (meinfo) {
+ amt.getMeiState(11, function (meinfo) {
try {
if (meinfo == null) return;
var intelamt = {};
@@ -3871,44 +3822,6 @@ function createMeshCore(agent) {
s.data = onWebSocketData;
}
- // Get Intel MEI State in a flexible way
- // Flags: 1 = Versions, 2 = OsAdmin, 4 = Hashes, 8 = Network
- function getMeiState(flags, func) {
- var amtMeiModule, amtMei;
- try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { func(null); return; }
- amtMei.on('error', function (e) { func(null); return; });
- try {
- var amtMeiTmpState = { OsHostname: require('os').hostname(), Flags: 0 }; // Flags: 1=EHBC, 2=CCM, 4=ACM
- amtMei.getProtocolVersion(function (result) { if (result != null) { amtMeiTmpState.MeiVersion = result; } });
- if ((flags & 1) != 0) { amtMei.getVersion(function (result) { if (result) { amtMeiTmpState.Versions = {}; for (var version in result.Versions) { amtMeiTmpState.Versions[result.Versions[version].Description] = result.Versions[version].Version; } } }); }
- amtMei.getProvisioningMode(function (result) { if (result) { amtMeiTmpState.ProvisioningMode = result.mode; } });
- amtMei.getProvisioningState(function (result) { if (result) { amtMeiTmpState.ProvisioningState = result.state; } }); // 0: "Not Activated (Pre)", 1: "Not Activated (In)", 2: "Activated"
- amtMei.getEHBCState(function (result) { if ((result != null) && (result.EHBC == true)) { amtMeiTmpState.Flags += 1; } });
- amtMei.getControlMode(function (result) { if (result != null) { if (result.controlMode == 1) { amtMeiTmpState.Flags += 2; } if (result.controlMode == 2) { amtMeiTmpState.Flags += 4; } } }); // Flag 2 = CCM, 4 = ACM
- //amtMei.getMACAddresses(function (result) { if (result) { amtMeiTmpState.mac = result; } });
- if ((flags & 8) != 0) {
- amtMei.getLanInterfaceSettings(0, function (result) {
- if (result) {
- amtMeiTmpState.net0 = result;
- var fqdn = null, interfaces = require('os').networkInterfaces(); // Look for the DNS suffix for the Intel AMT Ethernet interface
- for (var i in interfaces) { for (var j in interfaces[i]) { if ((interfaces[i][j].mac == result.mac) && (interfaces[i][j].fqdn != null) && (interfaces[i][j].fqdn != '')) { amtMeiTmpState.OsDnsSuffix = interfaces[i][j].fqdn; } } }
- }
- });
- amtMei.getLanInterfaceSettings(1, function (result) { if (result) { amtMeiTmpState.net1 = result; } });
- }
- amtMei.getUuid(function (result) { if ((result != null) && (result.uuid != null)) { amtMeiTmpState.UUID = result.uuid; } });
- if ((flags & 2) != 0) { amtMei.getLocalSystemAccount(function (x) { if ((x != null) && x.user && x.pass) { amtMeiTmpState.OsAdmin = { user: x.user, pass: x.pass }; } }); }
- amtMei.getDnsSuffix(function (result) { if (result != null) { amtMeiTmpState.DnsSuffix = result; } if ((flags & 4) == 0) { if (func != null) { func(amtMeiTmpState); } } });
- if ((flags & 4) != 0) {
- amtMei.getHashHandles(function (handles) {
- if ((handles != null) && (handles.length > 0)) { amtMeiTmpState.Hashes = []; } else { func(amtMeiTmpState); }
- var exitOnCount = handles.length;
- for (var i = 0; i < handles.length; ++i) { this.getCertHashEntry(handles[i], function (hashresult) { amtMeiTmpState.Hashes.push(hashresult); if (--exitOnCount == 0) { if (func != null) { func(amtMeiTmpState); } } }); }
- });
- }
- } catch (e) { if (func != null) { func(null); } return; }
- }
-
return obj;
}
diff --git a/agents/modules_meshcmd/apfclient.js b/agents/modules_meshcmd/amt-apfclient.js
similarity index 100%
rename from agents/modules_meshcmd/apfclient.js
rename to agents/modules_meshcmd/amt-apfclient.js
diff --git a/agents/modules_meshcore/apfclient.js b/agents/modules_meshcore/amt-apfclient.js
similarity index 97%
rename from agents/modules_meshcore/apfclient.js
rename to agents/modules_meshcore/amt-apfclient.js
index aa073c9f..250d2563 100644
--- a/agents/modules_meshcore/apfclient.js
+++ b/agents/modules_meshcore/amt-apfclient.js
@@ -1,457 +1,457 @@
-/*
-Copyright 2018-2020 Intel Corporation
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/**
-* @description APF/CIRA Client for Duktape
-* @author Joko Sastriawan & Ylian Saint-Hilaire
-* @copyright Intel Corporation 2020
-* @license Apache-2.0
-* @version v0.0.2
-*/
-
-function CreateAPFClient(parent, args) {
- if ((args.clientuuid == null) || (args.clientuuid.length != 36)) return null; // Require a UUID if this exact length
-
- var obj = {};
- obj.parent = parent;
- obj.args = args;
- obj.http = require('http');
- obj.net = require('net');
- obj.forwardClient = null;
- obj.downlinks = {};
- obj.pfwd_idx = 0;
- obj.timer = null; // Keep alive timer
-
- // obj.onChannelClosed
- // obj.onJsonControl
-
- // Function copied from common.js
- function ReadInt(v, p) { return (v.charCodeAt(p) * 0x1000000) + (v.charCodeAt(p + 1) << 16) + (v.charCodeAt(p + 2) << 8) + v.charCodeAt(p + 3); }; // We use "*0x1000000" instead of "<<24" because the shift converts the number to signed int32.
- function IntToStr(v) { return String.fromCharCode((v >> 24) & 0xFF, (v >> 16) & 0xFF, (v >> 8) & 0xFF, v & 0xFF); };
- function hex2rstr(d) { var r = '', m = ('' + d).match(/../g), t; while (t = m.shift()) { r += String.fromCharCode('0x' + t); } return r; };
- function char2hex(i) { return (i + 0x100).toString(16).substr(-2).toUpperCase(); }; // Convert decimal to hex
- function rstr2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += char2hex(input.charCodeAt(i)); } return r; }; // Convert a raw string to a hex string
- function d2h(d) { return (d / 256 + 1 / 512).toString(16).substring(2, 4); }
- function buf2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += d2h(input[i]); } return r; };
- function Debug(str) { if (obj.parent.debug) { console.log(str); } }
- function guidToStr(g) { return g.substring(6, 8) + g.substring(4, 6) + g.substring(2, 4) + g.substring(0, 2) + "-" + g.substring(10, 12) + g.substring(8, 10) + "-" + g.substring(14, 16) + g.substring(12, 14) + "-" + g.substring(16, 20) + "-" + g.substring(20); }
- function strToGuid(s) { s = s.replace(/-/g, ''); var ret = s.substring(6, 8) + s.substring(4, 6) + s.substring(2, 4) + s.substring(0, 2) + s.substring(10, 12) + s.substring(8, 10) + s.substring(14, 16) + s.substring(12, 14) + s.substring(16, 20) + s.substring(20); return ret; }
- function binzerostring(len) { var res = ''; for (var l = 0; l < len; l++) { res += String.fromCharCode(0 & 0xFF); } return res; }
-
- // CIRA state
- var CIRASTATE = {
- INITIAL: 0,
- PROTOCOL_VERSION_SENT: 1,
- AUTH_SERVICE_REQUEST_SENT: 2,
- AUTH_REQUEST_SENT: 3,
- PFWD_SERVICE_REQUEST_SENT: 4,
- GLOBAL_REQUEST_SENT: 5,
- FAILED: -1
- }
- obj.cirastate = CIRASTATE.INITIAL;
-
- // REDIR state
- var REDIR_TYPE = {
- REDIR_UNKNOWN: 0,
- REDIR_SOL: 1,
- REDIR_KVM: 2,
- REDIR_IDER: 3
- }
-
- // redirection start command
- obj.RedirectStartSol = String.fromCharCode(0x10, 0x00, 0x00, 0x00, 0x53, 0x4F, 0x4C, 0x20);
- obj.RedirectStartKvm = String.fromCharCode(0x10, 0x01, 0x00, 0x00, 0x4b, 0x56, 0x4d, 0x52);
- obj.RedirectStartIder = String.fromCharCode(0x10, 0x00, 0x00, 0x00, 0x49, 0x44, 0x45, 0x52);
-
- // Intel AMT forwarded port list for non-TLS mode
- //var pfwd_ports = [16992, 623, 16994, 5900];
- var pfwd_ports = [ 16992, 16993 ];
-
- // protocol definitions
- var APFProtocol = {
- UNKNOWN: 0,
- DISCONNECT: 1,
- SERVICE_REQUEST: 5,
- SERVICE_ACCEPT: 6,
- USERAUTH_REQUEST: 50,
- USERAUTH_FAILURE: 51,
- USERAUTH_SUCCESS: 52,
- GLOBAL_REQUEST: 80,
- REQUEST_SUCCESS: 81,
- REQUEST_FAILURE: 82,
- CHANNEL_OPEN: 90,
- CHANNEL_OPEN_CONFIRMATION: 91,
- CHANNEL_OPEN_FAILURE: 92,
- CHANNEL_WINDOW_ADJUST: 93,
- CHANNEL_DATA: 94,
- CHANNEL_CLOSE: 97,
- PROTOCOLVERSION: 192,
- KEEPALIVE_REQUEST: 208,
- KEEPALIVE_REPLY: 209,
- KEEPALIVE_OPTIONS_REQUEST: 210,
- KEEPALIVE_OPTIONS_REPLY: 211,
- JSON_CONTROL: 250 // This is a Mesh specific command that sends JSON to and from the MPS server.
- }
-
- var APFDisconnectCode = {
- HOST_NOT_ALLOWED_TO_CONNECT: 1,
- PROTOCOL_ERROR: 2,
- KEY_EXCHANGE_FAILED: 3,
- RESERVED: 4,
- MAC_ERROR: 5,
- COMPRESSION_ERROR: 6,
- SERVICE_NOT_AVAILABLE: 7,
- PROTOCOL_VERSION_NOT_SUPPORTED: 8,
- HOST_KEY_NOT_VERIFIABLE: 9,
- CONNECTION_LOST: 10,
- BY_APPLICATION: 11,
- TOO_MANY_CONNECTIONS: 12,
- AUTH_CANCELLED_BY_USER: 13,
- NO_MORE_AUTH_METHODS_AVAILABLE: 14,
- INVALID_CREDENTIALS: 15,
- CONNECTION_TIMED_OUT: 16,
- BY_POLICY: 17,
- TEMPORARILY_UNAVAILABLE: 18
- }
-
- var APFChannelOpenFailCodes = {
- ADMINISTRATIVELY_PROHIBITED: 1,
- CONNECT_FAILED: 2,
- UNKNOWN_CHANNEL_TYPE: 3,
- RESOURCE_SHORTAGE: 4,
- }
-
- var APFChannelOpenFailureReasonCode = {
- AdministrativelyProhibited: 1,
- ConnectFailed: 2,
- UnknownChannelType: 3,
- ResourceShortage: 4,
- }
-
- obj.onSecureConnect = function onSecureConnect(resp, ws, head) {
- Debug("APF Secure WebSocket connected.");
- //console.log(JSON.stringify(resp));
- obj.forwardClient.tag = { accumulator: [] };
- obj.forwardClient.ws = ws;
- obj.forwardClient.ws.on('end', function () {
- Debug("APF: Connection is closing.");
- if (obj.timer != null) { clearInterval(obj.timer); obj.timer = null; }
- if (obj.onChannelClosed) { obj.onChannelClosed(obj); }
- });
-
- obj.forwardClient.ws.on('data', function (data) {
- obj.forwardClient.tag.accumulator += hex2rstr(buf2hex(data));
- try {
- var len = 0;
- do {
- len = ProcessData(obj.forwardClient);
- if (len > 0) { obj.forwardClient.tag.accumulator = obj.forwardClient.tag.accumulator.slice(len); }
- if (obj.cirastate == CIRASTATE.FAILED) {
- Debug("APF: in a failed state, destroying socket.");
- obj.forwardClient.ws.end();
- }
- } while (len > 0);
- } catch (ex) { Debug(ex); }
- });
-
- obj.forwardClient.ws.on('error', function (e) {
- Debug("APF: Connection error, ending connecting.");
- if (obj.timer != null) { clearInterval(obj.timer); obj.timer = null; }
- });
-
- obj.state = CIRASTATE.INITIAL;
- if ((typeof obj.args.conntype == 'number') && (obj.args.conntype != 0)) {
- SendJsonControl(obj.forwardClient.ws, { action: 'connType', value: obj.args.conntype });
- if (obj.args.meiState != null) { SendJsonControl(obj.forwardClient.ws, { action: 'meiState', value: obj.args.meiState }); }
- }
- SendProtocolVersion(obj.forwardClient.ws, obj.args.clientuuid);
- SendServiceRequest(obj.forwardClient.ws, 'auth@amt.intel.com');
- }
-
- obj.updateMeiState = function (state) { SendJsonControl(obj.forwardClient.ws, { action: 'meiState', value: state }); }
- obj.sendMeiDeactivationState = function (state) { SendJsonControl(obj.forwardClient.ws, { action: 'deactivate', value: state }); }
-
- function SendJsonControl(socket, o) {
- var data = JSON.stringify(o)
- socket.write(String.fromCharCode(APFProtocol.JSON_CONTROL) + IntToStr(data.length) + data);
- Debug("APF: Send JSON control: " + data);
- }
-
- function SendProtocolVersion(socket, uuid) {
- var data = String.fromCharCode(APFProtocol.PROTOCOLVERSION) + IntToStr(1) + IntToStr(0) + IntToStr(0) + hex2rstr(strToGuid(uuid)) + binzerostring(64);
- socket.write(data);
- Debug("APF: Send protocol version 1 0 " + uuid);
- obj.cirastate = CIRASTATE.PROTOCOL_VERSION_SENT;
- }
-
- function SendServiceRequest(socket, service) {
- var data = String.fromCharCode(APFProtocol.SERVICE_REQUEST) + IntToStr(service.length) + service;
- socket.write(data);
- Debug("APF: Send service request " + service);
- if (service == 'auth@amt.intel.com') {
- obj.cirastate = CIRASTATE.AUTH_SERVICE_REQUEST_SENT;
- } else if (service == 'pfwd@amt.intel.com') {
- obj.cirastate = CIRASTATE.PFWD_SERVICE_REQUEST_SENT;
- }
- }
-
- function SendUserAuthRequest(socket, user, pass) {
- var service = "pfwd@amt.intel.com";
- var data = String.fromCharCode(APFProtocol.USERAUTH_REQUEST) + IntToStr(user.length) + user + IntToStr(service.length) + service;
- //password auth
- data += IntToStr(8) + 'password';
- data += binzerostring(1) + IntToStr(pass.length) + pass;
- socket.write(data);
- Debug("APF: Send username password authentication to MPS");
- obj.cirastate = CIRASTATE.AUTH_REQUEST_SENT;
- }
-
- function SendGlobalRequestPfwd(socket, amthostname, amtport) {
- var tcpipfwd = 'tcpip-forward';
- var data = String.fromCharCode(APFProtocol.GLOBAL_REQUEST) + IntToStr(tcpipfwd.length) + tcpipfwd + binzerostring(1, 1);
- data += IntToStr(amthostname.length) + amthostname + IntToStr(amtport);
- socket.write(data);
- Debug("APF: Send tcpip-forward " + amthostname + ":" + amtport);
- obj.cirastate = CIRASTATE.GLOBAL_REQUEST_SENT;
- }
-
- function SendKeepAliveRequest(socket) {
- socket.write(String.fromCharCode(APFProtocol.KEEPALIVE_REQUEST) + IntToStr(255));
- Debug("APF: Send keepalive request");
- }
-
- function SendKeepAliveReply(socket, cookie) {
- socket.write(String.fromCharCode(APFProtocol.KEEPALIVE_REPLY) + IntToStr(cookie));
- Debug("APF: Send keepalive reply");
- }
-
- function ProcessData(socket) {
- var cmd = socket.tag.accumulator.charCodeAt(0);
- var len = socket.tag.accumulator.length;
- var data = socket.tag.accumulator;
- if (len == 0) { return 0; }
-
- // Respond to MPS according to obj.cirastate
- switch (cmd) {
- case APFProtocol.SERVICE_ACCEPT: {
- var slen = ReadInt(data, 1), service = data.substring(5, 6 + slen);
- Debug("APF: Service request to " + service + " accepted.");
- if (service == 'auth@amt.intel.com') {
- if (obj.cirastate >= CIRASTATE.AUTH_SERVICE_REQUEST_SENT) {
- SendUserAuthRequest(socket.ws, obj.args.mpsuser, obj.args.mpspass);
- }
- } else if (service == 'pfwd@amt.intel.com') {
- if (obj.cirastate >= CIRASTATE.PFWD_SERVICE_REQUEST_SENT) {
- SendGlobalRequestPfwd(socket.ws, obj.args.clientname, pfwd_ports[obj.pfwd_idx++]);
- }
- }
- return 5 + slen;
- }
- case APFProtocol.REQUEST_SUCCESS: {
- if (len >= 5) {
- var port = ReadInt(data, 1);
- Debug("APF: Request to port forward " + port + " successful.");
- // iterate to pending port forward request
- if (obj.pfwd_idx < pfwd_ports.length) {
- SendGlobalRequestPfwd(socket.ws, obj.args.clientname, pfwd_ports[obj.pfwd_idx++]);
- } else {
- // no more port forward, now setup timer to send keep alive
- Debug("APF: Start keep alive for every " + obj.args.mpskeepalive + " ms.");
- obj.timer = setInterval(function () {
- SendKeepAliveRequest(obj.forwardClient.ws);
- }, obj.args.mpskeepalive);//
- }
- return 5;
- }
- Debug("APF: Request successful.");
- return 1;
- }
- case APFProtocol.USERAUTH_SUCCESS: {
- Debug("APF: User Authentication successful");
- // Send Pfwd service request
- SendServiceRequest(socket.ws, 'pfwd@amt.intel.com');
- return 1;
- }
- case APFProtocol.USERAUTH_FAILURE: {
- Debug("APF: User Authentication failed");
- obj.cirastate = CIRASTATE.FAILED;
- return 14;
- }
- case APFProtocol.KEEPALIVE_REQUEST: {
- Debug("APF: Keep Alive Request with cookie: " + ReadInt(data, 1));
- SendKeepAliveReply(socket.ws, ReadInt(data, 1));
- return 5;
- }
- case APFProtocol.KEEPALIVE_REPLY: {
- Debug("APF: Keep Alive Reply with cookie: " + ReadInt(data, 1));
- return 5;
- }
- // Channel management
- case APFProtocol.CHANNEL_OPEN: {
- // Parse CHANNEL OPEN request
- var p_res = parseChannelOpen(data);
- Debug("APF: CHANNEL_OPEN request: " + JSON.stringify(p_res));
- // Check if target port is in pfwd_ports
- if (pfwd_ports.indexOf(p_res.target_port) >= 0) {
- // Connect socket to that port
- var chan = obj.net.createConnection({ host: obj.args.clientaddress, port: p_res.target_port }, function () {
- //require('MeshAgent').SendCommand({ action: 'msg', type: 'console', value: "CHANNEL_OPEN-open" });
- // obj.downlinks[p_res.sender_chan].setEncoding('binary');//assume everything is binary, not interpreting
- SendChannelOpenConfirm(socket.ws, p_res);
- });
-
- // Setup flow control
- chan.maxInWindow = p_res.window_size; // Oddly, we are using the same window size as the other side.
- chan.curInWindow = 0;
-
- chan.on('data', function (ddata) {
- // Relay data to fordwardclient
- // TODO: Implement flow control
- SendChannelData(socket.ws, p_res.sender_chan, ddata);
- });
-
- chan.on('error', function (e) {
- //Debug("Downlink connection error: " + e);
- SendChannelOpenFailure(socket.ws, p_res);
- });
-
- chan.on('end', function () {
- var chan = obj.downlinks[p_res.sender_chan];
- if (chan != null) {
- Debug("Socket ends.");
- try { SendChannelClose(socket.ws, p_res.sender_chan); } catch (ex) { }
- delete obj.downlinks[p_res.sender_chan];
- }
- });
-
- obj.downlinks[p_res.sender_chan] = chan;
- } else {
- // Not a supported port, fail the connection
- SendChannelOpenFailure(socket.ws, p_res);
- }
- return p_res.len;
- }
- case APFProtocol.CHANNEL_OPEN_CONFIRMATION: {
- Debug("APF: CHANNEL_OPEN_CONFIRMATION");
- return 17;
- }
- case APFProtocol.CHANNEL_CLOSE: {
- var rcpt_chan = ReadInt(data, 1);
- Debug("APF: CHANNEL_CLOSE: " + rcpt_chan);
- try { obj.downlinks[rcpt_chan].end(); } catch (ex) { }
- return 5;
- }
- case APFProtocol.CHANNEL_DATA: {
- Debug("APF: CHANNEL_DATA: " + JSON.stringify(rstr2hex(data)));
- var rcpt_chan = ReadInt(data, 1);
- var chan_data_len = ReadInt(data, 5);
- var chan_data = data.substring(9, 9 + chan_data_len);
- var chan = obj.downlinks[rcpt_chan];
- if (chan != null) {
- chan.curInWindow += chan_data_len;
- try {
- chan.write(Buffer.from(chan_data, 'binary'), function () {
- Debug("Write completed.");
- // If the incoming window is over half used, send an adjust.
- if (this.curInWindow > (this.maxInWindow / 2)) { SendChannelWindowAdjust(socket.ws, rcpt_chan, this.curInWindow); this.curInWindow = 0; }
- });
- } catch (ex) { Debug("Cannot forward data to downlink socket."); }
- }
- return 9 + chan_data_len;
- }
- case APFProtocol.CHANNEL_WINDOW_ADJUST: {
- Debug("APF: CHANNEL_WINDOW_ADJUST");
- return 9;
- }
- case APFProtocol.JSON_CONTROL: {
- Debug("APF: JSON_CONTROL");
- var len = ReadInt(data, 1);
- if (obj.onJsonControl) { var o = null; try { o = JSON.parse(data.substring(5, 5 + len)); } catch (ex) { } if (o != null) { obj.onJsonControl(o); } }
- return 5 + len;
- }
- default: {
- Debug("CMD: " + cmd + " is not implemented.");
- obj.cirastate = CIRASTATE.FAILED;
- return 0;
- }
- }
- }
-
- function parseChannelOpen(data) {
- var result = { cmd: APFProtocol.CHANNEL_OPEN };
- var chan_type_slen = ReadInt(data, 1);
- result.chan_type = data.substring(5, 5 + chan_type_slen);
- result.sender_chan = ReadInt(data, 5 + chan_type_slen);
- result.window_size = ReadInt(data, 9 + chan_type_slen);
- var c_len = ReadInt(data, 17 + chan_type_slen);
- result.target_address = data.substring(21 + chan_type_slen, 21 + chan_type_slen + c_len);
- result.target_port = ReadInt(data, 21 + chan_type_slen + c_len);
- var o_len = ReadInt(data, 25 + chan_type_slen + c_len);
- result.origin_address = data.substring(29 + chan_type_slen + c_len, 29 + chan_type_slen + c_len + o_len);
- result.origin_port = ReadInt(data, 29 + chan_type_slen + c_len + o_len);
- result.len = 33 + chan_type_slen + c_len + o_len;
- return result;
- }
-
- function SendChannelOpenFailure(socket, chan_data) {
- socket.write(String.fromCharCode(APFProtocol.CHANNEL_OPEN_FAILURE) + IntToStr(chan_data.sender_chan) + IntToStr(2) + IntToStr(0) + IntToStr(0));
- Debug("APF: Send ChannelOpenFailure");
- }
-
- function SendChannelOpenConfirm(socket, chan_data) {
- socket.write(String.fromCharCode(APFProtocol.CHANNEL_OPEN_CONFIRMATION) + IntToStr(chan_data.sender_chan) + IntToStr(chan_data.sender_chan) + IntToStr(chan_data.window_size) + IntToStr(0xFFFFFFFF));
- Debug("APF: Send ChannelOpenConfirmation");
- }
-
- function SendChannelWindowAdjust(socket, chan, size) {
- socket.write(String.fromCharCode(APFProtocol.CHANNEL_WINDOW_ADJUST) + IntToStr(chan) + IntToStr(size));
- Debug("APF: Send ChannelWindowAdjust, channel: " + chan + ", size: " + size);
- }
-
- function SendChannelData(socket, chan, data) {
- socket.write(Buffer.concat([Buffer.from(String.fromCharCode(APFProtocol.CHANNEL_DATA) + IntToStr(chan) + IntToStr(data.length), 'binary'), data]));
- Debug("APF: Send ChannelData: " + data.toString('hex'));
- }
-
- function SendChannelClose(socket, chan) {
- socket.write(String.fromCharCode(APFProtocol.CHANNEL_CLOSE) + IntToStr(chan));
- Debug("APF: Send ChannelClose ");
- }
-
- obj.connect = function () {
- if (obj.forwardClient != null) {
- try { obj.forwardClient.ws.end(); } catch (ex) { Debug(ex); }
- //obj.forwardClient = null;
- }
- obj.cirastate = CIRASTATE.INITIAL;
- obj.pfwd_idx = 0;
-
- //obj.forwardClient = new obj.ws(obj.args.mpsurl, obj.tlsoptions);
- //obj.forwardClient.on("open", obj.onSecureConnect);
-
- var wsoptions = obj.http.parseUri(obj.args.mpsurl);
- wsoptions.rejectUnauthorized = 0;
- obj.forwardClient = obj.http.request(wsoptions);
- obj.forwardClient.upgrade = obj.onSecureConnect;
- obj.forwardClient.end(); // end request, trigger completion of HTTP request
- }
-
- obj.disconnect = function () { try { obj.forwardClient.ws.end(); } catch (ex) { Debug(ex); } }
-
- return obj;
-}
-
+/*
+Copyright 2018-2020 Intel Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+/**
+* @description APF/CIRA Client for Duktape
+* @author Joko Sastriawan & Ylian Saint-Hilaire
+* @copyright Intel Corporation 2020
+* @license Apache-2.0
+* @version v0.0.2
+*/
+
+function CreateAPFClient(parent, args) {
+ if ((args.clientuuid == null) || (args.clientuuid.length != 36)) return null; // Require a UUID if this exact length
+
+ var obj = {};
+ obj.parent = parent;
+ obj.args = args;
+ obj.http = require('http');
+ obj.net = require('net');
+ obj.forwardClient = null;
+ obj.downlinks = {};
+ obj.pfwd_idx = 0;
+ obj.timer = null; // Keep alive timer
+
+ // obj.onChannelClosed
+ // obj.onJsonControl
+
+ // Function copied from common.js
+ function ReadInt(v, p) { return (v.charCodeAt(p) * 0x1000000) + (v.charCodeAt(p + 1) << 16) + (v.charCodeAt(p + 2) << 8) + v.charCodeAt(p + 3); }; // We use "*0x1000000" instead of "<<24" because the shift converts the number to signed int32.
+ function IntToStr(v) { return String.fromCharCode((v >> 24) & 0xFF, (v >> 16) & 0xFF, (v >> 8) & 0xFF, v & 0xFF); };
+ function hex2rstr(d) { var r = '', m = ('' + d).match(/../g), t; while (t = m.shift()) { r += String.fromCharCode('0x' + t); } return r; };
+ function char2hex(i) { return (i + 0x100).toString(16).substr(-2).toUpperCase(); }; // Convert decimal to hex
+ function rstr2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += char2hex(input.charCodeAt(i)); } return r; }; // Convert a raw string to a hex string
+ function d2h(d) { return (d / 256 + 1 / 512).toString(16).substring(2, 4); }
+ function buf2hex(input) { var r = '', i; for (i = 0; i < input.length; i++) { r += d2h(input[i]); } return r; };
+ function Debug(str) { if (obj.parent.debug) { console.log(str); } }
+ function guidToStr(g) { return g.substring(6, 8) + g.substring(4, 6) + g.substring(2, 4) + g.substring(0, 2) + "-" + g.substring(10, 12) + g.substring(8, 10) + "-" + g.substring(14, 16) + g.substring(12, 14) + "-" + g.substring(16, 20) + "-" + g.substring(20); }
+ function strToGuid(s) { s = s.replace(/-/g, ''); var ret = s.substring(6, 8) + s.substring(4, 6) + s.substring(2, 4) + s.substring(0, 2) + s.substring(10, 12) + s.substring(8, 10) + s.substring(14, 16) + s.substring(12, 14) + s.substring(16, 20) + s.substring(20); return ret; }
+ function binzerostring(len) { var res = ''; for (var l = 0; l < len; l++) { res += String.fromCharCode(0 & 0xFF); } return res; }
+
+ // CIRA state
+ var CIRASTATE = {
+ INITIAL: 0,
+ PROTOCOL_VERSION_SENT: 1,
+ AUTH_SERVICE_REQUEST_SENT: 2,
+ AUTH_REQUEST_SENT: 3,
+ PFWD_SERVICE_REQUEST_SENT: 4,
+ GLOBAL_REQUEST_SENT: 5,
+ FAILED: -1
+ }
+ obj.cirastate = CIRASTATE.INITIAL;
+
+ // REDIR state
+ var REDIR_TYPE = {
+ REDIR_UNKNOWN: 0,
+ REDIR_SOL: 1,
+ REDIR_KVM: 2,
+ REDIR_IDER: 3
+ }
+
+ // redirection start command
+ obj.RedirectStartSol = String.fromCharCode(0x10, 0x00, 0x00, 0x00, 0x53, 0x4F, 0x4C, 0x20);
+ obj.RedirectStartKvm = String.fromCharCode(0x10, 0x01, 0x00, 0x00, 0x4b, 0x56, 0x4d, 0x52);
+ obj.RedirectStartIder = String.fromCharCode(0x10, 0x00, 0x00, 0x00, 0x49, 0x44, 0x45, 0x52);
+
+ // Intel AMT forwarded port list for non-TLS mode
+ //var pfwd_ports = [16992, 623, 16994, 5900];
+ var pfwd_ports = [ 16992, 16993 ];
+
+ // protocol definitions
+ var APFProtocol = {
+ UNKNOWN: 0,
+ DISCONNECT: 1,
+ SERVICE_REQUEST: 5,
+ SERVICE_ACCEPT: 6,
+ USERAUTH_REQUEST: 50,
+ USERAUTH_FAILURE: 51,
+ USERAUTH_SUCCESS: 52,
+ GLOBAL_REQUEST: 80,
+ REQUEST_SUCCESS: 81,
+ REQUEST_FAILURE: 82,
+ CHANNEL_OPEN: 90,
+ CHANNEL_OPEN_CONFIRMATION: 91,
+ CHANNEL_OPEN_FAILURE: 92,
+ CHANNEL_WINDOW_ADJUST: 93,
+ CHANNEL_DATA: 94,
+ CHANNEL_CLOSE: 97,
+ PROTOCOLVERSION: 192,
+ KEEPALIVE_REQUEST: 208,
+ KEEPALIVE_REPLY: 209,
+ KEEPALIVE_OPTIONS_REQUEST: 210,
+ KEEPALIVE_OPTIONS_REPLY: 211,
+ JSON_CONTROL: 250 // This is a Mesh specific command that sends JSON to and from the MPS server.
+ }
+
+ var APFDisconnectCode = {
+ HOST_NOT_ALLOWED_TO_CONNECT: 1,
+ PROTOCOL_ERROR: 2,
+ KEY_EXCHANGE_FAILED: 3,
+ RESERVED: 4,
+ MAC_ERROR: 5,
+ COMPRESSION_ERROR: 6,
+ SERVICE_NOT_AVAILABLE: 7,
+ PROTOCOL_VERSION_NOT_SUPPORTED: 8,
+ HOST_KEY_NOT_VERIFIABLE: 9,
+ CONNECTION_LOST: 10,
+ BY_APPLICATION: 11,
+ TOO_MANY_CONNECTIONS: 12,
+ AUTH_CANCELLED_BY_USER: 13,
+ NO_MORE_AUTH_METHODS_AVAILABLE: 14,
+ INVALID_CREDENTIALS: 15,
+ CONNECTION_TIMED_OUT: 16,
+ BY_POLICY: 17,
+ TEMPORARILY_UNAVAILABLE: 18
+ }
+
+ var APFChannelOpenFailCodes = {
+ ADMINISTRATIVELY_PROHIBITED: 1,
+ CONNECT_FAILED: 2,
+ UNKNOWN_CHANNEL_TYPE: 3,
+ RESOURCE_SHORTAGE: 4,
+ }
+
+ var APFChannelOpenFailureReasonCode = {
+ AdministrativelyProhibited: 1,
+ ConnectFailed: 2,
+ UnknownChannelType: 3,
+ ResourceShortage: 4,
+ }
+
+ obj.onSecureConnect = function onSecureConnect(resp, ws, head) {
+ Debug("APF Secure WebSocket connected.");
+ //console.log(JSON.stringify(resp));
+ obj.forwardClient.tag = { accumulator: [] };
+ obj.forwardClient.ws = ws;
+ obj.forwardClient.ws.on('end', function () {
+ Debug("APF: Connection is closing.");
+ if (obj.timer != null) { clearInterval(obj.timer); obj.timer = null; }
+ if (obj.onChannelClosed) { obj.onChannelClosed(obj); }
+ });
+
+ obj.forwardClient.ws.on('data', function (data) {
+ obj.forwardClient.tag.accumulator += hex2rstr(buf2hex(data));
+ try {
+ var len = 0;
+ do {
+ len = ProcessData(obj.forwardClient);
+ if (len > 0) { obj.forwardClient.tag.accumulator = obj.forwardClient.tag.accumulator.slice(len); }
+ if (obj.cirastate == CIRASTATE.FAILED) {
+ Debug("APF: in a failed state, destroying socket.");
+ obj.forwardClient.ws.end();
+ }
+ } while (len > 0);
+ } catch (ex) { Debug(ex); }
+ });
+
+ obj.forwardClient.ws.on('error', function (e) {
+ Debug("APF: Connection error, ending connecting.");
+ if (obj.timer != null) { clearInterval(obj.timer); obj.timer = null; }
+ });
+
+ obj.state = CIRASTATE.INITIAL;
+ if ((typeof obj.args.conntype == 'number') && (obj.args.conntype != 0)) {
+ SendJsonControl(obj.forwardClient.ws, { action: 'connType', value: obj.args.conntype });
+ if (obj.args.meiState != null) { SendJsonControl(obj.forwardClient.ws, { action: 'meiState', value: obj.args.meiState }); }
+ }
+ SendProtocolVersion(obj.forwardClient.ws, obj.args.clientuuid);
+ SendServiceRequest(obj.forwardClient.ws, 'auth@amt.intel.com');
+ }
+
+ obj.updateMeiState = function (state) { SendJsonControl(obj.forwardClient.ws, { action: 'meiState', value: state }); }
+ obj.sendMeiDeactivationState = function (state) { SendJsonControl(obj.forwardClient.ws, { action: 'deactivate', value: state }); }
+
+ function SendJsonControl(socket, o) {
+ var data = JSON.stringify(o)
+ socket.write(String.fromCharCode(APFProtocol.JSON_CONTROL) + IntToStr(data.length) + data);
+ Debug("APF: Send JSON control: " + data);
+ }
+
+ function SendProtocolVersion(socket, uuid) {
+ var data = String.fromCharCode(APFProtocol.PROTOCOLVERSION) + IntToStr(1) + IntToStr(0) + IntToStr(0) + hex2rstr(strToGuid(uuid)) + binzerostring(64);
+ socket.write(data);
+ Debug("APF: Send protocol version 1 0 " + uuid);
+ obj.cirastate = CIRASTATE.PROTOCOL_VERSION_SENT;
+ }
+
+ function SendServiceRequest(socket, service) {
+ var data = String.fromCharCode(APFProtocol.SERVICE_REQUEST) + IntToStr(service.length) + service;
+ socket.write(data);
+ Debug("APF: Send service request " + service);
+ if (service == 'auth@amt.intel.com') {
+ obj.cirastate = CIRASTATE.AUTH_SERVICE_REQUEST_SENT;
+ } else if (service == 'pfwd@amt.intel.com') {
+ obj.cirastate = CIRASTATE.PFWD_SERVICE_REQUEST_SENT;
+ }
+ }
+
+ function SendUserAuthRequest(socket, user, pass) {
+ var service = "pfwd@amt.intel.com";
+ var data = String.fromCharCode(APFProtocol.USERAUTH_REQUEST) + IntToStr(user.length) + user + IntToStr(service.length) + service;
+ //password auth
+ data += IntToStr(8) + 'password';
+ data += binzerostring(1) + IntToStr(pass.length) + pass;
+ socket.write(data);
+ Debug("APF: Send username password authentication to MPS");
+ obj.cirastate = CIRASTATE.AUTH_REQUEST_SENT;
+ }
+
+ function SendGlobalRequestPfwd(socket, amthostname, amtport) {
+ var tcpipfwd = 'tcpip-forward';
+ var data = String.fromCharCode(APFProtocol.GLOBAL_REQUEST) + IntToStr(tcpipfwd.length) + tcpipfwd + binzerostring(1, 1);
+ data += IntToStr(amthostname.length) + amthostname + IntToStr(amtport);
+ socket.write(data);
+ Debug("APF: Send tcpip-forward " + amthostname + ":" + amtport);
+ obj.cirastate = CIRASTATE.GLOBAL_REQUEST_SENT;
+ }
+
+ function SendKeepAliveRequest(socket) {
+ socket.write(String.fromCharCode(APFProtocol.KEEPALIVE_REQUEST) + IntToStr(255));
+ Debug("APF: Send keepalive request");
+ }
+
+ function SendKeepAliveReply(socket, cookie) {
+ socket.write(String.fromCharCode(APFProtocol.KEEPALIVE_REPLY) + IntToStr(cookie));
+ Debug("APF: Send keepalive reply");
+ }
+
+ function ProcessData(socket) {
+ var cmd = socket.tag.accumulator.charCodeAt(0);
+ var len = socket.tag.accumulator.length;
+ var data = socket.tag.accumulator;
+ if (len == 0) { return 0; }
+
+ // Respond to MPS according to obj.cirastate
+ switch (cmd) {
+ case APFProtocol.SERVICE_ACCEPT: {
+ var slen = ReadInt(data, 1), service = data.substring(5, 6 + slen);
+ Debug("APF: Service request to " + service + " accepted.");
+ if (service == 'auth@amt.intel.com') {
+ if (obj.cirastate >= CIRASTATE.AUTH_SERVICE_REQUEST_SENT) {
+ SendUserAuthRequest(socket.ws, obj.args.mpsuser, obj.args.mpspass);
+ }
+ } else if (service == 'pfwd@amt.intel.com') {
+ if (obj.cirastate >= CIRASTATE.PFWD_SERVICE_REQUEST_SENT) {
+ SendGlobalRequestPfwd(socket.ws, obj.args.clientname, pfwd_ports[obj.pfwd_idx++]);
+ }
+ }
+ return 5 + slen;
+ }
+ case APFProtocol.REQUEST_SUCCESS: {
+ if (len >= 5) {
+ var port = ReadInt(data, 1);
+ Debug("APF: Request to port forward " + port + " successful.");
+ // iterate to pending port forward request
+ if (obj.pfwd_idx < pfwd_ports.length) {
+ SendGlobalRequestPfwd(socket.ws, obj.args.clientname, pfwd_ports[obj.pfwd_idx++]);
+ } else {
+ // no more port forward, now setup timer to send keep alive
+ Debug("APF: Start keep alive for every " + obj.args.mpskeepalive + " ms.");
+ obj.timer = setInterval(function () {
+ SendKeepAliveRequest(obj.forwardClient.ws);
+ }, obj.args.mpskeepalive);//
+ }
+ return 5;
+ }
+ Debug("APF: Request successful.");
+ return 1;
+ }
+ case APFProtocol.USERAUTH_SUCCESS: {
+ Debug("APF: User Authentication successful");
+ // Send Pfwd service request
+ SendServiceRequest(socket.ws, 'pfwd@amt.intel.com');
+ return 1;
+ }
+ case APFProtocol.USERAUTH_FAILURE: {
+ Debug("APF: User Authentication failed");
+ obj.cirastate = CIRASTATE.FAILED;
+ return 14;
+ }
+ case APFProtocol.KEEPALIVE_REQUEST: {
+ Debug("APF: Keep Alive Request with cookie: " + ReadInt(data, 1));
+ SendKeepAliveReply(socket.ws, ReadInt(data, 1));
+ return 5;
+ }
+ case APFProtocol.KEEPALIVE_REPLY: {
+ Debug("APF: Keep Alive Reply with cookie: " + ReadInt(data, 1));
+ return 5;
+ }
+ // Channel management
+ case APFProtocol.CHANNEL_OPEN: {
+ // Parse CHANNEL OPEN request
+ var p_res = parseChannelOpen(data);
+ Debug("APF: CHANNEL_OPEN request: " + JSON.stringify(p_res));
+ // Check if target port is in pfwd_ports
+ if (pfwd_ports.indexOf(p_res.target_port) >= 0) {
+ // Connect socket to that port
+ var chan = obj.net.createConnection({ host: obj.args.clientaddress, port: p_res.target_port }, function () {
+ //require('MeshAgent').SendCommand({ action: 'msg', type: 'console', value: "CHANNEL_OPEN-open" });
+ // obj.downlinks[p_res.sender_chan].setEncoding('binary');//assume everything is binary, not interpreting
+ SendChannelOpenConfirm(socket.ws, p_res);
+ });
+
+ // Setup flow control
+ chan.maxInWindow = p_res.window_size; // Oddly, we are using the same window size as the other side.
+ chan.curInWindow = 0;
+
+ chan.on('data', function (ddata) {
+ // Relay data to fordwardclient
+ // TODO: Implement flow control
+ SendChannelData(socket.ws, p_res.sender_chan, ddata);
+ });
+
+ chan.on('error', function (e) {
+ //Debug("Downlink connection error: " + e);
+ SendChannelOpenFailure(socket.ws, p_res);
+ });
+
+ chan.on('end', function () {
+ var chan = obj.downlinks[p_res.sender_chan];
+ if (chan != null) {
+ Debug("Socket ends.");
+ try { SendChannelClose(socket.ws, p_res.sender_chan); } catch (ex) { }
+ delete obj.downlinks[p_res.sender_chan];
+ }
+ });
+
+ obj.downlinks[p_res.sender_chan] = chan;
+ } else {
+ // Not a supported port, fail the connection
+ SendChannelOpenFailure(socket.ws, p_res);
+ }
+ return p_res.len;
+ }
+ case APFProtocol.CHANNEL_OPEN_CONFIRMATION: {
+ Debug("APF: CHANNEL_OPEN_CONFIRMATION");
+ return 17;
+ }
+ case APFProtocol.CHANNEL_CLOSE: {
+ var rcpt_chan = ReadInt(data, 1);
+ Debug("APF: CHANNEL_CLOSE: " + rcpt_chan);
+ try { obj.downlinks[rcpt_chan].end(); } catch (ex) { }
+ return 5;
+ }
+ case APFProtocol.CHANNEL_DATA: {
+ Debug("APF: CHANNEL_DATA: " + JSON.stringify(rstr2hex(data)));
+ var rcpt_chan = ReadInt(data, 1);
+ var chan_data_len = ReadInt(data, 5);
+ var chan_data = data.substring(9, 9 + chan_data_len);
+ var chan = obj.downlinks[rcpt_chan];
+ if (chan != null) {
+ chan.curInWindow += chan_data_len;
+ try {
+ chan.write(Buffer.from(chan_data, 'binary'), function () {
+ Debug("Write completed.");
+ // If the incoming window is over half used, send an adjust.
+ if (this.curInWindow > (this.maxInWindow / 2)) { SendChannelWindowAdjust(socket.ws, rcpt_chan, this.curInWindow); this.curInWindow = 0; }
+ });
+ } catch (ex) { Debug("Cannot forward data to downlink socket."); }
+ }
+ return 9 + chan_data_len;
+ }
+ case APFProtocol.CHANNEL_WINDOW_ADJUST: {
+ Debug("APF: CHANNEL_WINDOW_ADJUST");
+ return 9;
+ }
+ case APFProtocol.JSON_CONTROL: {
+ Debug("APF: JSON_CONTROL");
+ var len = ReadInt(data, 1);
+ if (obj.onJsonControl) { var o = null; try { o = JSON.parse(data.substring(5, 5 + len)); } catch (ex) { } if (o != null) { obj.onJsonControl(o); } }
+ return 5 + len;
+ }
+ default: {
+ Debug("CMD: " + cmd + " is not implemented.");
+ obj.cirastate = CIRASTATE.FAILED;
+ return 0;
+ }
+ }
+ }
+
+ function parseChannelOpen(data) {
+ var result = { cmd: APFProtocol.CHANNEL_OPEN };
+ var chan_type_slen = ReadInt(data, 1);
+ result.chan_type = data.substring(5, 5 + chan_type_slen);
+ result.sender_chan = ReadInt(data, 5 + chan_type_slen);
+ result.window_size = ReadInt(data, 9 + chan_type_slen);
+ var c_len = ReadInt(data, 17 + chan_type_slen);
+ result.target_address = data.substring(21 + chan_type_slen, 21 + chan_type_slen + c_len);
+ result.target_port = ReadInt(data, 21 + chan_type_slen + c_len);
+ var o_len = ReadInt(data, 25 + chan_type_slen + c_len);
+ result.origin_address = data.substring(29 + chan_type_slen + c_len, 29 + chan_type_slen + c_len + o_len);
+ result.origin_port = ReadInt(data, 29 + chan_type_slen + c_len + o_len);
+ result.len = 33 + chan_type_slen + c_len + o_len;
+ return result;
+ }
+
+ function SendChannelOpenFailure(socket, chan_data) {
+ socket.write(String.fromCharCode(APFProtocol.CHANNEL_OPEN_FAILURE) + IntToStr(chan_data.sender_chan) + IntToStr(2) + IntToStr(0) + IntToStr(0));
+ Debug("APF: Send ChannelOpenFailure");
+ }
+
+ function SendChannelOpenConfirm(socket, chan_data) {
+ socket.write(String.fromCharCode(APFProtocol.CHANNEL_OPEN_CONFIRMATION) + IntToStr(chan_data.sender_chan) + IntToStr(chan_data.sender_chan) + IntToStr(chan_data.window_size) + IntToStr(0xFFFFFFFF));
+ Debug("APF: Send ChannelOpenConfirmation");
+ }
+
+ function SendChannelWindowAdjust(socket, chan, size) {
+ socket.write(String.fromCharCode(APFProtocol.CHANNEL_WINDOW_ADJUST) + IntToStr(chan) + IntToStr(size));
+ Debug("APF: Send ChannelWindowAdjust, channel: " + chan + ", size: " + size);
+ }
+
+ function SendChannelData(socket, chan, data) {
+ socket.write(Buffer.concat([Buffer.from(String.fromCharCode(APFProtocol.CHANNEL_DATA) + IntToStr(chan) + IntToStr(data.length), 'binary'), data]));
+ Debug("APF: Send ChannelData: " + data.toString('hex'));
+ }
+
+ function SendChannelClose(socket, chan) {
+ socket.write(String.fromCharCode(APFProtocol.CHANNEL_CLOSE) + IntToStr(chan));
+ Debug("APF: Send ChannelClose ");
+ }
+
+ obj.connect = function () {
+ if (obj.forwardClient != null) {
+ try { obj.forwardClient.ws.end(); } catch (ex) { Debug(ex); }
+ //obj.forwardClient = null;
+ }
+ obj.cirastate = CIRASTATE.INITIAL;
+ obj.pfwd_idx = 0;
+
+ //obj.forwardClient = new obj.ws(obj.args.mpsurl, obj.tlsoptions);
+ //obj.forwardClient.on("open", obj.onSecureConnect);
+
+ var wsoptions = obj.http.parseUri(obj.args.mpsurl);
+ wsoptions.rejectUnauthorized = 0;
+ obj.forwardClient = obj.http.request(wsoptions);
+ obj.forwardClient.upgrade = obj.onSecureConnect;
+ obj.forwardClient.end(); // end request, trigger completion of HTTP request
+ }
+
+ obj.disconnect = function () { try { obj.forwardClient.ws.end(); } catch (ex) { Debug(ex); } }
+
+ return obj;
+}
+
module.exports = CreateAPFClient;
\ No newline at end of file
diff --git a/agents/modules_meshcore/amt-lme.js b/agents/modules_meshcore/amt-lme.js
index bea0098e..d27ce0f9 100644
--- a/agents/modules_meshcore/amt-lme.js
+++ b/agents/modules_meshcore/amt-lme.js
@@ -305,7 +305,7 @@ function lme_heci(options) {
try { notify = xmlParser.ParseWsman(httpData); } catch (e) { }
// Event the http data
- if (notify != null) { this.LMS.emit('notify', notify, channel.options, _lmsNotifyToString(notify), _lmsNotifyToCode(notify)); }
+ if (notify != null) { this.LMS.emit('notify', notify, channel.options, _lmsNotifyToCode(notify)); }
// Send channel close
var buffer = Buffer.alloc(5);
@@ -458,447 +458,4 @@ function _lmsNotifyToCode(notify) {
return msgid;
}
-function _lmsNotifyToString(notify) {
- if ((notify == null) || (notify.Body == null) || (notify.Body.MessageID == null)) return null;
- var msgid = notify.Body.MessageID;
- try { msgid += '-' + notify.Body.MessageArguments[0]; } catch (e) { }
- if (lmsEvents[msgid]) { return lmsEvents[msgid]; }
- return null;
-}
-
-var lmsEvents = {
- "iAMT0001": "System Defense Policy %1s triggered.",
- "iAMT0002": "Agent Presence Agent %1s not started.",
- "iAMT0003": "Agent Presence Agent %1s stopped.",
- "iAMT0004": "Agent Presence Agent %1s running.",
- "iAMT0005": "Agent Presence Agent %1s expired.",
- "iAMT0006": "Agent Presence Agent %1s suspended.",
- "iAMT0007": "Host software attempt to disable AMT Network link detected.",
- "iAMT0008": "Host software attempt to disable AMT Network link detected -- Host Network link blocked.",
- "iAMT0009": "AMT clock or FLASH wear-out protection disabled.",
- "iAMT0010": "Intel(R) AMT Network Interface %1s heuristics defense slow threshold trespassed.",
- "iAMT0011": "Intel(R) AMT Network Interface %1s heuristics defense fast threshold trespassed.",
- "iAMT0012": "Intel(R) AMT Network Interface %1s heuristics defense factory defined threshold trespassed.",
- "iAMT0013": "Intel(R) AMT Network Interface %1s heuristics defense Encounter timeout expired.",
- "iAMT0014": "General certificate error.",
- "iAMT0015": "Certificate expired.",
- "iAMT0016": "No trusted root certificate.",
- "iAMT0017": "Not configured to work with server certificate.",
- "iAMT0018": "Certificate revoked.",
- "iAMT0019": "RSA exponent too large.",
- "iAMT0020": "RSA modulus too large.",
- "iAMT0021": "Unsupported digest.",
- "iAMT0022": "Distinguished name too long.",
- "iAMT0023": "Key usage missing.",
- "iAMT0024": "General SSL handshake error.",
- "iAMT0025": "General 802.1x error.",
- "iAMT0026": "AMT Diagnostic AlertEAC error - General NAC error.",
- "iAMT0027": "AMT Diagnostic AlertEAC error - attempt to get a NAC posture while AMT NAC is disabled.",
- "iAMT0028": "AMT Diagnostic AlertEAC error - attempt to get a posture of an unsupported type.",
- "iAMT0029": "Audit log storage is 50% full.",
- "iAMT0030": "Audit log storage is 75% full.",
- "iAMT0031": "Audit log storage is 85% full.",
- "iAMT0032": "Audit log storage is 95% full.",
- "iAMT0033": "Audit log storage is full.",
- "iAMT0034": "Firmware Update Event - Partial.",
- "iAMT0035": "Firmware Update Event - Failure.",
- "iAMT0036": "Remote connectivity initiated.",
- "iAMT0037": "ME Presence event.",
- "iAMT0038-0": "AMT is being unprovisioned using BIOS command.",
- "iAMT0038-1": "AMT is being unprovisioned using Local MEI command.",
- "iAMT0038-2": "AMT is being unprovisioned using Local WS-MAN/SOAP command.",
- "iAMT0038-3": "AMT is being unprovisioned using Remote WS-MAN/SOAP command.",
- "iAMT0039": "HW Asset Error.",
- "iAMT0050": "User Notification Alert - General Notification.",
- "iAMT0050-16": "User Notification Alert - Circuit Breaker notification (CB Drop TX filter hit.).",
- "iAMT0050-17": "User Notification Alert - Circuit Breaker notification (CB Rate Limit TX filter hit.).",
- "iAMT0050-18": "User Notification Alert - Circuit Breaker notification (CB Drop RX filter hit.).",
- "iAMT0050-19": "User Notification Alert - Circuit Breaker notification (CB Rate Limit RX filter hit.).",
- "iAMT0050-32": "User Notification Alert - EAC notification.",
- "iAMT0050-48": "User Notification Alert - Remote diagnostics - (Remote Redirection session started - SOL).",
- "iAMT0050-49": "User Notification Alert - Remote diagnostics - (Remote Redirection session stopped - SOL).",
- "iAMT0050-50": "User Notification Alert - Remote diagnostics. (Remote Redirection session started - IDE-R).",
- "iAMT0050-51": "User Notification Alert - Remote diagnostics. (Remote Redirection session stopped - IDE-R).",
- "iAMT0050-66": "User Notification Alert - WLAN notification (Host profile mismatch - Management Interface ignored).",
- "iAMT0050-67": "User Notification Alert - WLAN notification (Management device overrides host radio).",
- "iAMT0050-68": "User Notification Alert - WLAN notification (Host profile security mismatch).",
- "iAMT0050-69": "User Notification Alert - WLAN notification (Management device relinquishes control over host Radio).",
- "iAMT0051": "User Notification Alert - SecIo event.",
- "iAMT0051-0": "User Notification Alert - SecIo event semaphore at host.",
- "iAMT0051-1": "User Notification Alert - semaphore at ME.",
- "iAMT0051-2": "User Notification Alert - SecIo event - semaphore timeout.",
- "iAMT0052": "User Notification Alert - KVM session event.",
- "iAMT0052-0": "User Notification Alert - KVM session requested.",
- "iAMT0052-1": "User Notification Alert - KVM session started.",
- "iAMT0052-2": "User Notification Alert - KVM session stopped.",
- "iAMT0052-3": "User Notification Alert - KVM data channel.",
- "iAMT0053": "User Notification Alert - RCS notification.",
- "iAMT0053-50": "User Notification Alert - RCS notification (HW button pressed. Connection initiated automatically).",
- "iAMT0053-52": "User Notification Alert - RCS notification (HW button pressed. Connection wasn't initiated automatically).",
- "iAMT0053-53": "User Notification Alert - RCS notification (Contracts updated).",
- "iAMT0054": "User Notification Alert - WLAN notification. Wireless Profile sync enablement state changed.",
- "iAMT0055": "User Notification Alert - Provisioning state change notification.",
- "iAMT0055-0": "User Notification Alert - Provisioning state change notification - Pre-configuration.",
- "iAMT0055-1": "User Notification Alert - Provisioning state change notification - In configuration.",
- "iAMT0055-2": "User Notification Alert - Provisioning state change notification - Post-configuration.",
- "iAMT0055-3": "User Notification Alert - Provisioning state change notification - Unprovision process has started.",
- "iAMT0056": "User Notification Alert - System Defense change notification.",
- "iAMT0057": "User Notification Alert - Network State change notification.",
- "iAMT0058": "User Notification Alert - Remote Access change notification.",
- "iAMT0058-1": "User Notification Alert - Remote Access change notification - tunnel is closed.",
- //"iAMT0058-1": "User Notification Alert - Remote Access change notification - tunnel is open.", // TODO
- "iAMT0059": "User Notification Alert - KVM enabled event.",
- "iAMT0059-0": "User Notification Alert - KVM enabled event - KVM disabled.",
- "iAMT0059-1": "User Notification Alert - KVM enabled event - KVM enabled (both from MEBx and PTNI).",
- "iAMT0060": "User Notification Alert - SecIO configuration event.",
- "iAMT0061": "ME FW reset occurred.",
- "iAMT0062": "User Notification Alert - IpSyncEnabled event.",
- "iAMT0062-0": "User Notification Alert - IpSyncEnabled event - IpSync disabled.",
- "iAMT0062-1": "User Notification Alert - IpSyncEnabled event - IpSync enabled.",
- "iAMT0063": "User Notification Alert - HTTP Proxy sync enabled event.",
- "iAMT0063-0": "User Notification Alert - HTTP Proxy sync enabled event - HTTP Proxy Sync disabled.",
- "iAMT0063-1": "User Notification Alert - HTTP Proxy sync enabled event - HTTP Proxy Sync enabled.",
- "iAMT0064": "User Notification Alert - User Consent event.",
- "iAMT0064-1": "User Notification Alert - User Consent event - User Consent granted.",
- "iAMT0064-2": "User Notification Alert - User Consent event - User Consent ended.",
- "iAMT0067-0": "Graceful Remote Control Operation - Shutdown.",
- "iAMT0067-1": "Graceful Remote Control Operation - Reset.",
- "iAMT0067-2": "Graceful Remote Control Operation - Hibernate.",
- "iAMT0068-0": "Link Protection Notification - No link protection.",
- "iAMT0068-1": "Link Protection Notification - Passive link protection.",
- "iAMT0068-2": "Link Protection Notification - High link protection.",
- "iAMT0069-0": "Local Time Sync Enablement Notification - Local Time Sync Disabled.",
- "iAMT0069-1": "Local Time Sync Enablement Notification - Local Time Sync Enabled.",
- "iAMT0070": "Host Reset Triggered by WD Expiration Notification.",
- "PLAT0004": "The chassis %1s was opened.",
- "PLAT0005": "The chassis %1s was closed.",
- "PLAT0006": "The drive bay %1s was opened.",
- "PLAT0007": "The drive bay %1s was closed.",
- "PLAT0008": "The I/O card area %1s was opened.",
- "PLAT0009": "The I/O card area %1s was closed.",
- "PLAT0010": "The processor area %1s was opened.",
- "PLAT0011": "The processor area %1s was closed.",
- "PLAT0012": "The LAN %1s has been disconnected.",
- "PLAT0013": "The LAN %1s has been connected.",
- "PLAT0016": "The permission to insert package %1s has been granted.",
- "PLAT0017": "The permission to insert package %1s has been removed.",
- "PLAT0018": "The fan card area %1s is open.",
- "PLAT0019": "The fan card area %1s is closed.",
- "PLAT0022": "The computer system %1s has detected a secure mode violation.",
- "PLAT0024": "The computer system %1s has detected a pre-boot user password violation.",
- "PLAT0026": "The computer system %1s has detected a pre-boot setup password violation.",
- "PLAT0028": "The computer system %1s has detected a network boot password violation.",
- "PLAT0030": "The computer system %1s has detected a password violation.",
- "PLAT0032": "The management controller %1s has detected an out-of-band password violation.",
- "PLAT0034": "The processor %1s has been added.",
- "PLAT0035": "The processor %1s has been removed.",
- "PLAT0036": "An over-temperature condition has been detected on the processor %1s.",
- "PLAT0037": "An over-temperature condition has been removed on the processor %1s.",
- "PLAT0038": "The processor %1s is operating in a degraded State.",
- "PLAT0039": "The processor %1s is no longer operating in a degraded State.",
- "PLAT0040": "The processor %1s has failed.",
- "PLAT0042": "The processor %1s has failed.",
- "PLAT0044": "The processor %1s has failed.",
- "PLAT0046": "The processor %1s has failed.",
- "PLAT0048": "The processor %1s has failed.",
- "PLAT0060": "The processor %1s has been enabled.",
- "PLAT0061": "The processor %1s has been disabled.",
- "PLAT0062": "The processor %1s has a configuration mismatch.",
- "PLAT0064": "A terminator has been detected on the processor %1s.",
- "PLAT0084": "The Power Supply %1s has been added.",
- "PLAT0085": "The Power Supply %1s has been removed.",
- "PLAT0086": "The Power Supply %1s has failed.",
- "PLAT0088": "Failure predicted on power supply %1s.",
- "PLAT0096": "The input to power supply %1s has been lost or fallen out of range.",
- "PLAT0098": "The power supply %1s is operating in an input state that is out of range.",
- "PLAT0099": "The power supply %1s has returned to a normal input state.",
- "PLAT0100": "The power supply %1s has lost input.",
- "PLAT0104": "The power supply %1s has a configuration mismatch.",
- "PLAT0106": "Power supply %1s has been disabled.",
- "PLAT0107": "Power supply %1s has been enabled.",
- "PLAT0108": "Power supply %1s has been power cycled.",
- "PLAT0110": "Power supply %1s has encountered an error during power down.",
- "PLAT0112": "Power supply %1s has lost power.",
- "PLAT0114": "Soft power control has failed for power supply %1s.",
- "PLAT0116": "Power supply %1s has failed.",
- "PLAT0118": "Failure predicted on power supply %1s.",
- "PLAT0120": "Memory subsystem failure.",
- "PLAT0122": "DIMM missing.",
- "PLAT0124": "Memory error detected & corrected for DIMM %1s.",
- "PLAT0128": "Memory DIMM %1s added.",
- "PLAT0129": "Memory DIMM %1s removed.",
- "PLAT0130": "Memory DIMM %1s enabled.",
- "PLAT0131": "Memory DIMM %1s disabled.",
- "PLAT0134": "Memory parity error for DIMM %1s.",
- "PLAT0136": "Memory scrub failure for DIMM %1s.",
- "PLAT0138": "Memory uncorrectable error detected for DIMM %1s.",
- "PLAT0140": "Memory sparing initiated for DIMM %1s.",
- "PLAT0141": "Memory sparing concluded for DIMM %1s.",
- "PLAT0142": "Memory DIMM %1s Throttled.",
- "PLAT0144": "Memory logging limit reached for DIMM %1s.",
- "PLAT0145": "Memory logging limit removed for DIMM %1s.",
- "PLAT0146": "An over-temperature condition has been detected on the Memory DIMM %1s.",
- "PLAT0147": "An over-temperature condition has been removed on the Memory DIMM %1s.",
- "PLAT0162": "The drive %1s has been added.",
- "PLAT0163": "The drive %1s has been removed.",
- "PLAT0164": "The drive %1s has been disabled due to a detected fault.",
- "PLAT0167": "The drive %1s has been enabled.",
- "PLAT0168": "Failure predicted on drive %1s.",
- "PLAT0170": "Hot spare enabled for %1s.",
- "PLAT0171": "Hot spare disabled for %1s.",
- "PLAT0172": "Consistency check has begun for %1s.",
- "PLAT0173": "Consistency check completed for %1s.",
- "PLAT0174": "Array %1s is in critical condition.",
- "PLAT0176": "Array %1s has failed.",
- "PLAT0177": "Array %1s has been restored.",
- "PLAT0178": "Rebuild in progress for array %1s.",
- "PLAT0179": "Rebuild completed for array %1s.",
- "PLAT0180": "Rebuild Aborted for array %1s.",
- "PLAT0184": "The system %1s encountered a POST error.",
- "PLAT0186": "The system %1s encountered a firmware hang.",
- "PLAT0188": "The system %1s encountered firmware progress.",
- "PLAT0192": "The log %1s has been disabled.",
- "PLAT0193": "The log %1s has been enabled.",
- "PLAT0194": "The log %1s has been disabled.",
- "PLAT0195": "The log %1s has been enabled.",
- "PLAT0196": "The log %1s has been disabled.",
- "PLAT0198": "The log %1s has been enabled.",
- "PLAT0200": "The log %1s has been cleared.",
- "PLAT0202": "The log %1s is full.",
- "PLAT0203": "The log %1s is no longer full.",
- "PLAT0204": "The log %1s is almost full.",
- "PLAT0208": "The log %1s has a configuration error.",
- "PLAT0210": "The system %1s has been reconfigured.",
- "PLAT0212": "The system %1s has encountered an OEM system boot event.",
- "PLAT0214": "The system %1s has encountered an unknown system hardware fault.",
- "PLAT0216": "The system %1s has generated an auxiliary log entry.",
- "PLAT0218": "The system %1s has executed a PEF action.",
- "PLAT0220": "The system %1s has synchronized the system clock.",
- "PLAT0222": "A diagnostic interrupt has occurred on system %1s.",
- "PLAT0224": "A bus timeout has occurred on system %1s.",
- "PLAT0226": "An I/O channel check NMI has occurred on system %1s.",
- "PLAT0228": "A software NMI has occurred on system %1s.",
- "PLAT0230": "System %1s has recovered from an NMI.",
- "PLAT0232": "A PCI PERR has occurred on system %1s.",
- "PLAT0234": "A PCI SERR has occurred on system %1s.",
- "PLAT0236": "An EISA fail safe timeout occurred on system %1s.",
- "PLAT0238": "A correctable bus error has occurred on system %1s.",
- "PLAT0240": "An uncorrectable bus error has occurred on system %1s.",
- "PLAT0242": "A fatal NMI error has occurred on system %1s.",
- "PLAT0244": "A fatal bus error has occurred on system %1s.",
- "PLAT0246": "A bus on system %1s is operating in a degraded state.",
- "PLAT0247": "A bus on system %1s is no longer operating in a degraded state.",
- "PLAT0248": "The power button %1s has been pressed.",
- "PLAT0249": "The power button %1s has been released.",
- "PLAT0250": "The sleep button %1s has been pressed.",
- "PLAT0251": "The sleep button %1s has been released.",
- "PLAT0252": "The reset button %1s has been pressed.",
- "PLAT0253": "The reset button %1s has been released.",
- "PLAT0254": "The latch to %1s has been opened.",
- "PLAT0255": "The latch to %1s has been closed.",
- "PLAT0256": "The service request %1s has been enabled.",
- "PLAT0257": "The service request %1s has been completed.",
- "PLAT0258": "Power control of system %1s has failed.",
- "PLAT0262": "The network port %1s has been connected.",
- "PLAT0263": "The network port %1s has been disconnected.",
- "PLAT0266": "The connector %1s has encountered a configuration error.",
- "PLAT0267": "The connector %1s configuration error has been repaired.",
- "PLAT0272": "Power on for system %1s.",
- "PLAT0274": "Power cycle hard requested for system %1s.",
- "PLAT0276": "Power cycle soft requested for system %1s.",
- "PLAT0278": "PXE boot requested for system %1s.",
- "PLAT0280": "Diagnostics boot requested for system %1s.",
- "PLAT0282": "System restart requested for system %1s.",
- "PLAT0284": "System restart begun for system %1s.",
- "PLAT0286": "No bootable media available for system %1s.",
- "PLAT0288": "Non-bootable media selected for system %1s.",
- "PLAT0290": "PXE server not found for system %1s.",
- "PLAT0292": "User timeout on boot for system %1s.",
- "PLAT0296": "System %1s boot from floppy initiated.",
- "PLAT0298": "System %1s boot from local drive initiated.",
- "PLAT0300": "System %1s boot from PXE on network port initiated.",
- "PLAT0302": "System %1s boot diagnostics initiated.",
- "PLAT0304": "System %1s boot from CD initiated.",
- "PLAT0306": "System %1s boot from ROM initiated.",
- "PLAT0312": "System %1s boot initiated.",
- "PLAT0320": "Critical stop during OS load on system %1s.",
- "PLAT0322": "Run-time critical stop on system %1s.",
- "PLAT0324": "OS graceful stop on system %1s.",
- "PLAT0326": "OS graceful shutdown begun on system %1s.",
- "PLAT0327": "OS graceful shutdown completed on system %1s.",
- "PLAT0328": "Agent not responding on system %1s.",
- "PLAT0329": "Agent has begun responding on system %1s.",
- "PLAT0330": "Fault in slot on system %1s.",
- "PLAT0331": "Fault condition removed on system %1s.",
- "PLAT0332": "Identifying slot on system %1s.",
- "PLAT0333": "Identify stopped on slot for system %1s.",
- "PLAT0334": "Package installed in slot for system %1s.",
- "PLAT0336": "Slot empty system %1s.",
- "PLAT0338": "Slot in system %1s is ready for installation.",
- "PLAT0340": "Slot in system %1s is ready for removal.",
- "PLAT0342": "Power is off on slot of system %1s.",
- "PLAT0344": "Power is on for slot of system %1s.",
- "PLAT0346": "Removal requested for slot of system %1s.",
- "PLAT0348": "Interlock activated on slot of system %1s.",
- "PLAT0349": "Interlock de-asserted on slot of system %1s.",
- "PLAT0350": "Slot disabled on system %1s.",
- "PLAT0351": "Slot enabled on system %1s.",
- "PLAT0352": "Slot of system %1s holds spare.",
- "PLAT0353": "Slot of system %1s no longer holds spare.",
- "PLAT0354": "Computer system %1s enabled.",
- "PLAT0356": "Computer system %1s is in sleep - light mode.",
- "PLAT0358": "Computer system %1s is in hibernate.",
- "PLAT0360": "Computer system %1s is in standby.",
- "PLAT0362": "Computer system %1s is in soft off mode.",
- "PLAT0364": "Computer system %1s is in hard off mode.",
- "PLAT0366": "Computer system %1s is sleeping.",
- "PLAT0368": "Watchdog timer expired for %1s.",
- "PLAT0370": "Reboot of system initiated by watchdog %1s.",
- "PLAT0372": "Powering off system initiated by watchdog %1s.",
- "PLAT0374": "Power cycle of system initiated by watchdog %1s.",
- "PLAT0376": "Watchdog timer interrupt occurred for %1s.",
- "PLAT0378": "A page alert has been generated for system %1s.",
- "PLAT0380": "A LAN alert has been generated for system %1s.",
- "PLAT0382": "An event trap has been generated for system %1s.",
- "PLAT0384": "An SNMP trap has been generated for system %1s.",
- "PLAT0390": "%1s detected as present.",
- "PLAT0392": "%1s detected as absent.",
- "PLAT0394": "%1s has been disabled.",
- "PLAT0395": "%1s has been enabled.",
- "PLAT0396": "Heartbeat lost for LAN %1s.",
- "PLAT0397": "Heartbeat detected for LAN %1s.",
- "PLAT0398": "Sensor %1s is unavailable or degraded on management system.",
- "PLAT0399": "Sensor %1s has returned to normal on management system.",
- "PLAT0400": "Controller %1s is unavailable or degraded on management system.",
- "PLAT0401": "Controller %1s has returned to normal on management system.",
- "PLAT0402": "Management system %1s is off-line.",
- "PLAT0404": "Management system %1s is disabled.",
- "PLAT0405": "Management system %1s is enabled.",
- "PLAT0406": "Sensor %1s has failed on management system.",
- "PLAT0408": "FRU %1s has failed on management system.",
- "PLAT0424": "The battery %1s is critically low.",
- "PLAT0427": "The battery %1s is no longer critically low.",
- "PLAT0430": "The battery %1s has been removed from unit.",
- "PLAT0431": "The battery %1s has been added.",
- "PLAT0432": "The battery %1s has failed.",
- "PLAT0434": "Session audit is deactivated on system %1s.",
- "PLAT0435": "Session audit is activated on system %1s.",
- "PLAT0436": "A hardware change occurred on system %1s.",
- "PLAT0438": "A firmware or software change occurred on system %1s.",
- "PLAT0440": "A hardware incompatibility was detected on system %1s.",
- "PLAT0442": "A firmware or software incompatibility was detected on system %1s.",
- "PLAT0444": "Invalid or unsupported hardware was detected on system %1s.",
- "PLAT0446": "Invalid or unsupported firmware or software was detected on system %1s.",
- "PLAT0448": "A successful hardware change was detected on system %1s.",
- "PLAT0450": "A successful software or firmware change was detected on system %1s.",
- "PLAT0464": "FRU %1s not installed on system.",
- "PLAT0465": "FRU %1s installed on system.",
- "PLAT0466": "Activation requested for FRU %1s on system.",
- "PLAT0467": "FRU %1s on system is active.",
- "PLAT0468": "Activation in progress for FRU %1s on system.",
- "PLAT0470": "Deactivation request for FRU %1s on system.",
- "PLAT0471": "FRU %1s on system is in standby or \"hot spare\" state.",
- "PLAT0472": "Deactivation in progress for FRU %1s on system.",
- "PLAT0474": "Communication lost with FRU %1s on system.",
- "PLAT0476": "Numeric sensor %1s going low (lower non-critical).",
- "PLAT0478": "Numeric sensor %1s going high (lower non-critical).",
- "PLAT0480": "Numeric sensor %1s going low (lower critical).",
- "PLAT0482": "Numeric sensor %1s going high (lower critical).",
- "PLAT0484": "Numeric sensor %1s going low (lower non-recoverable).",
- "PLAT0486": "Numeric sensor %1s going high (lower non-critical).",
- "PLAT0488": "Numeric sensor %1s going low (upper non-critical).",
- "PLAT0490": "Numeric sensor %1s going high (upper non-critical).",
- "PLAT0492": "Numeric sensor %1s going low (upper critical).",
- "PLAT0494": "Numeric sensor %1s going high (upper critical).",
- "PLAT0496": "Numeric sensor %1s going low (upper non-recoverable).",
- "PLAT0498": "Numeric sensor %1s going high (upper non-recoverable).",
- "PLAT0500": "Sensor %1s has transitioned to idle.",
- "PLAT0502": "Sensor %1s has transitioned to active.",
- "PLAT0504": "Sensor %1s has transitioned to busy.",
- "PLAT0508": "Sensor %1s has asserted.",
- "PLAT0509": "Sensor %1s has de-asserted.",
- "PLAT0510": "Sensor %1s is asserting predictive failure.",
- "PLAT0511": "Sensor %1s is de-asserting predictive failure.",
- "PLAT0512": "Sensor %1s has indicated limit exceeded.",
- "PLAT0513": "Sensor %1s has indicated limit no longer exceeded.",
- "PLAT0514": "Sensor %1s has indicated performance met.",
- "PLAT0516": "Sensor %1s has indicated performance lags.",
- "PLAT0518": "Sensor %1s has transitioned to normal state.",
- "PLAT0520": "Sensor %1s has transitioned from normal to non-critical state.",
- "PLAT0522": "Sensor %1s has transitioned to critical from a less severe state.",
- "PLAT0524": "Sensor %1s has transitioned to non-recoverable from a less severe state.",
- "PLAT0526": "Sensor %1s has transitioned to non-critical from a more severe state.",
- "PLAT0528": "Sensor %1s has transitioned to critical from a non-recoverable state.",
- "PLAT0530": "Sensor %1s has transitioned to non-recoverable.",
- "PLAT0532": "Sensor %1s indicates a monitor state.",
- "PLAT0534": "Sensor %1s has an informational state.",
- "PLAT0536": "Device %1s has been added.",
- "PLAT0537": "Device %1s has been removed from unit.",
- "PLAT0538": "Device %1s has been enabled.",
- "PLAT0539": "Device %1s has been disabled.",
- "PLAT0540": "Sensor %1s has indicated a running state.",
- "PLAT0544": "Sensor %1s has indicated a power off state.",
- "PLAT0546": "Sensor %1s has indicated an on-line state.",
- "PLAT0548": "Sensor %1s has indicated an off-line state.",
- "PLAT0550": "Sensor %1s has indicated an off-duty state.",
- "PLAT0552": "Sensor %1s has indicated a degraded state.",
- "PLAT0554": "Sensor %1s has indicated a power save state.",
- "PLAT0556": "Sensor %1s has indicated an install error.",
- "PLAT0558": "Redundancy %1s has been lost.",
- "PLAT0560": "Redundancy %1s has been reduced.",
- "PLAT0561": "Redundancy %1s has been restored.",
- "PLAT0562": "%1s has transitioned to a D0 power state.",
- "PLAT0564": "%1s has transitioned to a D1 power state.",
- "PLAT0566": "%1s has transitioned to a D2 power state.",
- "PLAT0568": "%1s has transitioned to a D3 power state.",
- "PLAT0720": "The System %1s encountered firmware progress - memory initialization entry.",
- "PLAT0721": "The System %1s encountered firmware progress - memory initialization exit.",
- "PLAT0722": "The System %1s encountered firmware progress - hard drive initialization entry.",
- "PLAT0723": "The System %1s encountered firmware progress - hard drive initialization exit.",
- "PLAT0724": "The System %1s encountered firmware progress - user authentication.",
- "PLAT0728": "The System %1s encountered firmware progress - USR resource configuration entry.",
- "PLAT0729": "The System %1s encountered firmware progress - USR resource configuration exit.",
- "PLAT0730": "The System %1s encountered firmware progress - PCI recource configuration entry.",
- "PLAT0731": "The System %1s encountered firmware progress - PCI recource configuration exit.",
- "PLAT0732": "The System %1s encountered firmware progress - Option ROM initialization entry.",
- "PLAT0733": "The System %1s encountered firmware progress - Option ROM initialization entry exit.",
- "PLAT0734": "The System %1s encountered firmware progress -video initialization entry entry.",
- "PLAT0735": "The System %1s encountered firmware progress - video initialization entry exit.",
- "PLAT0736": "The System %1s encountered firmware progress - cache initialization entry.",
- "PLAT0737": "The System %1s encountered firmware progress - cache initialization exit.",
- "PLAT0738": "The System %1s encountered firmware progress - keyboard controller initialization entry.",
- "PLAT0739": "The System %1s encountered firmware progress - keyboard controller initialization exit.",
- "PLAT0740": "The System %1s encountered firmware progress - motherboard initialization entry.",
- "PLAT0741": "The System %1s encountered firmware progress - motherboard initialization exit.",
- "PLAT0742": "The System %1s encountered firmware progress - floppy disk initialization entry.",
- "PLAT0743": "The System %1s encountered firmware progress - floppy disk initialization exit.",
- "PLAT0744": "The System %1s encountered firmware progress - keyboard test entry.",
- "PLAT0745": "The System %1s encountered firmware progress - keyboard test exit.",
- "PLAT0746": "The System %1s encountered firmware progress - pointing device test entry.",
- "PLAT0747": "The System %1s encountered firmware progress - pointing device test exit.",
- "PLAT0750": "The System %1s encountered firmware progress - dock enable entry.",
- "PLAT0751": "The System %1s encountered firmware progress - dock enable exit.",
- "PLAT0752": "The System %1s encountered firmware progress - dock disable entry.",
- "PLAT0753": "The System %1s encountered firmware progress - dock disable exit.",
- "PLAT0760": "The System %1s encountered firmware progress - start OS boot process.",
- "PLAT0762": "The System %1s encountered firmware progress - call OS wake vector.",
- "PLAT0764": "The System %1s encountered firmware progress - unrecoverable keyboard failure.",
- "PLAT0766": "The System %1s encountered firmware progress - no video device detected.",
- "PLAT0768": "The System %1s encountered firmware progress - SMART alert detected on drive.",
- "PLAT0770": "The System %1s encountered firmware progress - unrecoverable boot device failure.",
- "PLAT0789": "Corrupt BIOS detected.",
- "PLAT0790": "The System %1s encountered PCI configuration failure.",
- "PLAT0791": "The System %1s encountered a video subsystem failure.",
- "PLAT0792": "The System %1s encountered a storage subsystem failure.",
- "PLAT0793": "The System %1s encountered a USB subsystem failure.",
- "PLAT0794": "The System %1s has detected no memory in the system.",
- "PLAT0795": "The System %1s encountered a motherboard failure.",
- "PLAT0796": "The System %1s encountered a memory Regulator Voltage Bad.",
- "PLAT0797": "%1s PCI reset is not deasserting.",
- "PLAT0798": "%1s Non-Motherboard Regulator Failure.",
- "PLAT0799": "%1s Power Supply Cable failure.",
- "PLAT0800": "%1s Motherboard regulator failure.",
- "PLAT0801": "%1s System component compatibility mismatch."
-}
-
module.exports = lme_heci;
diff --git a/agents/modules_meshcore/amt-manage.js b/agents/modules_meshcore/amt-manage.js
index c8ed799a..fbd1c2a1 100644
--- a/agents/modules_meshcore/amt-manage.js
+++ b/agents/modules_meshcore/amt-manage.js
@@ -30,9 +30,6 @@ function AmtManager(agent, db, isdebug) {
var amtMei = null, amtMeiState = 0;
var amtLms = null, amtLmsState = 0;
var amtGetVersionResult = null;
- var oswsstack = null;
- var osamtstack = null;
- var amtpolicy = null;
var obj = this;
var mestate;
var trustedHashes = null;;
@@ -43,41 +40,19 @@ function AmtManager(agent, db, isdebug) {
obj._lmsstate = 0;
obj._mapping = [];
- obj.on('newListener', function (name, callback)
- {
- if(name == 'portBinding_LMS')
- {
- callback.call(this, this._mapping);
- }
+ obj.on('newListener', function (name, callback) {
+ if (name == 'portBinding_LMS') { callback.call(this, this._mapping); }
});
Object.defineProperty(obj, 'lmsstate',
{
- get: function ()
- {
- return (this._lmsstate);
- },
- set: function (value)
- {
- if (this._lmsstate != value)
- {
- this._lmsstate = value;
- this.emit('stateChange_LMS', value);
- }
- }
+ get: function () { return (this._lmsstate); },
+ set: function (value) { if (this._lmsstate != value) { this._lmsstate = value; this.emit('stateChange_LMS', value); } }
});
obj.state = 0;
obj.onStateChange = null;
obj.setDebug = function (x) { isdebug = x; }
-
- // Set current Intel AMT activation policy
- obj.setPolicy = function (policy, forceApply) {
- if (forceApply || (JSON.stringify(amtpolicy) != JSON.stringify(policy))) {
- amtpolicy = policy;
- if (applyPolicyTimer == null) { applyPolicyTimer = setTimeout(obj.applyPolicy, 8000); }
- }
- }
// Try to load up the MEI module
var rebindToMeiRetrys = 0;
@@ -91,14 +66,12 @@ function AmtManager(agent, db, isdebug) {
amtMei.on('error', function (e) { debug('MEI error'); amtMei = null; amtMeiState = -1; obj.state = -1; if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); } });
amtMei.getVersion(function (result) {
if (result == null) {
- amtMeiState = -1;
- obj.state = -1;
+ obj.state = amtMeiState = -1;
if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); }
if (rebindToMeiRetrys < 10) { setTimeout(obj.reset, 10000); }
} else {
amtGetVersionResult = result;
- amtMeiState = 2;
- obj.state = 2;
+ obj.state = amtMeiState = 2;
rebindToMeiRetrys = 0;
if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); }
//debug('MEI binded');
@@ -108,28 +81,44 @@ function AmtManager(agent, db, isdebug) {
} catch (ex) { debug("MEI exception: " + ex); amtMei = null; amtMeiState = -1; obj.state = -1; }
}
- // Get Intel AMT information using MEI
- var amtMeiTmpState = null;
- obj.getAmtInfo = function(func) {
+ // Get Intel MEI State in a flexible way
+ // Flags: 1 = Versions, 2 = OsAdmin, 4 = Hashes, 8 = Network
+ obj.getMeiState = function(flags, func) {
if ((amtMei == null) || (amtMeiState < 2)) { if (func != null) { func(null); } return; }
try {
- amtMeiTmpState = { Flags: 0 }; // Flags: 1=EHBC, 2=CCM, 4=ACM
+ var amtMeiTmpState = { OsHostname: require('os').hostname(), Flags: 0 }; // Flags: 1=EHBC, 2=CCM, 4=ACM
amtMei.getProtocolVersion(function (result) { if (result != null) { amtMeiTmpState.MeiVersion = result; } });
- amtMei.getVersion(function (result) { if (result) { amtMeiTmpState.Versions = {}; for (var version in result.Versions) { amtMeiTmpState.Versions[result.Versions[version].Description] = result.Versions[version].Version; } } });
+ if ((flags & 1) != 0) { amtMei.getVersion(function (result) { if (result) { amtMeiTmpState.Versions = {}; for (var version in result.Versions) { amtMeiTmpState.Versions[result.Versions[version].Description] = result.Versions[version].Version; } } }); }
amtMei.getProvisioningMode(function (result) { if (result) { amtMeiTmpState.ProvisioningMode = result.mode; } });
- amtMei.getProvisioningState(function (result) { if (result) { amtMeiTmpState.ProvisioningState = result.state; } });
+ amtMei.getProvisioningState(function (result) { if (result) { amtMeiTmpState.ProvisioningState = result.state; } }); // 0: "Not Activated (Pre)", 1: "Not Activated (In)", 2: "Activated"
amtMei.getEHBCState(function (result) { if ((result != null) && (result.EHBC == true)) { amtMeiTmpState.Flags += 1; } });
amtMei.getControlMode(function (result) { if (result != null) { if (result.controlMode == 1) { amtMeiTmpState.Flags += 2; } if (result.controlMode == 2) { amtMeiTmpState.Flags += 4; } } }); // Flag 2 = CCM, 4 = ACM
//amtMei.getMACAddresses(function (result) { if (result) { amtMeiTmpState.mac = result; } });
- amtMei.getLanInterfaceSettings(0, function (result) { if (result) { amtMeiTmpState.net0 = result; } });
- amtMei.getLanInterfaceSettings(1, function (result) { if (result) { amtMeiTmpState.net1 = result; } });
+ if ((flags & 8) != 0) {
+ amtMei.getLanInterfaceSettings(0, function (result) {
+ if (result) {
+ amtMeiTmpState.net0 = result;
+ var fqdn = null, interfaces = require('os').networkInterfaces(); // Look for the DNS suffix for the Intel AMT Ethernet interface
+ for (var i in interfaces) { for (var j in interfaces[i]) { if ((interfaces[i][j].mac == result.mac) && (interfaces[i][j].fqdn != null) && (interfaces[i][j].fqdn != '')) { amtMeiTmpState.OsDnsSuffix = interfaces[i][j].fqdn; } } }
+ }
+ });
+ amtMei.getLanInterfaceSettings(1, function (result) { if (result) { amtMeiTmpState.net1 = result; } });
+ }
amtMei.getUuid(function (result) { if ((result != null) && (result.uuid != null)) { amtMeiTmpState.UUID = result.uuid; } });
- amtMei.getDnsSuffix(function (result) { if (result != null) { amtMeiTmpState.DNS = result; } if (func != null) { func(amtMeiTmpState); } });
+ if ((flags & 2) != 0) { amtMei.getLocalSystemAccount(function (x) { if ((x != null) && x.user && x.pass) { amtMeiTmpState.OsAdmin = { user: x.user, pass: x.pass }; } }); }
+ amtMei.getDnsSuffix(function (result) { if (result != null) { amtMeiTmpState.DnsSuffix = result; } if ((flags & 4) == 0) { if (func != null) { func(amtMeiTmpState); } } });
+ if ((flags & 4) != 0) {
+ amtMei.getHashHandles(function (handles) {
+ if ((handles != null) && (handles.length > 0)) { amtMeiTmpState.Hashes = []; } else { func(amtMeiTmpState); }
+ var exitOnCount = handles.length;
+ for (var i = 0; i < handles.length; ++i) { this.getCertHashEntry(handles[i], function (hashresult) { amtMeiTmpState.Hashes.push(hashresult); if (--exitOnCount == 0) { if (func != null) { func(amtMeiTmpState); } } }); }
+ });
+ }
} catch (e) { if (func != null) { func(null); } return; }
}
// Called on MicroLMS Intel AMT user notification
- var handleAmtNotification = function(notifyMsg) {
+ var handleAmtNotification = function (notifyMsg) {
if ((notifyMsg == null) || (notifyMsg.Body == null) || (notifyMsg.Body.MessageID == null) || (notifyMsg.Body.MessageArguments == null)) return null;
var amtMessage = notifyMsg.Body.MessageID, amtMessageArg = notifyMsg.Body.MessageArguments[0], notify = null;
@@ -149,632 +138,15 @@ function AmtManager(agent, db, isdebug) {
obj.lmsstate = 0;
try {
var lme_heci = require('amt-lme');
- amtLmsState = 1;
- obj.lmsstate = 1;
+ obj.lmsstate = amtLmsState = 1;
amtLms = new lme_heci();
- amtLms.on('error', function (e) { amtLmsState = 0; obj.lmsstate = 0; amtLms = null; debug("LMS error: " + e); setupMeiOsAdmin(1); });
- amtLms.on('connect', function () { amtLmsState = 2; obj.lmsstate = 2; debug("LMS connected"); setupMeiOsAdmin(2); });
- amtLms.on('bind', function (map)
- {
- obj._mapping = map;
- obj.emit('portBinding_LMS', map);
- });
- amtLms.on('notify', function (data, options, str, code) {
- //debug('LMS notify');
- if (code == 'iAMT0052-3') {
- kvmGetData();
- } else {
- //if (str != null) { debug('Intel AMT LMS: ' + str); }
- handleAmtNotification(data);
- }
- });
+ amtLms.on('error', function (e) { amtLmsState = 0; obj.lmsstate = 0; amtLms = null; debug("LMS error: " + e); });
+ amtLms.on('connect', function () { amtLmsState = 2; obj.lmsstate = 2; debug("LMS connected"); });
+ amtLms.on('bind', function (map) { obj._mapping = map; obj.emit('portBinding_LMS', map); });
+ amtLms.on('notify', function (data, options, code) { handleAmtNotification(data); });
} catch (e) { amtLmsState = -1; obj.lmsstate = -1; amtLms = null; }
}
-
- //
- // KVM Data Channel
- //
-
- var setupMeiOsAdmin = function (state) {
- //debug('Setup MEI OS Admin');
- if ((amtMei == null) || (amtMeiState < 2) || (amtGetVersionResult == null)) { return; } // If there is no MEI, don't bother with obj.
- amtMei.getLocalSystemAccount(function (x) {
- if (x == null) return;
- //debug('getLocalSystemAccount ' + JSON.stringify(x));
- var transport = require('amt-wsman-duk');
- var wsman = require('amt-wsman');
- var amt = require('amt');
- oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false);
- osamtstack = new amt(oswsstack);
- //if (func) { func(state); }
-
- // We got the $$OsAdmin account setup.
- amtMeiState = 3;
- obj.state = 3;
- if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); }
- if (applyPolicyTimer == null) { obj.applyPolicy(); }
-
- //var AllWsman = "CIM_SoftwareIdentity,IPS_SecIOService,IPS_ScreenSettingData,IPS_ProvisioningRecordLog,IPS_HostBasedSetupService,IPS_HostIPSettings,IPS_IPv6PortSettings".split(',');
- //osamtstack.BatchEnum(null, AllWsman, startLmsWsmanResponse, null, true);
- //*************************************
- // Setup KVM data channel if this is Intel AMT 12 or above
- var amtver = null;
- try { for (var i in amtGetVersionResult.Versions) { if (amtGetVersionResult.Versions[i].Description == 'AMT') amtver = parseInt(amtGetVersionResult.Versions[i].Version.split('.')[0]); } } catch (e) { }
- if ((amtver != null) && (amtver >= 12)) {
- //debug('KVM data channel setup');
- kvmGetData('skip'); // Clear any previous data, this is a dummy read to about handling old data.
- obj.kvmTempTimer = setInterval(function () { kvmGetData(); }, 2000); // Start polling for KVM data.
- kvmSetData(JSON.stringify({ action: 'restart', ver: 1 })); // Send a restart command to advise the console if present that MicroLMS just started.
- }
- });
- }
-
- var kvmGetData = function (tag) {
- osamtstack.IPS_KVMRedirectionSettingData_DataChannelRead(obj.kvmDataGetResponse, tag);
- }
-
- var kvmDataGetResponse = function (stack, name, response, status, tag) {
- if ((tag != 'skip') && (status == 200) && (response.Body.ReturnValue == 0)) {
- var val = null;
- try { val = Buffer.from(response.Body.DataMessage, 'base64').toString(); } catch (e) { return }
- if (val != null) { obj.kvmProcessData(response.Body.RealmsBitmap, response.Body.MessageId, val); }
- }
- }
-
- var webRtcDesktop = null;
- var kvmProcessData = function (realms, messageId, val) {
- var data = null;
- try { data = JSON.parse(val) } catch (e) { }
- if ((data != null) && (data.action)) {
- if (data.action == 'present') { kvmSetData(JSON.stringify({ action: 'present', ver: 1, platform: process.platform })); }
- if (data.action == 'offer') {
- webRtcDesktop = {};
- var rtc = require('ILibWebRTC');
- webRtcDesktop.webrtc = rtc.createConnection();
- webRtcDesktop.webrtc.on('connected', function () { });
- webRtcDesktop.webrtc.on('disconnected', function () { obj.webRtcCleanUp(); });
- webRtcDesktop.webrtc.on('dataChannel', function (rtcchannel) {
- webRtcDesktop.rtcchannel = rtcchannel;
- webRtcDesktop.kvm = mesh.getRemoteDesktopStream();
- webRtcDesktop.kvm.pipe(webRtcDesktop.rtcchannel, { dataTypeSkip: 1, end: false });
- webRtcDesktop.rtcchannel.on('end', function () { obj.webRtcCleanUp(); });
- webRtcDesktop.rtcchannel.on('data', function (x) { obj.kvmCtrlData(this, x); });
- webRtcDesktop.rtcchannel.pipe(webRtcDesktop.kvm, { dataTypeSkip: 1, end: false });
- //webRtcDesktop.kvm.on('end', function () { debug('WebRTC DataChannel closed2'); obj.webRtcCleanUp(); });
- //webRtcDesktop.rtcchannel.on('data', function (data) { debug('WebRTC data: ' + data); });
- });
- kvmSetData(JSON.stringify({ action: 'answer', ver: 1, sdp: webRtcDesktop.webrtc.setOffer(data.sdp) }));
- }
- }
- }
-
- // Process KVM control channel data
- var kvmCtrlData = function (channel, cmd) {
- if (cmd.length > 0 && cmd.charCodeAt(0) != 123) {
- // This is upload data
- if (obj.fileupload != null) {
- cmd = Buffer.from(cmd, 'base64');
- var header = cmd.readUInt32BE(0);
- if ((header == 0x01000000) || (header == 0x01000001)) {
- fs.writeSync(obj.fileupload.fp, cmd.slice(4));
- channel.write({ action: 'upload', sub: 'ack', reqid: obj.fileupload.reqid });
- if (header == 0x01000001) { fs.closeSync(obj.fileupload.fp); obj.fileupload = null; } // Close the file
- }
- }
- return;
- }
- debug('KVM Ctrl Data: ' + cmd);
- //sendConsoleText('KVM Ctrl Data: ' + cmd);
-
- try { cmd = JSON.parse(cmd); } catch (ex) { debug('Invalid JSON: ' + cmd); return; }
- if ((cmd.path != null) && (process.platform != 'win32') && (cmd.path[0] != '/')) { cmd.path = '/' + cmd.path; } // Add '/' to paths on non-windows
- switch (cmd.action) {
- case 'ping': {
- // This is a keep alive
- channel.write({ action: 'pong' });
- break;
- }
- case 'lock': {
- // Lock the current user out of the desktop
- if (process.platform == 'win32') { var child = require('child_process'); child.execFile(process.env['windir'] + '\\system32\\cmd.exe', ['/c', 'RunDll32.exe user32.dll,LockWorkStation'], { type: 1 }); }
- break;
- }
- case 'ls': {
- /*
- // Close the watcher if required
- var samepath = ((obj.httprequest.watcher != undefined) && (cmd.path == obj.httprequest.watcher.path));
- if ((obj.httprequest.watcher != undefined) && (samepath == false)) {
- //console.log('Closing watcher: ' + obj.httprequest.watcher.path);
- //obj.httprequest.watcher.close(); // TODO: This line causes the agent to crash!!!!
- delete obj.httprequest.watcher;
- }
- */
-
- // Send the folder content to the browser
- var response = getDirectoryInfo(cmd.path);
- if (cmd.reqid != undefined) { response.reqid = cmd.reqid; }
- channel.write(response);
-
- /*
- // Start the directory watcher
- if ((cmd.path != '') && (samepath == false)) {
- var watcher = fs.watch(cmd.path, onFileWatcher);
- watcher.tunnel = obj.httprequest;
- watcher.path = cmd.path;
- obj.httprequest.watcher = watcher;
- //console.log('Starting watcher: ' + obj.httprequest.watcher.path);
- }
- */
- break;
- }
- case 'mkdir': {
- // Create a new empty folder
- fs.mkdirSync(cmd.path);
- break;
- }
- case 'rm': {
- // Remove many files or folders
- for (var i in cmd.delfiles) {
- var fullpath = path.join(cmd.path, cmd.delfiles[i]);
- try { fs.unlinkSync(fullpath); } catch (e) { debug(e); }
- }
- break;
- }
- case 'rename': {
- // Rename a file or folder
- try { fs.renameSync(path.join(cmd.path, cmd.oldname), path.join(cmd.path, cmd.newname)); } catch (e) { debug(e); }
- break;
- }
- case 'download': {
- // Download a file, to browser
- var sendNextBlock = 0;
- if (cmd.sub == 'start') { // Setup the download
- if (obj.filedownload != null) { channel.write({ action: 'download', sub: 'cancel', id: obj.filedownload.id }); delete obj.filedownload; }
- obj.filedownload = { id: cmd.id, path: cmd.path, ptr: 0 }
- try { obj.filedownload.f = fs.openSync(obj.filedownload.path, 'rbN'); } catch (e) { channel.write({ action: 'download', sub: 'cancel', id: obj.filedownload.id }); delete obj.filedownload; }
- if (obj.filedownload) { channel.write({ action: 'download', sub: 'start', id: cmd.id }); }
- } else if ((obj.filedownload != null) && (cmd.id == obj.filedownload.id)) { // Download commands
- if (cmd.sub == 'startack') { sendNextBlock = 8; } else if (cmd.sub == 'stop') { delete obj.filedownload; } else if (cmd.sub == 'ack') { sendNextBlock = 1; }
- }
- // Send the next download block(s)
- while (sendNextBlock > 0) {
- sendNextBlock--;
- var buf = Buffer.alloc(4096);
- var len = fs.readSync(obj.filedownload.f, buf, 4, 4092, null);
- obj.filedownload.ptr += len;
- if (len < 4092) { buf.writeInt32BE(0x01000001, 0); fs.closeSync(obj.filedownload.f); delete obj.filedownload; sendNextBlock = 0; } else { buf.writeInt32BE(0x01000000, 0); }
- channel.write(buf.slice(0, len + 4).toString('base64')); // Write as Base64
- }
- break;
- }
- case 'upload': {
- // Upload a file, from browser
- if (cmd.sub == 'start') { // Start the upload
- if (obj.fileupload != null) { fs.closeSync(obj.fileupload.fp); }
- if (!cmd.path || !cmd.name) break;
- obj.fileupload = { reqid: cmd.reqid };
- var filepath = path.join(cmd.path, cmd.name);
- try { obj.fileupload.fp = fs.openSync(filepath, 'wbN'); } catch (e) { }
- if (obj.fileupload.fp) { channel.write({ action: 'upload', sub: 'start', reqid: obj.fileupload.reqid }); } else { obj.fileupload = null; channel.write({ action: 'upload', sub: 'error', reqid: obj.fileupload.reqid }); }
- }
- else if (cmd.sub == 'cancel') { // Stop the upload
- if (obj.fileupload != null) { fs.closeSync(obj.fileupload.fp); obj.fileupload = null; }
- }
- break;
- }
- case 'copy': {
- // Copy a bunch of files from scpath to dspath
- for (var i in cmd.names) {
- var sc = path.join(cmd.scpath, cmd.names[i]), ds = path.join(cmd.dspath, cmd.names[i]);
- if (sc != ds) { try { fs.copyFileSync(sc, ds); } catch (e) { } }
- }
- break;
- }
- case 'move': {
- // Move a bunch of files from scpath to dspath
- for (var i in cmd.names) {
- var sc = path.join(cmd.scpath, cmd.names[i]), ds = path.join(cmd.dspath, cmd.names[i]);
- if (sc != ds) { try { fs.copyFileSync(sc, ds); fs.unlinkSync(sc); } catch (e) { } }
- }
- break;
- }
- default: {
- debug('Invalid KVM command: ' + cmd);
- break;
- }
- }
- }
-
- var webRtcCleanUp = function () {
- debug('webRtcCleanUp');
- if (webRtcDesktop == null) return;
- if (webRtcDesktop.rtcchannel) {
- try { webRtcDesktop.rtcchannel.close(); } catch (e) { }
- try { webRtcDesktop.rtcchannel.removeAllListeners('data'); } catch (e) { }
- try { webRtcDesktop.rtcchannel.removeAllListeners('end'); } catch (e) { }
- delete webRtcDesktop.rtcchannel;
- }
- if (webRtcDesktop.webrtc) {
- try { webRtcDesktop.webrtc.close(); } catch (e) { }
- try { webRtcDesktop.webrtc.removeAllListeners('connected'); } catch (e) { }
- try { webRtcDesktop.webrtc.removeAllListeners('disconnected'); } catch (e) { }
- try { webRtcDesktop.webrtc.removeAllListeners('dataChannel'); } catch (e) { }
- delete webRtcDesktop.webrtc;
- }
- if (webRtcDesktop.kvm) {
- try { webRtcDesktop.kvm.end(); } catch (e) { }
- delete webRtcDesktop.kvm;
- }
- webRtcDesktop = null;
- }
-
- var kvmSetData = function (x) {
- osamtstack.IPS_KVMRedirectionSettingData_DataChannelWrite(Buffer.from(x).toString('base64'), function () { });
- }
-
- // Delete a directory with a files and directories within it
- var deleteFolderRecursive = function(path, rec) {
- if (fs.existsSync(path)) {
- if (rec == true) {
- fs.readdirSync(obj.path.join(path, '*')).forEach(function (file, index) {
- var curPath = obj.path.join(path, file);
- if (fs.statSync(curPath).isDirectory()) { // recurse
- deleteFolderRecursive(curPath, true);
- } else { // delete file
- fs.unlinkSync(curPath);
- }
- });
- }
- fs.unlinkSync(path);
- }
- };
-
- // Polyfill path.join
- var path = {
- join: function () {
- var x = [];
- for (var i in arguments) {
- var w = arguments[i];
- if (w != null) {
- while (w.endsWith('/') || w.endsWith('\\')) { w = w.substring(0, w.length - 1); }
- if (i != 0) { while (w.startsWith('/') || w.startsWith('\\')) { w = w.substring(1); } }
- x.push(w);
- }
- }
- if (x.length == 0) return '/';
- return x.join('/');
- }
- };
-
- function md5hex(str) { return require('MD5Stream').create().syncHash(str).toString('hex'); }
-
- //
- // Deactivate Intel AMT CCM
- //
-
- // When called, this will use MEI to deactivate Intel AMT when it's in CCM mode. Simply calls "unprovision" on MEI and checks the return code.
- obj.deactivateCCM = function() {
- amtMei.unprovision(1, function (status) {
- if (status == 0) {
- debug('Success deactivating Intel AMT CCM.');
- agent.SendCommand({ "action": "coreinfo", "intelamt": { "state": 0, "flags": 0 } });
- applyPolicyTimer = setTimeout(obj.applyPolicy, 8000);
- } else {
- debug('Intel AMT CCM deactivation error: ' + status);
- }
- });
- }
-
- //
- // Get Intel AMT activation hashes
- //
- obj.getTrustedHashes = function (func, tag) {
- if (trustedHashes != null) { func(tag); }
- trustedHashes = [];
- amtMei.getHashHandles(function (handles) {
- var exitOnCount = handles.length;
- for (var i = 0; i < handles.length; ++i) {
- this.getCertHashEntry(handles[i], function (result) {
- if (result.isActive == 1) { trustedHashes.push(result.certificateHash.toLowerCase()); }
- if (--exitOnCount == 0) { func(tag); }
- });
- }
- });
- }
-
- //
- // Activate Intel AMT to ACM
- //
-
- obj.activeToACM = function (mestate) {
- if ((mestate.ProvisioningState != 0) || (amtpolicy == null) || (amtpolicy.match == null)) return; // Can't activate unless in "PRE" activation mode & policy is present.
- var trustedFqdn = null;
- if ((mestate.net0 == null) && (mestate.net0.enabled != 0)) return; // Can't activate unless wired interface is active
- if (mestate.DNS) { trustedFqdn = mestate.DNS; } // If Intel AMT has a trusted DNS suffix set, use that one.
- else {
- // Look for the DNS suffix for the Intel AMT Ethernet interface
- var interfaces = require('os').networkInterfaces();
- for (var i in interfaces) {
- for (var j in interfaces[i]) {
- if ((interfaces[i][j].mac == mestate.net0.mac) && (interfaces[i][j].fqdn != null) && (interfaces[i][j].fqdn != '')) { trustedFqdn = interfaces[i][j].fqdn.toLowerCase(); }
- }
- }
- }
- if (trustedFqdn == null) return; // No trusted DNS suffix.
-
- // Check if we have a ACM policy match
- var hashMatch = null;
- for (var i in amtpolicy.match) { var m = amtpolicy.match[i]; if (m.cn == trustedFqdn) { for (var j in trustedHashes) { if ((trustedHashes[j] == m.sha256) || (trustedHashes[j] == m.sha1)) { hashMatch = trustedHashes[j]; } } } }
- if (hashMatch == null) return; // No certificate / FQDN match
-
- // Fetch Intel AMT realm and activation nonce and get ready to ACM activation...
- if (osamtstack != null) {
- osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch, uuid: mestate.UUID });
- } else {
- amtMei.getLocalSystemAccount(function (x) {
- if ((x != null) && x.user && x.pass) {
- var transport = require('amt-wsman-duk');
- var wsman = require('amt-wsman');
- var amt = require('amt');
- oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false);
- osamtstack = new amt(oswsstack);
- osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch, uuid: mestate.UUID });
- }
- });
- }
- }
-
- function activeToACM2(stack, name, responses, status, tag) {
- if (status != 200) return;
- var fwNonce = responses['IPS_HostBasedSetupService'].response['ConfigurationNonce'];
- var digestRealm = responses['AMT_GeneralSettings'].response['DigestRealm'];
- agent.SendCommand({ "action": "acmactivate", "nonce": fwNonce, "realm": digestRealm, "fqdn": tag.fqdn, "hash": tag.hash, "uuid": tag.uuid });
- }
-
- // Called when the server responds with a ACM activation signature.
- obj.setAcmResponse = function (acmdata) { acmdata.index = 0; performAcmActivation(acmdata); }
-
- // Recursive function to inject the provisioning certificates into AMT in the proper order and completes ACM activation
- function performAcmActivation(acmdata) {
- var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certs.length - 1));
- if ((acmdata.index < acmdata.certs.length) && (acmdata.certs[acmdata.index] != null)) {
- osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certs[acmdata.index], leaf, root, function (stack, name, responses, status) {
- if (status !== 200) { debug('AddNextCertInChain status=' + status); return; }
- else if (responses['Body']['ReturnValue'] !== 0) { debug('AddNextCertInChain error=' + responses['Body']['ReturnValue']); return; }
- else { acmdata.index++; performAcmActivation(acmdata); }
- });
- } else {
- osamtstack.IPS_HostBasedSetupService_AdminSetup(2, acmdata.password, acmdata.nonce, 2, acmdata.signature,
- function (stack, name, responses, status) {
- if ((status == 200) && (responses['Body']['ReturnValue'] == 0)) {
- // ACM activation success, force an update to the server so it can get our new state.
- if (obj.onStateChange != null) { obj.onStateChange(2); }
- }
- }
- );
- }
- }
-
- //
- // Activate Intel AMT to CCM
- //
-
- obj.makePass = function(length) {
- var buf = Buffer.alloc(length), text = "", possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
- buf.randomFill(); // Fills buffer with secure random from OpenSSL.
- for (var i = 0; i < length; i++) { text += possible.charAt(buf[i] % possible.length); }
- return text;
- }
-
- obj.activeToCCM = function (adminpass) {
- if ((adminpass == null) || (adminpass == '')) { adminpass = 'P@0s' + obj.makePass(23); }
- intelAmtAdminPass = adminpass;
- if (osamtstack != null) {
- osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToCCMEx2, adminpass);
- } else {
- //debug('Trying to get local account info...');
- amtMei.getLocalSystemAccount(function (x) {
- if ((x != null) && x.user && x.pass) {
- //debug('Intel AMT local account info: User=' + x.user + ', Pass=' + x.pass + '.');
- var transport = require('amt-wsman-duk');
- var wsman = require('amt-wsman');
- var amt = require('amt');
- oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false);
- osamtstack = new amt(oswsstack);
- //debug('Trying to get Intel AMT activation information...');
- osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToCCMEx2, adminpass);
- } else {
- //debug('Unable to get $$OsAdmin password.');
- }
- });
- }
- }
-
- var activeToCCMEx2 = function(stack, name, responses, status, adminpass) {
- if (status != 200) { debug('Failed to fetch activation information, status ' + status); }
- else if (responses['IPS_HostBasedSetupService'].response['AllowedControlModes'].length != 2) { debug('Client control mode activation not allowed'); }
- else { stack.IPS_HostBasedSetupService_Setup(2, md5hex('admin:' + responses['AMT_GeneralSettings'].response['DigestRealm'] + ':' + adminpass).substring(0, 32), null, null, null, null, activeToCCMEx3); }
- }
-
- var activeToCCMEx3 = function(stack, name, responses, status) {
- if (status != 200) { debug('Failed to activate, status ' + status); }
- else if (responses.Body.ReturnValue != 0) { debug('Client control mode activation failed: ' + responses.Body.ReturnValueStr); }
- else {
- debug('Intel AMT CCM activation success.');
- db.Put('amtCCMPass', intelAmtAdminPass);
- agent.SendCommand({ "action": "coreinfo", "intelamt": { "state": 2, "flags": 2, "user": "admin", "pass": intelAmtAdminPass } });
- }
- applyPolicyTimer = setTimeout(obj.applyPolicy, 8000);
- }
-
- obj.start = function () {
- // Try to load Intel AMT policy
- var amtPolicy = null;
- try { amtPolicy = JSON.parse(db.Get('amtPolicy')); } catch (ex) { debug('Exception loading amtPolicy'); }
- //if (amtPolicy == null) { debug('no amtPolicy'); } else { debug('Loaded amtPolicy: ' + JSON.stringify(amtPolicy)); }
- try { intelAmtAdminPass = db.Get('amtCCMPass'); } catch (ex) { }
- if (typeof intelAmtAdminPass != 'string') { intelAmtAdminPass = null; }
- obj.reset();
- }
-
- // Apply Intel AMT policy
- var intelAmtAdminPass, wsstack, amtstack, applyPolicyTimer, policyWsmanRetry = 0;
- obj.applyPolicy = function () {
- applyPolicyTimer = null;
- if ((amtMeiState != 3) || (amtpolicy == null) || (typeof amtpolicy != 'object') || (typeof amtpolicy.type != 'number') || (amtpolicy.type == 0)) return;
- if ((amtpolicy.password != null) && (amtpolicy.password != '')) { intelAmtAdminPass = amtpolicy.password; }
- obj.getAmtInfo(function (meinfo) {
- if ((amtpolicy.type == 1) && (meinfo.ProvisioningState == 2) && ((meinfo.Flags & 2) != 0)) {
- // CCM Deactivation Policy.
- wsstack = amtstack = null;
- obj.deactivateCCM();
- } else if ((amtpolicy.type == 2) && (meinfo.ProvisioningState == 0)) {
- // CCM Activation Policy
- wsstack = amtstack = null;
- if ((amtpolicy.password == null) || (amtpolicy.password == '')) { intelAmtAdminPass = null; }
- obj.activeToCCM(intelAmtAdminPass);
- } else if ((amtpolicy.type == 2) && (meinfo.ProvisioningState == 2) && (intelAmtAdminPass != null) && ((meinfo.Flags & 2) != 0)) {
- // Perform password test
- var transport = require('amt-wsman-duk');
- var wsman = require('amt-wsman');
- var amt = require('amt');
- wsstack = new wsman(transport, '127.0.0.1', 16992, 'admin', intelAmtAdminPass, false);
- amtstack = new amt(wsstack);
- var wsmanQuery = ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP', 'AMT_PublicKeyCertificate', '*AMT_EnvironmentDetectionSettingData'];
- if (amtpolicy.cirasetup == 2) { wsmanQuery.push("AMT_ManagementPresenceRemoteSAP", "AMT_RemoteAccessCredentialContext", "AMT_RemoteAccessPolicyAppliesToMPS", "AMT_RemoteAccessPolicyRule", "*AMT_UserInitiatedConnectionService", "AMT_MPSUsernamePassword"); }
- try { amtstack.BatchEnum(null, wsmanQuery, wsmanPassTestResponse); } catch (ex) { debug(ex); }
- } else if ((amtpolicy.type == 3) && (meinfo.ProvisioningState == 0) && (agent.isControlChannelConnected)) {
- // ACM Activation Policy
- obj.getTrustedHashes(obj.activeToACM, meinfo);
- } else {
- // Other possible cases...
- }
- });
- }
-
- function wsmanPassTestResponse(stack, name, responses, status) {
- if (status != 200) {
- if (status == 401) {
- if (amtpolicy.badpass == 1) { obj.deactivateCCM(); } // Incorrect password, reactivate
- } else {
- if (++policyWsmanRetry < 20) {
- if (policyWsmanRetry == 10) { debug('WSMAN fault, MEI Reset'); obj.reset(); }
- var wsmanQuery = ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP', 'AMT_PublicKeyCertificate', '*AMT_EnvironmentDetectionSettingData'];
- if (amtpolicy.cirasetup == 2) { wsmanQuery.push("AMT_ManagementPresenceRemoteSAP", "AMT_RemoteAccessCredentialContext", "AMT_RemoteAccessPolicyAppliesToMPS", "AMT_RemoteAccessPolicyRule", "*AMT_UserInitiatedConnectionService", "AMT_MPSUsernamePassword"); }
- try { amtstack.BatchEnum(null, wsmanQuery, wsmanPassTestResponse); } catch (ex) { debug(ex); }
- } else {
- debug('WSMAN fault, status=' + status);
- policyWsmanRetry = 0;
- }
- }
- } else {
- policyWsmanRetry = 0;
- var s = {};
- s.redir = (responses['AMT_RedirectionService'].response["ListenerEnabled"] == true);
- s.sol = ((responses['AMT_RedirectionService'].response["EnabledState"] & 2) != 0);
- s.ider = ((responses['AMT_RedirectionService'].response["EnabledState"] & 1) != 0);
- s.kvm = (responses['CIM_KVMRedirectionSAP'] != null) && ((responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6 && responses['CIM_KVMRedirectionSAP'].response["RequestedState"] == 2) || responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 2 || responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6);
-
- // Enable Ping and RMCP if disabled
- if ((responses['AMT_GeneralSettings'].response['PingResponseEnabled'] != true) || (responses['AMT_GeneralSettings'].response['RmcpPingResponseEnabled'] != true)) {
- responses['AMT_GeneralSettings'].response['PingResponseEnabled'] = true;
- responses['AMT_GeneralSettings'].response['RmcpPingResponseEnabled'] = true;
- amtstack.Put('AMT_GeneralSettings', responses['AMT_GeneralSettings'].response, function (stack, name, response, status) { if (status != 200) { debug("Enable PING PUT Error " + status); } }, 0, 1)
- }
-
- // Enable redirection port, SOL and IDER if needed
- if ((s.redir == false) || (s.sol == false) || (s.ider == false)) {
- var r = responses['AMT_RedirectionService'].response;
- r["ListenerEnabled"] = true; // Turn on the redirection port
- r["EnabledState"] = 32768 + 1 + 2; // Turn on IDER (1) and SOL (2)
- amtstack.AMT_RedirectionService_RequestStateChange(r["EnabledState"], function (stack, name, response, status) { if (status != 200) { debug("Enable Redirection EXEC Error " + status); } });
- }
-
- // Enable KVM if needed
- if ((responses['CIM_KVMRedirectionSAP'] != null) && (s.kvm == false)) {
- amtstack.CIM_KVMRedirectionSAP_RequestStateChange(2, 0,
- function (stack, name, response, status) {
- if (status != 200) { messagebox("Error", "KVMRedirectionSAP, RequestStateChange Error " + status); return; }
- amtstack.Put("AMT_RedirectionService", r, function (stack, name, response, status) { if (status != 200) { debug("Enable KVM PUT Error " + status); } }, 0, 1)
- }
- );
- }
-
- // Check if the MeshCentral root certificate is present
- if (typeof amtpolicy.rootcert == 'string') {
- var rootFound = false, xxCertificates = responses["AMT_PublicKeyCertificate"].responses;
- for (var i in xxCertificates) { if ((xxCertificates[i]["X509Certificate"] == amtpolicy.rootcert) && (xxCertificates[i]["TrustedRootCertficate"] == true)) { rootFound = true; } }
- if (rootFound == false) { amtstack.AMT_PublicKeyManagementService_AddTrustedRootCertificate(amtpolicy.rootcert, function (stack, name, response, status) { if (status != 200) { debug("Add root cert EXEC Error " + status); } }); }
- }
-
- // If CIRA needs to be setup
- if ((amtpolicy.cirasetup == 2) && (amtpolicy.ciraserver != null)) {
- var serverFound = false, xxCiraServers = responses["AMT_ManagementPresenceRemoteSAP"].responses;
- for (var i in xxCiraServers) { if ((xxCiraServers[i].AccessInfo == amtpolicy.ciraserver.name) && (xxCiraServers[i].Port == amtpolicy.ciraserver.port)) { serverFound = xxCiraServers[i].Name; } }
- if (serverFound == false) {
- // TODO: Remove all CIRA activation policies.
- // amtstack.Delete('AMT_RemoteAccessPolicyRule', { 'PolicyRuleName': name }, editMpsPolicyOk2);
- // TODO: Remove all other MPS servers.
-
- // Add our MPS server
- amtstack.AMT_RemoteAccessService_AddMpServer(amtpolicy.ciraserver.name, 201, amtpolicy.ciraserver.port, 2, null, amtpolicy.ciraserver.user, amtpolicy.ciraserver.pass, null, function (stack, name, response, status) {
- if (status != 200) {
- debug("Add MPS server EXEC Error " + status);
- } else {
- serverFound = false;
- var x = response.Body.MpServer.ReferenceParameters.SelectorSet.Selector;
- for (var i in x) { if (x[i]['@Name'] == 'Name') { serverFound = x[i]['Value']; } }
- if (serverFound != false) { checkCiraTriggerPolicy(responses, serverFound); }
- }
- });
- } else {
- checkCiraTriggerPolicy(responses, serverFound);
- }
- } else if (amtpolicy.cirasetup == 1) {
- // This call will clear environement detection if needed.
- checkEnvironmentDetection(responses);
- }
- }
- }
-
- function checkCiraTriggerPolicy(responses, serverInstanceName) {
- // Check CIRA activation policy
- var server1 = 'http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymoushttp://intel.com/wbem/wscim/1/amt-schema/1/AMT_ManagementPresenceRemoteSAP' + serverInstanceName + '';
- amtstack.AMT_RemoteAccessService_AddRemoteAccessPolicyRule(2, 0, 'AAAAAAAAAAo=', [server1], null, function (stack, name, response, status) {
- if (status != 200) {
- debug("Add AddRemoteAccessPolicyRule Error " + status);
- } else {
- //debug('AMT_RemoteAccessService_AddRemoteAccessPolicyRule Response:' + JSON.stringify(response));
- checkEnvironmentDetection(responses);
- }
- });
- }
-
- // Check environement detection. This will set or clear the environement detection strings as needed.
- function checkEnvironmentDetection(responses) {
- var t2 = [];
- if ((amtpolicy.ciraserver != null) && (amtpolicy.ciraserver.home != null)) { t2 = amtpolicy.ciraserver.home; }
- var t = responses["AMT_EnvironmentDetectionSettingData"].response;
- t['DetectionStrings'] = MakeToArray(t['DetectionStrings']);
- if (CompareStrArrays(t['DetectionStrings'], t2) == false) {
- t['DetectionStrings'] = t2;
- amtstack.Put('AMT_EnvironmentDetectionSettingData', t, function (stack, name, response, status) { if (status != 200) { debug("Put AMT_EnvironmentDetectionSettingData Error " + status); } }, 0, 1);
- }
- }
-
- // Imperfect compare of two string arrays.
- function CompareStrArrays(arr1, arr2) {
- if (arr1 == arr2) return true;
- if (arr1 == null) { arr1 = []; }
- if (arr2 == null) { arr2 = []; }
- if (arr1.length != arr2.length) return false;
- for (var i in arr1) { if (arr2.indexOf(arr1[i]) == -1) return false; }
- return true;
- }
-
- function MakeToArray(v) { if (!v || v == null || typeof v == "object") return v; return [v]; };
-
}
module.exports = AmtManager;
diff --git a/agents/modules_meshcore/amt-scanner.js b/agents/modules_meshcore/amt-scanner.js
deleted file mode 100644
index 0eb762d3..00000000
--- a/agents/modules_meshcore/amt-scanner.js
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
-Copyright 2018-2020 Intel Corporation
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/**
-* @description Meshcentral Intel AMT Local Scanner
-* @author Ylian Saint-Hilaire & Joko Sastriawan
-* @version v0.0.1
-*/
-
-// Construct a Intel AMT Scanner object
-
-function AMTScanner() {
- var emitterUtils = require('events').inherits(this);
- emitterUtils.createEvent('found');
-
- this.dgram = require('dgram');
-
- this.buildRmcpPing = function (tag) {
- var packet = Buffer.from('06000006000011BE80000000', 'hex');
- packet[9] = tag;
- return packet;
- };
-
- this.parseRmcpPacket = function (server, data, rinfo, func) {
- if (data == null || data.length < 20) return;
- var res = {};
- if (((data[12] == 0) || (data[13] != 0) || (data[14] != 1) || (data[15] != 0x57)) && (data[21] & 32)) {
- res.servertag = data[9];
- res.minorVersion = data[18] & 0x0F;
- res.majorVersion = (data[18] >> 4) & 0x0F;
- res.provisioningState = data[19] & 0x03; // Pre = 0, In = 1, Post = 2
-
- var openPort = (data[16] * 256) + data[17];
- var dualPorts = ((data[19] & 0x04) != 0) ? true : false;
- res.openPorts = [openPort];
- res.address = rinfo.address;
- if (dualPorts == true) { res.openPorts = [16992, 16993]; }
- if (func !== undefined) {
- func(server, res);
- }
- }
- }
-
- this.parseIPv4Range = function (range) {
- if (range == undefined || range == null) return null;
- var x = range.split('-');
- if (x.length == 2) { return { min: this.parseIpv4Addr(x[0]), max: this.parseIpv4Addr(x[1]) }; }
- x = range.split('/');
- if (x.length == 2) {
- var ip = this.parseIpv4Addr(x[0]), masknum = parseInt(x[1]), mask = 0;
- if (masknum <= 16 || masknum > 32) return null;
- masknum = 32 - masknum;
- for (var i = 0; i < masknum; i++) { mask = (mask << 1); mask++; }
- return { min: (ip & (0xFFFFFFFF - mask))+1, max: (ip & (0xFFFFFFFF - mask)) + mask -1 };//remove network and broadcast address to avoid irrecoverable socket error
- }
- x = this.parseIpv4Addr(range);
- if (x == null) return null;
- return { min: x, max: x };
- };
-
- // Parse IP address. Takes a
- this.parseIpv4Addr = function (addr) {
- var x = addr.split('.');
- if (x.length == 4) { return (parseInt(x[0]) << 24) + (parseInt(x[1]) << 16) + (parseInt(x[2]) << 8) + (parseInt(x[3]) << 0); }
- return null;
- }
-
- // IP address number to string
- this.IPv4NumToStr = function (num) {
- return ((num >> 24) & 0xFF) + '.' + ((num >> 16) & 0xFF) + '.' + ((num >> 8) & 0xFF) + '.' + (num & 0xFF);
- }
-
- this.scan = function (rangestr, timeout, callback) {
- var iprange = this.parseIPv4Range(rangestr);
- var rmcp = this.buildRmcpPing(0);
- var server = this.dgram.createSocket({ type: 'udp4' });
- server.parent = this;
- server.scanResults = [];
- server.on('error', function (err) { console.log('Error:' + err); });
- server.on('message', function (msg, rinfo) { if (rinfo.size > 4) { this.parent.parseRmcpPacket(this, msg, rinfo, function (s, res) { s.scanResults.push(res); }) }; });
- server.on('listening', function () { for (var i = iprange.min; i <= iprange.max; i++) {
- server.send(rmcp, 623, server.parent.IPv4NumToStr(i)); } });
- server.bind({ address: '0.0.0.0', port: 0, exclusive: true });
- var tmout = setTimeout(function cb() {
- //console.log("Server closed");
- server.close();
- if (callback) {
- callback(server.scanResults);
- }
- server.parent.emit('found', server.scanResults);
- delete server;
- }, timeout);
- };
-}
-
-module.exports = AMTScanner;
diff --git a/agents/modules_meshcore/amt-wsman-duk.js b/agents/modules_meshcore/amt-wsman-duk.js
deleted file mode 100644
index fcf94d81..00000000
--- a/agents/modules_meshcore/amt-wsman-duk.js
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
-Copyright 2018-2020 Intel Corporation
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/**
-* @description WSMAN communication using duktape http
-* @author Ylian Saint-Hilaire
-* @version v0.2.0c
-*/
-
-// Construct a WSMAN communication object
-function CreateWsmanComm(/*host, port, user, pass, tls, extra*/)
-{
- var obj = {};
- obj.PendingAjax = []; // List of pending AJAX calls. When one frees up, another will start.
- obj.ActiveAjaxCount = 0; // Number of currently active AJAX calls
- obj.MaxActiveAjaxCount = 1; // Maximum number of activate AJAX calls at the same time.
- obj.FailAllError = 0; // Set this to non-zero to fail all AJAX calls with that error status, 999 causes responses to be silent.
- obj.digest = null;
- obj.RequestCount = 0;
-
- if (arguments.length == 1 && typeof(arguments[0] == 'object'))
- {
- obj.host = arguments[0].host;
- obj.port = arguments[0].port;
- obj.authToken = arguments[0].authToken;
- obj.tls = arguments[0].tls;
- }
- else
- {
- obj.host = arguments[0];
- obj.port = arguments[1];
- obj.user = arguments[2];
- obj.pass = arguments[3];
- obj.tls = arguments[4];
- }
-
-
- // Private method
- // pri = priority, if set to 1, the call is high priority and put on top of the stack.
- obj.PerformAjax = function (postdata, callback, tag, pri, url, action) {
- if ((obj.ActiveAjaxCount == 0 || ((obj.ActiveAjaxCount < obj.MaxActiveAjaxCount) && (obj.challengeParams != null))) && obj.PendingAjax.length == 0) {
- // There are no pending AJAX calls, perform the call now.
- obj.PerformAjaxEx(postdata, callback, tag, url, action);
- } else {
- // If this is a high priority call, put this call in front of the array, otherwise put it in the back.
- if (pri == 1) { obj.PendingAjax.unshift([postdata, callback, tag, url, action]); } else { obj.PendingAjax.push([postdata, callback, tag, url, action]); }
- }
- }
-
- // Private method
- obj.PerformNextAjax = function () {
- if (obj.ActiveAjaxCount >= obj.MaxActiveAjaxCount || obj.PendingAjax.length == 0) return;
- var x = obj.PendingAjax.shift();
- obj.PerformAjaxEx(x[0], x[1], x[2], x[3], x[4]);
- obj.PerformNextAjax();
- }
-
- // Private method
- obj.PerformAjaxEx = function (postdata, callback, tag, url, action) {
- if (obj.FailAllError != 0) { if (obj.FailAllError != 999) { obj.gotNextMessagesError({ status: obj.FailAllError }, 'error', null, [postdata, callback, tag]); } return; }
- if (!postdata) postdata = "";
- //console.log("SEND: " + postdata); // DEBUG
-
- // We are in a DukTape environement
- if (obj.digest == null)
- {
- if (obj.authToken)
- {
- obj.digest = require('http-digest').create({ authToken: obj.authToken });
- }
- else
- {
- obj.digest = require('http-digest').create(obj.user, obj.pass);
- }
- obj.digest.http = require('http');
- }
- var request = { protocol: (obj.tls == 1 ? 'https:' : 'http:'), method: 'POST', host: obj.host, path: '/wsman', port: obj.port, rejectUnauthorized: false, checkServerIdentity: function (cert) { console.log('checkServerIdentity', JSON.stringify(cert)); } };
-
- var req = obj.digest.request(request);
- //console.log('Request ' + (obj.RequestCount++));
-
- req.on('error', function (e) { obj.gotNextMessagesError({ status: 600 }, 'error', null, [postdata, callback, tag]); });
- req.on('response', function (response) {
- //console.log('Response: ' + response.statusCode);
- if (response.statusCode != 200) {
- //console.log('ERR:' + JSON.stringify(response));
- obj.gotNextMessagesError({ status: response.statusCode }, 'error', null, [postdata, callback, tag]);
- } else {
- response.acc = '';
- response.on('data', function (data2) { this.acc += data2; });
- response.on('end', function () { obj.gotNextMessages(response.acc, 'success', { status: response.statusCode }, [postdata, callback, tag]); });
- }
- });
-
- // Send POST body, this work with binary.
- req.end(postdata);
-
- obj.ActiveAjaxCount++;
- return req;
- }
-
- // AJAX specific private method
- obj.pendingAjaxCall = [];
-
- // Private method
- obj.gotNextMessages = function (data, status, request, callArgs) {
- obj.ActiveAjaxCount--;
- if (obj.FailAllError == 999) return;
- //console.log("RECV: " + data); // DEBUG
- if (obj.FailAllError != 0) { callArgs[1](null, obj.FailAllError, callArgs[2]); return; }
- if (request.status != 200) { callArgs[1](null, request.status, callArgs[2]); return; }
- callArgs[1](data, 200, callArgs[2]);
- obj.PerformNextAjax();
- }
-
- // Private method
- obj.gotNextMessagesError = function (request, status, errorThrown, callArgs) {
- obj.ActiveAjaxCount--;
- if (obj.FailAllError == 999) return;
- if (obj.FailAllError != 0) { callArgs[1](null, obj.FailAllError, callArgs[2]); return; }
- //if (status != 200) { console.log("ERROR, status=" + status + "\r\n\r\nreq=" + callArgs[0]); } // Debug: Display the request & response if something did not work.
- if (obj.FailAllError != 999) { callArgs[1]({ Header: { HttpError: request.status } }, request.status, callArgs[2]); }
- obj.PerformNextAjax();
- }
-
- // Cancel all pending queries with given status
- obj.CancelAllQueries = function (s) {
- while (obj.PendingAjax.length > 0) { var x = obj.PendingAjax.shift(); x[1](null, s, x[2]); }
- }
-
- return obj;
-}
-
-module.exports = CreateWsmanComm;
diff --git a/agents/modules_meshcore/amt-wsman.js b/agents/modules_meshcore/amt-wsman.js
deleted file mode 100644
index f9445ea4..00000000
--- a/agents/modules_meshcore/amt-wsman.js
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
-Copyright 2018-2020 Intel Corporation
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/**
-* @description Intel(r) AMT WSMAN Stack
-* @author Ylian Saint-Hilaire
-* @version v0.2.0
-*/
-
-// Construct a MeshServer object
-function WsmanStackCreateService(/*CreateWsmanComm, host, port, user, pass, tls, extra*/)
-{
- var obj = {_ObjectID: 'WSMAN'};
- //obj.onDebugMessage = null; // Set to a function if you want to get debug messages.
- obj.NextMessageId = 1; // Next message number, used to label WSMAN calls.
- obj.Address = '/wsman';
- obj.xmlParser = require('amt-xml');
-
- if (arguments.length == 1 && typeof (arguments[0] == 'object'))
- {
- var CreateWsmanComm = arguments[0].transport;
- if (CreateWsmanComm) { obj.comm = new CreateWsmanComm(arguments[0]); }
- }
- else
- {
- var CreateWsmanComm = arguments[0];
- if (CreateWsmanComm) { obj.comm = new CreateWsmanComm(arguments[1], arguments[2], arguments[3], arguments[4], arguments[5], arguments[6]); }
- }
-
- obj.PerformAjax = function PerformAjax(postdata, callback, tag, pri, namespaces) {
- if (namespaces == null) namespaces = '';
- obj.comm.PerformAjax('' + postdata, function (data, status, tag) {
- if (status != 200) { callback(obj, null, { Header: { HttpError: status } }, status, tag); return; }
- var wsresponse = obj.xmlParser.ParseWsman(data);
- if (!wsresponse || wsresponse == null) { callback(obj, null, { Header: { HttpError: status } }, 601, tag); } else { callback(obj, wsresponse.Header["ResourceURI"], wsresponse, 200, tag); }
- }, tag, pri);
- }
-
- // Private method
- //obj.Debug = function (msg) { /*console.log(msg);*/ }
-
- // Cancel all pending queries with given status
- obj.CancelAllQueries = function CancelAllQueries(s) { obj.comm.CancelAllQueries(s); }
-
- // Get the last element of a URI string
- obj.GetNameFromUrl = function (resuri) {
- var x = resuri.lastIndexOf("/");
- return (x == -1)?resuri:resuri.substring(x + 1);
- }
-
- // Perform a WSMAN Subscribe operation
- obj.ExecSubscribe = function ExecSubscribe(resuri, delivery, url, callback, tag, pri, selectors, opaque, user, pass) {
- var digest = "", digest2 = "", opaque = "";
- if (user != null && pass != null) { digest = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken' + user + '' + pass + ''; digest2 = ''; }
- if (opaque != null) { opaque = '' + opaque + ''; }
- if (delivery == 'PushWithAck') { delivery = 'dmtf.org/wbem/wsman/1/wsman/PushWithAck'; } else if (delivery == 'Push') { delivery = 'xmlsoap.org/ws/2004/08/eventing/DeliveryModes/Push'; }
- var data = "http://schemas.xmlsoap.org/ws/2004/08/eventing/Subscribe" + obj.Address + "" + resuri + "" + (obj.NextMessageId++) + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous" + _PutObjToSelectorsXml(selectors) + digest + '' + url + '' + opaque + '' + digest2 + '';
- obj.PerformAjax(data + "", callback, tag, pri, 'xmlns:e="http://schemas.xmlsoap.org/ws/2004/08/eventing" xmlns:m="http://x.com"');
- }
-
- // Perform a WSMAN UnSubscribe operation
- obj.ExecUnSubscribe = function ExecUnSubscribe(resuri, callback, tag, pri, selectors) {
- var data = "http://schemas.xmlsoap.org/ws/2004/08/eventing/Unsubscribe" + obj.Address + "" + resuri + "" + (obj.NextMessageId++) + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous" + _PutObjToSelectorsXml(selectors) + '';
- obj.PerformAjax(data + "", callback, tag, pri, 'xmlns:e="http://schemas.xmlsoap.org/ws/2004/08/eventing"');
- }
-
- // Perform a WSMAN PUT operation
- obj.ExecPut = function ExecPut(resuri, putobj, callback, tag, pri, selectors) {
- var data = "http://schemas.xmlsoap.org/ws/2004/09/transfer/Put" + obj.Address + "" + resuri + "" + (obj.NextMessageId++) + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymousPT60.000S" + _PutObjToSelectorsXml(selectors) + '' + _PutObjToBodyXml(resuri, putobj);
- obj.PerformAjax(data + "", callback, tag, pri);
- }
-
- // Perform a WSMAN CREATE operation
- obj.ExecCreate = function ExecCreate(resuri, putobj, callback, tag, pri, selectors) {
- var objname = obj.GetNameFromUrl(resuri);
- var data = "http://schemas.xmlsoap.org/ws/2004/09/transfer/Create" + obj.Address + "" + resuri + "" + (obj.NextMessageId++) + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymousPT60S" + _PutObjToSelectorsXml(selectors) + "";
- for (var n in putobj) { data += "" + putobj[n] + "" }
- obj.PerformAjax(data + "", callback, tag, pri);
- }
-
- // Perform a WSMAN DELETE operation
- obj.ExecDelete = function ExecDelete(resuri, putobj, callback, tag, pri) {
- var data = "http://schemas.xmlsoap.org/ws/2004/09/transfer/Delete" + obj.Address + "" + resuri + "" + (obj.NextMessageId++) + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymousPT60S" + _PutObjToSelectorsXml(putobj) + " ";
- obj.PerformAjax(data, callback, tag, pri);
- }
-
- // Perform a WSMAN GET operation
- obj.ExecGet = function ExecGet(resuri, callback, tag, pri) {
- obj.PerformAjax("http://schemas.xmlsoap.org/ws/2004/09/transfer/Get