Added Intel AMT CCM activation support.

This commit is contained in:
Ylian Saint-Hilaire 2019-03-10 21:40:25 -07:00
parent 689c448e80
commit 3f92a5b8b5
13 changed files with 190 additions and 54 deletions

View File

@ -51,12 +51,14 @@
<Compile Include="agents\modules_meshcmd_min\smbios.min.js" />
<Compile Include="agents\modules_meshcmd_min\user-sessions.min.js" />
<Compile Include="agents\modules_meshcore\amt-lme.js" />
<Compile Include="agents\modules_meshcore\amt-manage.js" />
<Compile Include="agents\modules_meshcore\amt-mei.js" />
<Compile Include="agents\modules_meshcore\amt-scanner.js" />
<Compile Include="agents\modules_meshcore\amt-wsman-duk.js" />
<Compile Include="agents\modules_meshcore\amt-wsman.js" />
<Compile Include="agents\modules_meshcore\amt-xml.js" />
<Compile Include="agents\modules_meshcore\amt.js" />
<Compile Include="agents\modules_meshcore\clipboard.js" />
<Compile Include="agents\modules_meshcore\linux-dbus.js" />
<Compile Include="agents\modules_meshcore\monitor-border.js" />
<Compile Include="agents\modules_meshcore\monitor-info.js" />

View File

@ -26,7 +26,7 @@ limitations under the License.
*/
function AmtManager(agent, db, isdebug) {
var sendConsole = function (msg) { agent.SendCommand({ "action": "msg", "type": "console", "value": msg }); }
var debug = function (msg) { if (isdebug) { sendConsole('amt-manager: ' + msg); } }
var debug = function (msg) { if (isdebug) { sendConsole('amt-manager: ' + msg + '<br />'); } }
var amtMei = null, amtMeiState = 0;
var amtLms = null, amtLmsState = 0;
var amtGetVersionResult = null;
@ -38,13 +38,12 @@ function AmtManager(agent, db, isdebug) {
obj.lmsstate = 0;
obj.onStateChange = null;
obj.setDebug = function (x) { isdebug = x; }
// Set current Intel AMT activation policy
obj.setPolicy = function (policy) {
if (JSON.stringify(amtpolicy) != JSON.stringify(policy)) {
amtpolicy = policy;
//debug('AMT policy set: ' + JSON.stringify(policy));
obj.applyPolicy();
if (applyPolicyTimer == null) { obj.applyPolicy(); }
}
}
@ -159,7 +158,7 @@ function AmtManager(agent, db, isdebug) {
amtMeiState = 3;
obj.state = 3;
if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); }
obj.applyPolicy();
if (applyPolicyTimer == null) { obj.applyPolicy(); }
//var AllWsman = "CIM_SoftwareIdentity,IPS_SecIOService,IPS_ScreenSettingData,IPS_ProvisioningRecordLog,IPS_HostBasedSetupService,IPS_HostIPSettings,IPS_IPv6PortSettings".split(',');
//osamtstack.BatchEnum(null, AllWsman, startLmsWsmanResponse, null, true);
@ -490,7 +489,7 @@ function AmtManager(agent, db, isdebug) {
}
// Apply Intel AMT policy
var intelAmtAdminPass, wsstack, amtstack, applyPolicyTimer;
var intelAmtAdminPass, wsstack, amtstack, applyPolicyTimer, policyWsmanRetry = 0;
obj.applyPolicy = function () {
applyPolicyTimer = null;
if ((amtMeiState != 3) || (typeof amtpolicy != 'object') || (typeof amtpolicy.type != 'number') || (amtpolicy.type == 0)) return;
@ -514,33 +513,137 @@ function AmtManager(agent, db, isdebug) {
var amt = require('amt');
wsstack = new wsman(transport, '127.0.0.1', 16992, 'admin', intelAmtAdminPass, false);
amtstack = new amt(wsstack);
try { amtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP'], wsmanPassTestResponse); } catch (ex) { debug(ex); }
var wsmanQuery = ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP', 'AMT_PublicKeyCertificate', '*AMT_EnvironmentDetectionSettingData'];
if (amtpolicy.cirasetup == 2) { wsmanQuery.push("AMT_ManagementPresenceRemoteSAP", "AMT_RemoteAccessCredentialContext", "AMT_RemoteAccessPolicyAppliesToMPS", "AMT_RemoteAccessPolicyRule", "*AMT_UserInitiatedConnectionService", "AMT_MPSUsernamePassword"); }
try { amtstack.BatchEnum(null, wsmanQuery, wsmanPassTestResponse); } catch (ex) { debug(ex); }
} else {
// Other possible cases...
}
});
}
var wsmanPassTestResponse = function (stack, name, responses, status) {
function wsmanPassTestResponse(stack, name, responses, status) {
if (status != 200) {
if (amtpolicy.badpass == 1) { obj.deactivateCCM(); } // Something went wrong, reactivate.
} else {
/*
var redir = (amtsysstate['AMT_RedirectionService'].response["ListenerEnabled"] == true);
var sol = ((amtsysstate['AMT_RedirectionService'].response["EnabledState"] & 2) != 0);
var ider = ((amtsysstate['AMT_RedirectionService'].response["EnabledState"] & 1) != 0);
var kvm = false;
if (amtsysstate['CIM_KVMRedirectionSAP'] != null) {
kvm = ((amtsysstate['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6 && amtsysstate['CIM_KVMRedirectionSAP'].response["RequestedState"] == 2) || amtsysstate['CIM_KVMRedirectionSAP'].response["EnabledState"] == 2 || amtsysstate['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6);
if (status == 401) {
if (amtpolicy.badpass == 1) { obj.deactivateCCM(); } // Incorrect password, reactivate
} else {
if (++policyWsmanRetry < 20) {
if (policyWsmanRetry == 10) { debug('WSMAN fault, MEI Reset'); obj.reset(); }
var wsmanQuery = ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP', 'AMT_PublicKeyCertificate', '*AMT_EnvironmentDetectionSettingData'];
if (amtpolicy.cirasetup == 2) { wsmanQuery.push("AMT_ManagementPresenceRemoteSAP", "AMT_RemoteAccessCredentialContext", "AMT_RemoteAccessPolicyAppliesToMPS", "AMT_RemoteAccessPolicyRule", "*AMT_UserInitiatedConnectionService", "AMT_MPSUsernamePassword"); }
try { amtstack.BatchEnum(null, wsmanQuery, wsmanPassTestResponse); } catch (ex) { debug(ex); }
} else {
debug('WSMAN fault, status=' + status);
policyWsmanRetry = 0;
}
}
} else {
policyWsmanRetry = 0;
var s = {};
s.redir = (responses['AMT_RedirectionService'].response["ListenerEnabled"] == true);
s.sol = ((responses['AMT_RedirectionService'].response["EnabledState"] & 2) != 0);
s.ider = ((responses['AMT_RedirectionService'].response["EnabledState"] & 1) != 0);
s.kvm = (responses['CIM_KVMRedirectionSAP'] != null) && ((responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6 && responses['CIM_KVMRedirectionSAP'].response["RequestedState"] == 2) || responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 2 || responses['CIM_KVMRedirectionSAP'].response["EnabledState"] == 6);
// Enable Ping and RMCP if disabled
if ((responses['AMT_GeneralSettings'].response['PingResponseEnabled'] != true) || (responses['AMT_GeneralSettings'].response['RmcpPingResponseEnabled'] != true)) {
responses['AMT_GeneralSettings'].response['PingResponseEnabled'] = true;
responses['AMT_GeneralSettings'].response['RmcpPingResponseEnabled'] = true;
amtstack.Put('AMT_GeneralSettings', responses['AMT_GeneralSettings'].response, function (stack, name, response, status) { if (status != 200) { debug("Enable PING PUT Error " + status); } }, 0, 1)
}
*/
// Success, make sure
debug('SUCCESS!' + JSON.stringify(responses));
// TODO: Check Intel AMT Features need to be enabled & if Intel AMT CIRA needs to be setup
// Enable redirection port, SOL and IDER if needed
if ((s.redir == false) || (s.sol == false) || (s.ider == false)) {
var r = responses['AMT_RedirectionService'].response;
r["ListenerEnabled"] = true; // Turn on the redirection port
r["EnabledState"] = 32768 + 1 + 2; // Turn on IDER (1) and SOL (2)
amtstack.AMT_RedirectionService_RequestStateChange(r["EnabledState"], function (stack, name, response, status) { if (status != 200) { debug("Enable Redirection EXEC Error " + status); } });
}
// Enable KVM if needed
if ((responses['CIM_KVMRedirectionSAP'] != null) && (s.kvm == false)) {
amtstack.CIM_KVMRedirectionSAP_RequestStateChange(2, 0,
function (stack, name, response, status) {
if (status != 200) { messagebox("Error", "KVMRedirectionSAP, RequestStateChange Error " + status); return; }
amtstack.Put("AMT_RedirectionService", r, function (stack, name, response, status) { if (status != 200) { debug("Enable KVM PUT Error " + status); } }, 0, 1)
}
);
}
// Check if the MeshCentral root certificate is present
if (typeof amtpolicy.rootcert == 'string') {
var rootFound = false, xxCertificates = responses["AMT_PublicKeyCertificate"].responses;
for (var i in xxCertificates) { if ((xxCertificates[i]["X509Certificate"] == amtpolicy.rootcert) && (xxCertificates[i]["TrustedRootCertficate"] == true)) { rootFound = true; } }
if (rootFound == false) { amtstack.AMT_PublicKeyManagementService_AddTrustedRootCertificate(amtpolicy.rootcert, function (stack, name, response, status) { if (status != 200) { debug("Add root cert EXEC Error " + status); } }); }
}
// If CIRA needs to be setup
if ((amtpolicy.cirasetup == 2) && (amtpolicy.ciraserver != null)) {
var serverFound = false, xxCiraServers = responses["AMT_ManagementPresenceRemoteSAP"].responses;
for (var i in xxCiraServers) { if ((xxCiraServers[i].AccessInfo == amtpolicy.ciraserver.name) && (xxCiraServers[i].Port == amtpolicy.ciraserver.port)) { serverFound = xxCiraServers[i].Name; } }
if (serverFound == false) {
// TODO: Remove all CIRA activation policies.
// amtstack.Delete('AMT_RemoteAccessPolicyRule', { 'PolicyRuleName': name }, editMpsPolicyOk2);
// TODO: Remove all other MPS servers.
// Add our MPS server
amtstack.AMT_RemoteAccessService_AddMpServer(amtpolicy.ciraserver.name, 201, amtpolicy.ciraserver.port, 2, null, amtpolicy.ciraserver.user, amtpolicy.ciraserver.pass, null, function (stack, name, response, status) {
if (status != 200) {
debug("Add MPS server EXEC Error " + status);
} else {
serverFound = false;
var x = response.Body.MpServer.ReferenceParameters.SelectorSet.Selector;
for (var i in x) { if (x[i]['@Name'] == 'Name') { serverFound = x[i]['Value']; } }
if (serverFound != false) { checkCiraTriggerPolicy(responses, serverFound); }
}
});
} else {
checkCiraTriggerPolicy(responses, serverFound);
}
} else if (amtpolicy.cirasetup == 1) {
// This call will clear environement detection if needed.
checkEnvironmentDetection(responses);
}
}
}
function checkCiraTriggerPolicy(responses, serverInstanceName) {
// Check CIRA activation policy
var server1 = '<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><ResourceURI xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://intel.com/wbem/wscim/1/amt-schema/1/AMT_ManagementPresenceRemoteSAP</ResourceURI><SelectorSet xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd"><Selector Name="Name">' + serverInstanceName + '</Selector></SelectorSet></ReferenceParameters>';
amtstack.AMT_RemoteAccessService_AddRemoteAccessPolicyRule(2, 0, 'AAAAAAAAAAo=', [server1], null, function (stack, name, response, status) {
if (status != 200) {
debug("Add AddRemoteAccessPolicyRule Error " + status);
} else {
//debug('AMT_RemoteAccessService_AddRemoteAccessPolicyRule Response:' + JSON.stringify(response));
checkEnvironmentDetection(responses);
}
});
}
// Check environement detection. This will set or clear the environement detection strings as needed.
function checkEnvironmentDetection(responses) {
var t2 = [];
if ((amtpolicy.ciraserver != null) && (amtpolicy.ciraserver.home != null)) { t2 = amtpolicy.ciraserver.home; }
var t = responses["AMT_EnvironmentDetectionSettingData"].response;
t['DetectionStrings'] = MakeToArray(t['DetectionStrings']);
if (CompareStrArrays(t['DetectionStrings'], t2) == false) {
t['DetectionStrings'] = t2;
amtstack.Put('AMT_EnvironmentDetectionSettingData', t, function (stack, name, response, status) { if (status != 200) { debug("Put AMT_EnvironmentDetectionSettingData Error " + status); } }, 0, 1);
}
}
// Imperfect compare of two string arrays.
function CompareStrArrays(arr1, arr2) {
if (arr1 == arr2) return true;
if (arr1 == null) { arr1 = []; }
if (arr2 == null) { arr2 = []; }
if (arr1.length != arr2.length) return false;
for (var i in arr1) { if (arr2.indexOf(arr1[i]) == -1) return false; }
return true;
}
function MakeToArray(v) { if (!v || v == null || typeof v == "object") return v; return [v]; };
}
module.exports = AmtManager;

View File

@ -270,7 +270,7 @@ function AmtStackCreateService(wsmanStack) {
obj.AMT_RedirectionService_RequestStateChange = function (RequestedState, callback_func) { obj.Exec("AMT_RedirectionService", "RequestStateChange", { "RequestedState": RequestedState }, callback_func); }
obj.AMT_RedirectionService_TerminateSession = function (SessionType, callback_func) { obj.Exec("AMT_RedirectionService", "TerminateSession", { "SessionType": SessionType }, callback_func); }
obj.AMT_RemoteAccessService_AddMpServer = function (AccessInfo, InfoFormat, Port, AuthMethod, Certificate, Username, Password, CN, callback_func) { obj.Exec("AMT_RemoteAccessService", "AddMpServer", { "AccessInfo": AccessInfo, "InfoFormat": InfoFormat, "Port": Port, "AuthMethod": AuthMethod, "Certificate": Certificate, "Username": Username, "Password": Password, "CN": CN }, callback_func); }
obj.AMT_RemoteAccessService_AddRemoteAccessPolicyRule = function (Trigger, TunnelLifeTime, ExtendedData, MpServer, callback_func) { obj.Exec("AMT_RemoteAccessService", "AddRemoteAccessPolicyRule", { "Trigger": Trigger, "TunnelLifeTime": TunnelLifeTime, "ExtendedData": ExtendedData, "MpServer": MpServer }, callback_func); }
obj.AMT_RemoteAccessService_AddRemoteAccessPolicyRule = function (Trigger, TunnelLifeTime, ExtendedData, MpServer, InternalMpServer, callback_func) { obj.Exec("AMT_RemoteAccessService", "AddRemoteAccessPolicyRule", { "Trigger": Trigger, "TunnelLifeTime": TunnelLifeTime, "ExtendedData": ExtendedData, "MpServer": MpServer, "InternalMpServer": InternalMpServer }, callback_func); }
obj.AMT_RemoteAccessService_CloseRemoteAccessConnection = function (_method_dummy, callback_func) { obj.Exec("AMT_RemoteAccessService", "CloseRemoteAccessConnection", { "_method_dummy": _method_dummy }, callback_func); }
obj.AMT_SetupAndConfigurationService_CommitChanges = function (_method_dummy, callback_func, tag) { obj.Exec("AMT_SetupAndConfigurationService", "CommitChanges", { "_method_dummy": _method_dummy }, callback_func, tag); }
obj.AMT_SetupAndConfigurationService_Unprovision = function (ProvisioningMode, callback_func) { obj.Exec("AMT_SetupAndConfigurationService", "Unprovision", { "ProvisioningMode": ProvisioningMode }, callback_func); }

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -729,12 +729,33 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
//obj.close(1);
}
obj.sendUpdatedIntelAmtPolicy = function() {
const mesh = parent.meshes[obj.dbMeshKey];
if (mesh != null) {
// Send Intel AMT policy
const amtPolicy = (mesh.amt != null) ? mesh.amt : null;
obj.send(JSON.stringify({ action: 'amtPolicy', amtPolicy: amtPolicy }));
// Take a basic Intel AMT policy and add all server information to it, making it ready to send to this agent.
function completeIntelAmtPolicy(amtPolicy) {
if (amtPolicy == null) return null;
if (amtPolicy.type == 2) {
// Add server root certificate
if (parent.parent.certificates.rootex == null) { parent.parent.certificates.rootex = parent.parent.certificates.root.cert.split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('').split('\r').join('').split('\n').join(''); }
amtPolicy.rootcert = parent.parent.certificates.rootex;
}
if ((amtPolicy.cirasetup == 2) && (parent.parent.mpsserver != null) && (parent.parent.certificates.AmtMpsName != null) && (args.lanonly != true) && (args.mpsport != 0)) {
// Add server CIRA settings
amtPolicy.ciraserver = {
name: parent.parent.certificates.AmtMpsName,
port: (typeof args.mpsaliasport == 'number' ? args.mpsaliasport : args.mpsport),
user: obj.meshid.replace(/\@/g, 'X').replace(/\$/g, 'X').substring(0, 16),
pass: args.mpspass ? args.mpspass : 'A@xew9rt', // If the MPS password is not set, just use anything. TODO: Use the password as an agent identifier?
home: ['sdlwerulis3wpj95dfj'] // Use a random FQDN to not have any home network.
};
if (Array.isArray(args.ciralocalfqdn)) { amtPolicy.ciraserver.home = args.ciralocalfqdn; }
}
return amtPolicy;
}
// Send Intel AMT policy
obj.sendUpdatedIntelAmtPolicy = function (policy) {
if (obj.agentExeInfo && (obj.agentExeInfo.amt == true)) { // Only send Intel AMT policy to agents what could have AMT.
if (policy == null) { var mesh = parent.meshes[obj.dbMeshKey]; if (mesh == null) return; policy = mesh.amt; }
obj.send(JSON.stringify({ action: 'amtPolicy', amtPolicy: completeIntelAmtPolicy(common.Clone(policy)) }));
}
}
@ -747,8 +768,9 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
}
// Send Intel AMT policy
const amtPolicy = (mesh.amt != null) ? mesh.amt : null;
obj.send(JSON.stringify({ action: 'amtPolicy', amtPolicy: amtPolicy }));
if (obj.agentExeInfo && (obj.agentExeInfo.amt == true)) { // Only send Intel AMT policy to agents what could have AMT.
obj.send(JSON.stringify({ action: 'amtPolicy', amtPolicy: completeIntelAmtPolicy(common.Clone(mesh.amt)) }));
}
// Do this if IP location is enabled on this domain TODO: Set IP location per device group?
if (domain.iplocation == true) {

View File

@ -1315,7 +1315,7 @@ function CreateMeshCentralServer(config, args) {
obj.meshAgentInstallScripts[this.info.id].hash = this.hash.digest('hex');
obj.meshAgentInstallScripts[this.info.id].path = this.agentpath;
obj.meshAgentInstallScripts[this.info.id].data = this.xdata;
obj.meshAgentInstallScripts[this.info.id].url = ((obj.args.notls == true) ? 'http://' : 'https://') + obj.certificates.CommonName + ':' + obj.args.port + '/meshagents?script=' + this.info.id;
obj.meshAgentInstallScripts[this.info.id].url = ((obj.args.notls == true) ? 'http://' : 'https://') + obj.certificates.CommonName + ':' + ((typeof obj.args.aliasport == 'number') ? obj.args.aliasport : obj.args.port) + '/meshagents?script=' + this.info.id;
var stats = null;
try { stats = obj.fs.statSync(this.agentpath); } catch (e) { }
if (stats != null) { obj.meshAgentInstallScripts[this.info.id].size = stats.size; }
@ -1376,7 +1376,7 @@ function CreateMeshCentralServer(config, args) {
archcount++;
obj.meshAgentBinaries[archid] = obj.common.Clone(obj.meshAgentsArchitectureNumbers[archid]);
obj.meshAgentBinaries[archid].path = agentpath;
obj.meshAgentBinaries[archid].url = ((obj.args.notls == true) ? 'http://' : 'https://') + obj.certificates.CommonName + ':' + obj.args.port + '/meshagents?id=' + archid;
obj.meshAgentBinaries[archid].url = ((obj.args.notls == true) ? 'http://' : 'https://') + obj.certificates.CommonName + ':' + ((typeof obj.args.aliasport == 'number') ? obj.args.aliasport : obj.args.port) + '/meshagents?id=' + archid;
obj.meshAgentBinaries[archid].size = stats.size;
if (obj.args.agentsinram) { obj.meshAgentBinaries[archid].data = obj.fs.readFileSync(agentpath); }
// If this is a windows binary, pull binary information

View File

@ -1226,7 +1226,13 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
parent.parent.DispatchEvent(['*', mesh._id, user._id], obj, { etype: 'mesh', username: user.name, meshid: mesh._id, amt: amtpolicy, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id });
// Send new policy to all computers on this mesh
routeCommandToMesh(command.meshid, { action: 'amtPolicy', amtPolicy: amtpolicy });
//routeCommandToMesh(command.meshid, { action: 'amtPolicy', amtPolicy: amtpolicy });
// See if the node is connected
for (var nodeid in parent.wsagents) {
const agent = parent.wsagents[nodeid];
if (agent.dbMeshKey == command.meshid) { agent.sendUpdatedIntelAmtPolicy(amtpolicy); }
}
}
break;
}

View File

@ -1,6 +1,6 @@
{
"name": "meshcentral",
"version": "0.3.0-d",
"version": "0.3.0-e",
"keywords": [
"Remote Management",
"Intel AMT",

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1638,10 +1638,10 @@
var states = [];
if (node.state > 0 && node.state < powerStatetable.length) state.push(powerStatetable[node.state]);
if (node.conn) {
if ((node.conn & 1) != 0) states.push('<span title="Mesh agent is connected and ready for use.">Agent</span>');
if ((node.conn & 2) != 0) states.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">CIRA</span>');
if ((node.conn & 4) != 0) states.push('<span title="Intel&reg; AMT is routable.">Intel&reg; AMT</span>');
if ((node.conn & 8) != 0) states.push('<span title="Mesh agent is reachable using another agent as relay.">Relay</span>');
if ((node.conn & 1) != 0) { states.push('<span title="Mesh agent is connected and ready for use.">Agent</span>'); }
if ((node.conn & 2) != 0) { states.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">CIRA</span>'); }
else if ((node.conn & 4) != 0) { states.push('<span title="Intel&reg; AMT is routable.">Intel&reg; AMT</span>'); }
if ((node.conn & 8) != 0) { states.push('<span title="Mesh agent is reachable using another agent as relay.">Relay</span>'); }
}
if ((node.pwr != null) && (node.pwr != 0)) { states.push(powerStateStrings[node.pwr]); }
return states.join(', ');
@ -1801,7 +1801,7 @@
var cstate = [];
if ((node.conn & 1) != 0) cstate.push('<span title="Software agent is connected and ready for use.">Agent</span>');
if ((node.conn & 2) != 0) cstate.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">Intel&reg; AMT CIRA</span>');
if ((node.conn & 4) != 0) cstate.push('<span title="Intel&reg; AMT is routable and ready for use.">Intel&reg; AMT</span>');
else if ((node.conn & 4) != 0) cstate.push('<span title="Intel&reg; AMT is routable and ready for use.">Intel&reg; AMT</span>');
if ((node.conn & 8) != 0) cstate.push('<span title="Software agent is reachable using another agent as relay.">Agent Relay</span>');
x += addDeviceAttribute('Connectivity', cstate.join(', '));
}
@ -1836,8 +1836,8 @@
var powerstate = PowerStateStr(node.state);
//if (node.state == 0) { powerstate = 'Unknown State'; }
if ((connectivity & 1) != 0) { if (powerstate.length > 0) { powerstate += ', '; } powerstate += '<span style=font-size:10px title="Agent connected">Mesh Agent</span>'; }
if ((connectivity & 2) != 0) { if (powerstate.length > 0) { powerstate += ', '; } powerstate += '<span style=font-size:10px title="Intel&reg; AMT connected">Intel&reg; AMT connected</span>'; } else
if ((connectivity & 4) != 0) { if (powerstate.length > 0) { powerstate += ', '; } powerstate += '<span style=font-size:10px title="Intel&reg; AMT detected">Intel&reg; AMT detected</span>'; }
if ((connectivity & 2) != 0) { if (powerstate.length > 0) { powerstate += ', '; } powerstate += '<span style=font-size:10px title="Intel&reg; AMT connected">Intel&reg; AMT connected</span>'; }
else if ((connectivity & 4) != 0) { if (powerstate.length > 0) { powerstate += ', '; } powerstate += '<span style=font-size:10px title="Intel&reg; AMT detected">Intel&reg; AMT detected</span>'; }
QH('MainComputerState', powerstate);
// Set the node icon

View File

@ -2634,10 +2634,10 @@
var states = [];
if (node.state > 0 && node.state < powerStatetable.length) state.push(powerStatetable[node.state]);
if (node.conn) {
if ((node.conn & 1) != 0) states.push('<span title="Mesh agent is connected and ready for use.">Agent</span>');
if ((node.conn & 2) != 0) states.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">CIRA</span>');
if ((node.conn & 4) != 0) states.push('<span title="Intel&reg; AMT is routable.">Intel&reg; AMT</span>');
if ((node.conn & 8) != 0) states.push('<span title="Mesh agent is reachable using another agent as relay.">Relay</span>');
if ((node.conn & 1) != 0) { states.push('<span title="Mesh agent is connected and ready for use.">Agent</span>'); }
if ((node.conn & 2) != 0) { states.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">CIRA</span>'); }
else if ((node.conn & 4) != 0) { states.push('<span title="Intel&reg; AMT is routable.">Intel&reg; AMT</span>'); }
if ((node.conn & 8) != 0) { states.push('<span title="Mesh agent is reachable using another agent as relay.">Relay</span>'); }
}
if ((node.pwr != null) && (node.pwr != 0)) { states.push(powerStateStrings[node.pwr]); }
return states.join(', ');
@ -3572,7 +3572,7 @@
var cstate = [];
if ((node.conn & 1) != 0) cstate.push('<span title="Mesh agent is connected and ready for use.">Mesh Agent</span>');
if ((node.conn & 2) != 0) cstate.push('<span title="Intel&reg; AMT CIRA is connected and ready for use.">Intel&reg; AMT CIRA</span>');
if ((node.conn & 4) != 0) cstate.push('<span title="Intel&reg; AMT is routable and ready for use.">Intel&reg; AMT</span>');
else if ((node.conn & 4) != 0) cstate.push('<span title="Intel&reg; AMT is routable and ready for use.">Intel&reg; AMT</span>');
if ((node.conn & 8) != 0) cstate.push('<span title="Mesh agent is reachable using another agent as relay.">Mesh Relay</span>');
x += addDeviceAttribute('Connectivity', cstate.join(', '));
}
@ -3621,7 +3621,7 @@
//if (node.state == 0) { powerstate = 'Unknown State'; }
if ((connectivity & 1) != 0) { if (powerstate.length > 0) { powerstate += '<br/>'; } powerstate += '<span style=font-size:12px title="Agent connected">Agent connected</span>'; }
if ((connectivity & 2) != 0) { if (powerstate.length > 0) { powerstate += '<br/>'; } powerstate += '<span style=font-size:12px title="Intel&reg; AMT connected">Intel&reg; AMT connected</span>'; }
if ((connectivity & 4) != 0) { if (powerstate.length > 0) { powerstate += '<br/>'; } powerstate += '<span style=font-size:12px title="Intel&reg; AMT detected">Intel&reg; AMT detected</span>'; }
else if ((connectivity & 4) != 0) { if (powerstate.length > 0) { powerstate += '<br/>'; } powerstate += '<span style=font-size:12px title="Intel&reg; AMT detected">Intel&reg; AMT detected</span>'; }
if ((powerstate == '') && node.lastconnect) { powerstate = '<span style=font-size:12px>Last seen:<br />' + new Date(node.lastconnect).toLocaleDateString() + ', ' + new Date(node.lastconnect).toLocaleTimeString() + '</span>'; }
QH('MainComputerState', powerstate);
@ -5909,7 +5909,7 @@
if (currentMesh.amt && currentMesh.amt.type == 2) {
Q('dp20amtpolicypass').value = currentMesh.amt.password;
Q('dp20amtbadpass').value = currentMesh.amt.badpass;
Q('dp20amtcira').value = currentMesh.amt.cirasetup;
if ((features & 0x400) == 0) { Q('dp20amtcira').value = currentMesh.amt.cirasetup; }
}
dp20amtValidatePolicy();
@ -5920,7 +5920,7 @@
if (ptype == 2) {
x = addHtmlValue('Password*', '<input id=dp20amtpolicypass style=width:230px maxlength=32 onchange=dp20amtValidatePolicy() onkeyup=dp20amtValidatePolicy() />')
x += addHtmlValue('Password mismatch', "<select id=dp20amtbadpass style=width:230px><option value=0>Do nothing</option><option value=1>Reactivate Intel&reg; AMT</option></select>");
x += addHtmlValue('<span title="Client Initiated Remote Access">CIRA</span>', "<select id=dp20amtcira style=width:230px><option value=0>Don't configure</option><option value=1>Don't connect to server</option><option value=2>Connect to server</option></select>");
if ((features & 0x400) == 0) { x += addHtmlValue('<span title="Client Initiated Remote Access">CIRA</span>', "<select id=dp20amtcira style=width:230px><option value=0>Don't configure</option><option value=1>Don't connect to server</option><option value=2>Connect to server</option></select>"); }
x += '<br/><span style="font-size:10px">* Recommanded, leave blank to assign a random password to each device.</span><br/>';
x += '<span style="font-size:10px">This policy will not impact devices with Intel&reg; AMT in ACM mode.</span><br/>';
x += '<span style="font-size:10px">This is not a secure policy as agents will be performing activation.</span>';
@ -5936,7 +5936,10 @@
function p20editMeshAmtEx() {
var ptype = parseInt(Q('dp20amtpolicy').value), amtpolicy = { type: ptype };
if (ptype == 2) { amtpolicy = { type: ptype, password: Q('dp20amtpolicypass').value, badpass: parseInt(Q('dp20amtbadpass').value), cirasetup: parseInt(Q('dp20amtcira').value) }; }
if (ptype == 2) {
amtpolicy = { type: ptype, password: Q('dp20amtpolicypass').value, badpass: parseInt(Q('dp20amtbadpass').value) };
if ((features & 0x400) == 0) { amtpolicy.cirasetup = parseInt(Q('dp20amtcira').value); } else { amtpolicy.cirasetup = 1; }
}
meshserver.send({ action: 'meshamtpolicy', meshid: currentMesh._id, amtpolicy: amtpolicy });
}