Added Intel Standard Manageability (ISM) support, improved MeshCMD activation.

This commit is contained in:
Ylian Saint-Hilaire 2019-10-01 14:54:38 -07:00
parent b19cf48adc
commit 414494421b
13 changed files with 136 additions and 55 deletions

Binary file not shown.

Binary file not shown.

View File

@ -438,13 +438,21 @@ function run(argv) {
nextStepStorageUpload();
}
} else if ((settings.action == 'amtversion') || (settings.action == 'amtversions') || (settings.action == 'amtver')) {
// Display Intel AMT versions
// Display Intel ME versions
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.getVersion(function (val) {
console.log("MEI Version = " + val.BiosVersion.toString());
for (var version in val.Versions) { console.log(val.Versions[version].Description + " = " + val.Versions[version].Version); }
console.log("BIOS Version = " + val.BiosVersion.toString());
for (var version in val.Versions) {
var extras = '', skuBits = ['', 'iQST', 'ASF', 'AMT', 'ISM', 'TPM', '', '', 'HomeIT', '', 'WOX', '', '', 'AT-p', 'Corporate', 'L3 Mgt Upgrade'];
if (val.Versions[version].Description == 'Sku') {
var n = parseInt(val.Versions[version].Version), x = [], xx = 1;
for (var i = 0; i < skuBits.length; i++) { if ((n & xx) != 0) { x.push(skuBits[i]); } xx = xx << 1; }
if (x.length > 0) { extras = ' (' + x.join(', ') + ')' }
}
console.log(val.Versions[version].Description + " = " + val.Versions[version].Version + extras);
}
exit(1); return;
});
} else if (settings.action == 'amthashes') {
@ -472,7 +480,14 @@ function run(argv) {
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.getVersion(function (result) { if (result) { for (var version in result.Versions) { if (result.Versions[version].Description == 'AMT') { mestate.ver = result.Versions[version].Version; } } } });
amtMei.getVersion(function (result) {
if (result) {
for (var version in result.Versions) {
if (result.Versions[version].Description == 'AMT') { mestate.ver = result.Versions[version].Version; }
if (result.Versions[version].Description == 'Sku') { mestate.sku = parseInt(result.Versions[version].Version); }
}
}
});
amtMei.getProvisioningState(function (result) { if (result) { mestate.ProvisioningState = result; } });
amtMei.getProvisioningMode(function (result) { if (result) { mestate.ProvisioningMode = result; } });
amtMei.getEHBCState(function (result) { if (result) { mestate.ehbc = result; } });
@ -484,7 +499,9 @@ function run(argv) {
amtMei.getDnsSuffix(function (result) {
if (result) { mestate.dns = result; }
if (mestate.ver && mestate.ProvisioningState && mestate.ProvisioningMode) {
var str = 'Intel AMT v' + mestate.ver;
var str = 'Intel ME v' + mestate.ver;
if (mestate.sku & 8) { str = 'Intel AMT v' + mestate.ver }
else if (mestate.sku & 16) { str = 'Intel SM v' + mestate.ver }
if (mestate.ProvisioningState.stateStr == 'PRE') { str += ', pre-provisioning state'; }
else if (mestate.ProvisioningState.stateStr == 'IN') { str += ', in-provisioning state'; }
else if (mestate.ProvisioningState.stateStr == 'POST') {
@ -1138,6 +1155,7 @@ function activeToACMEx(fwNonce, dnsSuffix, digestRealm, uuid, allowedModes) {
try { cmd = JSON.parse(data); } catch (ex) { console.log('Unable to parse server response: ' + data); exit(100); return; }
if (typeof cmd != 'object') { console.log('Invalid server response: ' + cmd); exit(100); return; }
if (typeof cmd.errorText == 'string') { console.log('Server error: ' + cmd.errorText); exit(100); return; }
if (typeof cmd.messageText == 'string') { console.log('Server: ' + cmd.messageText); return; }
switch (cmd.action) {
case 'acmactivate': {
// Server responded with ACM activation response
@ -1204,7 +1222,7 @@ function activeToACMEx(fwNonce, dnsSuffix, digestRealm, uuid, allowedModes) {
var action = 'acmactivate';
if (settings.action == 'amtccm') { action = 'ccmactivate'; }
if (settings.action == 'amtdiscover') { action = 'amtdiscover'; }
socket.write({ client: 'meshcmd', version: 1, action: action, fqdn: dnsSuffix, realm: digestRealm, nonce: fwNonce, uuid: uuid, profile: settings.profile, hashes: trustedHashes, tag: settings.tag, name: settings.name, ver: mestate.vers['AMT'], build: mestate.vers['Build Number'], modes: allowedModes, currentMode: mestate.controlMode });
socket.write({ client: 'meshcmd', version: 1, action: action, fqdn: dnsSuffix, realm: digestRealm, nonce: fwNonce, uuid: uuid, profile: settings.profile, hashes: trustedHashes, tag: settings.tag, name: settings.name, ver: mestate.vers['AMT'], build: mestate.vers['Build Number'], sku: parseInt(mestate.vers['Sku']), modes: allowedModes, currentMode: mestate.controlMode, hostname: require('os').hostname() });
});
connection.end();
}

30
agents/meshcmd.min.js vendored
View File

@ -438,13 +438,21 @@ function run(argv) {
nextStepStorageUpload();
}
} else if ((settings.action == 'amtversion') || (settings.action == 'amtversions') || (settings.action == 'amtver')) {
// Display Intel AMT versions
// Display Intel ME versions
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.getVersion(function (val) {
console.log("MEI Version = " + val.BiosVersion.toString());
for (var version in val.Versions) { console.log(val.Versions[version].Description + " = " + val.Versions[version].Version); }
console.log("BIOS Version = " + val.BiosVersion.toString());
for (var version in val.Versions) {
var extras = '', skuBits = ['', 'iQST', 'ASF', 'AMT', 'ISM', 'TPM', '', '', 'HomeIT', '', 'WOX', '', '', 'AT-p', 'Corporate', 'L3 Mgt Upgrade'];
if (val.Versions[version].Description == 'Sku') {
var n = parseInt(val.Versions[version].Version), x = [], xx = 1;
for (var i = 0; i < skuBits.length; i++) { if ((n & xx) != 0) { x.push(skuBits[i]); } xx = xx << 1; }
if (x.length > 0) { extras = ' (' + x.join(', ') + ')' }
}
console.log(val.Versions[version].Description + " = " + val.Versions[version].Version + extras);
}
exit(1); return;
});
} else if (settings.action == 'amthashes') {
@ -472,7 +480,14 @@ function run(argv) {
var amtMeiModule, amtMei;
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.getVersion(function (result) { if (result) { for (var version in result.Versions) { if (result.Versions[version].Description == 'AMT') { mestate.ver = result.Versions[version].Version; } } } });
amtMei.getVersion(function (result) {
if (result) {
for (var version in result.Versions) {
if (result.Versions[version].Description == 'AMT') { mestate.ver = result.Versions[version].Version; }
if (result.Versions[version].Description == 'Sku') { mestate.sku = parseInt(result.Versions[version].Version); }
}
}
});
amtMei.getProvisioningState(function (result) { if (result) { mestate.ProvisioningState = result; } });
amtMei.getProvisioningMode(function (result) { if (result) { mestate.ProvisioningMode = result; } });
amtMei.getEHBCState(function (result) { if (result) { mestate.ehbc = result; } });
@ -484,7 +499,9 @@ function run(argv) {
amtMei.getDnsSuffix(function (result) {
if (result) { mestate.dns = result; }
if (mestate.ver && mestate.ProvisioningState && mestate.ProvisioningMode) {
var str = 'Intel AMT v' + mestate.ver;
var str = 'Intel ME v' + mestate.ver;
if (mestate.sku & 8) { str = 'Intel AMT v' + mestate.ver }
else if (mestate.sku & 16) { str = 'Intel SM v' + mestate.ver }
if (mestate.ProvisioningState.stateStr == 'PRE') { str += ', pre-provisioning state'; }
else if (mestate.ProvisioningState.stateStr == 'IN') { str += ', in-provisioning state'; }
else if (mestate.ProvisioningState.stateStr == 'POST') {
@ -1138,6 +1155,7 @@ function activeToACMEx(fwNonce, dnsSuffix, digestRealm, uuid, allowedModes) {
try { cmd = JSON.parse(data); } catch (ex) { console.log('Unable to parse server response: ' + data); exit(100); return; }
if (typeof cmd != 'object') { console.log('Invalid server response: ' + cmd); exit(100); return; }
if (typeof cmd.errorText == 'string') { console.log('Server error: ' + cmd.errorText); exit(100); return; }
if (typeof cmd.messageText == 'string') { console.log('Server: ' + cmd.messageText); return; }
switch (cmd.action) {
case 'acmactivate': {
// Server responded with ACM activation response
@ -1204,7 +1222,7 @@ function activeToACMEx(fwNonce, dnsSuffix, digestRealm, uuid, allowedModes) {
var action = 'acmactivate';
if (settings.action == 'amtccm') { action = 'ccmactivate'; }
if (settings.action == 'amtdiscover') { action = 'amtdiscover'; }
socket.write({ client: 'meshcmd', version: 1, action: action, fqdn: dnsSuffix, realm: digestRealm, nonce: fwNonce, uuid: uuid, profile: settings.profile, hashes: trustedHashes, tag: settings.tag, name: settings.name, ver: mestate.vers['AMT'], build: mestate.vers['Build Number'], modes: allowedModes, currentMode: mestate.controlMode });
socket.write({ client: 'meshcmd', version: 1, action: action, fqdn: dnsSuffix, realm: digestRealm, nonce: fwNonce, uuid: uuid, profile: settings.profile, hashes: trustedHashes, tag: settings.tag, name: settings.name, ver: mestate.vers['AMT'], build: mestate.vers['Build Number'], sku: parseInt(mestate.vers['Sku']), modes: allowedModes, currentMode: mestate.controlMode, hostname: require('os').hostname() });
});
connection.end();
}

View File

@ -1683,19 +1683,10 @@ function createMeshCore(agent)
var response = null;
switch (cmd) {
case 'help': { // Displays available commands
var fin = '';
var f = '';
var availcommands = 'help, info, osinfo, args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget, nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi, scanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm, amtdeactivate, amtpolicy, getscript, getclip, setclip, log, av, cpuinfo, sysinfo, apf';
availcommands = availcommands.split(',');
for (f in availcommands) { availcommands[f] = availcommands[f].trim(); }
availcommands = availcommands.sort(); f = '';
while (availcommands.length > 0)
{
if (f.length > 100)
{
fin += (f + ',\r\n');
f = '';
}
var fin = '', f = '', availcommands = 'help,info,osinfo,args,print,type,dbget,dbset,dbcompact,eval,parseuri,httpget,nwslist,wsconnect,wssend,wsclose,notify,ls,ps,kill,amt,netinfo,location,power,wakeonlan,setdebug,smbios,rawsmbios,toast,lock,users,sendcaps,openurl,amtreset,amtccm,amtacm,amtdeactivate,amtpolicy,getscript,getclip,setclip,log,av,cpuinfo,sysinfo,apf,scanwifi,scanamt';
availcommands = availcommands.split(',').sort();
while (availcommands.length > 0) {
if (f.length > 100) { fin += (f + ',\r\n'); f = ''; }
f += (((f != '') ? ', ' : ' ') + availcommands.shift());
}
if (f != '') { fin += f; }
@ -2417,7 +2408,7 @@ function createMeshCore(agent)
try {
if (meinfo == null) return;
var intelamt = {}, p = false;
if ((meinfo.Versions != null) && (meinfo.Versions.AMT != null)) { intelamt.ver = meinfo.Versions.AMT; p = true; }
if ((meinfo.Versions != null) && (meinfo.Versions.AMT != null)) { intelamt.ver = meinfo.Versions.AMT; p = true; if (meinfo.Versions.Sku != null) { intelamt.sku = parseInt(meinfo.Versions.Sku); } }
if (meinfo.ProvisioningState != null) { intelamt.state = meinfo.ProvisioningState; p = true; }
if (meinfo.Flags != null) { intelamt.flags = meinfo.Flags; p = true; }
if (meinfo.OsHostname != null) { intelamt.host = meinfo.OsHostname; p = true; }

View File

@ -1683,7 +1683,14 @@ function createMeshCore(agent)
var response = null;
switch (cmd) {
case 'help': { // Displays available commands
response = 'Available commands: help, info, osinfo, args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget,\r\nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi,\r\nscanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm,\r\namtdeactivate, amtpolicy, getscript, getclip, setclip, log, av, cpuinfo, sysinfo, apf.';
var fin = '', f = '', availcommands = 'help,info,osinfo,args,print,type,dbget,dbset,dbcompact,eval,parseuri,httpget,nwslist,wsconnect,wssend,wsclose,notify,ls,ps,kill,amt,netinfo,location,power,wakeonlan,setdebug,smbios,rawsmbios,toast,lock,users,sendcaps,openurl,amtreset,amtccm,amtacm,amtdeactivate,amtpolicy,getscript,getclip,setclip,log,av,cpuinfo,sysinfo,apf,scanwifi,scanamt';
availcommands = availcommands.split(',').sort();
while (availcommands.length > 0) {
if (f.length > 100) { fin += (f + ',\r\n'); f = ''; }
f += (((f != '') ? ', ' : ' ') + availcommands.shift());
}
if (f != '') { fin += f; }
response = 'Available commands: \r\n' + fin + '.';
break;
}
/*
@ -2401,7 +2408,7 @@ function createMeshCore(agent)
try {
if (meinfo == null) return;
var intelamt = {}, p = false;
if ((meinfo.Versions != null) && (meinfo.Versions.AMT != null)) { intelamt.ver = meinfo.Versions.AMT; p = true; }
if ((meinfo.Versions != null) && (meinfo.Versions.AMT != null)) { intelamt.ver = meinfo.Versions.AMT; p = true; if (meinfo.Versions.Sku != null) { intelamt.sku = parseInt(meinfo.Versions.Sku); } }
if (meinfo.ProvisioningState != null) { intelamt.state = meinfo.ProvisioningState; p = true; }
if (meinfo.Flags != null) { intelamt.flags = meinfo.Flags; p = true; }
if (meinfo.OsHostname != null) { intelamt.host = meinfo.OsHostname; p = true; }

View File

@ -1355,24 +1355,25 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
//if (command.users) { console.log(command.users); }
// Check if anything changes
if (command.name && (command.name != device.name)) { change = 1; log = 1; device.name = command.name; changes.push('name'); }
if (command.name && (typeof command.name == 'string') && (command.name != device.name)) { change = 1; log = 1; device.name = command.name; changes.push('name'); }
if ((command.caps != null) && (device.agent.core != command.value)) { if ((command.value == null) && (device.agent.core != null)) { delete device.agent.core; } else { device.agent.core = command.value; } change = 1; } // Don't save this as an event to the db.
if ((command.caps != null) && ((device.agent.caps & 0xFFFFFFE7) != (command.caps & 0xFFFFFFE7))) { device.agent.caps = ((device.agent.caps & 24) + (command.caps & 0xFFFFFFE7)); change = 1; } // Allow Javascript on the agent to change all capabilities except console and javascript support, Don't save this as an event to the db.
if ((command.osdesc != null) && (device.osdesc != command.osdesc)) { device.osdesc = command.osdesc; change = 1; changes.push('os desc'); } // Don't save this as an event to the db.
if ((command.osdesc != null) && (typeof command.osdesc == 'string') && (device.osdesc != command.osdesc)) { device.osdesc = command.osdesc; change = 1; changes.push('os desc'); } // Don't save this as an event to the db.
if (device.ip != obj.remoteaddr) { device.ip = obj.remoteaddr; change = 1; }
if (command.intelamt) {
if (!device.intelamt) { device.intelamt = {}; }
if ((command.intelamt.ver != null) && (device.intelamt.ver != command.intelamt.ver)) { changes.push('AMT version'); device.intelamt.ver = command.intelamt.ver; change = 1; log = 1; }
if ((command.intelamt.state != null) && (device.intelamt.state != command.intelamt.state)) { changes.push('AMT state'); device.intelamt.state = command.intelamt.state; change = 1; log = 1; }
if ((command.intelamt.flags != null) && (device.intelamt.flags != command.intelamt.flags)) {
if ((command.intelamt.ver != null) && (typeof command.intelamt.ver == 'string') && (command.intelamt.ver.length < 12) && (device.intelamt.ver != command.intelamt.ver)) { changes.push('AMT version'); device.intelamt.ver = command.intelamt.ver; change = 1; log = 1; }
if ((command.intelamt.sku != null) && (typeof command.intelamt.sku == 'number') && (device.intelamt.sku !== command.intelamt.sku)) { changes.push('AMT SKU'); device.intelamt.sku = command.intelamt.sku; change = 1; log = 1; }
if ((command.intelamt.state != null) && (typeof command.intelamt.state == 'number') && (device.intelamt.state != command.intelamt.state)) { changes.push('AMT state'); device.intelamt.state = command.intelamt.state; change = 1; log = 1; }
if ((command.intelamt.flags != null) && (typeof command.intelamt.flags == 'number') && (device.intelamt.flags != command.intelamt.flags)) {
if (device.intelamt.flags) { changes.push('AMT flags (' + device.intelamt.flags + ' --> ' + command.intelamt.flags + ')'); } else { changes.push('AMT flags (' + command.intelamt.flags + ')'); }
device.intelamt.flags = command.intelamt.flags; change = 1; log = 1;
}
if ((command.intelamt.realm != null) && (device.intelamt.realm != command.intelamt.realm)) { changes.push('AMT realm'); device.intelamt.realm = command.intelamt.realm; change = 1; log = 1; }
if ((command.intelamt.host != null) && (device.intelamt.host != command.intelamt.host)) { changes.push('AMT host'); device.intelamt.host = command.intelamt.host; change = 1; log = 1; }
if ((command.intelamt.uuid != null) && (device.intelamt.uuid != command.intelamt.uuid)) { changes.push('AMT uuid'); device.intelamt.uuid = command.intelamt.uuid; change = 1; log = 1; }
if ((command.intelamt.user != null) && (device.intelamt.user != command.intelamt.user)) { changes.push('AMT user'); device.intelamt.user = command.intelamt.user; change = 1; log = 1; }
if ((command.intelamt.pass != null) && (device.intelamt.pass != command.intelamt.pass)) { changes.push('AMT pass'); device.intelamt.pass = command.intelamt.pass; change = 1; log = 1; }
if ((command.intelamt.realm != null) && (typeof command.intelamt.realm == 'string') && (device.intelamt.realm != command.intelamt.realm)) { changes.push('AMT realm'); device.intelamt.realm = command.intelamt.realm; change = 1; log = 1; }
if ((command.intelamt.host != null) && (typeof command.intelamt.host == 'string') && (device.intelamt.host != command.intelamt.host)) { changes.push('AMT host'); device.intelamt.host = command.intelamt.host; change = 1; log = 1; }
if ((command.intelamt.uuid != null) && (typeof command.intelamt.uuid == 'string') && (device.intelamt.uuid != command.intelamt.uuid)) { changes.push('AMT uuid'); device.intelamt.uuid = command.intelamt.uuid; change = 1; log = 1; }
if ((command.intelamt.user != null) && (typeof command.intelamt.user == 'string') && (device.intelamt.user != command.intelamt.user)) { changes.push('AMT user'); device.intelamt.user = command.intelamt.user; change = 1; log = 1; }
if ((command.intelamt.pass != null) && (typeof command.intelamt.pass == 'string') && (device.intelamt.pass != command.intelamt.pass)) { changes.push('AMT pass'); device.intelamt.pass = command.intelamt.pass; change = 1; log = 1; }
}
if (command.av) {
if (!device.av) { device.av = []; }

View File

@ -1,6 +1,6 @@
{
"name": "meshcentral",
"version": "0.4.1-n",
"version": "0.4.1-o",
"keywords": [
"Remote Management",
"Intel AMT",

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1918,7 +1918,13 @@
str += '<img src=images/link4.png height=10 width=10 title="Edit Intel&reg; AMT credentials" style=cursor:pointer onclick=editDeviceAmtSettings("' + node._id + '")>';
}
}
x += addDeviceAttribute('Intel&reg; AMT', str);
var meName = 'Intel&reg; ME';
if (typeof node.intelamt.sku == 'number') {
if ((node.intelamt.sku & 8) != 0) { meName = 'Intel&reg; AMT'; }
else if ((node.intelamt.sku & 16) != 0) { meName = 'Intel&reg; SM'; }
}
x += addDeviceAttribute(meName, str);
}
// Attribute: Mesh Agent Tag
@ -2012,7 +2018,11 @@
QV('p10files', currentDevicePanel == 2);
var menus = [];
if (currentDevicePanel != 0) { menus.push({ n: 'General', f: 'setupDeviceMenu(0)' }); }
if ((currentDevicePanel != 1) && (currentNode != null) && ((meshrights & 8) || (meshrights & 256)) && ((currentNode.mtype == 1) || (currentNode.agent.caps & 1))) { menus.push({ n: 'Desktop', f: 'setupDeviceMenu(1)' }); }
if ((currentDevicePanel != 1) &&
(currentNode != null) &&
((meshrights & 8) || (meshrights & 256)) &&
(((meshes[currentNode.meshid].mtype == 1) && ((typeof currentNode.intelamt.sku !== 'number') || ((currentNode.intelamt.sku & 8) != 0))) || (currentNode.agent && (currentNode.agent.caps & 1)))
) { menus.push({ n: 'Desktop', f: 'setupDeviceMenu(1)' }); }
if ((currentDevicePanel != 2) && (currentNode != null) && (meshrights & 8) && ((meshrights == 0xFFFFFFFF) || ((meshrights & 1024) == 0)) && ((currentNode.mtype == 2) && (currentNode.agent.caps & 4))) { menus.push({ n: 'Files', f: 'setupDeviceMenu(2)' }); }
updateFooterMenu(menus);
}
@ -2245,7 +2255,17 @@
// Show the right buttons
QV('disconnectbutton1', (deskState != 0));
QV('connectbutton1', (deskState == 0) && (mesh.mtype == 2) && ((meshrights & 8) || (meshrights & 256)));
QV('connectbutton1h', (deskState == 0) && ((currentNode.intelamt != null) && (meshrights & 8) && (mesh.mtype == 1 || currentNode.intelamt.state == 2) && ((currentNode.intelamt.ver != null) || (mesh.mtype == 1))));
QV('connectbutton1h',
(deskState == 0) &&
(meshrights & 8) &&
((mesh.mtype == 1) ||
((currentNode.intelamt.state == 2) &&
(currentNode.intelamt.ver != null) &&
(currentNode.intelamt != null) &&
(typeof currentNode.intelamt.sku == 'number') &&
((currentNode.intelamt.sku & 8) != 0))
)
);
// Show the right settings
QV('d7amtkvm', (currentNode.intelamt != null && ((currentNode.intelamt.ver != null) || (mesh.mtype == 1))) && ((deskState == 0) || (desktop.contype == 2)));

View File

@ -4174,7 +4174,13 @@
str += '<img src=images/link4.png height=10 width=10 title="Edit Intel&reg; AMT credentials" style=cursor:pointer onclick=editDeviceAmtSettings("' + node._id + '")>';
}
}
x += addDeviceAttribute('Intel&reg; AMT', str);
var meName = '<span title="Intel&reg; Manageability Engine">Intel&reg; ME<span>';
if (typeof node.intelamt.sku == 'number') {
if ((node.intelamt.sku & 8) != 0) { meName = '<span title="Intel&reg; Active Management Technology">Intel&reg; AMT<span>'; }
else if ((node.intelamt.sku & 16) != 0) { meName = '<span title="Intel&reg; Standard Manageability">Intel&reg; SM<span>'; }
}
x += addDeviceAttribute(meName, str);
}
if (mesh.mtype == 2) {
@ -4298,7 +4304,10 @@
// Show or hide the tabs
// mesh.mtype: 1 = Intel AMT only, 2 = Mesh Agent
// node.agent.caps (bitmask): 1 = Desktop, 2 = Terminal, 4 = Files, 8 = Console
QV('MainDevDesktop', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 1) != 0) || (node.intelamt && (node.intelamt.state == 2))) && ((meshrights & 8) || (meshrights & 256)));
QV('MainDevDesktop', (((mesh.mtype == 1) && ((typeof node.intelamt.sku !== 'number') || ((node.intelamt.sku & 8) != 0)))
|| ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 1) != 0) || (node.intelamt && (node.intelamt.state == 2)))))
&& ((meshrights & 8) || (meshrights & 256))
);
QV('MainDevTerminal', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 2) != 0) || (node.intelamt && (node.intelamt.state == 2))) && (meshrights & 8) && terminalAccess);
QV('MainDevFiles', ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 4) != 0))) && (meshrights & 8) && fileAccess);
QV('MainDevAmt', (node.intelamt != null) && ((node.intelamt.state == 2) || (node.conn & 2)) && (meshrights & 8) && amtAccess);
@ -4788,7 +4797,17 @@
// Show the right buttons
QV('disconnectbutton1span', (deskState != 0));
QV('connectbutton1span', (deskState == 0) && ((meshrights & 8) || (meshrights & 256)) && (mesh.mtype == 2) && (currentNode.agent.caps & 1));
QV('connectbutton1hspan', (deskState == 0) && (meshrights & 8) && ((currentNode.intelamt != null) && (mesh.mtype == 1 || currentNode.intelamt.state == 2) && ((currentNode.intelamt.ver != null) || (mesh.mtype == 1))));
QV('connectbutton1hspan',
(deskState == 0) &&
(meshrights & 8) &&
((mesh.mtype == 1) ||
((currentNode.intelamt != null) &&
(currentNode.intelamt.state == 2) &&
(currentNode.intelamt.ver != null) &&
(typeof currentNode.intelamt.sku == 'number') &&
((currentNode.intelamt.sku & 8) != 0))
)
);
// Show the right settings
QV('d7amtkvm', (currentNode.intelamt != null && ((currentNode.intelamt.ver != null) || (mesh.mtype == 1))) && ((deskState == 0) || (desktop.contype == 2)));
@ -5423,7 +5442,11 @@
if (services != null) {
for (var i in services) {
if (services[i].status) {
// Windows
s.push({ p: capitalizeFirstLetter(services[i].status.state.toLowerCase()), d: services[i].displayName, i: i });
} else if (services[i].serviceType) {
// Linux (TODO: This the service status is not displayed, not sure start/stop/restart will work).
s.push({ p: services[i].serviceType, d: services[i].name, i: i });
}
}
if (deskTools.ssort == 0) { s.sort(sortProcessPid); } else if (deskTools.ssort == 1) { s.sort(sortProcessName); }

View File

@ -2488,11 +2488,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (cmd.version != 1) { ws.send(JSON.stringify({ errorText: 'Unsupported version' })); ws.close(); return; }
if (obj.common.validateString(cmd.realm, 16, 256) == false) { ws.send(JSON.stringify({ errorText: 'Invalid realm argument' })); ws.close(); return; }
if (obj.common.validateString(cmd.uuid, 36, 36) == false) { ws.send(JSON.stringify({ errorText: 'Invalid UUID argument' })); ws.close(); return; }
if (typeof cmd.hashes != 'object') { ws.send(JSON.stringify({ errorText: 'Invalid hashes' })); ws.close(); return; }
if (typeof cmd.fqdn != 'string') { ws.send(JSON.stringify({ errorText: 'Invalid FQDN' })); ws.close(); return; }
if (typeof cmd.hashes !== 'object') { ws.send(JSON.stringify({ errorText: 'Invalid hashes' })); ws.close(); return; }
if (typeof cmd.fqdn !== 'string') { ws.send(JSON.stringify({ errorText: 'Invalid FQDN' })); ws.close(); return; }
if ((obj.common.validateString(cmd.ver, 5, 16) == false) || (cmd.ver.split('.').length != 3)) { ws.send(JSON.stringify({ errorText: 'Invalid Intel AMT version' })); ws.close(); return; }
if (obj.common.validateArray(cmd.modes, 1, 2) == false) { ws.send(JSON.stringify({ errorText: 'Invalid activation modes' })); ws.close(); return; }
if (obj.common.validateInt(cmd.currentMode, 0, 2) == false) { ws.send(JSON.stringify({ errorText: 'Invalid current mode' })); ws.close(); return; }
if (typeof cmd.sku !== 'number') { ws.send(JSON.stringify({ errorText: 'Invalid SKU number' })); ws.close(); return; }
// Get the current Intel AMT policy
var mesh = obj.meshes[ws.meshid], activationMode = 4; // activationMode: 2 = CCM, 4 = ACM
@ -2518,21 +2519,21 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
}
// If no cert match or wildcard match which is not yet supported, do CCM activation.
if ((matchingHash == null) || (matchingCN == '*')) { activationMode = 2; } else { cmd.hash = matchingHash; }
if ((matchingHash == null) || (matchingCN == '*')) { ws.send(JSON.stringify({ messageText: 'No matching ACM activation certificates, activating in CCM instead...' })); activationMode = 2; } else { cmd.hash = matchingHash; }
}
// Check if we are going to activate in an allowed mode. cmd.modes: 1 = CCM, 2 = ACM
if ((activationMode == 4) && (cmd.modes.indexOf(2) == -1)) { activationMode = 2; } // We want to do ACM, but mode is not allowed. Change to CCM.
if ((activationMode == 4) && (cmd.modes.indexOf(2) == -1)) { ws.send(JSON.stringify({ messageText: 'ACM not allowed on this machine, activating in CCM instead...' })); activationMode = 2; } // We want to do ACM, but mode is not allowed. Change to CCM.
// If we want to do CCM, but mode is not allowed. Error out.
if ((activationMode == 2) && (cmd.modes.indexOf(1) == -1)) { ws.send(JSON.stringify({ errorText: 'Unsupported activation mode' })); ws.close(); return; }
if ((activationMode == 2) && (cmd.modes.indexOf(1) == -1)) { ws.send(JSON.stringify({ errorText: 'CCM is not an allowed activation mode' })); ws.close(); return; }
// Get the Intel AMT admin password, randomize if needed.
var amtpassword = ((mesh.amt.password == '') ? getRandomAmtPassword() : mesh.amt.password);
if (checkAmtPassword(amtpassword) == false) { ws.send(JSON.stringify({ errorText: 'Invalid Intel AMT password' })); ws.close(); return; } // Invalid Intel AMT password, this should never happen.
// Save some state, if activation is succesful, we need this to add the device
ws.xxstate = { uuid: cmd.uuid, realm: cmd.realm, tag: cmd.tag, name: cmd.name, pass: amtpassword, flags: activationMode, ver: cmd.ver }; // Flags: 2 = CCM, 4 = ACM
ws.xxstate = { uuid: cmd.uuid, realm: cmd.realm, tag: cmd.tag, name: cmd.name, hostname: cmd.hostname, pass: amtpassword, flags: activationMode, ver: cmd.ver, sku: cmd.sku }; // Flags: 2 = CCM, 4 = ACM
if (activationMode == 4) {
// ACM: Agent is asking the server to sign an Intel AMT ACM activation request
@ -2567,7 +2568,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (obj.common.validateArray(cmd.modes, 1, 2) == false) { ws.send(JSON.stringify({ errorText: 'Invalid activation modes' })); ws.close(); return; }
if (obj.common.validateInt(cmd.currentMode, 0, 2) == false) { ws.send(JSON.stringify({ errorText: 'Invalid current mode' })); ws.close(); return; }
var activationMode = 0; if (cmd.currentMode == 1) { activationMode = 2; } else if (cmd.currentMode == 2) { activationMode = 4; }
ws.xxstate = { uuid: cmd.uuid, realm: cmd.realm, tag: cmd.tag, name: cmd.name, flags: activationMode, ver: cmd.ver }; // Flags: 2 = CCM, 4 = ACM
ws.xxstate = { uuid: cmd.uuid, realm: cmd.realm, tag: cmd.tag, name: cmd.name, hostname: cmd.hostname, flags: activationMode, ver: cmd.ver, sku: cmd.sku }; // Flags: 2 = CCM, 4 = ACM
} else {
// If this is an activation success, check that state was set already.
if (ws.xxstate == null) { ws.send(JSON.stringify({ errorText: 'Invalid command' })); ws.close(); return; }
@ -2581,6 +2582,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (mesh == null) { ws.send(JSON.stringify({ errorText: 'Unknown device group' })); ws.close(); return; }
// Fix the computer name if needed
if ((ws.xxstate.name == null) || (ws.xxstate.name.length == 0)) { ws.xxstate.name = ws.xxstate.hostname; }
if ((ws.xxstate.name == null) || (ws.xxstate.name.length == 0)) { ws.xxstate.name = ws.xxstate.uuid; }
db.getAmtUuidNode(ws.meshid, ws.xxstate.uuid, function (err, nodes) {
@ -2589,7 +2591,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
parent.crypto.randomBytes(48, function (err, buf) {
// Create the new node
var xxnodeid = 'node/' + domain.id + '/' + buf.toString('base64').replace(/\+/g, '@').replace(/\//g, '$');
var device = { type: 'node', _id: xxnodeid, meshid: ws.meshid, name: ws.xxstate.name, rname: ws.xxstate.name, host: ws.remoteaddr, domain: domain.id, intelamt: { state: 2, flags: ws.xxstate.flags, tls: 0, uuid: ws.xxstate.uuid, realm: ws.xxstate.realm, tag: ws.xxstate.tag, ver: ws.xxstate.ver } };
var device = { type: 'node', _id: xxnodeid, meshid: ws.meshid, name: ws.xxstate.name, rname: ws.xxstate.name, host: ws.remoteaddr, domain: domain.id, intelamt: { state: 2, flags: ws.xxstate.flags, tls: 0, uuid: ws.xxstate.uuid, realm: ws.xxstate.realm, tag: ws.xxstate.tag, ver: ws.xxstate.ver, sku: ws.xxstate.sku } };
if (ws.xxstate.pass != null) { device.intelamt.user = 'admin'; device.intelamt.pass = ws.xxstate.pass; }
if (device.intelamt.flags != 0) { device.intelamt.state = 2; } else { device.intelamt.state = 0; }
db.Set(device);
@ -2616,6 +2618,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (ws.xxstate.realm == null) { delete device.intelamt.tag; }
else if (device.intelamt.tag != ws.xxstate.tag) { device.intelamt.tag = ws.xxstate.tag; }
if (device.intelamt.ver != ws.xxstate.ver) { device.intelamt.ver = ws.xxstate.ver; }
if (device.intelamt.sku != ws.xxstate.sku) { device.intelamt.sku = ws.xxstate.sku; }
db.Set(device);
// Event the new node