Fixed MeshCMD AMT DNS suffix on Linux.

This commit is contained in:
Ylian Saint-Hilaire 2021-07-24 10:12:21 -07:00
parent 345f3c12b4
commit 7766e1ca07
7 changed files with 64 additions and 60 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -559,6 +559,7 @@ function run(argv) {
amtMei.getRemoteAccessConnectionStatus(function (result) { if ((result != null) && (result.status == 0)) { mestate.networkStatus = result.networkStatus; mestate.remoteAccessStatus = result.remoteAccessStatus; mestate.remoteAccessTrigger = result.remoteAccessTrigger; mestate.mpsHostname = result.mpsHostname; } });
amtMei.getDnsSuffix(function (result) {
if (result) { mestate.DnsSuffix = result; }
getAmtOsDnsSuffix(mestate, function() {
if (args.json) {
console.log(JSON.stringify(mestate, null, 2));
} else if (mestate.ver && mestate.ProvisioningState && mestate.ProvisioningMode) {
@ -584,6 +585,9 @@ function run(argv) {
if (mestate.DnsSuffix != null) {
// Intel AMT has a trusted DNS suffix set, use that one.
str += '\r\nTrusted DNS suffix: ' + mestate.DnsSuffix;
} else if (mestate.OsDnsSuffix != null) {
// Already found the DNS suffix for the wired interface
str += '\r\nDNS suffix: ' + mestate.OsDnsSuffix;
} else {
// Look for the DNS suffix for the Intel AMT Ethernet interface
var fqdn = null, interfaces = require('os').networkInterfaces();
@ -609,6 +613,7 @@ function run(argv) {
exit(1);
}
});
});
} else {
console.log("Unable to perform MEI operations, try running as " + ((process.platform == 'win32')?"administrator.":"root."));
exit(1); return;
@ -1184,7 +1189,7 @@ function configureAmt() {
getMeiState(15, function (state) { // Flags: 1 = Versions, 2 = OsAdmin, 4 = Hashes, 8 = Network
if (state == null) { console.log("Unable to get Intel AMT state, try running as " + ((process.platform == 'win32')?"administrator.":"root.")); exit(1); return; }
if (state.ProvisioningState == null) { console.log('Intel AMT not ready for configuration.'); exit(1); return; }
startLms(configureAmt2, false, state);
getAmtOsDnsSuffix(state, function() { startLms(configureAmt2, false, state); });
});
}
@ -2987,6 +2992,19 @@ function getMeiState(flags, func) {
} catch (e) { if (func != null) { func(null); } return; }
}
// On non-Windows platforms, we need to query the DHCP server for the DNS suffix
function getAmtOsDnsSuffix(mestate, func) {
if ((process.platform == 'win32') || (mestate.net0 == null) || (mestate.net0.mac == null)) { func(mestate); return; }
try { require('linux-dhcp') } catch (ex) { func(mestate); return; }
require('linux-dhcp').client.info(mestate.net0.mac).then(function(d) {
if ((typeof d.options == 'object') && (typeof d.options.domainname == 'string')) { mestate.OsDnsSuffix = d.options.domainname; }
func(mestate);
}, function(e) {
console.log('DHCP error', e);
func(mestate);
});
}
//
// Startup

View File

@ -1897,7 +1897,7 @@ module.exports.CreateAmtManager = function (parent) {
var trustedFqdn = null;
if (dev.mpsConnection.tag.meiState.OsDnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.OsDnsSuffix; }
if (dev.mpsConnection.tag.meiState.DnsSuffix != null) { trustedFqdn = dev.mpsConnection.tag.meiState.DnsSuffix; }
dev.consoleMsg("No opportunity for ACM activation, trusted FQDN: " + ((trustedFqdn == null) ? "(Not Set)" : (trustedFqdn + ", HEX: " + Buffer.from(trustedFqdn).toString('hex'))));
dev.consoleMsg("No opportunity for ACM activation, trusted FQDN: " + ((trustedFqdn == null) ? "(Not Set)" : trustedFqdn));
removeAmtDevice(dev, 38);
return false; // We are not in CCM and policy restricts use of CCM, so exit now.
}

View File

@ -5721,20 +5721,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (obj.parent.config.firebase.relayserver) { parent.debug('email', 'Firebase-relay-handler'); obj.app.ws(url + 'firebaserelay.aspx', handleFirebaseRelayRequest); }
}
/*
// Testing code only, display a POST and return 200 OK
obj.app.post(url + 'post.aspx', function (req, res) {
var body = [];
req.on('data', function(chunk) {
body.push(chunk);
}).on('end', () => {
body = Buffer.concat(body).toString();
console.log(body);
res.sendStatus(200);
});
});
*/
// Setup auth strategies using passport if needed
if (typeof domain.authstrategies == 'object') {
const passport = domain.passport = require('passport');