mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-25 22:55:52 -05:00
Added option to turn off Intel AMT TLS ACM activation on AMT v14+
This commit is contained in:
Ylian Saint-Hilaire
parent
dcc6676435
commit
8d8c182a7f
@ -1909,9 +1909,16 @@ module.exports.CreateAmtManager = function (parent) {
|
||||
deactivateIntelAmtCCM(dev);
|
||||
} else {
|
||||
// We are not activated now, go to ACM directly.
|
||||
// If this is Intel AMT 14 or better, we are going to attempt a host-based end-to-end TLS activation.
|
||||
// Check if we are allowed to perform TLS ACM activation
|
||||
var TlsAcmActivation = true;
|
||||
var domain = parent.config.domains[dev.domainid];
|
||||
if (domain && domain.amtmanager && (domain.amtmanager.tlsacmactivation == false)) { TlsAcmActivation = false; }
|
||||
|
||||
// Check Intel AMT version
|
||||
if (typeof dev.intelamt.ver == 'string') { var verSplit = dev.intelamt.ver.split('.'); if (verSplit.length >= 3) { dev.aquired.majorver = parseInt(verSplit[0]); dev.aquired.minorver = parseInt(verSplit[1]); } }
|
||||
if (dev.aquired.majorver >= 14) {
|
||||
|
||||
// If this is Intel AMT 14 or better and allowed, we are going to attempt a host-based end-to-end TLS activation.
|
||||
if (TlsAcmActivation && (dev.aquired.majorver >= 14)) {
|
||||
// Perform host-based TLS ACM activation
|
||||
activateIntelAmtTlsAcm(dev, mesh.amt.password, acminfo);
|
||||
} else {
|
||||
|
||||
@ -527,6 +527,7 @@
|
||||
"additionalProperties": false,
|
||||
"description": "Information passed to the AMT manager module that impacts all Intel AMT device managed within this domain.",
|
||||
"properties": {
|
||||
"TlsAcmActivation": { "type": "boolean", "default": true, "description": "When set to false, MeshCentral will not attempt a TLS ACM activation on Intel AMT v14+" },
|
||||
"AdminAccounts": {
|
||||
"description": "List of username and passwords to try when connecting to Intel AMT.",
|
||||
"type": "array",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user