Merge branch 'Ylianst:master' into master

This commit is contained in:
petervanv 2021-07-15 14:34:11 +02:00 committed by GitHub
commit d520aaf4cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 68 additions and 59 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -110,7 +110,7 @@ function run(argv) {
//console.log('addedModules = ' + JSON.stringify(addedModules)); //console.log('addedModules = ' + JSON.stringify(addedModules));
var actionpath = 'meshaction.txt'; var actionpath = 'meshaction.txt';
if (args.actionfile != null) { actionpath = args.actionfile; } if (args.actionfile != null) { actionpath = args.actionfile; }
var actions = ['HELP', 'ROUTE', 'MICROLMS', 'AMTCONFIG', 'AMTSCAN', 'AMTPOWER', 'AMTFEATURES', 'AMTNETWORK', 'AMTINFO', 'AMTINFODEBUG', 'AMTVERSIONS', 'AMTHASHES', 'AMTSAVESTATE', 'AMTUUID', 'AMTCCM', 'AMTDEACTIVATE', 'AMTACMDEACTIVATE', 'SMBIOS', 'RAWSMBIOS', 'MESHCOMMANDER', 'AMTAUDITLOG', 'AMTEVENTLOG', 'AMTPRESENCE', 'AMTWIFI', 'AMTWAKE', 'AMTSTARTCONFIG', 'AMTSTOPCONFIG']; var actions = ['HELP', 'ROUTE', 'MICROLMS', 'AMTCONFIG', 'AMTSCAN', 'AMTPOWER', 'AMTFEATURES', 'AMTNETWORK', 'AMTINFO', 'AMTINFOJSON', 'AMTVERSIONS', 'AMTHASHES', 'AMTSAVESTATE', 'AMTUUID', 'AMTCCM', 'AMTDEACTIVATE', 'AMTACMDEACTIVATE', 'SMBIOS', 'RAWSMBIOS', 'MESHCOMMANDER', 'AMTAUDITLOG', 'AMTEVENTLOG', 'AMTPRESENCE', 'AMTWIFI', 'AMTWAKE', 'AMTSTARTCONFIG', 'AMTSTOPCONFIG'];
// Load the action file // Load the action file
var actionfile = null; var actionfile = null;
@ -223,8 +223,12 @@ function run(argv) {
console.log(' --output [filename] Optional filename to write the results to.'); console.log(' --output [filename] Optional filename to write the results to.');
} else if (action == 'amtinfo') { } else if (action == 'amtinfo') {
console.log('AmtInfo action will get the version and activation state of Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. Example usage:\r\n\r\n meshcmd amtinfo'); console.log('AmtInfo action will get the version and activation state of Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. Example usage:\r\n\r\n meshcmd amtinfo');
console.log('\r\nPossible arguments:\r\n');
console.log(' --json Display all Intel AMT state in JSON format.');
} else if ((action == 'amtversion') || (action == 'amtversions')) { } else if ((action == 'amtversion') || (action == 'amtversions')) {
console.log('AmtVersions will display all version information about Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. Example usage:\r\n\r\n meshcmd amtversions'); console.log('AmtVersions will display all version information about Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. Example usage:\r\n\r\n meshcmd amtversions');
console.log('\r\nPossible arguments:\r\n');
console.log(' --json Display all Intel AMT state in JSON format.');
} else if (action == 'amthashes') { } else if (action == 'amthashes') {
console.log('Amthashes will display all trusted activations hashes for Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. These certificates hashes are used by Intel AMT when performing activation into ACM mode. Example usage:\r\n\r\n meshcmd amthashes'); console.log('Amthashes will display all trusted activations hashes for Intel AMT on this computer. The command must be run on a computer with Intel AMT, must run as administrator and the Intel management driver must be installed. These certificates hashes are used by Intel AMT when performing activation into ACM mode. Example usage:\r\n\r\n meshcmd amthashes');
} else if ((action == 'microlms') || (action == 'lms') || (action == 'amtlms')) { } else if ((action == 'microlms') || (action == 'lms') || (action == 'amtlms')) {
@ -485,6 +489,9 @@ function run(argv) {
try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; } try { amtMeiModule = require('amt-mei'); amtMei = new amtMeiModule(); } catch (ex) { console.log(ex); exit(1); return; }
amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; }); amtMei.on('error', function (e) { console.log('ERROR: ' + e); exit(1); return; });
amtMei.getVersion(function (val) { amtMei.getVersion(function (val) {
if (args.json) {
console.log(JSON.stringify(val, null, 2));
} else {
console.log("BIOS Version = " + val.BiosVersion.toString()); console.log("BIOS Version = " + val.BiosVersion.toString());
for (var version in val.Versions) { for (var version in val.Versions) {
var extras = '', skuBits = ['', 'iQST', 'ASF', 'AMT', 'ISM', 'TPM', '', '', 'HomeIT', '', 'WOX', '', '', 'AT-p', 'Corporate', 'L3 Mgt Upgrade']; var extras = '', skuBits = ['', 'iQST', 'ASF', 'AMT', 'ISM', 'TPM', '', '', 'HomeIT', '', 'WOX', '', '', 'AT-p', 'Corporate', 'L3 Mgt Upgrade'];
@ -495,6 +502,7 @@ function run(argv) {
} }
console.log(val.Versions[version].Description + " = " + val.Versions[version].Version + extras); console.log(val.Versions[version].Description + " = " + val.Versions[version].Version + extras);
} }
}
exit(1); return; exit(1); return;
}); });
} else if (settings.action == 'amthashes') { } else if (settings.action == 'amthashes') {
@ -534,7 +542,7 @@ function run(argv) {
} }
amtMei.getProvisioningState(function (result) { if (result) { mestate.ProvisioningState = result; } }); amtMei.getProvisioningState(function (result) { if (result) { mestate.ProvisioningState = result; } });
amtMei.getProvisioningMode(function (result) { if (result) { mestate.ProvisioningMode = result; } }); amtMei.getProvisioningMode(function (result) { if (result) { mestate.ProvisioningMode = result; } });
amtMei.getEHBCState(function (result) { if (result) { mestate.ehbc = result; } }); amtMei.getEHBCState(function (result) { mestate.ehbc = ((result === true) || (typeof result == 'object') && (result.EHBC === true)); });
amtMei.getControlMode(function (result) { if (result) { mestate.controlmode = result; } }); amtMei.getControlMode(function (result) { if (result) { mestate.controlmode = result; } });
amtMei.getMACAddresses(function (result) { if (result) { mestate.mac = result; } }); amtMei.getMACAddresses(function (result) { if (result) { mestate.mac = result; } });
amtMei.getLanInterfaceSettings(0, function (result) { if (result) { mestate.net0 = result; } }); amtMei.getLanInterfaceSettings(0, function (result) { if (result) { mestate.net0 = result; } });
@ -543,7 +551,9 @@ function run(argv) {
amtMei.getRemoteAccessConnectionStatus(function (result) { if ((result != null) && (result.status == 0)) { mestate.networkStatus = result.networkStatus; mestate.remoteAccessStatus = result.remoteAccessStatus; mestate.remoteAccessTrigger = result.remoteAccessTrigger; mestate.mpsHostname = result.mpsHostname; } }); amtMei.getRemoteAccessConnectionStatus(function (result) { if ((result != null) && (result.status == 0)) { mestate.networkStatus = result.networkStatus; mestate.remoteAccessStatus = result.remoteAccessStatus; mestate.remoteAccessTrigger = result.remoteAccessTrigger; mestate.mpsHostname = result.mpsHostname; } });
amtMei.getDnsSuffix(function (result) { amtMei.getDnsSuffix(function (result) {
if (result) { mestate.DnsSuffix = result; } if (result) { mestate.DnsSuffix = result; }
if (mestate.ver && mestate.ProvisioningState && mestate.ProvisioningMode) { if (args.json) {
console.log(JSON.stringify(mestate, null, 2));
} else if (mestate.ver && mestate.ProvisioningState && mestate.ProvisioningMode) {
var str = 'Intel ME v' + mestate.ver; var str = 'Intel ME v' + mestate.ver;
if (mestate.sku & 8) { str = 'Intel AMT v' + mestate.ver } if (mestate.sku & 8) { str = 'Intel AMT v' + mestate.ver }
else if (mestate.sku & 16) { str = 'Intel SM v' + mestate.ver } else if (mestate.sku & 16) { str = 'Intel SM v' + mestate.ver }
@ -558,7 +568,7 @@ function run(argv) {
} }
} }
} }
if ((mestate.ehbc) && (mestate.ehbc.EHBC == true)) { str += ', EHBC enabled'; } if (mestate.ehbc) { str += ', EHBC enabled'; }
str += '.'; str += '.';
if (mestate.net0 != null) { str += '\r\nWired ' + ((mestate.net0.enabled == 1) ? 'Enabled' : 'Disabled') + ((mestate.net0.dhcpEnabled == 1) ? ', DHCP' : ', Static') + ', ' + mestate.net0.mac + (mestate.net0.address == '0.0.0.0' ? '' : (', ' + mestate.net0.address)); } if (mestate.net0 != null) { str += '\r\nWired ' + ((mestate.net0.enabled == 1) ? 'Enabled' : 'Disabled') + ((mestate.net0.dhcpEnabled == 1) ? ', DHCP' : ', Static') + ', ' + mestate.net0.mac + (mestate.net0.address == '0.0.0.0' ? '' : (', ' + mestate.net0.address)); }
if (mestate.net1 != null) { str += '\r\nWireless ' + ((mestate.net1.enabled == 1) ? 'Enabled' : 'Disabled') + ((mestate.net1.dhcpEnabled == 1) ? ', DHCP' : ', Static') + ', ' + mestate.net1.mac + (mestate.net1.address == '0.0.0.0' ? '' : (', ' + mestate.net1.address)); } if (mestate.net1 != null) { str += '\r\nWireless ' + ((mestate.net1.enabled == 1) ? 'Enabled' : 'Disabled') + ((mestate.net1.dhcpEnabled == 1) ? ', DHCP' : ', Static') + ', ' + mestate.net1.mac + (mestate.net1.address == '0.0.0.0' ? '' : (', ' + mestate.net1.address)); }
@ -596,7 +606,7 @@ function run(argv) {
} }
}); });
} catch (ex) { console.log("Unable to perform MEI operations, try running as " + ((process.platform == 'win32')?"administrator.":"root.")); exit(1); return; } } catch (ex) { console.log("Unable to perform MEI operations, try running as " + ((process.platform == 'win32')?"administrator.":"root.")); exit(1); return; }
} else if (settings.action == 'amtinfodebug') { } else if (settings.action == 'amtinfojson') {
// Display Intel AMT version and activation state // Display Intel AMT version and activation state
getMeiState(15, function (state) { console.log(JSON.stringify(state, null, 2)); exit(1); }); // Flags: 1 = Versions, 2 = OsAdmin, 4 = Hashes, 8 = Network getMeiState(15, function (state) { console.log(JSON.stringify(state, null, 2)); exit(1); }); // Flags: 1 = Versions, 2 = OsAdmin, 4 = Hashes, 8 = Network
} else if (settings.action == 'amtsavestate') { } else if (settings.action == 'amtsavestate') {
@ -639,6 +649,7 @@ function run(argv) {
// Start Intel AMT configuration // Start Intel AMT configuration
if ((settings.url == null) || (typeof settings.url != 'string') || (settings.url == '')) { console.log('No MeshCentral server URL specified, use --url [url].'); exit(1); return; } if ((settings.url == null) || (typeof settings.url != 'string') || (settings.url == '')) { console.log('No MeshCentral server URL specified, use --url [url].'); exit(1); return; }
if ((settings.id == null) || (typeof settings.id != 'string') || (settings.id == '')) { console.log('No device group identifier specified, use --id [identifier].'); exit(1); return; } if ((settings.id == null) || (typeof settings.id != 'string') || (settings.id == '')) { console.log('No device group identifier specified, use --id [identifier].'); exit(1); return; }
settings.id = settings.id.replace('\'', ''); // Remove single quote.
debug(1, "Settings: " + JSON.stringify(settings)); debug(1, "Settings: " + JSON.stringify(settings));
configureAmt(); configureAmt();
} else if (settings.action == 'amtccm') { } else if (settings.action == 'amtccm') {

View File

@ -17,6 +17,21 @@ limitations under the License.
var Q = require('queue'); var Q = require('queue');
var g_internal = null; var g_internal = null;
function retry_pthi_later()
{
if (++g_internal.errorCount < 20)
{
g_internal.timeout = setTimeout(function (p)
{
p.connect(require('heci').GUIDS.AMT, { noPipeline: 1 });
}, 250, this);
}
else
{
this.Parent.emit('error', 'PTHI Connection could not be established');
}
}
function amt_heci() function amt_heci()
{ {
var emitterUtils = require('events').inherits(this); var emitterUtils = require('events').inherits(this);
@ -29,7 +44,7 @@ function amt_heci()
var that = this; var that = this;
if (g_internal == null) if (g_internal == null)
{ {
g_internal = { _rq: new Q(), _amt: null }; g_internal = { _rq: new Q(), _amt: null, errorCount: 0 };
g_internal._setupPTHI = function _g_setupPTHI() g_internal._setupPTHI = function _g_setupPTHI()
{ {
console.info1('setupPTHI()'); console.info1('setupPTHI()');
@ -42,7 +57,7 @@ function amt_heci()
this._amt.on('error', function _amtOnError(e) this._amt.on('error', function _amtOnError(e)
{ {
console.info1('PTHIError: ' + e); console.info1('PTHIError: ' + e);
if (this.Parent._rq.isEmpty()) if (g_internal._rq.isEmpty())
{ {
console.info1(' Queue is empty'); console.info1(' Queue is empty');
this.Parent.emit('error', e); // No pending requests, so propagate the error up this.Parent.emit('error', e); // No pending requests, so propagate the error up
@ -51,22 +66,13 @@ function amt_heci()
{ {
console.info1(' Queue is NOT empty'); console.info1(' Queue is NOT empty');
// There is a pending request, so fail the pending request // Try again
var user = this.Parent._rq.deQueue(); retry_pthi_later.call(this);
var params = user.optional;
var callback = user.func;
params.unshift({ Status: -1 }); // Relay an error
callback.apply(this.Parent, params);
if (!this.Parent._rq.isEmpty())
{
// There are still more pending requests, so try to re-helpconnect MEI
this.connect(heci.GUIDS.AMT, { noPipeline: 1 });
}
} }
}); });
this._amt.on('connect', function _amtOnConnect() this._amt.on('connect', function _amtOnConnect()
{ {
g_internal.errorCount = 0;
this.on('data', function _amtOnData(chunk) this.on('data', function _amtOnData(chunk)
{ {
//console.log("Received: " + chunk.length + " bytes"); //console.log("Received: " + chunk.length + " bytes");
@ -125,13 +131,6 @@ function amt_heci()
header.writeUInt32LE(arguments[0] | 0x04000000, 4); header.writeUInt32LE(arguments[0] | 0x04000000, 4);
header.writeUInt32LE(arguments[1] == null ? 0 : arguments[1].length, 8); header.writeUInt32LE(arguments[1] == null ? 0 : arguments[1].length, 8);
//this._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) });
//if(!this._amt)
//{
// this._setupPTHI();
// this._amt.connect(heci.GUIDS.AMT, { noPipeline: 1 });
//}
g_internal._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) }); g_internal._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) });
if (!g_internal._amt) if (!g_internal._amt)
{ {

View File

@ -17,6 +17,21 @@ limitations under the License.
var Q = require('queue'); var Q = require('queue');
var g_internal = null; var g_internal = null;
function retry_pthi_later()
{
if (++g_internal.errorCount < 20)
{
g_internal.timeout = setTimeout(function (p)
{
p.connect(require('heci').GUIDS.AMT, { noPipeline: 1 });
}, 250, this);
}
else
{
this.Parent.emit('error', 'PTHI Connection could not be established');
}
}
function amt_heci() function amt_heci()
{ {
var emitterUtils = require('events').inherits(this); var emitterUtils = require('events').inherits(this);
@ -29,7 +44,7 @@ function amt_heci()
var that = this; var that = this;
if (g_internal == null) if (g_internal == null)
{ {
g_internal = { _rq: new Q(), _amt: null }; g_internal = { _rq: new Q(), _amt: null, errorCount: 0 };
g_internal._setupPTHI = function _g_setupPTHI() g_internal._setupPTHI = function _g_setupPTHI()
{ {
console.info1('setupPTHI()'); console.info1('setupPTHI()');
@ -42,7 +57,7 @@ function amt_heci()
this._amt.on('error', function _amtOnError(e) this._amt.on('error', function _amtOnError(e)
{ {
console.info1('PTHIError: ' + e); console.info1('PTHIError: ' + e);
if (this.Parent._rq.isEmpty()) if (g_internal._rq.isEmpty())
{ {
console.info1(' Queue is empty'); console.info1(' Queue is empty');
this.Parent.emit('error', e); // No pending requests, so propagate the error up this.Parent.emit('error', e); // No pending requests, so propagate the error up
@ -51,22 +66,13 @@ function amt_heci()
{ {
console.info1(' Queue is NOT empty'); console.info1(' Queue is NOT empty');
// There is a pending request, so fail the pending request // Try again
var user = this.Parent._rq.deQueue(); retry_pthi_later.call(this);
var params = user.optional;
var callback = user.func;
params.unshift({ Status: -1 }); // Relay an error
callback.apply(this.Parent, params);
if (!this.Parent._rq.isEmpty())
{
// There are still more pending requests, so try to re-helpconnect MEI
this.connect(heci.GUIDS.AMT, { noPipeline: 1 });
}
} }
}); });
this._amt.on('connect', function _amtOnConnect() this._amt.on('connect', function _amtOnConnect()
{ {
g_internal.errorCount = 0;
this.on('data', function _amtOnData(chunk) this.on('data', function _amtOnData(chunk)
{ {
//console.log("Received: " + chunk.length + " bytes"); //console.log("Received: " + chunk.length + " bytes");
@ -125,13 +131,6 @@ function amt_heci()
header.writeUInt32LE(arguments[0] | 0x04000000, 4); header.writeUInt32LE(arguments[0] | 0x04000000, 4);
header.writeUInt32LE(arguments[1] == null ? 0 : arguments[1].length, 8); header.writeUInt32LE(arguments[1] == null ? 0 : arguments[1].length, 8);
//this._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) });
//if(!this._amt)
//{
// this._setupPTHI();
// this._amt.connect(heci.GUIDS.AMT, { noPipeline: 1 });
//}
g_internal._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) }); g_internal._rq.enQueue({ cmd: arguments[0], func: arguments[2], optional: args, send: (arguments[1] == null ? header : Buffer.concat([header, arguments[1]])) });
if (!g_internal._amt) if (!g_internal._amt)
{ {

View File

@ -1875,7 +1875,7 @@ module.exports.CreateAmtManager = function (parent) {
function activateIntelAmt(dev) { function activateIntelAmt(dev) {
// Find the Intel AMT policy // Find the Intel AMT policy
const mesh = parent.webserver.meshes[dev.meshid]; const mesh = parent.webserver.meshes[dev.meshid];
if (mesh == null) { dev.consoleMsg("Unable to find device group."); removeAmtDevice(dev, 36); return false; } if (mesh == null) { dev.consoleMsg("Unable to find device group (" + dev.meshid + ")."); removeAmtDevice(dev, 36); return false; }
var amtPolicy = 0; // 0 = Do nothing, 1 = Deactivate CCM, 2 = CCM, 3 = ACM var amtPolicy = 0; // 0 = Do nothing, 1 = Deactivate CCM, 2 = CCM, 3 = ACM
var ccmPolicy = 0; // Only used when in ACM policy: 0 = Do nothing, 1 = Deactivate CCM, 2 = CCM is ACM fails var ccmPolicy = 0; // Only used when in ACM policy: 0 = Do nothing, 1 = Deactivate CCM, 2 = CCM is ACM fails
if (mesh.amt != null) { if (typeof mesh.amt.type == 'number') { amtPolicy = mesh.amt.type; } if (typeof mesh.amt.ccm == 'number') { ccmPolicy = mesh.amt.ccm; } } if (mesh.amt != null) { if (typeof mesh.amt.type == 'number') { amtPolicy = mesh.amt.type; } if (typeof mesh.amt.ccm == 'number') { ccmPolicy = mesh.amt.ccm; } }

View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.8.77", "version": "0.8.78",
"keywords": [ "keywords": [
"Remote Device Management", "Remote Device Management",
"Remote Device Monitoring", "Remote Device Monitoring",

File diff suppressed because one or more lines are too long

View File

@ -4575,7 +4575,7 @@
url = 'ws://' + servername + portStr + domainUrl; url = 'ws://' + servername + portStr + domainUrl;
} }
var x = format("Add, activate and configure Intel&reg; AMT to group \"{0}\" by periodically running MeshCmd as administrator on the remote device.", EscapeHtml(mesh.name)) + '<br /><br />'; var x = format("Add, activate and configure Intel&reg; AMT to group \"{0}\" by periodically running MeshCmd as administrator on the remote device.", EscapeHtml(mesh.name)) + '<br /><br />';
x += '<textarea readonly=readonly style=width:100%;resize:none;height:100px;overflow:auto;font-size:12px readonly>meshcmd amtconfig --url ' + url + 'apf.ashx --id ' + meshid.split('/')[2] + ' --serverhttpshash ' + serverinfo.tlshash + '</textarea>'; x += '<textarea readonly=readonly style=width:100%;resize:none;height:100px;overflow:auto;font-size:12px readonly>meshcmd amtconfig --url ' + url + 'apf.ashx --id \'' + meshid.split('/')[2] + '\' --serverhttpshash ' + serverinfo.tlshash + '</textarea>';
if (serverinfo.amtAcmFqdn != null) { if (serverinfo.amtAcmFqdn != null) {
x += ('<div style=margin-top:8px>' + "For ACM activation, Intel&reg; AMT will need to be set to the following trusted FQDN:" + ' <b>' + serverinfo.amtAcmFqdn.join(', ') + '</b></div>'); x += ('<div style=margin-top:8px>' + "For ACM activation, Intel&reg; AMT will need to be set to the following trusted FQDN:" + ' <b>' + serverinfo.amtAcmFqdn.join(', ') + '</b></div>');
} }