Added Windows Security Center hooks

agents/meshcore.js

@@ -4147,14 +4147,17 @@ function createMeshCore(agent) {
     }
 
     // Called periodically to check if we need to send updates to the server
-    function sendPeriodicServerUpdate(flags, force) {
+    function sendPeriodicServerUpdate(flags, force)
+    {
         if (meshServerConnectionState == 0) return; // Not connected to server, do nothing.
         if (!flags) { flags = 0xFFFFFFFF; }
 
         // If we have a connected MEI, get Intel ME information
-        if ((flags & 1) && (amt != null) && (amt.state == 2)) {
+        if ((flags & 1) && (amt != null) && (amt.state == 2))
+        {
             delete meshCoreObj.intelamt;
-            amt.getMeiState(9, function (meinfo) {
+            amt.getMeiState(9, function (meinfo)
+            {
                 meshCoreObj.intelamt = meinfo;
                 meshCoreObj.intelamt.microlms = amt.lmsstate;
                 meshCoreObjChanged();
@@ -4165,17 +4168,40 @@ function createMeshCore(agent) {
         if (flags & 2) { sendNetworkUpdateNagle(false); }
 
         // Update anti-virus information
-        if ((flags & 4) && (process.platform == 'win32')) {
+        if ((flags & 4) && (process.platform == 'win32'))
+        {
             // Windows Command: "wmic /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct get /FORMAT:CSV"
             try { meshCoreObj.av = require('win-info').av(); meshCoreObjChanged(); } catch (e) { av = null; } // Antivirus
             //if (process.platform == 'win32') { try { meshCoreObj.pr = require('win-info').pendingReboot(); meshCoreObjChanged(); } catch (e) { meshCoreObj.pr = null; } } // Pending reboot
         }
+        if (process.platform == 'win32')
+        {
+            if(require('MeshAgent')._securitycenter == null)
+            {
+                try
+                {
+                    require('MeshAgent')._securitycenter = require('win-securitycenter').status();
+                    meshCoreObj['windowsSecurityCenter'] = require('MeshAgent')._securitycenter;
+                    require('win-securitycenter').on('changed', function ()
+                    {
+                        require('MeshAgent')._securitycenter = require('win-securitycenter').status();
+                        meshCoreObj['windowsSecurityCenter'] = require('MeshAgent')._securitycenter;
+                        require('MeshAgent').SendCommand({ windowsSecurityCenter: require('MeshAgent')._securitycenter });
+                    });
+                }
+                catch(e)
+                {
+                }
+            }
+        }
 
         // Send available data right now
-        if (force) {
+        if (force)
+        {
             meshCoreObj = sortObjRec(meshCoreObj);
             var x = JSON.stringify(meshCoreObj);
-            if (x != LastPeriodicServerUpdate) {
+            if (x != LastPeriodicServerUpdate)
+            {
                 LastPeriodicServerUpdate = x;
                 mesh.SendCommand(meshCoreObj);
             }
@@ -4186,11 +4212,13 @@ function createMeshCore(agent) {
     var LastPeriodicServerUpdate = null;
     var PeriodicServerUpdateNagleTimer = null;
     function meshCoreObjChanged() { if (PeriodicServerUpdateNagleTimer == null) { PeriodicServerUpdateNagleTimer = setTimeout(meshCoreObjChangedEx, 500); } }
-    function meshCoreObjChangedEx() {
+    function meshCoreObjChangedEx()
+    {
         PeriodicServerUpdateNagleTimer = null;
         meshCoreObj = sortObjRec(meshCoreObj);
         var x = JSON.stringify(meshCoreObj);
-        if (x != LastPeriodicServerUpdate) {
+        if (x != LastPeriodicServerUpdate)
+        {
             try { LastPeriodicServerUpdate = x; mesh.SendCommand(meshCoreObj); } catch (ex) { }
         }
     }

agents/modules_meshcmd/win-securitycenter.js

@@ -0,0 +1,101 @@
+/*
+Copyright 2021 Intel Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+var seccenter = null;
+var WSC_SECURITY_PROVIDER_FIREWALL = 0x1;
+var WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 0x2;
+var WSC_SECURITY_PROVIDER_ANTIVIRUS = 0x4;
+var WSC_SECURITY_PROVIDER_ANTISPYWARE = 0x8;
+
+var WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0;          // Green pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1;  // Yellow pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_POOR = 2;          // Red pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3;        // Yellow pillar in English locales
+
+try
+{
+    seccenter = require('_GenericMarshal').CreateNativeProxy('Wscapi.dll');
+    seccenter.CreateMethod('WscGetSecurityProviderHealth');
+    seccenter.CreateMethod('WscRegisterForChanges');
+    seccenter.CreateMethod('WscUnRegisterChanges'); 
+}
+catch(e)
+{
+}
+
+function statusString(val)
+{
+    var ret = 'UNKNOWN';
+
+    switch (val)
+    {
+        case 0:
+            ret = 'OK';
+            break;
+        case 1:
+        case 3:
+            ret = 'WARNING';
+            break;
+        case 2:
+            ret = 'PROBLEM';
+            break;
+        default:
+            ret = 'UNKNOWN';
+            break;
+    }
+    return (ret);
+}
+function getStatus()
+{
+    var ret = { firewall: 'UNKNOWN', antiVirus: 'UNKNOWN', autoUpdate: 'UNKNOWN' };
+    if (seccenter != null)
+    {
+        var status = require('_GenericMarshal').CreateVariable(4);
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL, status).Val == 0) { ret.firewall = statusString(status.toBuffer().readUInt32LE()); }
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_ANTIVIRUS, status).Val == 0) { ret.antiVirus = statusString(status.toBuffer().readUInt32LE()); }
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS, status).Val == 0) { ret.autoUpdate = statusString(status.toBuffer().readUInt32LE()); }
+    }
+    return (ret);
+}
+
+if (process.platform == 'win32' && seccenter != null)
+{
+    var j = { status: getStatus };
+    require('events').EventEmitter.call(j, true)
+        .createEvent('changed');
+    j._H = require('_GenericMarshal').CreatePointer();
+    j._EV = require('_GenericMarshal').GetGenericGlobalCallback(1);
+    j._EV.parent = j;
+    j._EV.on('GlobalCallback', function (p)
+    {
+        if (!this.ObjectToPtr_Verify(this.parent, p)) { return; } // This event is not for us
+        this.parent.emit('changed');
+    });
+    j.on('~', function ()
+    {
+        if (seccenter.WscUnRegisterChanges(this._H).Val == 0) { }
+    });
+
+    if (seccenter.WscRegisterForChanges(0, j._H, j._EV, require('_GenericMarshal').ObjectToPtr(j)).Val == 0)
+    {
+        j._H = j._H.Deref();
+    }
+    module.exports = j;
+}
+else
+{
+    throw ('win-securitycenter not supported on this platform');
+}

agents/modules_meshcore/win-securitycenter.js

@@ -0,0 +1,101 @@
+/*
+Copyright 2021 Intel Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+var seccenter = null;
+var WSC_SECURITY_PROVIDER_FIREWALL = 0x1;
+var WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 0x2;
+var WSC_SECURITY_PROVIDER_ANTIVIRUS = 0x4;
+var WSC_SECURITY_PROVIDER_ANTISPYWARE = 0x8;
+
+var WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0;          // Green pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1;  // Yellow pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_POOR = 2;          // Red pillar in English locales
+var WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3;        // Yellow pillar in English locales
+
+try
+{
+    seccenter = require('_GenericMarshal').CreateNativeProxy('Wscapi.dll');
+    seccenter.CreateMethod('WscGetSecurityProviderHealth');
+    seccenter.CreateMethod('WscRegisterForChanges');
+    seccenter.CreateMethod('WscUnRegisterChanges'); 
+}
+catch(e)
+{
+}
+
+function statusString(val)
+{
+    var ret = 'UNKNOWN';
+
+    switch (val)
+    {
+        case 0:
+            ret = 'OK';
+            break;
+        case 1:
+        case 3:
+            ret = 'WARNING';
+            break;
+        case 2:
+            ret = 'PROBLEM';
+            break;
+        default:
+            ret = 'UNKNOWN';
+            break;
+    }
+    return (ret);
+}
+function getStatus()
+{
+    var ret = { firewall: 'UNKNOWN', antiVirus: 'UNKNOWN', autoUpdate: 'UNKNOWN' };
+    if (seccenter != null)
+    {
+        var status = require('_GenericMarshal').CreateVariable(4);
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL, status).Val == 0) { ret.firewall = statusString(status.toBuffer().readUInt32LE()); }
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_ANTIVIRUS, status).Val == 0) { ret.antiVirus = statusString(status.toBuffer().readUInt32LE()); }
+        if (seccenter.WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS, status).Val == 0) { ret.autoUpdate = statusString(status.toBuffer().readUInt32LE()); }
+    }
+    return (ret);
+}
+
+if (process.platform == 'win32' && seccenter != null)
+{
+    var j = { status: getStatus };
+    require('events').EventEmitter.call(j, true)
+        .createEvent('changed');
+    j._H = require('_GenericMarshal').CreatePointer();
+    j._EV = require('_GenericMarshal').GetGenericGlobalCallback(1);
+    j._EV.parent = j;
+    j._EV.on('GlobalCallback', function (p)
+    {
+        if (!this.ObjectToPtr_Verify(this.parent, p)) { return; } // This event is not for us
+        this.parent.emit('changed');
+    });
+    j.on('~', function ()
+    {
+        if (seccenter.WscUnRegisterChanges(this._H).Val == 0) { }
+    });
+
+    if (seccenter.WscRegisterForChanges(0, j._H, j._EV, require('_GenericMarshal').ObjectToPtr(j)).Val == 0)
+    {
+        j._H = j._H.Deref();
+    }
+    module.exports = j;
+}
+else
+{
+    throw ('win-securitycenter not supported on this platform');
+}