Many Intel AMT improvements.

2025-03-09 15:40:18 +00:00 · 2020-10-09 15:44:09 -07:00 · 2020-10-09 15:44:09 -07:00 · c0018bb467
commit c0018bb467
parent bc4e07b5fe
12 changed files with 308 additions and 156 deletions
--- a/amt/amt-redir-mesh.js
+++ b/amt/amt-redir-mesh.js
@ -113,11 +113,10 @@ module.exports.CreateAmtRedirect = function (module, domain, user, webserver, me
            */

            // If Intel AMT CIRA connection is available, use it
-            if (((conn & 2) != 0) && (meshcentral.mpsserver.ciraConnections[nodeid] != null)) {
+            var ciraconn = meshcentral.mpsserver.GetConnectionToNode(nodeid, null, true); // Request an OOB connection
+            if (ciraconn != null) {
                Debug(1, 'Opening Intel AMT CIRA transport connection to ' + nodeid + '.');

-                var ciraconn = meshcentral.mpsserver.ciraConnections[nodeid];
-
                // Compute target port, look at the CIRA port mappings, if non-TLS is allowed, use that, if not use TLS
                var port = 16995;
                if (ciraconn.tag.boundPorts.indexOf(16994) >= 0) port = 16994; // RELEASE: Always use non-TLS mode if available within CIRA
--- a/amt/amt-wsman-comm.js
+++ b/amt/amt-wsman-comm.js
@ -5,7 +5,7 @@
 */

 // Construct a MeshServer object
-var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transportServer) {
+var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, ciraConnection) {
    //console.log('CreateWsmanComm', host, port, user, pass, tls, tlsoptions);

    var obj = {};    
@ -38,7 +38,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo
    obj.pass = pass;
    obj.xtls = tls;
    obj.xtlsoptions = tlsoptions;
-    obj.transportServer = transportServer; // This can be a CIRA or APF server, if null, local sockets are used as transport.
+    obj.ciraConnection = ciraConnection; // This can be a CIRA or APF server, if null, local sockets are used as transport.
    obj.xtlsFingerprint;
    obj.xtlsCertificate = null;
    obj.xtlsCheck = 0; // 0 = No TLS, 1 = CA Checked, 2 = Pinned, 3 = Untrusted
@ -166,9 +166,9 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo
        obj.socketState = 1;
        obj.kerberosDone = 0;

-        if (obj.transportServer != null) {
-            // Setup a new channel using the transport server (CIRA or APF)
-            obj.socket = obj.transportServer.SetupChannelToNode(obj.host, obj.port);
+        if (obj.ciraConnection != null) {
+            // Setup a new channel using the CIRA/Relay/LMS connection
+            obj.socket = obj.ciraConnection.SetupChannel(obj.port);
            if (obj.socket == null) {
                try { obj.xxOnSocketClosed(); } catch (e) { }
            } else {
@ -229,7 +229,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo
    obj.xxOnSocketConnected = function () {
        if (obj.socket == null) return;
        // check TLS certificate for webrelay and direct only
-        if ((obj.transportServer == null) && (obj.xtls == 1)) {
+        if ((obj.ciraConnection == null) && (obj.xtls == 1)) {
            obj.xtlsCertificate = obj.socket.getPeerCertificate();

            // ###BEGIN###{Certificates}
@ -348,7 +348,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo
        if (isNaN(s)) s = 500;
        if (s == 401 && ++(obj.authcounter) < 3) {
            obj.challengeParams = obj.parseDigest(header['www-authenticate']); // Set the digest parameters, after this, the socket will close and we will auto-retry            
-            if (obj.transportServer == null) { obj.socket.end(); } else { obj.socket.close(); }
+            if (obj.ciraConnection == null) { obj.socket.end(); } else { obj.socket.close(); }
        } else {
            var r = obj.pendingAjaxCall.shift();
            if (r == null || r.length < 1) { console.log("pendingAjaxCall error, " + r); return; }
@ -365,7 +365,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo
        //obj.Debug("xxOnSocketClosed");
        obj.socketState = 0;
        if (obj.socket != null) {
-            if (obj.transportServer == null) { obj.socket.destroy(); } else { obj.socket.close(); }
+            if (obj.ciraConnection == null) { obj.socket.destroy(); } else { obj.socket.close(); }
            obj.socket = null;
        }
        if (obj.pendingAjaxCall.length > 0) {
@ -376,7 +376,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, transpo

    obj.xxOnSocketTimeout = function () {
        if (obj.socket != null) {
-            if (obj.transportServer == null) { obj.socket.destroy(); } else { obj.socket.close(); }
+            if (obj.ciraConnection == null) { obj.socket.destroy(); } else { obj.socket.close(); }
            obj.socket = null;
        }
    }