external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Fixed Intel AMT stack, exec with cert references would not work.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2022-04-07 11:09:25 -07:00
parent 90d2d7b21b
commit ef72e5d393
3 changed files with 38 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

30
amt/amt.js
View file

@ -269,8 +269,7 @@ function AmtStackCreateService(wsmanStack) {
obj.AMT_MessageLog_GetRecords = function (IterationIdentifier, MaxReadRecords, callback_func, tag) { obj.Exec("AMT_MessageLog", "GetRecords", { "IterationIdentifier": IterationIdentifier, "MaxReadRecords": MaxReadRecords }, callback_func, tag); }
obj.AMT_MessageLog_GetRecord = function (IterationIdentifier, PositionToNext, callback_func) { obj.Exec("AMT_MessageLog", "GetRecord", { "IterationIdentifier": IterationIdentifier, "PositionToNext": PositionToNext }, callback_func); }
obj.AMT_MessageLog_PositionAtRecord = function (IterationIdentifier, MoveAbsolute, RecordNumber, callback_func) { obj.Exec("AMT_MessageLog", "PositionAtRecord", { "IterationIdentifier": IterationIdentifier, "MoveAbsolute": MoveAbsolute, "RecordNumber": RecordNumber }, callback_func); }
obj.AMT_MessageLog_PositionToFirstRecord = function (callback_func, tag) {
obj.Exec("AMT_MessageLog", "PositionToFirstRecord", {}, callback_func, tag); }
obj.AMT_MessageLog_PositionToFirstRecord = function (callback_func, tag) { obj.Exec("AMT_MessageLog", "PositionToFirstRecord", {}, callback_func, tag); }
obj.AMT_MessageLog_FreezeLog = function (Freeze, callback_func) { obj.Exec("AMT_MessageLog", "FreezeLog", { "Freeze": Freeze }, callback_func); }
obj.AMT_PublicKeyManagementService_AddCRL = function (Url, SerialNumbers, callback_func) { obj.Exec("AMT_PublicKeyManagementService", "AddCRL", { "Url": Url, "SerialNumbers": SerialNumbers }, callback_func); }
obj.AMT_PublicKeyManagementService_ResetCRLList = function (_method_dummy, callback_func) { obj.Exec("AMT_PublicKeyManagementService", "ResetCRLList", { "_method_dummy": _method_dummy }, callback_func); }
@ -304,10 +303,7 @@ function AmtStackCreateService(wsmanStack) {
obj.AMT_TimeSynchronizationService_SetHighAccuracyTimeSynch = function (Ta0, Tm1, Tm2, callback_func, tag) { obj.Exec("AMT_TimeSynchronizationService", "SetHighAccuracyTimeSynch", { "Ta0": Ta0, "Tm1": Tm1, "Tm2": Tm2 }, callback_func, tag); }
obj.AMT_UserInitiatedConnectionService_RequestStateChange = function (RequestedState, TimeoutPeriod, callback_func) { obj.Exec("AMT_UserInitiatedConnectionService", "RequestStateChange", { "RequestedState": RequestedState, "TimeoutPeriod": TimeoutPeriod }, callback_func); }
obj.AMT_WebUIService_RequestStateChange = function (RequestedState, TimeoutPeriod, callback_func, tag) { obj.Exec("AMT_WebUIService", "RequestStateChange", { "RequestedState": RequestedState, "TimeoutPeriod": TimeoutPeriod }, callback_func, tag); }
obj.AMT_WiFiPortConfigurationService_AddWiFiSettings = function (WiFiEndpoint, WiFiEndpointSettingsInput, IEEE8021xSettingsInput, ClientCredential, CACredential, callback_func) {
console.log(JSON.stringify({ "WiFiEndpoint": WiFiEndpoint, "WiFiEndpointSettingsInput": WiFiEndpointSettingsInput, "IEEE8021xSettingsInput": IEEE8021xSettingsInput, "ClientCredential": ClientCredential, "CACredential": CACredential }, null, 2));
obj.ExecWithXml("AMT_WiFiPortConfigurationService", "AddWiFiSettings", { "WiFiEndpoint": WiFiEndpoint, "WiFiEndpointSettingsInput": WiFiEndpointSettingsInput, "IEEE8021xSettingsInput": IEEE8021xSettingsInput, "ClientCredential": ClientCredential, "CACredential": CACredential }, callback_func);
}
obj.AMT_WiFiPortConfigurationService_AddWiFiSettings = function (WiFiEndpoint, WiFiEndpointSettingsInput, IEEE8021xSettingsInput, ClientCredential, CACredential, callback_func) { obj.ExecWithXml("AMT_WiFiPortConfigurationService", "AddWiFiSettings", { "WiFiEndpoint": WiFiEndpoint, "WiFiEndpointSettingsInput": WiFiEndpointSettingsInput, "IEEE8021xSettingsInput": IEEE8021xSettingsInput, "ClientCredential": ClientCredential, "CACredential": CACredential }, callback_func); }
obj.AMT_WiFiPortConfigurationService_UpdateWiFiSettings = function (WiFiEndpointSettings, WiFiEndpointSettingsInput, IEEE8021xSettingsInput, ClientCredential, CACredential, callback_func) { obj.ExecWithXml("AMT_WiFiPortConfigurationService", "UpdateWiFiSettings", { "WiFiEndpointSettings": WiFiEndpointSettings, "WiFiEndpointSettingsInput": WiFiEndpointSettingsInput, "IEEE8021xSettingsInput": IEEE8021xSettingsInput, "ClientCredential": ClientCredential, "CACredential": CACredential }, callback_func); }
obj.AMT_WiFiPortConfigurationService_DeleteAllITProfiles = function (_method_dummy, callback_func) { obj.Exec("AMT_WiFiPortConfigurationService", "DeleteAllITProfiles", { "_method_dummy": _method_dummy }, callback_func); }
obj.AMT_WiFiPortConfigurationService_DeleteAllUserProfiles = function (_method_dummy, callback_func) { obj.Exec("AMT_WiFiPortConfigurationService", "DeleteAllUserProfiles", { "_method_dummy": _method_dummy }, callback_func); }
@ -995,17 +991,21 @@ function AmtStackCreateService(wsmanStack) {
var endTag = hasNamespace ? '</q:' : '</';
var namespaceDef = hasNamespace ? (' xmlns:q="' + inInstance['__namespace'] + '"') : '';
var result = '<r:' + instanceName + namespaceDef + '>';
for (var prop in inInstance) {
if (!inInstance.hasOwnProperty(prop) || prop.indexOf('__') === 0) continue;
if (typeof inInstance == 'string') {
result += inInstance;
} else {
for (var prop in inInstance) {
if (!inInstance.hasOwnProperty(prop) || prop.indexOf('__') === 0) continue;
if (typeof inInstance[prop] === 'function' || Array.isArray(inInstance[prop])) continue;
if (typeof inInstance[prop] === 'function' || Array.isArray(inInstance[prop])) continue;
if (typeof inInstance[prop] === 'object') {
//result += startTag + prop +'>' + instanceToXml('prop', inInstance[prop]) + endTag + prop +'>';
console.error('only convert one level down...');
}
else {
result += startTag + prop + '>' + inInstance[prop].toString() + endTag + prop + '>';
if (typeof inInstance[prop] === 'object') {
//result += startTag + prop +'>' + instanceToXml('prop', inInstance[prop]) + endTag + prop +'>';
console.error('only convert one level down...');
}
else {
result += startTag + prop + '>' + inInstance[prop].toString() + endTag + prop + '>';
}
}
}
result += '</r:' + instanceName + '>';

27
amtmanager.js
View file

@ -1709,6 +1709,7 @@ module.exports.CreateAmtManager = function (parent) {
const wiredConfig = devNetAuthData.wiredConfig;
const wirelessConfig = devNetAuthData.wirelessConfig;
var taskCounter = 0;
if (wirelessConfig) {
// Add missing WIFI profiles
var nextPriority = 1;
@ -1748,7 +1749,6 @@ module.exports.CreateAmtManager = function (parent) {
if (domain.amtmanager['802.1x'].domain) { netAuthProfile['Domain'] = domain.amtmanager['802.1x'].domain; }
if (domain.amtmanager['802.1x'].authenticationprotocol > 3) { domain.amtmanager['ProtectedAccessCredential'] = profileToAdd['802.1x'].protectedaccesscredentialhex; netAuthProfile['PACPassword'] = profileToAdd['802.1x'].pacpassword; }
/*
// Setup Client Certificate
if (devNetAuthData.certInstanceId) {
netAuthSettingsClientCert = '<a:Address>/wsman</a:Address><a:ReferenceParameters><w:ResourceURI>' + dev.amtstack.CompleteName('AMT_PublicKeyCertificate') + '</w:ResourceURI><w:SelectorSet><w:Selector Name="InstanceID">' + devNetAuthData.certInstanceId + '</w:Selector></w:SelectorSet></a:ReferenceParameters>';
@ -1757,16 +1757,6 @@ module.exports.CreateAmtManager = function (parent) {
if (devNetAuthData.rootCertInstanceId) {
netAuthSettingsServerCaCert = '<a:Address>/wsman</a:Address><a:ReferenceParameters><w:ResourceURI>' + dev.amtstack.CompleteName('AMT_PublicKeyCertificate') + '</w:ResourceURI><w:SelectorSet><w:Selector Name="InstanceID">' + devNetAuthData.rootCertInstanceId + '</w:Selector></w:SelectorSet></a:ReferenceParameters>';
}
*/
// Setup Client Certificate
if (devNetAuthData.certInstanceId) {
netAuthSettingsClientCert = '<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><ResourceURI xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://intel.com/wbem/wscim/1/amt-schema/1/AMT_PublicKeyCertificate</ResourceURI><SelectorSet xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd"><Selector Name="InstanceID">' + devNetAuthData.certInstanceId + '</Selector></SelectorSet></ReferenceParameters>';
}
// Setup Server Certificate
if (devNetAuthData.rootCertInstanceId) {
netAuthSettingsServerCaCert = '<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><ResourceURI xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://intel.com/wbem/wscim/1/amt-schema/1/AMT_PublicKeyCertificate</ResourceURI><SelectorSet xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd"><Selector Name="InstanceID">' + devNetAuthData.rootCertInstanceId + '</Selector></SelectorSet></ReferenceParameters>';
}
// If we have credentials from MeshCentral Satelite, use that
if (dev.netAuthCredentials != null) {
@ -1777,25 +1767,20 @@ module.exports.CreateAmtManager = function (parent) {
}
}
prioritiesInUse.push(nextPriority); // Occupy the priority slot and add the WIFI profile.
console.log('AddWiFiSettings1');
taskCounter++;
dev.amtstack.AMT_WiFiPortConfigurationService_AddWiFiSettings(wifiep, wifiepsettinginput, netAuthProfile, netAuthSettingsClientCert, netAuthSettingsServerCaCert, function (stack, name, response, status) {
if (status != 200) { dev.consoleMsg("Unable to set WIFI profile."); }
console.log('AddWiFiSettings2', status, response);
if (--taskCounter == 0) { attemptWifiSyncEx2(dev, devNetAuthData); } // All done, complete WIFI configuration
});
}
// Complete WIFI configuration
attemptWifiSyncEx2(dev, devNetAuthData);
} else {
// Done
devTaskCompleted(dev);
}
if (taskCounter == 0) { attemptWifiSyncEx2(dev, devNetAuthData); } // All done, complete WIFI configuration
}
function attemptWifiSyncEx2(dev, devNetAuthData) {
if (isAmtDeviceValid(dev) == false) return; // Device no longer exists, ignore this request.
const responses = devNetAuthData.responses;
// Check if local WIFI profile sync is enabled, if not, enabled it.
@ -1825,8 +1810,6 @@ module.exports.CreateAmtManager = function (parent) {
}
}
console.log('ALL GOOD');
// Done
devTaskCompleted(dev);
}

28
public/scripts/amt-0.2.0.js
View file

@ -896,20 +896,24 @@ function instanceToXml(instanceName, inInstance) {
var startTag = hasNamespace ? '<q:' : '<';
var endTag = hasNamespace ? '</q:' : '</';
var namespaceDef = hasNamespace ? (' xmlns:q="' + inInstance['__namespace'] + '"' ): '';
var result = '<r:' + instanceName + namespaceDef + '>';
for(var prop in inInstance) {
if (!inInstance.hasOwnProperty(prop) || prop.indexOf('__') === 0) continue;
var result = '<r:' + instanceName + namespaceDef + '>';
if (typeof inInstance == 'string') {
result += inInstance;
} else {
for (var prop in inInstance) {
if (!inInstance.hasOwnProperty(prop) || prop.indexOf('__') === 0) continue;
if (typeof inInstance[prop] === 'function' || Array.isArray(inInstance[prop]) ) continue;
if (typeof inInstance[prop] === 'function' || Array.isArray(inInstance[prop])) continue;
if (typeof inInstance[prop] === 'object') {
//result += startTag + prop +'>' + instanceToXml('prop', inInstance[prop]) + endTag + prop +'>';
console.error('only convert one level down...');
}
else {
result += startTag + prop +'>' + inInstance[prop].toString() + endTag + prop +'>';
}
}
if (typeof inInstance[prop] === 'object') {
//result += startTag + prop +'>' + instanceToXml('prop', inInstance[prop]) + endTag + prop +'>';
console.error('only convert one level down...');
}
else {
result += startTag + prop + '>' + inInstance[prop].toString() + endTag + prop + '>';
}
}
}
result += '</r:' + instanceName + '>';
return result;
}