diff --git a/amt-0.2.0.js b/amt-0.2.0.js index 4cd1fa6..2ee2ec0 100644 --- a/amt-0.2.0.js +++ b/amt-0.2.0.js @@ -223,6 +223,7 @@ function AmtStackCreateService(wsmanStack) { obj.AMT_EnvironmentDetectionSettingData_SetSystemDefensePolicy = function (Policy, callback_func) { obj.Exec('AMT_EnvironmentDetectionSettingData', 'SetSystemDefensePolicy', { 'Policy': Policy }, callback_func); } obj.AMT_EnvironmentDetectionSettingData_EnableVpnRouting = function (Enable, callback_func) { obj.Exec('AMT_EnvironmentDetectionSettingData', 'EnableVpnRouting', { 'Enable': Enable }, callback_func); } obj.AMT_EthernetPortSettings_SetLinkPreference = function (LinkPreference, Timeout, callback_func) { obj.Exec('AMT_EthernetPortSettings', 'SetLinkPreference', { 'LinkPreference': LinkPreference, 'Timeout': Timeout }, callback_func); } + obj.AMT_GeneralSettings_AMTAuthenticate = function (Nonce, callback_func) { obj.Exec('AMT_GeneralSettings', 'AMTAuthenticate', { 'MC_Nonce': Nonce }, callback_func); } obj.AMT_HeuristicPacketFilterStatistics_ResetSelectedStats = function (SelectedStatistics, callback_func) { obj.Exec('AMT_HeuristicPacketFilterStatistics', 'ResetSelectedStats', { 'SelectedStatistics': SelectedStatistics }, callback_func); } obj.AMT_KerberosSettingData_GetCredentialCacheState = function (callback_func) { obj.Exec('AMT_KerberosSettingData', 'GetCredentialCacheState', {}, callback_func); } obj.AMT_KerberosSettingData_SetCredentialCacheState = function (Enable, callback_func) { obj.Exec('AMT_KerberosSettingData', 'SetCredentialCacheState', { 'Enable': Enable }, callback_func); } diff --git a/amt-wsman-0.2.0.js b/amt-wsman-0.2.0.js index c1fe4ef..4e714cc 100644 --- a/amt-wsman-0.2.0.js +++ b/amt-wsman-0.2.0.js @@ -15,9 +15,17 @@ var WsmanStackCreateService = function (host, port, user, pass, tls, extra) { obj.PerformAjax = function (postdata, callback, tag, pri, namespaces) { if (namespaces == null) namespaces = ''; obj.comm.PerformAjax('
' + postdata, function (data, status, tag) { - if (status != 200) { callback(obj, null, { Header: { HttpError: status } }, status, tag); return; } var wsresponse = obj.ParseWsman(data); - if (!wsresponse || wsresponse == null) { callback(obj, null, { Header: { HttpError: status } }, 601, tag); } else { callback(obj, wsresponse.Header['ResourceURI'], wsresponse, 200, tag); } + if ((data != null) && (!wsresponse || wsresponse == null)) { + callback(obj, null, { Header: { HttpError: status } }, 601, tag); + } else { + if (status != 200) { + if (wsresponse == null) { wsresponse = { Header: {} }; } + wsresponse.Header.HttpError = status; + try { wsresponse.Header.WsmanError = wsresponse.Body['Reason']['Text']['Value']; } catch (ex) { } + } + callback(obj, wsresponse.Header['ResourceURI'], wsresponse, status, tag); + } }, tag, pri); } @@ -100,6 +108,7 @@ var WsmanStackCreateService = function (host, port, user, pass, tls, extra) { // Private method obj.ParseWsman = function (xml) { + if (xml == null) return null; try { if (!xml.childNodes) xml = _turnToXml(xml); var r = { Header: {} }, header = xml.getElementsByTagName('Header')[0], t; @@ -116,11 +125,13 @@ var WsmanStackCreateService = function (host, port, user, pass, tls, extra) { t = body.childNodes[0].localName; if (t.indexOf('_OUTPUT') == t.length - 7) { t = t.substring(0, t.length - 7); } r.Header['Method'] = t; - r.Body = _ParseWsmanRec(body.childNodes[0]); + try { + r.Body = _ParseWsmanRec(body.childNodes[0]); + } catch (ex) { console.log('_ParseWsmanRec failed', body, ex); return null; } } return r; - } catch (e) { - console.log('Unable to parse XML: ' + xml); + } catch (ex) { + console.log('Unable to parse XML: ' + xml + ', ' + ex); return null; } } diff --git a/amt-wsman-ajax-0.2.0.js b/amt-wsman-ajax-0.2.0.js index 7f1263c..77c4bf9 100644 --- a/amt-wsman-ajax-0.2.0.js +++ b/amt-wsman-ajax-0.2.0.js @@ -70,8 +70,8 @@ var CreateWsmanComm = function (url) { if (obj.FailAllError == 999) return; // console.log('RECV: ' + data); // DEBUG if (obj.FailAllError != 0) { callArgs[1](null, obj.FailAllError, callArgs[2]); return; } - if (request.status != 200) { callArgs[1](null, request.status, callArgs[2]); obj.PerformNextAjax(); return; } - callArgs[1](data, 200, callArgs[2]); + //if (request.status != 200) { callArgs[1](data, request.status, callArgs[2]); obj.PerformNextAjax(); return; } + callArgs[1](data, request.status, callArgs[2]); obj.PerformNextAjax(); } diff --git a/amt-wsman-node-0.2.0.js b/amt-wsman-node-0.2.0.js index 6bcd37c..d19a224 100644 --- a/amt-wsman-node-0.2.0.js +++ b/amt-wsman-node-0.2.0.js @@ -380,8 +380,8 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions) { obj.gotNextMessages = function (data, status, request, callArgs) { if (obj.FailAllError == 999) return; if (obj.FailAllError != 0) { try { callArgs[1](null, obj.FailAllError, callArgs[2]); } catch (ex) { console.error(ex); } return; } - if (request.status != 200) { try { callArgs[1](null, request.status, callArgs[2]); } catch (ex) { console.error(ex); } return; } - try { callArgs[1](data, 200, callArgs[2]); } catch (ex) { console.error(ex); } + //if (request.status != 200) { try { callArgs[1](data, request.status, callArgs[2]); } catch (ex) { console.error(ex); } return; } + try { callArgs[1](data, request.status, callArgs[2]); } catch (ex) { console.error(ex); } } // Private method diff --git a/amt-wsman-ws-0.2.0.js b/amt-wsman-ws-0.2.0.js index 95b62d2..e4cd425 100644 --- a/amt-wsman-ws-0.2.0.js +++ b/amt-wsman-ws-0.2.0.js @@ -252,8 +252,8 @@ var CreateWsmanComm = function (host, port, user, pass, tls) { obj.gotNextMessages = function (data, status, request, callArgs) { if (obj.FailAllError == 999) return; if (obj.FailAllError != 0) { callArgs[1](null, obj.FailAllError, callArgs[2]); return; } - if (request.status != 200) { callArgs[1](null, request.status, callArgs[2]); return; } - callArgs[1](data, 200, callArgs[2]); + //if (request.status != 200) { callArgs[1](null, request.status, callArgs[2]); return; } + callArgs[1](data, request.status, callArgs[2]); } // Private method diff --git a/common-0.0.1.js b/common-0.0.1.js index ada2cc0..bdcfef1 100644 --- a/common-0.0.1.js +++ b/common-0.0.1.js @@ -104,4 +104,10 @@ function random(max) { return Math.floor(Math.random() * max); } function trademarks(x) { return x.replace(/\(R\)/g, '®').replace(/\(TM\)/g, '™'); } // Format -function format(format) { var args = Array.prototype.slice.call(arguments, 1); return format.replace(/{(\d+)}/g, function (match, number) { return typeof args[number] != 'undefined' ? args[number] : match; }); }; \ No newline at end of file +function format(format) { var args = Array.prototype.slice.call(arguments, 1); return format.replace(/{(\d+)}/g, function (match, number) { return typeof args[number] != 'undefined' ? args[number] : match; }); }; + +// Returns a UEFI boot parameter in binary +function makeUefiBootParam(type, data, len) { + if (typeof data == 'number') { if (len == 1) { data = String.fromCharCode(data & 0xFF); } if (len == 2) { data = ShortToStrX(data); } if (len == 4) { data = IntToStrX(data); } } + return ShortToStrX(0x8086) + ShortToStrX(type) + IntToStrX(data.length) + data; +} \ No newline at end of file diff --git a/index.html b/index.html index 039cb42..82f8cfe 100644 --- a/index.html +++ b/index.html @@ -715,7 +715,7 @@ - +
@@ -1557,9 +1557,9 @@
- - - - + + + + + + + +
Boot Source
-
+
-
Boot Media Index
+
Boot Media
+ + +
+ +
Boot Image
+
+
' + "Operation" + '
'; } + // ###BEGIN###{PowerControl-Advanced} + // ###BEGIN###{PowerControl-OneClick} + if (amtversion > 12) { op2 = ''; } + // ###END###{PowerControl-OneClick} + // ###END###{PowerControl-Advanced} + if (certificateStore.length > 0) { op0 += ''; } + if ((!xxDragDropCertFiles) && ((op0 != '') || (op2 != ''))) { x += '
' + "Operation" + '
'; } x += '
'; var input = ''; if (xxDragDropCertFiles) { input = ''; } @@ -6202,7 +6242,7 @@ if (xxDragDropCertFiles) { input = ''; } x += '
' + input + '
' + "Certificate file" + '
'; // ###END###{!CertificateManager} - x += '
' + "Certificate type" + '
'; + x += '
' + "Certificate type" + '
'; setDialogMode(11, "Add Certificate", 3, addCertButtonOk, x); addCertButtonUpdate(); } @@ -6216,11 +6256,41 @@ } // ###END###{CertificateManager} var certopen = getInputElement('certopen'); - QE('idx_dlgOkButton', !certopen || certopen.files.length == 1); + QE('idx_dlgOkButton', !certopen || (certopen.files.length == 1) || (Q('certoptype').value == 2)); } function addCertButtonOk() { // ###BEGIN###{CertificateManager} + // ###BEGIN###{PowerControl-Advanced} + // ###BEGIN###{PowerControl-OneClick} + if (Q('certoptype').value == 2) { + var certbin = null; + if (webserver == null) { + webserver = CreateWebServer(); + webserver.generateCertificate(0); + certbin = webserver.rootCert; + webserver = null; + } else { + certbin = webserver.rootCert; + } + + // This is a .PEM file, keep everything between BEGIN/END, clean it up and use as-is. It's already Base64. + var i = certbin.indexOf('-----BEGIN CERTIFICATE-----'); + if (i >= 0) { + certbin = certbin.substring(i + 27); + i = certbin.indexOf('-----END CERTIFICATE-----'); + if (i >= 0) certbin = certbin.substring(0, i) + certbin = certbin.replace(/\r\n/g, ''); + if (getSelectElement('certtype').value == 1) { + amtstack.AMT_PublicKeyManagementService_AddTrustedRootCertificate(certbin, certificateAdded); + } else { + amtstack.AMT_PublicKeyManagementService_AddCertificate(certbin, certificateAdded); + } + } + return; + } + // ###END###{PowerControl-OneClick} + // ###END###{PowerControl-Advanced} if ((xxDragDropCertFiles) || (certificateStore.length == 0) || (Q('certoptype').value == 1)) { var certopen = getInputElement('certopen'); var files = xxDragDropCertFiles; @@ -6830,6 +6900,7 @@ xxSystemDefense = responses; updateSystemDefense(); QV('go18', true); // Show System Defense Panel + if (urlvars['norefresh']) { UpdateDefenseStats(); } // If norefresh is set, pull the system defense stats now. } } @@ -6919,9 +6990,11 @@ QH('id_TableSystemDefense', x); if (xxFilterStatisticsTimer == null) { - UpdateDefenseStats(); xxFilterStatisticsTimerActive = false; - if (!urlvars['norefresh']) { xxFilterStatisticsTimer = setInterval(UpdateDefenseStats, 5000); } + if (!urlvars['norefresh']) { + UpdateDefenseStats(); + xxFilterStatisticsTimer = setInterval(UpdateDefenseStats, 5000); + } } } @@ -9875,17 +9948,24 @@ function powerActionResponse00(stack, name, response, status) { if (status == 200) { + var powerState = 3; + try { + var x = amtsysstate['CIM_ServiceAvailableToElement'].responses[0]['PowerState']; + if (x == 2) { powerState = 1; } else { powerState = 2; } + } catch (ex) { } amtPowerBootCapabilities = response.Body; QH('d5actionSelect', ''); - addOption('d5actionSelect', "Power up", 2); - addOption('d5actionSelect', "Power cycle", 5); - addOption('d5actionSelect', "Power down", 8); - addOption('d5actionSelect', "Reset", 10); - if (amtPowerBootCapabilities['ForceDiagnosticBoot'] == true) { - addOption('d5actionSelect', "Power on to diagnostic", 300); - addOption('d5actionSelect', "Reset to diagnostic", 301); + if (powerState & 2) { addOption('d5actionSelect', "Power up", 2); } + if (powerState & 1) { + addOption('d5actionSelect', "Reset", 10); + addOption('d5actionSelect', "Power cycle", 5); + addOption('d5actionSelect', "Power down", 8); } - if (amtversion > 9) { + if (amtPowerBootCapabilities['ForceDiagnosticBoot'] == true) { + if (powerState & 2) { addOption('d5actionSelect', "Power on to diagnostic", 300); } + if (powerState & 1) { addOption('d5actionSelect', "Reset to diagnostic", 301); } + } + if ((amtversion > 9) && (powerState & 1)) { addOption('d5actionSelect', "OS Wake from Standby", 500); addOption('d5actionSelect', "OS Power Saving", 501); addOption('d5actionSelect', "Soft-off", 12); @@ -9894,26 +9974,26 @@ addOption('d5actionSelect', "Hibernate", 7); } if (amtPowerBootCapabilities['BIOSSetup'] == true) { - addOption('d5actionSelect', "Power up to BIOS", 100); - addOption('d5actionSelect', "Reset to BIOS", 101); + if (powerState & 2) { addOption('d5actionSelect', "Power up to BIOS", 100); } + if (powerState & 1) { addOption('d5actionSelect', "Reset to BIOS", 101); } } if (amtPowerBootCapabilities['SecureErase'] == true) { - addOption('d5actionSelect', "Power up to Secure Erase", 104); - addOption('d5actionSelect', "Reset to Secure Erase", 105); + if (powerState & 2) { addOption('d5actionSelect', "Power up to Secure Erase", 104); } + if (powerState & 1) { addOption('d5actionSelect', "Reset to Secure Erase", 105); } } // ###BEGIN###{IDER} - addOption('d5actionSelect', "Reset to IDE-R Floppy", 200); - addOption('d5actionSelect', "Power on to IDE-R Floppy", 201); - addOption('d5actionSelect', "Reset to IDE-R CDROM", 202); - addOption('d5actionSelect', "Power on to IDE-R CDROM", 203); + if (powerState & 1) { addOption('d5actionSelect', "Reset to IDE-R Floppy", 200); } + if (powerState & 2) { addOption('d5actionSelect', "Power on to IDE-R Floppy", 201); } + if (powerState & 1) { addOption('d5actionSelect', "Reset to IDE-R CDROM", 202); } + if (powerState & 2) { addOption('d5actionSelect', "Power on to IDE-R CDROM", 203); } // ###END###{IDER} - addOption('d5actionSelect', "Reset to PXE", 400); - addOption('d5actionSelect', "Power on to PXE", 401); + if (powerState & 1) { addOption('d5actionSelect', "Reset to PXE", 400); } + if (powerState & 2) { addOption('d5actionSelect', "Power on to PXE", 401); } // ###BEGIN###{PowerControl-Advanced} // ###BEGIN###{PowerControl-OneClick} if (amtPowerBootCapabilities['ForceUEFIHTTPSBoot'] === true) { - addOption('d5actionSelect', "Reset to HTTPS Boot", 600); - addOption('d5actionSelect', "Power on to HTTPS Boot", 601); + if (powerState & 1) { addOption('d5actionSelect', "Reset to HTTPS Boot", 600); } + if (powerState & 2) { addOption('d5actionSelect', "Power on to HTTPS Boot", 601); } } // ###END###{PowerControl-OneClick} addOption('d5actionSelect', "Custom action...", 999); @@ -9932,16 +10012,22 @@ // ###END###{PowerControl-Advanced} function powerActionDlgCheck() { + AmtOcrPba = null; + AmtOcrPbaLength = 0; var action = d5actionSelect.value; // ###BEGIN###{PowerControl-Advanced} // ###BEGIN###{PowerControl-OneClick} if ((action == 600) || (action == 601)) { + // ###BEGIN###{Mode-NodeWebkit} + // If the connection to intel AMT is not TLS, warn and exit now. + if (wsstack.comm.xtlsCertificate == null) { messagebox("Power Action", "This feature requires a TLS connection to Intel AMT"); return; } + // ###END###{Mode-NodeWebkit} var x = "Select a disk image for remote boot." + '

'; setDialogMode(11, "HTTPS Boot", 3, function () { var files = Q('ocrfile').files; if (files.length != 1) return; - setupWebServer(); + setupWebServer(urlvars['webcn'] ? urlvars['webcn'] : wsstack.comm.localAddress); webserver.setupBootImage(files[0].path, (urlvars['webcn'] ? urlvars['webcn'] : wsstack.comm.localAddress)); powerActionDlg(); }, x); @@ -9967,10 +10053,37 @@ // ###END###{Mode-NodeWebkit} rsepass = 1; setDialogMode(11, "Power Actions", 3, powerActionDlg, x); + // ###BEGIN###{PowerControl-OneClick} + } else if ((action == 999) && (amtversion >= 15)) { + statusbox("Power Actions", "Checking boot sources..."); + amtstack.BatchEnum('', ['CIM_BootSourceSetting'], powerActionDlgCheck00, true); + // ###END###{PowerControl-OneClick} } else { powerActionDlg(); } } + + // ###BEGIN###{PowerControl-OneClick} + var AmtOcrPba = null; + var AmtOcrPbaLength = 0; + function powerActionDlgCheck00(stack, name, response, status) { + if (status != 200) { messagebox("Power Action", format("GET CIM_BootSourceSetting, Error #{0}", status) + ((response.Header && response.Header.WsmanError) ? (', ' + response.Header.WsmanError) : '')); return; } + var bootSources = response.CIM_BootSourceSetting.responses; + AmtOcrPba = {}; + for (var i = 0; i < bootSources.length; i++) { + var instanceid = bootSources[i]['InstanceID']; + if ((instanceid != null) && instanceid.toString().startsWith('Intel(r) AMT: Force OCR UEFI Boot')) { + try { + var arr = instanceid.trim().split(' '); + idx = parseInt(arr[arr.length - 1]); + AmtOcrPba[parseInt(idx)] = { instance: bootSources[i]['BIOSBootString'], bootstr: bootSources[i]['BootString'] }; + AmtOcrPbaLength++; + } catch (e) { } + } + } + powerActionDlg(); + } + // ###END###{PowerControl-OneClick} function powerActionDlg() { //if (amtversion == 0) return; @@ -10014,16 +10127,29 @@ // ###BEGIN###{PowerControl-Advanced} var AvdPowerDlg; function showAdvPowerDlg() { + try { Q('idx_d24Command').value = (amtsysstate['CIM_ServiceAvailableToElement'].responses[0]['PowerState'] == 2)?10:2; } catch (ex) { } + // Show boot capabilities QV('d24dBiosPause', amtPowerBootCapabilities['BIOSPause'] == true); QV('d24dBiosSecureBoot', amtPowerBootCapabilities['BIOSSecureBoot'] == true); QV('d24dReflashBios', amtPowerBootCapabilities['BIOSReflash'] == true); QV('d24dBiosSetup', amtPowerBootCapabilities['BIOSSetup'] == true); - // QV('', amtPowerBootCapabilities['ForceCDorDVDBoot'] == true); - // QV('', amtPowerBootCapabilities['ForceDiagnosticBoot'] == true); - // QV('', amtPowerBootCapabilities['ForceHardDriveBoot'] == true); - // QV('', amtPowerBootCapabilities['ForceHardDriveSafeModeBoot'] == true); - // QV('', amtPowerBootCapabilities['ForcePXEBoot'] == true); + QV('ForceDVDBootOption', amtPowerBootCapabilities['ForceCDorDVDBoot'] == true); + QV('ForceDiagBootOption', amtPowerBootCapabilities['ForceDiagnosticBoot'] == true); + QV('ForceHDBootOption', amtPowerBootCapabilities['ForceHardDriveBoot'] == true); + //QV('', amtPowerBootCapabilities['ForceHardDriveSafeModeBoot'] == true); + //QV('', amtPowerBootCapabilities['ForceWinREBoot'] == true); + QV('ForcePXEBootOption', amtPowerBootCapabilities['ForcePXEBoot'] == true); + // ###BEGIN###{PowerControl-OneClick} + QV('ForceUEFIBootOption', false); + if ((AmtOcrPbaLength > 0) && (amtPowerBootCapabilities['ForceUEFIPBABoot'] == true)) { + QV('ForceUEFIBootOption', true); + var x = ''; + for (var i in AmtOcrPba) { x += ''; } + QH('idx_d24customBootMediaIndex', x); + } + QV('ForceHttpBootOption', amtPowerBootCapabilities['ForceUEFIHTTPSBoot'] == true); + // ###END###{PowerControl-OneClick} QV('d24dForceProgressEvents', amtPowerBootCapabilities['ForcedProgressEvents'] == true); QV('d24dUseIDER', amtPowerBootCapabilities['IDER'] == true); QV('d24dLockKeyboard', amtPowerBootCapabilities['KeyboardLock'] == true); @@ -10044,6 +10170,7 @@ } function showAdvPowerDlgChange() { + var ok = true; QV('idd_d24IDERBootDevice', Q('d24UseIDER').checked); QV('idd_d24RSEPass', Q('d24SecureErase') ? Q('d24SecureErase').checked : false); // ###BEGIN###{Mode-NodeWebkit} @@ -10059,16 +10186,38 @@ QE('idd_d24RSEPass', !ospower); // If the boot source is not "None" (0), disable all boot settings. - var bootSettingOpts = ['d24BiosPause', 'd24BiosSecureBoot', 'd24BiosSetup', 'd24ForceProgressEvents', 'd24LockPowerButton', 'd24LockResetButton', 'd24LockSleepButton', 'd24LockKeyboard', 'd24UserPasswordBypass', 'd24ReflashBios', 'd24SafeMode', 'd24UseIDER', 'd24SerialOverLan', 'd24SecureErase']; - if (idx_d24ForceBootDevice.value > 0) { - for (var i in bootSettingOpts) { - Q(bootSettingOpts[i]).checked = false; - } - } - for (var i in bootSettingOpts) { QE(bootSettingOpts[i], idx_d24ForceBootDevice.value == 0); } + //var bootSettingOpts = ['d24BiosPause', 'd24BiosSecureBoot', 'd24BiosSetup', 'd24ForceProgressEvents', 'd24LockPowerButton', 'd24LockResetButton', 'd24LockSleepButton', 'd24LockKeyboard', 'd24UserPasswordBypass', 'd24ReflashBios', 'd24SafeMode', 'd24UseIDER', 'd24SerialOverLan', 'd24SecureErase']; + //if ((idx_d24ForceBootDevice.value > 0) && (idx_d24ForceBootDevice.value < 5)) { for (var i in bootSettingOpts) { Q(bootSettingOpts[i]).checked = false; } } + //for (var i in bootSettingOpts) { QE(bootSettingOpts[i], idx_d24ForceBootDevice.value == 0); } + + // ###BEGIN###{PowerControl-OneClick} + var bootSourceIndex = Q('idx_d24ForceBootDevice').value; + QV('idx_d24bootSource', bootSourceIndex < 5); + QV('idx_d24customBootSource', bootSourceIndex == 5) + QV('idx_d24diskImage', bootSourceIndex == 6); + if ((bootSourceIndex == 6) && (Q('idx_d24ocrBootFile').files.length != 1)) { ok = false; } + // console.log(AmtOcrPbaLength, AmtOcrPba); + // ###END###{PowerControl-OneClick} + + QE('idx_dlgOkButton', ok); } function showAdvPowerDlgOk() { + // ###BEGIN###{PowerControl-OneClick} + var forceBootSelection = Q('idx_d24ForceBootDevice').value; + // ###BEGIN###{Mode-NodeWebkit} + if (((forceBootSelection == 5) || (forceBootSelection == 6)) && (wsstack.comm.xtlsCertificate == null)) { + messagebox("Power Action", "This feature requires a TLS connection to Intel AMT"); return; + } + // ###END###{Mode-NodeWebkit} + if (forceBootSelection == 6) { + var files = Q('idx_d24ocrBootFile').files; + if (files.length != 1) return; + setupWebServer(urlvars['webcn'] ? urlvars['webcn'] : wsstack.comm.localAddress); + webserver.setupBootImage(files[0].path, (urlvars['webcn'] ? urlvars['webcn'] : wsstack.comm.localAddress)); + } + // ###END###{PowerControl-OneClick} + var action = Q('idx_d24Command').value; if ((action == 500) || (action == 501)) { // Perform OS wake from standby or OS sleep (Intel AMT 10+) @@ -10248,12 +10397,31 @@ // ###BEGIN###{PowerControl-Advanced} } + // Remove read-only parameters + delete r['WinREBootEnabled']; + delete r['UEFILocalPBABootEnabled']; + delete r['UEFIHTTPSBootEnabled']; + delete r['SecureBootControlEnabled']; + delete r['BootguardStatus']; + delete r['OptionsCleared']; + delete r['BIOSLastStatus']; + delete r['UefiBootParametersArray']; + if (r['UefiBootNumberOfParams'] != null) r['UefiBootNumberOfParams'] = 0; + + //r['EnforceSecureBoot'] = true; + // ###BEGIN###{PowerControl-OneClick} // Add OCR TLV parameters if firmware supports OCR and Force HTTPS Boot is requested - if ((action == 600) || (action == 601)) { // Force UEFI HTTPS Boot + if ((action == 600) || (action == 601) || ((action == 999) && (Q('idx_d24ForceBootDevice').value == 6))) { // Force UEFI HTTPS Boot r['UefiBootParametersArray'] = webserver.lastBootImageArgs.args; r['UefiBootNumberOfParams'] = webserver.lastBootImageArgs.argscount; r['BootMediaIndex'] = 0; // Do not use boot media index for One Click Recovery (OCR) + } else if ((action == 999) && (Q('idx_d24ForceBootDevice').value == 5)) { + var bootstr = AmtOcrPba[Q('idx_d24customBootMediaIndex').value].bootstr; + console.log('OCR BootStr: ' + bootstr); + r['UefiBootParametersArray'] = btoa(makeUefiBootParam(2, bootstr) + makeUefiBootParam(3, bootstr.length, 2)); // EFI_DEVICE_PATH (2) + EFI_DEVICE_PATH-LENGTH (3) + r['UefiBootNumberOfParams'] = 2; + r['BootMediaIndex'] = 0; // Do not use boot media index for One Click Recovery (OCR) } // ###END###{PowerControl-OneClick} // ###END###{PowerControl-Advanced} @@ -10262,12 +10430,17 @@ console.log("Boot Action: " + action); console.log("Setting Boot Settings: " + ObjectToString2(r)); statusbox("Power Action", "Setting boot settings..."); - amtstack.Put('AMT_BootSettingData', r, powerActionResponse2, 0, 1); + + // Set the boot order to null, this is needed for some AMT versions that don't clear this automatically. + amtstack.CIM_BootConfigSetting_ChangeBootOrder(null, function (stack, name, response, status) { + if (status != 200) { messagebox("Power Action", format("PUT CIM_BootConfigSetting_ChangeBootOrder, Error #{0}", status) + ((response.Header && response.Header.WsmanError) ? (', ' + response.Header.WsmanError) : '')); return; } + amtstack.Put('AMT_BootSettingData', r, powerActionResponse2, 0, 1); + }, 0, 1); } function powerActionResponse2(stack, name, response, status, tag) { //console.log("powerActionResponse2(" + name + "," + response + "," + status + ")"); - if (status != 200) { messagebox("Power Action", format("PUT AMT_BootSettingData, Error #{0}", status)); console.log(tag); return; } + if (status != 200) { messagebox("Power Action", format("PUT AMT_BootSettingData, Error #{0}", status) + ((response.Header && response.Header.WsmanError) ? (', ' + response.Header.WsmanError) : '')); return; } //if (status == 408) { messagebox("Power Action", "Access denied."); return; } //if (errcheck(status, stack)) return; //console.log("Setup next boot..."); @@ -10284,14 +10457,17 @@ if (idx_d24ForceBootDevice.value > 0) { bootSource = ['Force CD/DVD Boot', 'Force PXE Boot', 'Force Hard-drive Boot', 'Force Diagnostic Boot'][idx_d24ForceBootDevice.value - 1]; } // ###END###{!PowerControl-OneClick} // ###BEGIN###{PowerControl-OneClick} - if (idx_d24ForceBootDevice.value > 0) { bootSource = ['Force CD/DVD Boot', 'Force PXE Boot', 'Force Hard-drive Boot', 'Force Diagnostic Boot', 'Force OCR UEFI Boot Option ' + Q('idx_d24BootMediaIndex').value, 'Force OCR UEFI HTTPS Boot'][idx_d24ForceBootDevice.value - 1]; } + if (idx_d24ForceBootDevice.value > 0) { bootSource = ['Force CD/DVD Boot', 'Force PXE Boot', 'Force Hard-drive Boot', 'Force Diagnostic Boot', 'Force OCR UEFI Boot Option ' + Q('idx_d24customBootMediaIndex').value, 'Force OCR UEFI HTTPS Boot'][idx_d24ForceBootDevice.value - 1]; } // ###END###{PowerControl-OneClick} } else { // ###END###{PowerControl-Advanced} if (action == 300 || action == 301) { bootSource = 'Force Diagnostic Boot'; } if (action == 400 || action == 401) { bootSource = 'Force PXE Boot'; } // ###BEGIN###{PowerControl-Advanced} - if (action == 600 || action == 601) { bootSource = 'Force OCR UEFI HTTPS Boot'; } + if (action == 600 || action == 601) { + + bootSource = 'Force OCR UEFI HTTPS Boot'; + } } // Resetting Force boot data in case it was changed so that it won't be used on the next power action diff --git a/webserver-0.0.1.js b/webserver-0.0.1.js index bcdac33..7c52a29 100644 --- a/webserver-0.0.1.js +++ b/webserver-0.0.1.js @@ -112,7 +112,7 @@ var CreateWebServer = function () { // Generate a TLS certificate (this is really a root cert) obj.generateCertificate = function (commonName) { - var attrs1 = [{ name: 'commonName', value: 'MeshCommanderRoot' }, { name: 'countryName', value: 'unknown' }, { name: 'organizationName', value: 'unknown' }]; + var attrs1 = [{ name: 'commonName', value: 'MC-WebServerRoot-' + random(1, 10000000) }, { name: 'countryName', value: 'unknown' }, { name: 'organizationName', value: 'unknown' }]; var attrs2 = [{ name: 'commonName', value: (commonName ? commonName : 'MeshCommander') }, { name: 'countryName', value: 'unknown' }, { name: 'organizationName', value: 'unknown' }]; if (fs.existsSync('webroot.crt') && fs.existsSync('webroot.key')) { @@ -121,9 +121,12 @@ var CreateWebServer = function () { obj.rootKey = fs.readFileSync('webroot.key').toString(); var rootcert = forge.pki.certificateFromPem(obj.rootCert); var rootkeys = { privateKey: forge.pki.privateKeyFromPem(obj.rootKey) }; + attrs1[0].value = rootcert.subject.getField('CN').value; + attrs1[1].value = rootcert.subject.getField('C').value; + attrs1[2].value = rootcert.subject.getField('O').value; } else { - console.log('Generate root...'); // Generate a root keypair and create an X.509v3 root certificate + console.log('Generate root ' + attrs1[0].value + '...'); var rootkeys = forge.pki.rsa.generateKeyPair(2048); var rootcert = forge.pki.createCertificate(); rootcert.publicKey = rootkeys.publicKey; @@ -140,6 +143,8 @@ var CreateWebServer = function () { fs.writeFileSync('webroot.key', obj.rootKey); } + if (commonName === 0) return; // This is used to only generate the root cert and exit. + if (fs.existsSync('webleaf.crt') && fs.existsSync('webleaf.key')) { console.log('Read leaf from file'); obj.cert = fs.readFileSync('webleaf.crt').toString(); @@ -150,7 +155,7 @@ var CreateWebServer = function () { } if ((obj.certCommonName == null) || ((commonName != null) && (commonName != obj.certCommonName))) { - console.log('Generate leaf...'); + console.log('Generate leaf ' + attrs2[0].value + '...'); // Generate a keypair and create an X.509v3 certificate var keys = forge.pki.rsa.generateKeyPair(2048); var cert = forge.pki.createCertificate(); @@ -196,12 +201,6 @@ var CreateWebServer = function () { console.log('SHA512', md.digest().toHex()); } - // Returns a UEFI boot parameter in binary - function makeUefiBootParam(type, data, len) { - if (typeof data == 'number') { if (len == 1) { data = String.fromCharCode(data & 0xFF); } if (len == 2) { data = ShortToStrX(data); } if (len == 4) { data = IntToStrX(data); } } - return ShortToStrX(0x8086) + ShortToStrX(type) + IntToStrX(data.length) + data; - } - // Setup UEFI boot image obj.setupBootImage = function(filePath, ip) { if (fs.existsSync(filePath) == false) return null; @@ -266,8 +265,17 @@ var CreateWebServer = function () { argscount: 4 }; + /* + obj.lastBootImageArgs = { + args: btoa( + makeUefiBootParam(1, url) + // OCR_EFI_NETWORK_DEVICE_PATH (1) + makeUefiBootParam(20, 1, 1)), // OCR_HTTPS_CERT_SYNC_ROOT_CA (20) (0 = false) + argscount: 2 + }; + */ + return obj.lastBootImageArgs; } return obj; -} \ No newline at end of file +}