ruby-amt 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/AUTHORS +1 -0
- data/COPYING +15 -0
- data/ChangeLog +392 -0
- data/GPL +674 -0
- data/Rakefile +292 -0
- data/VERSION +1 -0
- data/doc/default.css +211 -0
- data/doc/default.template +78 -0
- data/doc/documentation.page +40 -0
- data/doc/img/bg.jpg +0 -0
- data/doc/img/image.jpg +0 -0
- data/doc/img/line.jpg +0 -0
- data/doc/img/shadow.jpg +0 -0
- data/doc/index.page +61 -0
- data/doc/installation.page +115 -0
- data/doc/news.page +25 -0
- data/doc/news/release_0_1_0.page +16 -0
- data/doc/virtual +2 -0
- data/lib/amt/pt_status.rb +59 -0
- data/lib/amt/service.rb +16 -0
- data/lib/amt/service/basic.rb +159 -0
- data/lib/amt/service/hardware_asset.rb +83 -0
- data/lib/amt/service/hardware_asset/amt_information_table.rb +49 -0
- data/lib/amt/service/hardware_asset/asset.rb +118 -0
- data/lib/amt/service/hardware_asset/baseboard.rb +31 -0
- data/lib/amt/service/hardware_asset/bios.rb +65 -0
- data/lib/amt/service/hardware_asset/computer_system.rb +30 -0
- data/lib/amt/service/hardware_asset/fru.rb +37 -0
- data/lib/amt/service/hardware_asset/media_device.rb +63 -0
- data/lib/amt/service/hardware_asset/memory_module.rb +91 -0
- data/lib/amt/service/hardware_asset/portable_battery.rb +80 -0
- data/lib/amt/service/hardware_asset/processor.rb +123 -0
- data/lib/amt/service/hardware_asset/vpro_verification_table.rb +120 -0
- data/lib/amt/service/network_administration.rb +181 -0
- data/lib/amt/service/network_administration/structures.rb +29 -0
- data/lib/amt/service/remote_control.rb +73 -0
- data/lib/amt/service/remote_control/structures.rb +120 -0
- data/lib/amt/service/security_administration.rb +430 -0
- data/lib/amt/service/security_administration/structures.rb +117 -0
- data/lib/amt/system.rb +134 -0
- data/lib/amt/utility.rb +33 -0
- data/lib/amt/utility/bit_struct.rb +164 -0
- data/lib/amt/utility/enum.rb +119 -0
- data/lib/amt/version.rb +8 -0
- data/setup.rb +1585 -0
- metadata +125 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/utility'
|
4
|
+
require 'amt/service/network_administration'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
module Service
|
8
|
+
class NetworkAdministration
|
9
|
+
|
10
|
+
# Struct class containing the response to the #get_vlan_parameters method.
|
11
|
+
VlanParameters = Struct.new(:enabled, :tag)
|
12
|
+
|
13
|
+
# The link policy of a network interface.
|
14
|
+
class LinkPolicy < AMT::Utility::BitStruct
|
15
|
+
boolean 0, :available_on_ac_s0, 'Link is available if ME is operational and power state is S0 while on AC power'
|
16
|
+
mboolean 0x0E, :available_on_ac_sx, 'Link is available if ME is operational and power state is Sx while on AC power'
|
17
|
+
boolean 4, :available_on_dc_s0, 'Link is available if ME is operational and power state is S0 while on DC power'
|
18
|
+
mboolean 0xE0, :available_on_dc_sx, 'Link is available if ME is operational and power state is Sx while on DC power'
|
19
|
+
end
|
20
|
+
|
21
|
+
# Struct class containing the response to the #get_interface_settings method.
|
22
|
+
InterfaceDescriptor = Struct.new(:hardware_description, :mac, :interface_mode, :link_policy, :dhcp_enabled, :ip_parameters)
|
23
|
+
|
24
|
+
# Struct class containing IP information of an AMT network interface.
|
25
|
+
IPParameters = Struct.new(:ip, :mask, :gateway, :primary_dns, :secondary_dns)
|
26
|
+
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/service/basic'
|
4
|
+
|
5
|
+
module AMT
|
6
|
+
|
7
|
+
module Service
|
8
|
+
|
9
|
+
# AMT service for getting information about the current power state of the system managed by the
|
10
|
+
# AMT device and for controlling its power and booting state.
|
11
|
+
class RemoteControl < Basic
|
12
|
+
|
13
|
+
require 'amt/service/remote_control/structures'
|
14
|
+
|
15
|
+
# Return the remote control capabilities supported by the device as instance of the
|
16
|
+
# RemoteControlCapabilities class.
|
17
|
+
#
|
18
|
+
# Supported by AMT 1.0 and later.
|
19
|
+
def get_remote_control_capabilities()
|
20
|
+
soap_call("GetRemoteControlCapabilities", 'Status').process do |node|
|
21
|
+
rcp = RemoteControlCapabilities.new
|
22
|
+
rcp.iana_oem_number = node.xpath('./ns:IanaOemNumber/text()').to_i
|
23
|
+
rcp.oem_defined_capabilities = OemDefinedCapabilities.new(node.xpath('./ns:OemDefinedCapabilities/text()').to_i)
|
24
|
+
rcp.special_commands_supported = SpecialCommandsSupported.new(node.xpath('./ns:SpecialCommandsSupported/text()').to_i)
|
25
|
+
rcp.system_capabilities_supported = SystemCapabilitiesSupported.new(node.xpath('./ns:SystemCapabilitiesSupported/text()').to_i)
|
26
|
+
rcp.system_firmware_capabilities = SystemFirmwareCapabilities.new(node.xpath('./ns:SystemFirmwareCapabilities/text()').to_i)
|
27
|
+
rcp
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
# Return the current power state of the device as instance of the SystePowerState class.
|
33
|
+
#
|
34
|
+
# Supported AMT 1.0 and later.
|
35
|
+
def get_system_power_state()
|
36
|
+
soap_call("GetSystemPowerState", 'Status').process do |node|
|
37
|
+
SystemPowerState.new(node.xpath('./ns:SystemPowerState/text()').to_i)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
|
42
|
+
# Control the boot and power state of the device.
|
43
|
+
#
|
44
|
+
# [+command+] The command that should be executed (instance of RemoteControlCommand).
|
45
|
+
# [+iana_number+] The IANA-assigned Enterprise Number specifying the execution context.
|
46
|
+
# Default value of +343+ is Intel IANA, also possible is 4542 (ASF IANA).
|
47
|
+
# [+options+] A hash specifying optional control options. See more below.
|
48
|
+
#
|
49
|
+
# The +options+ hash can be used to these provide additional options:
|
50
|
+
#
|
51
|
+
# [<tt>:special_command</tt>] Define a modification of the boot behaviour (instance of
|
52
|
+
# SpecialCommand).
|
53
|
+
# [<tt>:special_command_parameter</tt>] Parameter for special command. Has to be an Integer.
|
54
|
+
# [<tt>:boot_options</tt>] Array of boot option names or an instance of BootOptions
|
55
|
+
# [<tt>:oem_parameters</tt>] Additional OEM parameters (instance of OemParameter).q
|
56
|
+
#
|
57
|
+
# Supported AMT 1.0 and later.
|
58
|
+
def remote_control(command, iana_number = 343, options = {})
|
59
|
+
soap_call("RemoteControl", 'Status') do |msg|
|
60
|
+
msg.add('ns:Command', RemoteControlCommand.for(command).value)
|
61
|
+
msg.add('ns:IanaOemNumber', iana_number)
|
62
|
+
msg.add('ns:SpecialCommand', SpecialCommand.for(options[:special_command]).value) if options.has_key?(:special_command)
|
63
|
+
msg.add('ns:SpecialCommandParameter', options[:special_command_parameter]) if options.has_key?(:special_command_parameter)
|
64
|
+
msg.add('ns:BootOptions', BootOptions.new(options[:boot_options]).value) if options.has_key?(:boot_options)
|
65
|
+
msg.add('ns:OemParameter', OemParameter.for(options[:oem_parameters])) if options.has_key?(:oem_parameter)
|
66
|
+
end.process
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
@@ -0,0 +1,120 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/utility'
|
4
|
+
require 'amt/service/remote_control'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
module Service
|
8
|
+
class RemoteControl
|
9
|
+
|
10
|
+
# Struct class containing the response to the #get_remote_control_capabilities method.
|
11
|
+
RemoteControlCapabilities = Struct.new(:iana_oem_number, :oem_defined_capabilities,
|
12
|
+
:special_commands_supported, :system_capabilities_supported,
|
13
|
+
:system_firmware_capabilities)
|
14
|
+
|
15
|
+
# Defines a set of bit flags that represent the proprietary boot options that the AMT device
|
16
|
+
# supports. This structure lists only the flags for AMT 2.0 and later.
|
17
|
+
class OemDefinedCapabilities < AMT::Utility::BitStruct
|
18
|
+
boolean 0, :ider, 'IDE Redirection supported'
|
19
|
+
boolean 1, :sol, 'Serial over LAN supported'
|
20
|
+
boolean 2, :bios_reflash, 'BIOS reflash supported'
|
21
|
+
boolean 3, :bios_setup, 'BIOS boot into setup screen supported'
|
22
|
+
boolean 4, :bios_pause, 'BIOS pause before booting operating system is supported'
|
23
|
+
end
|
24
|
+
|
25
|
+
# Defines a set of bit flags that represent the special commands that the AMT device supports.
|
26
|
+
# The corresponding commands used for the <tt>:special_command</tt> option in the
|
27
|
+
# RemoteControl#remote_control method are the keys of the SPECIAL_COMMAND hash.
|
28
|
+
class SpecialCommandsSupported < AMT::Utility::BitStruct
|
29
|
+
boolean 8, :pxe_boot, 'Force PXE Boot command supported'
|
30
|
+
boolean 9, :hard_drive_boot, 'Force Hard-drive Boot command supported'
|
31
|
+
boolean 10, :hard_drive_safe_mode_boot, 'Force Hard-drive Safe-mode Boot command supported'
|
32
|
+
boolean 11, :diagnostic_boot, 'Force Diagnostic Boot command supported'
|
33
|
+
boolean 12, :cd_boot, 'Force CD/DVD Boot command supported'
|
34
|
+
end
|
35
|
+
|
36
|
+
# Defines a set of bit flags that represent the remote control commands that the AMT device
|
37
|
+
# supports. These flags indicate what commands are supported for the +command+ parameter in
|
38
|
+
# the RemoteControl#remote_control method.
|
39
|
+
class SystemCapabilitiesSupported < AMT::Utility::BitStruct
|
40
|
+
boolean 0, :power_cycle, 'Power Cycle Reset supported'
|
41
|
+
boolean 1, :power_down, 'Power Down supported'
|
42
|
+
boolean 2, :power_up, 'Power Up supported'
|
43
|
+
boolean 3, :reset, 'Reset supported'
|
44
|
+
end
|
45
|
+
|
46
|
+
# Defines a set of bit flags that represent the standard firmware boot options that the AMT
|
47
|
+
# device supports. These flags indicate which flags are supported for the
|
48
|
+
# <tt>:boot_options</tt> option in the RemoteControl#remote_control method.
|
49
|
+
class SystemFirmwareCapabilities < AMT::Utility::BitStruct
|
50
|
+
boolean 0, :verbosity_screen_blank, 'Firmware Verbosity/Screen Blank supported'
|
51
|
+
boolean 1, :power_button_lock, 'Power Button Lock supported'
|
52
|
+
boolean 2, :reset_button_lock, 'Reset Button Lock supported'
|
53
|
+
boolean 5, :keyboard_lock, 'Lock Keyboard supported'
|
54
|
+
boolean 6, :sleep_button_lock, 'Sleep Button Lock supported'
|
55
|
+
boolean 11, :user_password_bypass, 'User Password Bypass supported'
|
56
|
+
boolean 12, :forced_progress_events, 'Forced Progress Events supported'
|
57
|
+
boolean 13, :verbosity_verbose, 'Firmware Verbosity Verbose supported'
|
58
|
+
boolean 14, :verbosity_quiet, 'Firmware Verbosity Quiet supported'
|
59
|
+
boolean 15, :configuration_data_reset, 'Configuration Data Reset supported'
|
60
|
+
end
|
61
|
+
|
62
|
+
# Contains power state information about the AMT-managed computer.
|
63
|
+
class SystemPowerState < AMT::Utility::BitStruct
|
64
|
+
enum 0..3, :power_state, {0 => :s0, 1 => :s1, 2 => :s2, 3 => :s3, 4 => :s4, 5 => :s5,
|
65
|
+
6 => :s4s5, 7 => :g3, 8 => :sleeping, 9 => :g1_sleeping, 10 => :s5_override,
|
66
|
+
11 => :legacy_on, 12 => :legacy_off, 14 => :unknown}, 'System power state'
|
67
|
+
boolean 8, :watchdog_expired, 'Watchdog Timer has expired'
|
68
|
+
enum 9..9, :power_source, {0 => :ac, 1 => :dc}, 'Power source'
|
69
|
+
end
|
70
|
+
|
71
|
+
# Available remote control commands. Used for RemoteControl#remote_control.
|
72
|
+
class RemoteControlCommand < AMT::Utility::Enum
|
73
|
+
add 0x10, :reset, 'Cause a low latency reset'
|
74
|
+
add 0x11, :power_up, 'Bring the system into S0/G0 state'
|
75
|
+
add 0x12, :power_down, 'Force the system into an S5 state'
|
76
|
+
add 0x13, :power_cycle, 'Cause a hard reset of the system'
|
77
|
+
add 0x21, :set_boot_options, 'Set boot options for the next boot'
|
78
|
+
end
|
79
|
+
|
80
|
+
# Available special commands. Used for RemoteControl#remote_control.
|
81
|
+
class SpecialCommand < AMT::Utility::Enum
|
82
|
+
add 0x00, :nop, 'No special command'
|
83
|
+
add 0x01, :pxe_boot, 'Special command parameter is used to specify a PXE parameter'
|
84
|
+
add 0x02, :hard_drive_boot, 'Special command parameter defines the boot-media index'
|
85
|
+
add 0x03, :hard_drive_safe_mode_boot, 'Special command parameter defines the boot-media index'
|
86
|
+
add 0x04, :diagnostic_boot, 'Special command parameter is used to specify a diagnostic parameter'
|
87
|
+
add 0x05, :cd_boot, 'Special command parameter defines the boot-media index'
|
88
|
+
add 0xC1, :intel_oem_command, 'Special command parameter defines the Intel boot options'
|
89
|
+
end
|
90
|
+
|
91
|
+
# Available special command parameters for SpecialCommand <tt>:intel_oem_command</tt>. Used
|
92
|
+
# for RemoteControl#remote_control.
|
93
|
+
class IntelSpecialCommandParameter < AMT::Utility::BitStruct
|
94
|
+
boolean 0, :use_ider, 'Use IDE redirection as boot device'
|
95
|
+
boolean 2, :reflash_bios, 'Reflash the BIOS using IDE redirection'
|
96
|
+
boolean 3, :bios_setup, 'Boot into BIOS setup screen'
|
97
|
+
boolean 4, :bios_pause, 'Boot till operating system load and pause'
|
98
|
+
enum 8..8, :ider_boot_device, {0 => :floppy, 1 => :cd}, 'Device to use on IDE redirection'
|
99
|
+
end
|
100
|
+
|
101
|
+
# Defines a set of bit flags that represent the boot options supported for RemoteControl#remote_control.
|
102
|
+
class BootOptions < AMT::Utility::BitStruct
|
103
|
+
boolean 1, :lock_power_button, 'Disable power button'
|
104
|
+
boolean 2, :lock_reset_button, 'Disable reset button'
|
105
|
+
boolean 5, :lock_keyboard, 'Disallow keyboard during boot'
|
106
|
+
boolean 6, :lock_sleep_button, 'Disable sleep button'
|
107
|
+
boolean 11, :user_password_bypass, 'Bypass any user or boot passwords'
|
108
|
+
boolean 12, :force_progress_events, 'Transmit all progress PET events to alert-sending device'
|
109
|
+
enum 13..14, :firmware_verbosity, {0 => :default, 1 => :quiet, 2 => :verbose, 3 => :blank}, 'Control the verbosity'
|
110
|
+
boolean 15, :configuration_data_reset, 'Reset configuration data'
|
111
|
+
end
|
112
|
+
|
113
|
+
# Available OEM parameters. Used for RemoteControl#remote_control.
|
114
|
+
class OemParameters < AMT::Utility::Enum
|
115
|
+
add 0x01, :use_sol, 'Use Serial over LAN redirection on next boot'
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
@@ -0,0 +1,430 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/service/basic'
|
4
|
+
require 'digest/md5'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
|
8
|
+
module Service
|
9
|
+
|
10
|
+
# AMT Service for managing security control and data structures.
|
11
|
+
#
|
12
|
+
# The following service methods are currently not implemented:
|
13
|
+
#
|
14
|
+
# * set_kerberos_options, get_kerberos_options, set_tls_psk, get_pki_capabilities
|
15
|
+
# * All methods specified unter 7.1.3 Certificate Management
|
16
|
+
# * All methods specified under 7.1.5 Environment Detection & VPN Connectivity
|
17
|
+
# * All methods specified under 7.1.6 User Notification
|
18
|
+
# * All methods specified under 7.1.7 Provisioning
|
19
|
+
class SecurityAdministration < Basic
|
20
|
+
|
21
|
+
require 'amt/service/security_administration/structures'
|
22
|
+
|
23
|
+
# Set the state of credential caching for Kerberos.
|
24
|
+
#
|
25
|
+
# [+enabled+] If set to +true+, then the credential cache will be enabled, else disabled.
|
26
|
+
#
|
27
|
+
# Supported by AMT 3.2 and later.
|
28
|
+
def set_credential_cache_state(enabled)
|
29
|
+
soap_call("SetCredentialCacheState") do |msg|
|
30
|
+
msg.add('ns:Enabled', enabled)
|
31
|
+
end.process
|
32
|
+
end
|
33
|
+
|
34
|
+
|
35
|
+
# Return whether the credential cache for Kerberos is enabled.
|
36
|
+
#
|
37
|
+
# Supported by AMT 3.2 and later.
|
38
|
+
def get_credential_cache_state
|
39
|
+
soap_call("GetCredentialCacheState").process do |node|
|
40
|
+
node.xpath('./ns:Enabled/text()').to_boolean
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
|
45
|
+
# Enable or disable various features or interfaces of the AMT device.
|
46
|
+
#
|
47
|
+
# [+interfaces+] An array of EnabledInterface instances that should be enabled. Interfaces
|
48
|
+
# that are not specified will be disabled.
|
49
|
+
#
|
50
|
+
# Supported by AMT 2.0 and later.
|
51
|
+
def set_enabled_interfaces(interfaces)
|
52
|
+
soap_call("SetEnabledInterfaces") do |msg|
|
53
|
+
interfaces.each do |iface|
|
54
|
+
raise ArgumentError, "interface name #{iface} is not valid" unless EnabledInterface.for(iface)
|
55
|
+
msg.add('ns:EnabledInterfaces', EnabledInterface.for(iface).value)
|
56
|
+
end
|
57
|
+
end.process
|
58
|
+
end
|
59
|
+
|
60
|
+
|
61
|
+
# Return the enabled interfaces of the AMT device as array of EnabledInterface instances.
|
62
|
+
# Interfaces that are not in the array are disabled.
|
63
|
+
#
|
64
|
+
# See #set_enabled_interfaces for a list of possible interface names.
|
65
|
+
#
|
66
|
+
# Supported by AMT 2.0 and later.
|
67
|
+
def get_enabled_interfaces
|
68
|
+
soap_call("GetEnabledInterfaces").process do |node|
|
69
|
+
node.xpath('./ns:EnabledInterfaces/text()').collect {|n| EnabledInterface.for(n.to_s)}
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
|
74
|
+
# Set various TLS modes such as enablement and authentication for network interfaces.
|
75
|
+
#
|
76
|
+
# [+tls_options+] A hash containing associations from Interface types to TlsAuthentication
|
77
|
+
# types. Interfaces that are not specified will operate in +NoAuth+ mode.
|
78
|
+
#
|
79
|
+
# *Note*: You also need to call #commit_changes for the changes to actually take effect.
|
80
|
+
#
|
81
|
+
# Supported by AMT 2.0 and later.
|
82
|
+
def set_tls_options(tls_options)
|
83
|
+
soap_call("SetTlsOptions") do |msg|
|
84
|
+
tls_options.each do |it, at|
|
85
|
+
raise ArgumentError, "interface type #{it} is not valid" unless Interface.for(it)
|
86
|
+
raise ArgumentError, "authentication type #{at} is not valid" unless TlsAuthentication.for(at)
|
87
|
+
msg.add('ns:TlsOptions') do |tmsg|
|
88
|
+
tmsg.add('ns:Interface', Interface.for(it).value)
|
89
|
+
tmsg.add('ns:TlsAuthentication', TlsAuthentication.for(at).value)
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end.process
|
93
|
+
end
|
94
|
+
|
95
|
+
|
96
|
+
# Return the currently used authentication modes of TLS as a hash containing associations from
|
97
|
+
# Interface types to TlsAuthentication types. Interface types that are not returned should be
|
98
|
+
# treated as in +NoAuth+ mode.
|
99
|
+
#
|
100
|
+
# Supported by AMT 2.0 and later.
|
101
|
+
def get_tls_options
|
102
|
+
soap_call("GetTlsOptions").process do |node|
|
103
|
+
ifaces = {}
|
104
|
+
node.xpath('./ns:TlsOptions').each do |tnode|
|
105
|
+
ifaces[Interface.for(tnode.xpath('./ns:Interface/text()').to_s)] =
|
106
|
+
TlsAuthentication.for(tnode.xpath('./ns:TlsAuthentication/text()').to_s)
|
107
|
+
end
|
108
|
+
ifaces
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
|
113
|
+
# Commit the pending configuration commands.
|
114
|
+
#
|
115
|
+
# Commands that require calling this method have been documented. Also note that pending
|
116
|
+
# changes may cause a restart sequence of the AMT, so you need to wait a bit before issuing
|
117
|
+
# the next command.
|
118
|
+
#
|
119
|
+
# Supported by AMT 1.0 and later.
|
120
|
+
def commit_changes
|
121
|
+
soap_call("CommitChanges").process
|
122
|
+
end
|
123
|
+
|
124
|
+
|
125
|
+
# Reset the wear-out protection to the initial state for all protected flash sectors.
|
126
|
+
#
|
127
|
+
# Supported by AMT 1.0 and later.
|
128
|
+
def reset_flash_wear_out_protection
|
129
|
+
soap_call("ResetFlashWearOutProtection").process
|
130
|
+
end
|
131
|
+
|
132
|
+
|
133
|
+
# Return the core version of the AMT device as an instance of CoreVersion.
|
134
|
+
#
|
135
|
+
# Supported by AMT 1.0 and later.
|
136
|
+
def get_core_version
|
137
|
+
soap_call("GetCoreVersion").process do |node|
|
138
|
+
CoreVersion.new(*node.xpath('./ns:Version/text()').to_s.scan(/^(\d+)\.(\d+)\.(\d+)$/).first)
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
|
143
|
+
# Unprovision the AMT device to default factory settings.
|
144
|
+
#
|
145
|
+
# [+mode+] The provisioning mode the device should enter after completing the command
|
146
|
+
# (instance of ProvisioningMode).
|
147
|
+
#
|
148
|
+
# Supported by AMT 1.0 and later.
|
149
|
+
def unprovision(mode)
|
150
|
+
soap_call("Unprovision") do |msg|
|
151
|
+
msg.add('ns:ProvisioningMode', ProvisioningMode.for(mode).value)
|
152
|
+
end.process
|
153
|
+
end
|
154
|
+
|
155
|
+
|
156
|
+
# Put the AMT device into a partially-unprovisioned state.
|
157
|
+
#
|
158
|
+
# Supported by AMT 2.0 and later.
|
159
|
+
def partial_unprovision(mode)
|
160
|
+
soap_call("PartialUnprovision").process
|
161
|
+
end
|
162
|
+
|
163
|
+
|
164
|
+
# Return the current provisiong mode of the AMT device as Symbol (one of the PROVISIONING_MODE
|
165
|
+
# keys).
|
166
|
+
#
|
167
|
+
# Supported by AMT 1.0 and later.
|
168
|
+
def get_provisioning_mode
|
169
|
+
soap_call("GetProvisioningMode").process do |node|
|
170
|
+
ProvisioningMode.for(node.xpath('./ns:ProvisioningMode/text()').to_i)
|
171
|
+
end
|
172
|
+
end
|
173
|
+
|
174
|
+
|
175
|
+
# Return the components that blocked the last full or partial unprovisioning request as array
|
176
|
+
# of Symbols.
|
177
|
+
#
|
178
|
+
# Supported by AMT 4.0 and later.
|
179
|
+
def get_unprovisioning_blocking_components
|
180
|
+
soap_call("GetUnprovisioningBlockingComponents").process do |node|
|
181
|
+
(node.xpath('./ns:Components/text()').to_i & 1 == 1 ? [:audit_log] : [])
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
|
186
|
+
# Add a user entry to the AMT device and return the handle to it.
|
187
|
+
#
|
188
|
+
# [+entry+] An instance of UserAclEntryEx containing the information about the user that
|
189
|
+
# should be added.
|
190
|
+
#
|
191
|
+
# Supported by AMT 2.0 and later.
|
192
|
+
def add_user_acl_entry_ex(entry)
|
193
|
+
soap_call("AddUserAclEntryEx") do |msg|
|
194
|
+
msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
|
195
|
+
end.process do |node|
|
196
|
+
node.xpath('./ns:Handle/text()').to_i
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
def add_user_acl_entry_ex_to_message(entry, msg)
|
201
|
+
if entry.user.kind_of?(String)
|
202
|
+
msg.add('ns:KerberosUser') {|krb| krb.add('ns:Sid', entry.user)}
|
203
|
+
else
|
204
|
+
msg.add('ns:DigestUser') {|digest| add_user_to_message(entry.user, digest)}
|
205
|
+
end
|
206
|
+
msg.add('ns:AccessPermission', AccessPermission.for(entry.access_permission).value)
|
207
|
+
msg.add('ns:Realms') do |realm|
|
208
|
+
entry.realms.each {|r| realm.add('ns:Realm', UserAclRealm.for(r).value)}
|
209
|
+
end
|
210
|
+
end
|
211
|
+
private :add_user_acl_entry_ex_to_message
|
212
|
+
|
213
|
+
def add_user_to_message(user, msg)
|
214
|
+
msg.add('ns:Username', user.username)
|
215
|
+
pwd = user.hashed_password
|
216
|
+
if pwd.nil?
|
217
|
+
raise ArgumentError, "No password and no hashed password set" if user.password.nil?
|
218
|
+
pwd = Digest::MD5.digest("#{user.username}:#{get_digest_realm}:#{user.password}")
|
219
|
+
end
|
220
|
+
msg.add('ns:DigestPassword', [pwd].pack('m*'))
|
221
|
+
end
|
222
|
+
private :add_user_to_message
|
223
|
+
|
224
|
+
|
225
|
+
# Enumerate the handles of User ACLs. An array is returned of which the first entry is the
|
226
|
+
# total number of handles available and the second one an array of returned handles.
|
227
|
+
#
|
228
|
+
# [+start_index+] The index indicating the first User ACL handle to be returned.
|
229
|
+
#
|
230
|
+
# *Note*: this method does not return all handles at once. See the official documentation for
|
231
|
+
# *more information.
|
232
|
+
#
|
233
|
+
# Supported by AMT 1.0 and later.
|
234
|
+
def enumerate_user_acl_entries(start_index = 1)
|
235
|
+
soap_call("EnumerateUserAclEntries") do |msg|
|
236
|
+
msg.add('ns:StartIndex', start_index)
|
237
|
+
end.process do |node|
|
238
|
+
tc = node.xpath('./ns:TotalCount/text()').to_i
|
239
|
+
handles = node.xpath('./ns:Handles/ns:Handle/text()').collect {|h| h.to_i}
|
240
|
+
[tc, handles]
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
|
245
|
+
# Return a user ACL entry from the AMT device as instance of UserAclEntryEx.
|
246
|
+
#
|
247
|
+
# [+handle+] Specifies the ACL entry to read.
|
248
|
+
#
|
249
|
+
# Supported by AMT 2.0 and later.
|
250
|
+
def get_user_acl_entry_ex(handle)
|
251
|
+
soap_call("GetUserAclEntryEx") do |msg|
|
252
|
+
msg.add('ns:Handle', handle)
|
253
|
+
end.process do |node|
|
254
|
+
node = node.xpath('./ns:EntryEx')
|
255
|
+
entry = UserAclEntryEx.new
|
256
|
+
if !(krb = node.xpath('./ns:KerberosUser/ns:Sid/text()')).empty?
|
257
|
+
entry.user = krb.to_s
|
258
|
+
else
|
259
|
+
entry.user = User.new(node.xpath('./ns:DigestUser/ns:Username/text()').to_s)
|
260
|
+
end
|
261
|
+
entry.access_permission = AccessPermission.for(node.xpath('./ns:AccessPermission/text()').to_s)
|
262
|
+
entry.realms = node.xpath('./ns:Realms/ns:Realm/text()').collect {|r| UserAclRealm.for(r.to_i)}
|
263
|
+
entry
|
264
|
+
end
|
265
|
+
end
|
266
|
+
|
267
|
+
|
268
|
+
# Update a user entry in the AMT device.
|
269
|
+
#
|
270
|
+
# [+handle+] Specifies the ACL entry to update.
|
271
|
+
# [+entry+] An instance of UserAclEntryEx containing the information about the
|
272
|
+
# user that should be updated.
|
273
|
+
#
|
274
|
+
# Supported by AMT 2.0 and later.
|
275
|
+
def update_user_acl_entry_ex(handle, entry)
|
276
|
+
soap_call("UpdateUserAclEntryEx") do |msg|
|
277
|
+
msg.add('ns:Handle', handle)
|
278
|
+
msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
|
279
|
+
end.process
|
280
|
+
end
|
281
|
+
|
282
|
+
|
283
|
+
# Remove the user ACL entry identified by +handle+ from the AMT device.
|
284
|
+
#
|
285
|
+
# [+handle+] Specifies the ACL entry to remove.
|
286
|
+
#
|
287
|
+
# Supported by AMT 1.0 and later.
|
288
|
+
def remove_user_acl_entry(handle)
|
289
|
+
soap_call("RemoveUserAclEntry") do |msg|
|
290
|
+
msg.add('ns:Handle', handle)
|
291
|
+
end.process
|
292
|
+
end
|
293
|
+
|
294
|
+
|
295
|
+
|
296
|
+
# Update the Admin ACL entry in the AMT device.
|
297
|
+
#
|
298
|
+
# [+entry+] An instance of User.
|
299
|
+
#
|
300
|
+
# Supported by AMT 2.0 and later.
|
301
|
+
def set_admin_acl_entry_ex(entry)
|
302
|
+
soap_call("SetAdminAclEntryEx") do |msg|
|
303
|
+
msg.add('ns:EntryEx') {|ex| add_user_to_message(entry, ex)}
|
304
|
+
end.process
|
305
|
+
end
|
306
|
+
|
307
|
+
|
308
|
+
# Return the username of the Admin ACL entry.
|
309
|
+
#
|
310
|
+
# Supported by AMT 1.0 and later.
|
311
|
+
def get_admin_acl_entry
|
312
|
+
soap_call("GetAdminAclEntry").process do |node|
|
313
|
+
node.xpath('./ns:Username/text()').to_s
|
314
|
+
end
|
315
|
+
end
|
316
|
+
|
317
|
+
|
318
|
+
# Return the digest authentication realm of the AMT device (RFC 2617).
|
319
|
+
#
|
320
|
+
# Supported by AMT 2.0 and later.
|
321
|
+
def get_digest_realm
|
322
|
+
soap_call("GetDigestRealm").process do |node|
|
323
|
+
node.xpath('./ns:DigestRealm/text()').to_s
|
324
|
+
end
|
325
|
+
end
|
326
|
+
|
327
|
+
|
328
|
+
# Enable or disable an user ACL entry.
|
329
|
+
#
|
330
|
+
# [+handle+] Specifies the ACL entry that should be enabled or disabled.
|
331
|
+
# [+enabled+] If set to +true+, then the ACL entry will be enabled, else disabled.
|
332
|
+
#
|
333
|
+
# Supported by AMT 3.0 and later.
|
334
|
+
def set_acl_enabled_state(handle, enabled)
|
335
|
+
soap_call("SetAclEnabledState") do |msg|
|
336
|
+
msg.add('ns:Handle', handle)
|
337
|
+
msg.add('ns:Enabled', enabled)
|
338
|
+
end.process
|
339
|
+
end
|
340
|
+
|
341
|
+
|
342
|
+
# Return the enabled/disabled state of an user ACL entry as boolean value.
|
343
|
+
#
|
344
|
+
# [+handle+] Specifies the ACL entry for which the state should be returned.
|
345
|
+
#
|
346
|
+
# Supported by AMT 3.0 and later.
|
347
|
+
def get_acl_enabled_state(handle)
|
348
|
+
soap_call("GetAclEnabledState") do |msg|
|
349
|
+
msg.add('ns:Handle', handle)
|
350
|
+
end.process do |node|
|
351
|
+
node.xpath('./ns:Enabled/text()').to_boolean
|
352
|
+
end
|
353
|
+
end
|
354
|
+
|
355
|
+
|
356
|
+
# Return the guids for all power packages supported by the AMT device.
|
357
|
+
#
|
358
|
+
# Supported by AMT 2.5 and later.
|
359
|
+
def enumerate_power_packages
|
360
|
+
soap_call("EnumeratePowerPackages").process do |node|
|
361
|
+
node.xpath('./ns:PolicyGUID/text()').collect {|uuid| AMT::Utility.binary_to_uuid(uuid.to_s.unpack('m*').first)}
|
362
|
+
end
|
363
|
+
end
|
364
|
+
|
365
|
+
|
366
|
+
# Return the GUID of the currently active power package.
|
367
|
+
#
|
368
|
+
# Supported by AMT 2.5 and later.
|
369
|
+
def get_active_power_package
|
370
|
+
soap_call("GetActivePowerPackage").process do |node|
|
371
|
+
AMT::Utility.binary_to_uuid(node.xpath('./ns:PolicyGUID/text()').to_s.unpack('m*').first)
|
372
|
+
end
|
373
|
+
end
|
374
|
+
|
375
|
+
|
376
|
+
# Return the policy descriptor string associated with a power package.
|
377
|
+
#
|
378
|
+
# [+power_package+] A power package GUID string.
|
379
|
+
#
|
380
|
+
# Supported by AMT 2.5 and later.
|
381
|
+
def get_power_package(power_package)
|
382
|
+
soap_call("GetPowerPackage") do |msg|
|
383
|
+
msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
|
384
|
+
end.process do |node|
|
385
|
+
node.xpath('./ns:PolicyDescriptor/text()').to_s
|
386
|
+
end
|
387
|
+
end
|
388
|
+
|
389
|
+
|
390
|
+
# Set the active power package to the one defined by the power package GUID.
|
391
|
+
#
|
392
|
+
# [+power_package+] A power package GUID string.
|
393
|
+
#
|
394
|
+
# Supported by AMT 2.5 and later.
|
395
|
+
def set_active_power_package(power_package)
|
396
|
+
soap_call("SetActivePowerPackage") do |msg|
|
397
|
+
msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
|
398
|
+
end.process
|
399
|
+
end
|
400
|
+
|
401
|
+
|
402
|
+
# Set power policy options that apply independent of the selected power package.
|
403
|
+
#
|
404
|
+
# [+power_policy+] The power policy to use (instance of GlobalPowerPolicy).
|
405
|
+
#
|
406
|
+
# Supported by AMT 2.5 and later.
|
407
|
+
def set_global_power_policy(power_policy)
|
408
|
+
soap_call("SetGlobalPowerPolicy") do |msg|
|
409
|
+
msg.add('ns:GlobalPowerPolicy') do |gpp|
|
410
|
+
gpp.add('ns:IdleWakeTimeout', power_policy.idle_wake_timeout)
|
411
|
+
end
|
412
|
+
end.process
|
413
|
+
end
|
414
|
+
|
415
|
+
|
416
|
+
# Get current global power policy as instance of GlobalPowerPolicy.
|
417
|
+
#
|
418
|
+
# Supported by AMT 2.5 and later.
|
419
|
+
def get_global_power_policy
|
420
|
+
soap_call("GetGlobalPowerPolicy").process do |node|
|
421
|
+
GlobalPowerPolicy.new(node.xpath('./ns:GlobalPowerPolicy/ns:IdleWakeTimeout/text()').to_i)
|
422
|
+
end
|
423
|
+
end
|
424
|
+
|
425
|
+
|
426
|
+
end
|
427
|
+
|
428
|
+
end
|
429
|
+
|
430
|
+
end
|