ruby-amt 0.1.0

data/lib/amt/service/network_administration/structures.rb

@@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+
+require 'amt/utility'
+require 'amt/service/network_administration'
+
+module AMT
+  module Service
+    class NetworkAdministration
+
+      # Struct class containing the response to the #get_vlan_parameters method.
+      VlanParameters = Struct.new(:enabled, :tag)
+
+      # The link policy of a network interface.
+      class LinkPolicy < AMT::Utility::BitStruct
+        boolean 0, :available_on_ac_s0, 'Link is available if ME is operational and power state is S0 while on AC power'
+        mboolean 0x0E, :available_on_ac_sx, 'Link is available if ME is operational and power state is Sx while on AC power'
+        boolean 4, :available_on_dc_s0, 'Link is available if ME is operational and power state is S0 while on DC power'
+        mboolean 0xE0, :available_on_dc_sx, 'Link is available if ME is operational and power state is Sx while on DC power'
+      end
+
+      # Struct class containing the response to the #get_interface_settings method.
+      InterfaceDescriptor = Struct.new(:hardware_description, :mac, :interface_mode, :link_policy, :dhcp_enabled, :ip_parameters)
+
+      # Struct class containing IP information of an AMT network interface.
+      IPParameters = Struct.new(:ip, :mask, :gateway, :primary_dns, :secondary_dns)
+
+    end
+  end
+end

data/lib/amt/service/remote_control.rb

@@ -0,0 +1,73 @@
+# -*- coding: utf-8 -*-
+
+require 'amt/service/basic'
+
+module AMT
+
+  module Service
+
+    # AMT service for getting information about the current power state of the system managed by the
+    # AMT device and for controlling its power and booting state.
+    class RemoteControl < Basic
+
+      require 'amt/service/remote_control/structures'
+
+      # Return the remote control capabilities supported by the device as instance of the
+      # RemoteControlCapabilities class.
+      #
+      # Supported by AMT 1.0 and later.
+      def get_remote_control_capabilities()
+        soap_call("GetRemoteControlCapabilities", 'Status').process do |node|
+          rcp = RemoteControlCapabilities.new
+          rcp.iana_oem_number = node.xpath('./ns:IanaOemNumber/text()').to_i
+          rcp.oem_defined_capabilities = OemDefinedCapabilities.new(node.xpath('./ns:OemDefinedCapabilities/text()').to_i)
+          rcp.special_commands_supported = SpecialCommandsSupported.new(node.xpath('./ns:SpecialCommandsSupported/text()').to_i)
+          rcp.system_capabilities_supported = SystemCapabilitiesSupported.new(node.xpath('./ns:SystemCapabilitiesSupported/text()').to_i)
+          rcp.system_firmware_capabilities = SystemFirmwareCapabilities.new(node.xpath('./ns:SystemFirmwareCapabilities/text()').to_i)
+          rcp
+        end
+      end
+
+
+      # Return the current power state of the device as instance of the SystePowerState class.
+      #
+      # Supported AMT 1.0 and later.
+      def get_system_power_state()
+        soap_call("GetSystemPowerState", 'Status').process do |node|
+          SystemPowerState.new(node.xpath('./ns:SystemPowerState/text()').to_i)
+        end
+      end
+
+
+      # Control the boot and power state of the device.
+      #
+      # [+command+] The command that should be executed (instance of RemoteControlCommand).
+      # [+iana_number+] The IANA-assigned Enterprise Number specifying the execution context.
+      #                 Default value of +343+ is Intel IANA, also possible is 4542 (ASF IANA).
+      # [+options+] A hash specifying optional control options. See more below.
+      #
+      # The +options+ hash can be used to these provide additional options:
+      #
+      # [<tt>:special_command</tt>] Define a modification of the boot behaviour (instance of
+      #                             SpecialCommand).
+      # [<tt>:special_command_parameter</tt>] Parameter for special command. Has to be an Integer.
+      # [<tt>:boot_options</tt>] Array of boot option names or an instance of BootOptions
+      # [<tt>:oem_parameters</tt>] Additional OEM parameters (instance of OemParameter).q
+      #
+      # Supported AMT 1.0 and later.
+      def remote_control(command, iana_number = 343, options = {})
+        soap_call("RemoteControl", 'Status') do |msg|
+          msg.add('ns:Command', RemoteControlCommand.for(command).value)
+          msg.add('ns:IanaOemNumber', iana_number)
+          msg.add('ns:SpecialCommand', SpecialCommand.for(options[:special_command]).value) if options.has_key?(:special_command)
+          msg.add('ns:SpecialCommandParameter', options[:special_command_parameter]) if options.has_key?(:special_command_parameter)
+          msg.add('ns:BootOptions', BootOptions.new(options[:boot_options]).value) if options.has_key?(:boot_options)
+          msg.add('ns:OemParameter', OemParameter.for(options[:oem_parameters])) if options.has_key?(:oem_parameter)
+        end.process
+      end
+
+    end
+
+  end
+
+end

data/lib/amt/service/remote_control/structures.rb

@@ -0,0 +1,120 @@
+# -*- coding: utf-8 -*-
+
+require 'amt/utility'
+require 'amt/service/remote_control'
+
+module AMT
+  module Service
+    class RemoteControl
+
+      # Struct class containing the response to the #get_remote_control_capabilities method.
+      RemoteControlCapabilities = Struct.new(:iana_oem_number, :oem_defined_capabilities,
+                                             :special_commands_supported, :system_capabilities_supported,
+                                             :system_firmware_capabilities)
+
+      # Defines a set of bit flags that represent the proprietary boot options that the AMT device
+      # supports. This structure lists only the flags for AMT 2.0 and later.
+      class OemDefinedCapabilities < AMT::Utility::BitStruct
+        boolean 0, :ider,         'IDE Redirection supported'
+        boolean 1, :sol,          'Serial over LAN supported'
+        boolean 2, :bios_reflash, 'BIOS reflash supported'
+        boolean 3, :bios_setup,   'BIOS boot into setup screen supported'
+        boolean 4, :bios_pause,   'BIOS pause before booting operating system is supported'
+      end
+
+      # Defines a set of bit flags that represent the special commands that the AMT device supports.
+      # The corresponding commands used for the <tt>:special_command</tt> option in the
+      # RemoteControl#remote_control method are the keys of the SPECIAL_COMMAND hash.
+      class SpecialCommandsSupported < AMT::Utility::BitStruct
+        boolean 8,  :pxe_boot,                  'Force PXE Boot command supported'
+        boolean 9,  :hard_drive_boot,           'Force Hard-drive Boot command supported'
+        boolean 10, :hard_drive_safe_mode_boot, 'Force Hard-drive Safe-mode Boot command supported'
+        boolean 11, :diagnostic_boot,           'Force Diagnostic Boot command supported'
+        boolean 12, :cd_boot,                   'Force CD/DVD Boot command supported'
+      end
+
+      # Defines a set of bit flags that represent the remote control commands that the AMT device
+      # supports. These flags indicate what commands are supported for the +command+ parameter in
+      # the RemoteControl#remote_control method.
+      class SystemCapabilitiesSupported < AMT::Utility::BitStruct
+        boolean 0, :power_cycle, 'Power Cycle Reset supported'
+        boolean 1, :power_down,  'Power Down supported'
+        boolean 2, :power_up,    'Power Up supported'
+        boolean 3, :reset,       'Reset supported'
+      end
+
+      # Defines a set of bit flags that represent the standard firmware boot options that the AMT
+      # device supports. These flags indicate which flags are supported for the
+      # <tt>:boot_options</tt> option in the RemoteControl#remote_control method.
+      class SystemFirmwareCapabilities < AMT::Utility::BitStruct
+        boolean 0,  :verbosity_screen_blank,   'Firmware Verbosity/Screen Blank supported'
+        boolean 1,  :power_button_lock,        'Power Button Lock supported'
+        boolean 2,  :reset_button_lock,        'Reset Button Lock supported'
+        boolean 5,  :keyboard_lock,            'Lock Keyboard supported'
+        boolean 6,  :sleep_button_lock,        'Sleep Button Lock supported'
+        boolean 11, :user_password_bypass,     'User Password Bypass supported'
+        boolean 12, :forced_progress_events,   'Forced Progress Events supported'
+        boolean 13, :verbosity_verbose,        'Firmware Verbosity Verbose supported'
+        boolean 14, :verbosity_quiet,          'Firmware Verbosity Quiet supported'
+        boolean 15, :configuration_data_reset, 'Configuration Data Reset supported'
+      end
+
+      # Contains power state information about the AMT-managed computer.
+      class SystemPowerState < AMT::Utility::BitStruct
+        enum 0..3, :power_state,  {0 => :s0, 1 => :s1, 2 => :s2, 3 => :s3, 4 => :s4, 5 => :s5,
+          6 => :s4s5, 7 => :g3, 8 => :sleeping, 9 => :g1_sleeping, 10 => :s5_override,
+          11 => :legacy_on, 12 => :legacy_off, 14 => :unknown}, 'System power state'
+        boolean 8, :watchdog_expired, 'Watchdog Timer has expired'
+        enum 9..9, :power_source, {0 => :ac, 1 => :dc}, 'Power source'
+      end
+
+      # Available remote control commands. Used for RemoteControl#remote_control.
+      class RemoteControlCommand < AMT::Utility::Enum
+        add 0x10, :reset, 'Cause a low latency reset'
+        add 0x11, :power_up, 'Bring the system into S0/G0 state'
+        add 0x12, :power_down, 'Force the system into an S5 state'
+        add 0x13, :power_cycle, 'Cause a hard reset of the system'
+        add 0x21, :set_boot_options, 'Set boot options for the next boot'
+      end
+
+      # Available special commands. Used for RemoteControl#remote_control.
+      class SpecialCommand < AMT::Utility::Enum
+        add 0x00, :nop, 'No special command'
+        add 0x01, :pxe_boot, 'Special command parameter is used to specify a PXE parameter'
+        add 0x02, :hard_drive_boot, 'Special command parameter defines the boot-media index'
+        add 0x03, :hard_drive_safe_mode_boot, 'Special command parameter defines the boot-media index'
+        add 0x04, :diagnostic_boot, 'Special command parameter is used to specify a diagnostic parameter'
+        add 0x05, :cd_boot, 'Special command parameter defines the boot-media index'
+        add 0xC1, :intel_oem_command, 'Special command parameter defines the Intel boot options'
+      end
+
+      # Available special command parameters for SpecialCommand <tt>:intel_oem_command</tt>. Used
+      # for RemoteControl#remote_control.
+      class IntelSpecialCommandParameter < AMT::Utility::BitStruct
+        boolean 0, :use_ider,         'Use IDE redirection as boot device'
+        boolean 2, :reflash_bios,     'Reflash the BIOS using IDE redirection'
+        boolean 3, :bios_setup,       'Boot into BIOS setup screen'
+        boolean 4, :bios_pause,       'Boot till operating system load and pause'
+        enum 8..8, :ider_boot_device, {0 => :floppy, 1 => :cd}, 'Device to use on IDE redirection'
+      end
+
+      # Defines a set of bit flags that represent the boot options supported for RemoteControl#remote_control.
+      class BootOptions < AMT::Utility::BitStruct
+        boolean 1, :lock_power_button, 'Disable power button'
+        boolean 2, :lock_reset_button, 'Disable reset button'
+        boolean 5, :lock_keyboard, 'Disallow keyboard during boot'
+        boolean 6, :lock_sleep_button, 'Disable sleep button'
+        boolean 11, :user_password_bypass, 'Bypass any user or boot passwords'
+        boolean 12, :force_progress_events, 'Transmit all progress PET events to alert-sending device'
+        enum 13..14, :firmware_verbosity, {0 => :default, 1 => :quiet, 2 => :verbose, 3 => :blank}, 'Control the verbosity'
+        boolean 15, :configuration_data_reset, 'Reset configuration data'
+      end
+
+      # Available OEM parameters. Used for RemoteControl#remote_control.
+      class OemParameters < AMT::Utility::Enum
+        add 0x01, :use_sol, 'Use Serial over LAN redirection on next boot'
+      end
+
+    end
+  end
+end

data/lib/amt/service/security_administration.rb

@@ -0,0 +1,430 @@
+# -*- coding: utf-8 -*-
+
+require 'amt/service/basic'
+require 'digest/md5'
+
+module AMT
+
+  module Service
+
+    # AMT Service for managing security control and data structures.
+    #
+    # The following service methods are currently not implemented:
+    #
+    # * set_kerberos_options, get_kerberos_options, set_tls_psk, get_pki_capabilities
+    # * All methods specified unter 7.1.3 Certificate Management
+    # * All methods specified under 7.1.5 Environment Detection & VPN Connectivity
+    # * All methods specified under 7.1.6 User Notification
+    # * All methods specified under 7.1.7 Provisioning
+    class SecurityAdministration < Basic
+
+      require 'amt/service/security_administration/structures'
+
+      # Set the state of credential caching for Kerberos.
+      #
+      # [+enabled+] If set to +true+, then the credential cache will be enabled, else disabled.
+      #
+      # Supported by AMT 3.2 and later.
+      def set_credential_cache_state(enabled)
+        soap_call("SetCredentialCacheState") do |msg|
+          msg.add('ns:Enabled', enabled)
+        end.process
+      end
+
+
+      # Return whether the credential cache for Kerberos is enabled.
+      #
+      # Supported by AMT 3.2 and later.
+      def get_credential_cache_state
+        soap_call("GetCredentialCacheState").process do |node|
+          node.xpath('./ns:Enabled/text()').to_boolean
+        end
+      end
+
+
+      # Enable or disable various features or interfaces of the AMT device.
+      #
+      # [+interfaces+] An array of EnabledInterface instances that should be enabled. Interfaces
+      #                that are not specified will be disabled.
+      #
+      # Supported by AMT 2.0 and later.
+      def set_enabled_interfaces(interfaces)
+        soap_call("SetEnabledInterfaces") do |msg|
+          interfaces.each do |iface|
+            raise ArgumentError, "interface name #{iface} is not valid" unless EnabledInterface.for(iface)
+            msg.add('ns:EnabledInterfaces', EnabledInterface.for(iface).value)
+          end
+        end.process
+      end
+
+
+      # Return the enabled interfaces of the AMT device as array of EnabledInterface instances.
+      # Interfaces that are not in the array are disabled.
+      #
+      # See #set_enabled_interfaces for a list of possible interface names.
+      #
+      # Supported by AMT 2.0 and later.
+      def get_enabled_interfaces
+        soap_call("GetEnabledInterfaces").process do |node|
+          node.xpath('./ns:EnabledInterfaces/text()').collect {|n| EnabledInterface.for(n.to_s)}
+        end
+      end
+
+
+      # Set various TLS modes such as enablement and authentication for network interfaces.
+      #
+      # [+tls_options+] A hash containing associations from Interface types to TlsAuthentication
+      #                 types. Interfaces that are not specified will operate in +NoAuth+ mode.
+      #
+      # *Note*: You also need to call #commit_changes for the changes to actually take effect.
+      #
+      # Supported by AMT 2.0 and later.
+      def set_tls_options(tls_options)
+        soap_call("SetTlsOptions") do |msg|
+          tls_options.each do |it, at|
+            raise ArgumentError, "interface type #{it} is not valid" unless Interface.for(it)
+            raise ArgumentError, "authentication type #{at} is not valid" unless TlsAuthentication.for(at)
+            msg.add('ns:TlsOptions') do |tmsg|
+              tmsg.add('ns:Interface', Interface.for(it).value)
+              tmsg.add('ns:TlsAuthentication', TlsAuthentication.for(at).value)
+            end
+          end
+        end.process
+      end
+
+
+      # Return the currently used authentication modes of TLS as a hash containing associations from
+      # Interface types to TlsAuthentication types. Interface types that are not returned should be
+      # treated as in +NoAuth+ mode.
+      #
+      # Supported by AMT 2.0 and later.
+      def get_tls_options
+        soap_call("GetTlsOptions").process do |node|
+          ifaces = {}
+          node.xpath('./ns:TlsOptions').each do |tnode|
+            ifaces[Interface.for(tnode.xpath('./ns:Interface/text()').to_s)] =
+              TlsAuthentication.for(tnode.xpath('./ns:TlsAuthentication/text()').to_s)
+          end
+          ifaces
+        end
+      end
+
+
+      # Commit the pending configuration commands.
+      #
+      # Commands that require calling this method have been documented. Also note that pending
+      # changes may cause a restart sequence of the AMT, so you need to wait a bit before issuing
+      # the next command.
+      #
+      # Supported by AMT 1.0 and later.
+      def commit_changes
+        soap_call("CommitChanges").process
+      end
+
+
+      # Reset the wear-out protection to the initial state for all protected flash sectors.
+      #
+      # Supported by AMT 1.0 and later.
+      def reset_flash_wear_out_protection
+        soap_call("ResetFlashWearOutProtection").process
+      end
+
+
+      # Return the core version of the AMT device as an instance of CoreVersion.
+      #
+      # Supported by AMT 1.0 and later.
+      def get_core_version
+        soap_call("GetCoreVersion").process do |node|
+          CoreVersion.new(*node.xpath('./ns:Version/text()').to_s.scan(/^(\d+)\.(\d+)\.(\d+)$/).first)
+        end
+      end
+
+
+      # Unprovision the AMT device to default factory settings.
+      #
+      # [+mode+] The provisioning mode the device should enter after completing the command
+      #          (instance of ProvisioningMode).
+      #
+      # Supported by AMT 1.0 and later.
+      def unprovision(mode)
+        soap_call("Unprovision") do |msg|
+          msg.add('ns:ProvisioningMode', ProvisioningMode.for(mode).value)
+        end.process
+      end
+
+
+      # Put the AMT device into a partially-unprovisioned state.
+      #
+      # Supported by AMT 2.0 and later.
+      def partial_unprovision(mode)
+        soap_call("PartialUnprovision").process
+      end
+
+
+      # Return the current provisiong mode of the AMT device as Symbol (one of the PROVISIONING_MODE
+      # keys).
+      #
+      # Supported by AMT 1.0 and later.
+      def get_provisioning_mode
+        soap_call("GetProvisioningMode").process do |node|
+          ProvisioningMode.for(node.xpath('./ns:ProvisioningMode/text()').to_i)
+        end
+      end
+
+
+      # Return the components that blocked the last full or partial unprovisioning request as array
+      # of Symbols.
+      #
+      # Supported by AMT 4.0 and later.
+      def get_unprovisioning_blocking_components
+        soap_call("GetUnprovisioningBlockingComponents").process do |node|
+          (node.xpath('./ns:Components/text()').to_i & 1 == 1 ? [:audit_log] : [])
+        end
+      end
+
+
+      # Add a user entry to the AMT device and return the handle to it.
+      #
+      # [+entry+] An instance of UserAclEntryEx containing the information about the user that
+      #           should be added.
+      #
+      # Supported by AMT 2.0 and later.
+      def add_user_acl_entry_ex(entry)
+        soap_call("AddUserAclEntryEx") do |msg|
+          msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
+        end.process do |node|
+          node.xpath('./ns:Handle/text()').to_i
+        end
+      end
+
+      def add_user_acl_entry_ex_to_message(entry, msg)
+        if entry.user.kind_of?(String)
+          msg.add('ns:KerberosUser') {|krb| krb.add('ns:Sid', entry.user)}
+        else
+          msg.add('ns:DigestUser') {|digest| add_user_to_message(entry.user, digest)}
+        end
+        msg.add('ns:AccessPermission', AccessPermission.for(entry.access_permission).value)
+        msg.add('ns:Realms') do |realm|
+          entry.realms.each {|r| realm.add('ns:Realm', UserAclRealm.for(r).value)}
+        end
+      end
+      private :add_user_acl_entry_ex_to_message
+
+      def add_user_to_message(user, msg)
+        msg.add('ns:Username', user.username)
+        pwd = user.hashed_password
+        if pwd.nil?
+          raise ArgumentError, "No password and no hashed password set" if user.password.nil?
+          pwd = Digest::MD5.digest("#{user.username}:#{get_digest_realm}:#{user.password}")
+        end
+        msg.add('ns:DigestPassword', [pwd].pack('m*'))
+      end
+      private :add_user_to_message
+
+
+      # Enumerate the handles of User ACLs. An array is returned of which the first entry is the
+      # total number of handles available and the second one an array of returned handles.
+      #
+      # [+start_index+] The index indicating the first User ACL handle to be returned.
+      #
+      # *Note*: this method does not return all handles at once. See the official documentation for
+      # *more information.
+      #
+      # Supported by AMT 1.0 and later.
+      def enumerate_user_acl_entries(start_index = 1)
+        soap_call("EnumerateUserAclEntries") do |msg|
+          msg.add('ns:StartIndex', start_index)
+        end.process do |node|
+          tc = node.xpath('./ns:TotalCount/text()').to_i
+          handles = node.xpath('./ns:Handles/ns:Handle/text()').collect {|h| h.to_i}
+          [tc, handles]
+        end
+      end
+
+
+      # Return a user ACL entry from the AMT device as instance of UserAclEntryEx.
+      #
+      # [+handle+] Specifies the ACL entry to read.
+      #
+      # Supported by AMT 2.0 and later.
+      def get_user_acl_entry_ex(handle)
+        soap_call("GetUserAclEntryEx") do |msg|
+          msg.add('ns:Handle', handle)
+        end.process do |node|
+          node = node.xpath('./ns:EntryEx')
+          entry = UserAclEntryEx.new
+          if !(krb = node.xpath('./ns:KerberosUser/ns:Sid/text()')).empty?
+            entry.user = krb.to_s
+          else
+            entry.user = User.new(node.xpath('./ns:DigestUser/ns:Username/text()').to_s)
+          end
+          entry.access_permission = AccessPermission.for(node.xpath('./ns:AccessPermission/text()').to_s)
+          entry.realms = node.xpath('./ns:Realms/ns:Realm/text()').collect {|r| UserAclRealm.for(r.to_i)}
+          entry
+        end
+      end
+
+
+      # Update a user entry in the AMT device.
+      #
+      # [+handle+] Specifies the ACL entry to update.
+      # [+entry+] An instance of UserAclEntryEx containing the information about the
+      #           user that should be updated.
+      #
+      # Supported by AMT 2.0 and later.
+      def update_user_acl_entry_ex(handle, entry)
+        soap_call("UpdateUserAclEntryEx") do |msg|
+          msg.add('ns:Handle', handle)
+          msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
+        end.process
+      end
+
+
+      # Remove the user ACL entry identified by +handle+ from the AMT device.
+      #
+      # [+handle+] Specifies the ACL entry to remove.
+      #
+      # Supported by AMT 1.0 and later.
+      def remove_user_acl_entry(handle)
+        soap_call("RemoveUserAclEntry") do |msg|
+          msg.add('ns:Handle', handle)
+        end.process
+      end
+
+
+
+      # Update the Admin ACL entry in the AMT device.
+      #
+      # [+entry+] An instance of User.
+      #
+      # Supported by AMT 2.0 and later.
+      def set_admin_acl_entry_ex(entry)
+        soap_call("SetAdminAclEntryEx") do |msg|
+          msg.add('ns:EntryEx') {|ex| add_user_to_message(entry, ex)}
+        end.process
+      end
+
+
+      # Return the username of the Admin ACL entry.
+      #
+      # Supported by AMT 1.0 and later.
+      def get_admin_acl_entry
+        soap_call("GetAdminAclEntry").process do |node|
+          node.xpath('./ns:Username/text()').to_s
+        end
+      end
+
+
+      # Return the digest authentication realm of the AMT device (RFC 2617).
+      #
+      # Supported by AMT 2.0 and later.
+      def get_digest_realm
+        soap_call("GetDigestRealm").process do |node|
+          node.xpath('./ns:DigestRealm/text()').to_s
+        end
+      end
+
+
+      # Enable or disable an user ACL entry.
+      #
+      # [+handle+] Specifies the ACL entry that should be enabled or disabled.
+      # [+enabled+] If set to +true+, then the ACL entry will be enabled, else disabled.
+      #
+      # Supported by AMT 3.0 and later.
+      def set_acl_enabled_state(handle, enabled)
+        soap_call("SetAclEnabledState") do |msg|
+          msg.add('ns:Handle', handle)
+          msg.add('ns:Enabled', enabled)
+        end.process
+      end
+
+
+      # Return the enabled/disabled state of an user ACL entry as boolean value.
+      #
+      # [+handle+] Specifies the ACL entry for which the state should be returned.
+      #
+      # Supported by AMT 3.0 and later.
+      def get_acl_enabled_state(handle)
+        soap_call("GetAclEnabledState") do |msg|
+          msg.add('ns:Handle', handle)
+        end.process do |node|
+          node.xpath('./ns:Enabled/text()').to_boolean
+        end
+      end
+
+
+      # Return the guids for all power packages supported by the AMT device.
+      #
+      # Supported by AMT 2.5 and later.
+      def enumerate_power_packages
+        soap_call("EnumeratePowerPackages").process do |node|
+          node.xpath('./ns:PolicyGUID/text()').collect {|uuid| AMT::Utility.binary_to_uuid(uuid.to_s.unpack('m*').first)}
+        end
+      end
+
+
+      # Return the GUID of the currently active power package.
+      #
+      # Supported by AMT 2.5 and later.
+      def get_active_power_package
+        soap_call("GetActivePowerPackage").process do |node|
+          AMT::Utility.binary_to_uuid(node.xpath('./ns:PolicyGUID/text()').to_s.unpack('m*').first)
+        end
+      end
+
+
+      # Return the policy descriptor string associated with a power package.
+      #
+      # [+power_package+] A power package GUID string.
+      #
+      # Supported by AMT 2.5 and later.
+      def get_power_package(power_package)
+        soap_call("GetPowerPackage") do |msg|
+          msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
+        end.process do |node|
+          node.xpath('./ns:PolicyDescriptor/text()').to_s
+        end
+      end
+
+
+      # Set the active power package to the one defined by the power package GUID.
+      #
+      # [+power_package+] A power package GUID string.
+      #
+      # Supported by AMT 2.5 and later.
+      def set_active_power_package(power_package)
+        soap_call("SetActivePowerPackage") do |msg|
+          msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
+        end.process
+      end
+
+
+      # Set power policy options that apply independent of the selected power package.
+      #
+      # [+power_policy+] The power policy to use (instance of GlobalPowerPolicy).
+      #
+      # Supported by AMT 2.5 and later.
+      def set_global_power_policy(power_policy)
+        soap_call("SetGlobalPowerPolicy") do |msg|
+          msg.add('ns:GlobalPowerPolicy') do |gpp|
+            gpp.add('ns:IdleWakeTimeout', power_policy.idle_wake_timeout)
+          end
+        end.process
+      end
+
+
+      # Get current global power policy as instance of GlobalPowerPolicy.
+      #
+      # Supported by AMT 2.5 and later.
+      def get_global_power_policy
+        soap_call("GetGlobalPowerPolicy").process do |node|
+          GlobalPowerPolicy.new(node.xpath('./ns:GlobalPowerPolicy/ns:IdleWakeTimeout/text()').to_i)
+        end
+      end
+
+
+    end
+
+  end
+
+end