ruby-amt 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/AUTHORS +1 -0
- data/COPYING +15 -0
- data/ChangeLog +392 -0
- data/GPL +674 -0
- data/Rakefile +292 -0
- data/VERSION +1 -0
- data/doc/default.css +211 -0
- data/doc/default.template +78 -0
- data/doc/documentation.page +40 -0
- data/doc/img/bg.jpg +0 -0
- data/doc/img/image.jpg +0 -0
- data/doc/img/line.jpg +0 -0
- data/doc/img/shadow.jpg +0 -0
- data/doc/index.page +61 -0
- data/doc/installation.page +115 -0
- data/doc/news.page +25 -0
- data/doc/news/release_0_1_0.page +16 -0
- data/doc/virtual +2 -0
- data/lib/amt/pt_status.rb +59 -0
- data/lib/amt/service.rb +16 -0
- data/lib/amt/service/basic.rb +159 -0
- data/lib/amt/service/hardware_asset.rb +83 -0
- data/lib/amt/service/hardware_asset/amt_information_table.rb +49 -0
- data/lib/amt/service/hardware_asset/asset.rb +118 -0
- data/lib/amt/service/hardware_asset/baseboard.rb +31 -0
- data/lib/amt/service/hardware_asset/bios.rb +65 -0
- data/lib/amt/service/hardware_asset/computer_system.rb +30 -0
- data/lib/amt/service/hardware_asset/fru.rb +37 -0
- data/lib/amt/service/hardware_asset/media_device.rb +63 -0
- data/lib/amt/service/hardware_asset/memory_module.rb +91 -0
- data/lib/amt/service/hardware_asset/portable_battery.rb +80 -0
- data/lib/amt/service/hardware_asset/processor.rb +123 -0
- data/lib/amt/service/hardware_asset/vpro_verification_table.rb +120 -0
- data/lib/amt/service/network_administration.rb +181 -0
- data/lib/amt/service/network_administration/structures.rb +29 -0
- data/lib/amt/service/remote_control.rb +73 -0
- data/lib/amt/service/remote_control/structures.rb +120 -0
- data/lib/amt/service/security_administration.rb +430 -0
- data/lib/amt/service/security_administration/structures.rb +117 -0
- data/lib/amt/system.rb +134 -0
- data/lib/amt/utility.rb +33 -0
- data/lib/amt/utility/bit_struct.rb +164 -0
- data/lib/amt/utility/enum.rb +119 -0
- data/lib/amt/version.rb +8 -0
- data/setup.rb +1585 -0
- metadata +125 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/utility'
|
4
|
+
require 'amt/service/network_administration'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
module Service
|
8
|
+
class NetworkAdministration
|
9
|
+
|
10
|
+
# Struct class containing the response to the #get_vlan_parameters method.
|
11
|
+
VlanParameters = Struct.new(:enabled, :tag)
|
12
|
+
|
13
|
+
# The link policy of a network interface.
|
14
|
+
class LinkPolicy < AMT::Utility::BitStruct
|
15
|
+
boolean 0, :available_on_ac_s0, 'Link is available if ME is operational and power state is S0 while on AC power'
|
16
|
+
mboolean 0x0E, :available_on_ac_sx, 'Link is available if ME is operational and power state is Sx while on AC power'
|
17
|
+
boolean 4, :available_on_dc_s0, 'Link is available if ME is operational and power state is S0 while on DC power'
|
18
|
+
mboolean 0xE0, :available_on_dc_sx, 'Link is available if ME is operational and power state is Sx while on DC power'
|
19
|
+
end
|
20
|
+
|
21
|
+
# Struct class containing the response to the #get_interface_settings method.
|
22
|
+
InterfaceDescriptor = Struct.new(:hardware_description, :mac, :interface_mode, :link_policy, :dhcp_enabled, :ip_parameters)
|
23
|
+
|
24
|
+
# Struct class containing IP information of an AMT network interface.
|
25
|
+
IPParameters = Struct.new(:ip, :mask, :gateway, :primary_dns, :secondary_dns)
|
26
|
+
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/service/basic'
|
4
|
+
|
5
|
+
module AMT
|
6
|
+
|
7
|
+
module Service
|
8
|
+
|
9
|
+
# AMT service for getting information about the current power state of the system managed by the
|
10
|
+
# AMT device and for controlling its power and booting state.
|
11
|
+
class RemoteControl < Basic
|
12
|
+
|
13
|
+
require 'amt/service/remote_control/structures'
|
14
|
+
|
15
|
+
# Return the remote control capabilities supported by the device as instance of the
|
16
|
+
# RemoteControlCapabilities class.
|
17
|
+
#
|
18
|
+
# Supported by AMT 1.0 and later.
|
19
|
+
def get_remote_control_capabilities()
|
20
|
+
soap_call("GetRemoteControlCapabilities", 'Status').process do |node|
|
21
|
+
rcp = RemoteControlCapabilities.new
|
22
|
+
rcp.iana_oem_number = node.xpath('./ns:IanaOemNumber/text()').to_i
|
23
|
+
rcp.oem_defined_capabilities = OemDefinedCapabilities.new(node.xpath('./ns:OemDefinedCapabilities/text()').to_i)
|
24
|
+
rcp.special_commands_supported = SpecialCommandsSupported.new(node.xpath('./ns:SpecialCommandsSupported/text()').to_i)
|
25
|
+
rcp.system_capabilities_supported = SystemCapabilitiesSupported.new(node.xpath('./ns:SystemCapabilitiesSupported/text()').to_i)
|
26
|
+
rcp.system_firmware_capabilities = SystemFirmwareCapabilities.new(node.xpath('./ns:SystemFirmwareCapabilities/text()').to_i)
|
27
|
+
rcp
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
# Return the current power state of the device as instance of the SystePowerState class.
|
33
|
+
#
|
34
|
+
# Supported AMT 1.0 and later.
|
35
|
+
def get_system_power_state()
|
36
|
+
soap_call("GetSystemPowerState", 'Status').process do |node|
|
37
|
+
SystemPowerState.new(node.xpath('./ns:SystemPowerState/text()').to_i)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
|
42
|
+
# Control the boot and power state of the device.
|
43
|
+
#
|
44
|
+
# [+command+] The command that should be executed (instance of RemoteControlCommand).
|
45
|
+
# [+iana_number+] The IANA-assigned Enterprise Number specifying the execution context.
|
46
|
+
# Default value of +343+ is Intel IANA, also possible is 4542 (ASF IANA).
|
47
|
+
# [+options+] A hash specifying optional control options. See more below.
|
48
|
+
#
|
49
|
+
# The +options+ hash can be used to these provide additional options:
|
50
|
+
#
|
51
|
+
# [<tt>:special_command</tt>] Define a modification of the boot behaviour (instance of
|
52
|
+
# SpecialCommand).
|
53
|
+
# [<tt>:special_command_parameter</tt>] Parameter for special command. Has to be an Integer.
|
54
|
+
# [<tt>:boot_options</tt>] Array of boot option names or an instance of BootOptions
|
55
|
+
# [<tt>:oem_parameters</tt>] Additional OEM parameters (instance of OemParameter).q
|
56
|
+
#
|
57
|
+
# Supported AMT 1.0 and later.
|
58
|
+
def remote_control(command, iana_number = 343, options = {})
|
59
|
+
soap_call("RemoteControl", 'Status') do |msg|
|
60
|
+
msg.add('ns:Command', RemoteControlCommand.for(command).value)
|
61
|
+
msg.add('ns:IanaOemNumber', iana_number)
|
62
|
+
msg.add('ns:SpecialCommand', SpecialCommand.for(options[:special_command]).value) if options.has_key?(:special_command)
|
63
|
+
msg.add('ns:SpecialCommandParameter', options[:special_command_parameter]) if options.has_key?(:special_command_parameter)
|
64
|
+
msg.add('ns:BootOptions', BootOptions.new(options[:boot_options]).value) if options.has_key?(:boot_options)
|
65
|
+
msg.add('ns:OemParameter', OemParameter.for(options[:oem_parameters])) if options.has_key?(:oem_parameter)
|
66
|
+
end.process
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
@@ -0,0 +1,120 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/utility'
|
4
|
+
require 'amt/service/remote_control'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
module Service
|
8
|
+
class RemoteControl
|
9
|
+
|
10
|
+
# Struct class containing the response to the #get_remote_control_capabilities method.
|
11
|
+
RemoteControlCapabilities = Struct.new(:iana_oem_number, :oem_defined_capabilities,
|
12
|
+
:special_commands_supported, :system_capabilities_supported,
|
13
|
+
:system_firmware_capabilities)
|
14
|
+
|
15
|
+
# Defines a set of bit flags that represent the proprietary boot options that the AMT device
|
16
|
+
# supports. This structure lists only the flags for AMT 2.0 and later.
|
17
|
+
class OemDefinedCapabilities < AMT::Utility::BitStruct
|
18
|
+
boolean 0, :ider, 'IDE Redirection supported'
|
19
|
+
boolean 1, :sol, 'Serial over LAN supported'
|
20
|
+
boolean 2, :bios_reflash, 'BIOS reflash supported'
|
21
|
+
boolean 3, :bios_setup, 'BIOS boot into setup screen supported'
|
22
|
+
boolean 4, :bios_pause, 'BIOS pause before booting operating system is supported'
|
23
|
+
end
|
24
|
+
|
25
|
+
# Defines a set of bit flags that represent the special commands that the AMT device supports.
|
26
|
+
# The corresponding commands used for the <tt>:special_command</tt> option in the
|
27
|
+
# RemoteControl#remote_control method are the keys of the SPECIAL_COMMAND hash.
|
28
|
+
class SpecialCommandsSupported < AMT::Utility::BitStruct
|
29
|
+
boolean 8, :pxe_boot, 'Force PXE Boot command supported'
|
30
|
+
boolean 9, :hard_drive_boot, 'Force Hard-drive Boot command supported'
|
31
|
+
boolean 10, :hard_drive_safe_mode_boot, 'Force Hard-drive Safe-mode Boot command supported'
|
32
|
+
boolean 11, :diagnostic_boot, 'Force Diagnostic Boot command supported'
|
33
|
+
boolean 12, :cd_boot, 'Force CD/DVD Boot command supported'
|
34
|
+
end
|
35
|
+
|
36
|
+
# Defines a set of bit flags that represent the remote control commands that the AMT device
|
37
|
+
# supports. These flags indicate what commands are supported for the +command+ parameter in
|
38
|
+
# the RemoteControl#remote_control method.
|
39
|
+
class SystemCapabilitiesSupported < AMT::Utility::BitStruct
|
40
|
+
boolean 0, :power_cycle, 'Power Cycle Reset supported'
|
41
|
+
boolean 1, :power_down, 'Power Down supported'
|
42
|
+
boolean 2, :power_up, 'Power Up supported'
|
43
|
+
boolean 3, :reset, 'Reset supported'
|
44
|
+
end
|
45
|
+
|
46
|
+
# Defines a set of bit flags that represent the standard firmware boot options that the AMT
|
47
|
+
# device supports. These flags indicate which flags are supported for the
|
48
|
+
# <tt>:boot_options</tt> option in the RemoteControl#remote_control method.
|
49
|
+
class SystemFirmwareCapabilities < AMT::Utility::BitStruct
|
50
|
+
boolean 0, :verbosity_screen_blank, 'Firmware Verbosity/Screen Blank supported'
|
51
|
+
boolean 1, :power_button_lock, 'Power Button Lock supported'
|
52
|
+
boolean 2, :reset_button_lock, 'Reset Button Lock supported'
|
53
|
+
boolean 5, :keyboard_lock, 'Lock Keyboard supported'
|
54
|
+
boolean 6, :sleep_button_lock, 'Sleep Button Lock supported'
|
55
|
+
boolean 11, :user_password_bypass, 'User Password Bypass supported'
|
56
|
+
boolean 12, :forced_progress_events, 'Forced Progress Events supported'
|
57
|
+
boolean 13, :verbosity_verbose, 'Firmware Verbosity Verbose supported'
|
58
|
+
boolean 14, :verbosity_quiet, 'Firmware Verbosity Quiet supported'
|
59
|
+
boolean 15, :configuration_data_reset, 'Configuration Data Reset supported'
|
60
|
+
end
|
61
|
+
|
62
|
+
# Contains power state information about the AMT-managed computer.
|
63
|
+
class SystemPowerState < AMT::Utility::BitStruct
|
64
|
+
enum 0..3, :power_state, {0 => :s0, 1 => :s1, 2 => :s2, 3 => :s3, 4 => :s4, 5 => :s5,
|
65
|
+
6 => :s4s5, 7 => :g3, 8 => :sleeping, 9 => :g1_sleeping, 10 => :s5_override,
|
66
|
+
11 => :legacy_on, 12 => :legacy_off, 14 => :unknown}, 'System power state'
|
67
|
+
boolean 8, :watchdog_expired, 'Watchdog Timer has expired'
|
68
|
+
enum 9..9, :power_source, {0 => :ac, 1 => :dc}, 'Power source'
|
69
|
+
end
|
70
|
+
|
71
|
+
# Available remote control commands. Used for RemoteControl#remote_control.
|
72
|
+
class RemoteControlCommand < AMT::Utility::Enum
|
73
|
+
add 0x10, :reset, 'Cause a low latency reset'
|
74
|
+
add 0x11, :power_up, 'Bring the system into S0/G0 state'
|
75
|
+
add 0x12, :power_down, 'Force the system into an S5 state'
|
76
|
+
add 0x13, :power_cycle, 'Cause a hard reset of the system'
|
77
|
+
add 0x21, :set_boot_options, 'Set boot options for the next boot'
|
78
|
+
end
|
79
|
+
|
80
|
+
# Available special commands. Used for RemoteControl#remote_control.
|
81
|
+
class SpecialCommand < AMT::Utility::Enum
|
82
|
+
add 0x00, :nop, 'No special command'
|
83
|
+
add 0x01, :pxe_boot, 'Special command parameter is used to specify a PXE parameter'
|
84
|
+
add 0x02, :hard_drive_boot, 'Special command parameter defines the boot-media index'
|
85
|
+
add 0x03, :hard_drive_safe_mode_boot, 'Special command parameter defines the boot-media index'
|
86
|
+
add 0x04, :diagnostic_boot, 'Special command parameter is used to specify a diagnostic parameter'
|
87
|
+
add 0x05, :cd_boot, 'Special command parameter defines the boot-media index'
|
88
|
+
add 0xC1, :intel_oem_command, 'Special command parameter defines the Intel boot options'
|
89
|
+
end
|
90
|
+
|
91
|
+
# Available special command parameters for SpecialCommand <tt>:intel_oem_command</tt>. Used
|
92
|
+
# for RemoteControl#remote_control.
|
93
|
+
class IntelSpecialCommandParameter < AMT::Utility::BitStruct
|
94
|
+
boolean 0, :use_ider, 'Use IDE redirection as boot device'
|
95
|
+
boolean 2, :reflash_bios, 'Reflash the BIOS using IDE redirection'
|
96
|
+
boolean 3, :bios_setup, 'Boot into BIOS setup screen'
|
97
|
+
boolean 4, :bios_pause, 'Boot till operating system load and pause'
|
98
|
+
enum 8..8, :ider_boot_device, {0 => :floppy, 1 => :cd}, 'Device to use on IDE redirection'
|
99
|
+
end
|
100
|
+
|
101
|
+
# Defines a set of bit flags that represent the boot options supported for RemoteControl#remote_control.
|
102
|
+
class BootOptions < AMT::Utility::BitStruct
|
103
|
+
boolean 1, :lock_power_button, 'Disable power button'
|
104
|
+
boolean 2, :lock_reset_button, 'Disable reset button'
|
105
|
+
boolean 5, :lock_keyboard, 'Disallow keyboard during boot'
|
106
|
+
boolean 6, :lock_sleep_button, 'Disable sleep button'
|
107
|
+
boolean 11, :user_password_bypass, 'Bypass any user or boot passwords'
|
108
|
+
boolean 12, :force_progress_events, 'Transmit all progress PET events to alert-sending device'
|
109
|
+
enum 13..14, :firmware_verbosity, {0 => :default, 1 => :quiet, 2 => :verbose, 3 => :blank}, 'Control the verbosity'
|
110
|
+
boolean 15, :configuration_data_reset, 'Reset configuration data'
|
111
|
+
end
|
112
|
+
|
113
|
+
# Available OEM parameters. Used for RemoteControl#remote_control.
|
114
|
+
class OemParameters < AMT::Utility::Enum
|
115
|
+
add 0x01, :use_sol, 'Use Serial over LAN redirection on next boot'
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
@@ -0,0 +1,430 @@
|
|
1
|
+
# -*- coding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'amt/service/basic'
|
4
|
+
require 'digest/md5'
|
5
|
+
|
6
|
+
module AMT
|
7
|
+
|
8
|
+
module Service
|
9
|
+
|
10
|
+
# AMT Service for managing security control and data structures.
|
11
|
+
#
|
12
|
+
# The following service methods are currently not implemented:
|
13
|
+
#
|
14
|
+
# * set_kerberos_options, get_kerberos_options, set_tls_psk, get_pki_capabilities
|
15
|
+
# * All methods specified unter 7.1.3 Certificate Management
|
16
|
+
# * All methods specified under 7.1.5 Environment Detection & VPN Connectivity
|
17
|
+
# * All methods specified under 7.1.6 User Notification
|
18
|
+
# * All methods specified under 7.1.7 Provisioning
|
19
|
+
class SecurityAdministration < Basic
|
20
|
+
|
21
|
+
require 'amt/service/security_administration/structures'
|
22
|
+
|
23
|
+
# Set the state of credential caching for Kerberos.
|
24
|
+
#
|
25
|
+
# [+enabled+] If set to +true+, then the credential cache will be enabled, else disabled.
|
26
|
+
#
|
27
|
+
# Supported by AMT 3.2 and later.
|
28
|
+
def set_credential_cache_state(enabled)
|
29
|
+
soap_call("SetCredentialCacheState") do |msg|
|
30
|
+
msg.add('ns:Enabled', enabled)
|
31
|
+
end.process
|
32
|
+
end
|
33
|
+
|
34
|
+
|
35
|
+
# Return whether the credential cache for Kerberos is enabled.
|
36
|
+
#
|
37
|
+
# Supported by AMT 3.2 and later.
|
38
|
+
def get_credential_cache_state
|
39
|
+
soap_call("GetCredentialCacheState").process do |node|
|
40
|
+
node.xpath('./ns:Enabled/text()').to_boolean
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
|
45
|
+
# Enable or disable various features or interfaces of the AMT device.
|
46
|
+
#
|
47
|
+
# [+interfaces+] An array of EnabledInterface instances that should be enabled. Interfaces
|
48
|
+
# that are not specified will be disabled.
|
49
|
+
#
|
50
|
+
# Supported by AMT 2.0 and later.
|
51
|
+
def set_enabled_interfaces(interfaces)
|
52
|
+
soap_call("SetEnabledInterfaces") do |msg|
|
53
|
+
interfaces.each do |iface|
|
54
|
+
raise ArgumentError, "interface name #{iface} is not valid" unless EnabledInterface.for(iface)
|
55
|
+
msg.add('ns:EnabledInterfaces', EnabledInterface.for(iface).value)
|
56
|
+
end
|
57
|
+
end.process
|
58
|
+
end
|
59
|
+
|
60
|
+
|
61
|
+
# Return the enabled interfaces of the AMT device as array of EnabledInterface instances.
|
62
|
+
# Interfaces that are not in the array are disabled.
|
63
|
+
#
|
64
|
+
# See #set_enabled_interfaces for a list of possible interface names.
|
65
|
+
#
|
66
|
+
# Supported by AMT 2.0 and later.
|
67
|
+
def get_enabled_interfaces
|
68
|
+
soap_call("GetEnabledInterfaces").process do |node|
|
69
|
+
node.xpath('./ns:EnabledInterfaces/text()').collect {|n| EnabledInterface.for(n.to_s)}
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
|
74
|
+
# Set various TLS modes such as enablement and authentication for network interfaces.
|
75
|
+
#
|
76
|
+
# [+tls_options+] A hash containing associations from Interface types to TlsAuthentication
|
77
|
+
# types. Interfaces that are not specified will operate in +NoAuth+ mode.
|
78
|
+
#
|
79
|
+
# *Note*: You also need to call #commit_changes for the changes to actually take effect.
|
80
|
+
#
|
81
|
+
# Supported by AMT 2.0 and later.
|
82
|
+
def set_tls_options(tls_options)
|
83
|
+
soap_call("SetTlsOptions") do |msg|
|
84
|
+
tls_options.each do |it, at|
|
85
|
+
raise ArgumentError, "interface type #{it} is not valid" unless Interface.for(it)
|
86
|
+
raise ArgumentError, "authentication type #{at} is not valid" unless TlsAuthentication.for(at)
|
87
|
+
msg.add('ns:TlsOptions') do |tmsg|
|
88
|
+
tmsg.add('ns:Interface', Interface.for(it).value)
|
89
|
+
tmsg.add('ns:TlsAuthentication', TlsAuthentication.for(at).value)
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end.process
|
93
|
+
end
|
94
|
+
|
95
|
+
|
96
|
+
# Return the currently used authentication modes of TLS as a hash containing associations from
|
97
|
+
# Interface types to TlsAuthentication types. Interface types that are not returned should be
|
98
|
+
# treated as in +NoAuth+ mode.
|
99
|
+
#
|
100
|
+
# Supported by AMT 2.0 and later.
|
101
|
+
def get_tls_options
|
102
|
+
soap_call("GetTlsOptions").process do |node|
|
103
|
+
ifaces = {}
|
104
|
+
node.xpath('./ns:TlsOptions').each do |tnode|
|
105
|
+
ifaces[Interface.for(tnode.xpath('./ns:Interface/text()').to_s)] =
|
106
|
+
TlsAuthentication.for(tnode.xpath('./ns:TlsAuthentication/text()').to_s)
|
107
|
+
end
|
108
|
+
ifaces
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
|
113
|
+
# Commit the pending configuration commands.
|
114
|
+
#
|
115
|
+
# Commands that require calling this method have been documented. Also note that pending
|
116
|
+
# changes may cause a restart sequence of the AMT, so you need to wait a bit before issuing
|
117
|
+
# the next command.
|
118
|
+
#
|
119
|
+
# Supported by AMT 1.0 and later.
|
120
|
+
def commit_changes
|
121
|
+
soap_call("CommitChanges").process
|
122
|
+
end
|
123
|
+
|
124
|
+
|
125
|
+
# Reset the wear-out protection to the initial state for all protected flash sectors.
|
126
|
+
#
|
127
|
+
# Supported by AMT 1.0 and later.
|
128
|
+
def reset_flash_wear_out_protection
|
129
|
+
soap_call("ResetFlashWearOutProtection").process
|
130
|
+
end
|
131
|
+
|
132
|
+
|
133
|
+
# Return the core version of the AMT device as an instance of CoreVersion.
|
134
|
+
#
|
135
|
+
# Supported by AMT 1.0 and later.
|
136
|
+
def get_core_version
|
137
|
+
soap_call("GetCoreVersion").process do |node|
|
138
|
+
CoreVersion.new(*node.xpath('./ns:Version/text()').to_s.scan(/^(\d+)\.(\d+)\.(\d+)$/).first)
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
|
143
|
+
# Unprovision the AMT device to default factory settings.
|
144
|
+
#
|
145
|
+
# [+mode+] The provisioning mode the device should enter after completing the command
|
146
|
+
# (instance of ProvisioningMode).
|
147
|
+
#
|
148
|
+
# Supported by AMT 1.0 and later.
|
149
|
+
def unprovision(mode)
|
150
|
+
soap_call("Unprovision") do |msg|
|
151
|
+
msg.add('ns:ProvisioningMode', ProvisioningMode.for(mode).value)
|
152
|
+
end.process
|
153
|
+
end
|
154
|
+
|
155
|
+
|
156
|
+
# Put the AMT device into a partially-unprovisioned state.
|
157
|
+
#
|
158
|
+
# Supported by AMT 2.0 and later.
|
159
|
+
def partial_unprovision(mode)
|
160
|
+
soap_call("PartialUnprovision").process
|
161
|
+
end
|
162
|
+
|
163
|
+
|
164
|
+
# Return the current provisiong mode of the AMT device as Symbol (one of the PROVISIONING_MODE
|
165
|
+
# keys).
|
166
|
+
#
|
167
|
+
# Supported by AMT 1.0 and later.
|
168
|
+
def get_provisioning_mode
|
169
|
+
soap_call("GetProvisioningMode").process do |node|
|
170
|
+
ProvisioningMode.for(node.xpath('./ns:ProvisioningMode/text()').to_i)
|
171
|
+
end
|
172
|
+
end
|
173
|
+
|
174
|
+
|
175
|
+
# Return the components that blocked the last full or partial unprovisioning request as array
|
176
|
+
# of Symbols.
|
177
|
+
#
|
178
|
+
# Supported by AMT 4.0 and later.
|
179
|
+
def get_unprovisioning_blocking_components
|
180
|
+
soap_call("GetUnprovisioningBlockingComponents").process do |node|
|
181
|
+
(node.xpath('./ns:Components/text()').to_i & 1 == 1 ? [:audit_log] : [])
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
|
186
|
+
# Add a user entry to the AMT device and return the handle to it.
|
187
|
+
#
|
188
|
+
# [+entry+] An instance of UserAclEntryEx containing the information about the user that
|
189
|
+
# should be added.
|
190
|
+
#
|
191
|
+
# Supported by AMT 2.0 and later.
|
192
|
+
def add_user_acl_entry_ex(entry)
|
193
|
+
soap_call("AddUserAclEntryEx") do |msg|
|
194
|
+
msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
|
195
|
+
end.process do |node|
|
196
|
+
node.xpath('./ns:Handle/text()').to_i
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
def add_user_acl_entry_ex_to_message(entry, msg)
|
201
|
+
if entry.user.kind_of?(String)
|
202
|
+
msg.add('ns:KerberosUser') {|krb| krb.add('ns:Sid', entry.user)}
|
203
|
+
else
|
204
|
+
msg.add('ns:DigestUser') {|digest| add_user_to_message(entry.user, digest)}
|
205
|
+
end
|
206
|
+
msg.add('ns:AccessPermission', AccessPermission.for(entry.access_permission).value)
|
207
|
+
msg.add('ns:Realms') do |realm|
|
208
|
+
entry.realms.each {|r| realm.add('ns:Realm', UserAclRealm.for(r).value)}
|
209
|
+
end
|
210
|
+
end
|
211
|
+
private :add_user_acl_entry_ex_to_message
|
212
|
+
|
213
|
+
def add_user_to_message(user, msg)
|
214
|
+
msg.add('ns:Username', user.username)
|
215
|
+
pwd = user.hashed_password
|
216
|
+
if pwd.nil?
|
217
|
+
raise ArgumentError, "No password and no hashed password set" if user.password.nil?
|
218
|
+
pwd = Digest::MD5.digest("#{user.username}:#{get_digest_realm}:#{user.password}")
|
219
|
+
end
|
220
|
+
msg.add('ns:DigestPassword', [pwd].pack('m*'))
|
221
|
+
end
|
222
|
+
private :add_user_to_message
|
223
|
+
|
224
|
+
|
225
|
+
# Enumerate the handles of User ACLs. An array is returned of which the first entry is the
|
226
|
+
# total number of handles available and the second one an array of returned handles.
|
227
|
+
#
|
228
|
+
# [+start_index+] The index indicating the first User ACL handle to be returned.
|
229
|
+
#
|
230
|
+
# *Note*: this method does not return all handles at once. See the official documentation for
|
231
|
+
# *more information.
|
232
|
+
#
|
233
|
+
# Supported by AMT 1.0 and later.
|
234
|
+
def enumerate_user_acl_entries(start_index = 1)
|
235
|
+
soap_call("EnumerateUserAclEntries") do |msg|
|
236
|
+
msg.add('ns:StartIndex', start_index)
|
237
|
+
end.process do |node|
|
238
|
+
tc = node.xpath('./ns:TotalCount/text()').to_i
|
239
|
+
handles = node.xpath('./ns:Handles/ns:Handle/text()').collect {|h| h.to_i}
|
240
|
+
[tc, handles]
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
|
245
|
+
# Return a user ACL entry from the AMT device as instance of UserAclEntryEx.
|
246
|
+
#
|
247
|
+
# [+handle+] Specifies the ACL entry to read.
|
248
|
+
#
|
249
|
+
# Supported by AMT 2.0 and later.
|
250
|
+
def get_user_acl_entry_ex(handle)
|
251
|
+
soap_call("GetUserAclEntryEx") do |msg|
|
252
|
+
msg.add('ns:Handle', handle)
|
253
|
+
end.process do |node|
|
254
|
+
node = node.xpath('./ns:EntryEx')
|
255
|
+
entry = UserAclEntryEx.new
|
256
|
+
if !(krb = node.xpath('./ns:KerberosUser/ns:Sid/text()')).empty?
|
257
|
+
entry.user = krb.to_s
|
258
|
+
else
|
259
|
+
entry.user = User.new(node.xpath('./ns:DigestUser/ns:Username/text()').to_s)
|
260
|
+
end
|
261
|
+
entry.access_permission = AccessPermission.for(node.xpath('./ns:AccessPermission/text()').to_s)
|
262
|
+
entry.realms = node.xpath('./ns:Realms/ns:Realm/text()').collect {|r| UserAclRealm.for(r.to_i)}
|
263
|
+
entry
|
264
|
+
end
|
265
|
+
end
|
266
|
+
|
267
|
+
|
268
|
+
# Update a user entry in the AMT device.
|
269
|
+
#
|
270
|
+
# [+handle+] Specifies the ACL entry to update.
|
271
|
+
# [+entry+] An instance of UserAclEntryEx containing the information about the
|
272
|
+
# user that should be updated.
|
273
|
+
#
|
274
|
+
# Supported by AMT 2.0 and later.
|
275
|
+
def update_user_acl_entry_ex(handle, entry)
|
276
|
+
soap_call("UpdateUserAclEntryEx") do |msg|
|
277
|
+
msg.add('ns:Handle', handle)
|
278
|
+
msg.add('ns:EntryEx') {|msge| add_user_acl_entry_ex_to_message(entry, msge)}
|
279
|
+
end.process
|
280
|
+
end
|
281
|
+
|
282
|
+
|
283
|
+
# Remove the user ACL entry identified by +handle+ from the AMT device.
|
284
|
+
#
|
285
|
+
# [+handle+] Specifies the ACL entry to remove.
|
286
|
+
#
|
287
|
+
# Supported by AMT 1.0 and later.
|
288
|
+
def remove_user_acl_entry(handle)
|
289
|
+
soap_call("RemoveUserAclEntry") do |msg|
|
290
|
+
msg.add('ns:Handle', handle)
|
291
|
+
end.process
|
292
|
+
end
|
293
|
+
|
294
|
+
|
295
|
+
|
296
|
+
# Update the Admin ACL entry in the AMT device.
|
297
|
+
#
|
298
|
+
# [+entry+] An instance of User.
|
299
|
+
#
|
300
|
+
# Supported by AMT 2.0 and later.
|
301
|
+
def set_admin_acl_entry_ex(entry)
|
302
|
+
soap_call("SetAdminAclEntryEx") do |msg|
|
303
|
+
msg.add('ns:EntryEx') {|ex| add_user_to_message(entry, ex)}
|
304
|
+
end.process
|
305
|
+
end
|
306
|
+
|
307
|
+
|
308
|
+
# Return the username of the Admin ACL entry.
|
309
|
+
#
|
310
|
+
# Supported by AMT 1.0 and later.
|
311
|
+
def get_admin_acl_entry
|
312
|
+
soap_call("GetAdminAclEntry").process do |node|
|
313
|
+
node.xpath('./ns:Username/text()').to_s
|
314
|
+
end
|
315
|
+
end
|
316
|
+
|
317
|
+
|
318
|
+
# Return the digest authentication realm of the AMT device (RFC 2617).
|
319
|
+
#
|
320
|
+
# Supported by AMT 2.0 and later.
|
321
|
+
def get_digest_realm
|
322
|
+
soap_call("GetDigestRealm").process do |node|
|
323
|
+
node.xpath('./ns:DigestRealm/text()').to_s
|
324
|
+
end
|
325
|
+
end
|
326
|
+
|
327
|
+
|
328
|
+
# Enable or disable an user ACL entry.
|
329
|
+
#
|
330
|
+
# [+handle+] Specifies the ACL entry that should be enabled or disabled.
|
331
|
+
# [+enabled+] If set to +true+, then the ACL entry will be enabled, else disabled.
|
332
|
+
#
|
333
|
+
# Supported by AMT 3.0 and later.
|
334
|
+
def set_acl_enabled_state(handle, enabled)
|
335
|
+
soap_call("SetAclEnabledState") do |msg|
|
336
|
+
msg.add('ns:Handle', handle)
|
337
|
+
msg.add('ns:Enabled', enabled)
|
338
|
+
end.process
|
339
|
+
end
|
340
|
+
|
341
|
+
|
342
|
+
# Return the enabled/disabled state of an user ACL entry as boolean value.
|
343
|
+
#
|
344
|
+
# [+handle+] Specifies the ACL entry for which the state should be returned.
|
345
|
+
#
|
346
|
+
# Supported by AMT 3.0 and later.
|
347
|
+
def get_acl_enabled_state(handle)
|
348
|
+
soap_call("GetAclEnabledState") do |msg|
|
349
|
+
msg.add('ns:Handle', handle)
|
350
|
+
end.process do |node|
|
351
|
+
node.xpath('./ns:Enabled/text()').to_boolean
|
352
|
+
end
|
353
|
+
end
|
354
|
+
|
355
|
+
|
356
|
+
# Return the guids for all power packages supported by the AMT device.
|
357
|
+
#
|
358
|
+
# Supported by AMT 2.5 and later.
|
359
|
+
def enumerate_power_packages
|
360
|
+
soap_call("EnumeratePowerPackages").process do |node|
|
361
|
+
node.xpath('./ns:PolicyGUID/text()').collect {|uuid| AMT::Utility.binary_to_uuid(uuid.to_s.unpack('m*').first)}
|
362
|
+
end
|
363
|
+
end
|
364
|
+
|
365
|
+
|
366
|
+
# Return the GUID of the currently active power package.
|
367
|
+
#
|
368
|
+
# Supported by AMT 2.5 and later.
|
369
|
+
def get_active_power_package
|
370
|
+
soap_call("GetActivePowerPackage").process do |node|
|
371
|
+
AMT::Utility.binary_to_uuid(node.xpath('./ns:PolicyGUID/text()').to_s.unpack('m*').first)
|
372
|
+
end
|
373
|
+
end
|
374
|
+
|
375
|
+
|
376
|
+
# Return the policy descriptor string associated with a power package.
|
377
|
+
#
|
378
|
+
# [+power_package+] A power package GUID string.
|
379
|
+
#
|
380
|
+
# Supported by AMT 2.5 and later.
|
381
|
+
def get_power_package(power_package)
|
382
|
+
soap_call("GetPowerPackage") do |msg|
|
383
|
+
msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
|
384
|
+
end.process do |node|
|
385
|
+
node.xpath('./ns:PolicyDescriptor/text()').to_s
|
386
|
+
end
|
387
|
+
end
|
388
|
+
|
389
|
+
|
390
|
+
# Set the active power package to the one defined by the power package GUID.
|
391
|
+
#
|
392
|
+
# [+power_package+] A power package GUID string.
|
393
|
+
#
|
394
|
+
# Supported by AMT 2.5 and later.
|
395
|
+
def set_active_power_package(power_package)
|
396
|
+
soap_call("SetActivePowerPackage") do |msg|
|
397
|
+
msg.add('ns:PolicyGUID', [AMT::Utility.uuid_to_binary(power_package)].pack('m*'))
|
398
|
+
end.process
|
399
|
+
end
|
400
|
+
|
401
|
+
|
402
|
+
# Set power policy options that apply independent of the selected power package.
|
403
|
+
#
|
404
|
+
# [+power_policy+] The power policy to use (instance of GlobalPowerPolicy).
|
405
|
+
#
|
406
|
+
# Supported by AMT 2.5 and later.
|
407
|
+
def set_global_power_policy(power_policy)
|
408
|
+
soap_call("SetGlobalPowerPolicy") do |msg|
|
409
|
+
msg.add('ns:GlobalPowerPolicy') do |gpp|
|
410
|
+
gpp.add('ns:IdleWakeTimeout', power_policy.idle_wake_timeout)
|
411
|
+
end
|
412
|
+
end.process
|
413
|
+
end
|
414
|
+
|
415
|
+
|
416
|
+
# Get current global power policy as instance of GlobalPowerPolicy.
|
417
|
+
#
|
418
|
+
# Supported by AMT 2.5 and later.
|
419
|
+
def get_global_power_policy
|
420
|
+
soap_call("GetGlobalPowerPolicy").process do |node|
|
421
|
+
GlobalPowerPolicy.new(node.xpath('./ns:GlobalPowerPolicy/ns:IdleWakeTimeout/text()').to_i)
|
422
|
+
end
|
423
|
+
end
|
424
|
+
|
425
|
+
|
426
|
+
end
|
427
|
+
|
428
|
+
end
|
429
|
+
|
430
|
+
end
|