1 |
dpavlin |
2 |
package Intel::AMT::SOAP; |
2 |
|
|
|
3 |
|
|
# based on amttool from amtterm 1.2 from http://dl.bytesex.org/releases/amtterm/ |
4 |
|
|
|
5 |
|
|
use strict; |
6 |
|
|
use warnings; |
7 |
|
|
use SOAP::Lite; |
8 |
|
|
#use SOAP::Lite +trace => 'all'; |
9 |
dpavlin |
5 |
use Data::Dump qw/dump/; |
10 |
dpavlin |
2 |
|
11 |
dpavlin |
5 |
use lib 'lib'; |
12 |
|
|
|
13 |
dpavlin |
2 |
my $amt_host = $ENV{'AMT_HOST'}; |
14 |
|
|
my $amt_port = "16992"; |
15 |
|
|
$main::amt_user = "admin"; |
16 |
|
|
$main::amt_pass = $ENV{'AMT_PASSWORD'}; |
17 |
|
|
my $amt_debug = 0; |
18 |
|
|
$amt_debug = $ENV{'AMT_DEBUG'} if defined($ENV{'AMT_DEBUG'}); |
19 |
|
|
|
20 |
|
|
my $amt_version; |
21 |
|
|
|
22 |
|
|
############################################################################# |
23 |
|
|
# data |
24 |
|
|
|
25 |
|
|
my @ps = ("S0", "S1", "S2", "S3", "S4", "S5 (soft-off)", "S4/S5", "Off"); |
26 |
|
|
|
27 |
|
|
# incomplete list |
28 |
|
|
my %pt_status = ( |
29 |
|
|
0x0 => "success", |
30 |
|
|
0x1 => "internal error", |
31 |
|
|
0x3 => "invalid pt_mode", |
32 |
|
|
0xc => "invalid name", |
33 |
|
|
0xf => "invalid byte_count", |
34 |
|
|
0x10 => "not permitted", |
35 |
|
|
0x17 => "max limit_reached", |
36 |
|
|
0x18 => "invalid auth_type", |
37 |
|
|
0x1a => "invalid dhcp_mode", |
38 |
|
|
0x1b => "invalid ip_address", |
39 |
|
|
0x1c => "invalid domain_name", |
40 |
|
|
0x20 => "invalid provisioning_state", |
41 |
|
|
0x22 => "invalid time", |
42 |
|
|
0x23 => "invalid index", |
43 |
|
|
0x24 => "invalid parameter", |
44 |
|
|
0x25 => "invalid netmask", |
45 |
|
|
0x26 => "flash write_limit_exceeded", |
46 |
|
|
0x800 => "network if_error_base", |
47 |
|
|
0x801 => "unsupported oem_number", |
48 |
|
|
0x802 => "unsupported boot_option", |
49 |
|
|
0x803 => "invalid command", |
50 |
|
|
0x804 => "invalid special_command", |
51 |
|
|
0x805 => "invalid handle", |
52 |
|
|
0x806 => "invalid password", |
53 |
|
|
0x807 => "invalid realm", |
54 |
|
|
0x808 => "storage acl_entry_in_use", |
55 |
|
|
0x809 => "data missing", |
56 |
|
|
0x80a => "duplicate", |
57 |
|
|
0x80b => "eventlog frozen", |
58 |
|
|
0x80c => "pki missing_keys", |
59 |
|
|
0x80d => "pki generating_keys", |
60 |
|
|
0x80e => "invalid key", |
61 |
|
|
0x80f => "invalid cert", |
62 |
|
|
0x810 => "cert key_not_match", |
63 |
|
|
0x811 => "max kerb_domain_reached", |
64 |
|
|
0x812 => "unsupported", |
65 |
|
|
0x813 => "invalid priority", |
66 |
|
|
0x814 => "not found", |
67 |
|
|
0x815 => "invalid credentials", |
68 |
|
|
0x816 => "invalid passphrase", |
69 |
|
|
0x818 => "no association", |
70 |
|
|
); |
71 |
|
|
|
72 |
|
|
|
73 |
|
|
############################################################################# |
74 |
|
|
# soap setup |
75 |
|
|
|
76 |
|
|
my ($nas, $sas, $rcs); |
77 |
|
|
|
78 |
|
|
sub SOAP::Transport::HTTP::Client::get_basic_credentials { |
79 |
|
|
return $main::amt_user => $main::amt_pass; |
80 |
|
|
} |
81 |
|
|
|
82 |
dpavlin |
5 |
sub init() { |
83 |
dpavlin |
2 |
my $proxybase = "http://$amt_host:$amt_port"; |
84 |
|
|
my $schemabase = "http://schemas.intel.com/platform/client"; |
85 |
|
|
|
86 |
|
|
$nas = SOAP::Lite->new( |
87 |
|
|
proxy => "$proxybase/NetworkAdministrationService", |
88 |
|
|
default_ns => "$schemabase/NetworkAdministration/2004/01"); |
89 |
|
|
$sas = SOAP::Lite->new( |
90 |
|
|
proxy => "$proxybase/SecurityAdministrationService", |
91 |
|
|
default_ns => "$schemabase/SecurityAdministration/2004/01"); |
92 |
|
|
$rcs = SOAP::Lite->new( |
93 |
|
|
proxy => "$proxybase/RemoteControlService", |
94 |
|
|
default_ns => "$schemabase/RemoteControl/2004/01"); |
95 |
|
|
|
96 |
|
|
$nas->autotype(0); |
97 |
|
|
$sas->autotype(0); |
98 |
|
|
$rcs->autotype(0); |
99 |
|
|
|
100 |
dpavlin |
5 |
warn $proxybase; |
101 |
|
|
|
102 |
dpavlin |
2 |
$amt_version = $sas->GetCoreVersion()->paramsout; |
103 |
|
|
} |
104 |
|
|
|
105 |
|
|
|
106 |
|
|
############################################################################# |
107 |
|
|
# functions |
108 |
|
|
|
109 |
|
|
sub usage() { |
110 |
|
|
print STDERR <<EOF; |
111 |
|
|
|
112 |
|
|
This utility can talk to Intel AMT managed machines. |
113 |
|
|
|
114 |
|
|
usage: amttool <hostname> [ <command> ] [ <arg(s)> ] |
115 |
|
|
commands: |
116 |
|
|
info - print some machine info (default). |
117 |
|
|
reset - reset machine. |
118 |
|
|
powerup - turn on machine. |
119 |
|
|
powerdown - turn off machine. |
120 |
|
|
powercycle - powercycle machine. |
121 |
|
|
|
122 |
|
|
AMT 2.5+ only: |
123 |
|
|
netinfo - print network config. |
124 |
|
|
netconf <args> - configure network (check manpage). |
125 |
|
|
|
126 |
|
|
Password is passed via AMT_PASSWORD environment variable. |
127 |
|
|
|
128 |
|
|
EOF |
129 |
|
|
} |
130 |
|
|
|
131 |
|
|
sub print_result($) { |
132 |
|
|
my $ret = shift; |
133 |
|
|
my $rc = $ret->result; |
134 |
|
|
my $msg; |
135 |
|
|
|
136 |
|
|
if (!defined($rc)) { |
137 |
|
|
$msg = "soap failure"; |
138 |
dpavlin |
5 |
warn dump( $ret->faultdetail ); |
139 |
dpavlin |
2 |
} elsif (!defined($pt_status{$rc})) { |
140 |
|
|
$msg = sprintf("unknown pt_status code: 0x%x", $rc); |
141 |
|
|
} else { |
142 |
|
|
$msg = "pt_status: " . $pt_status{$rc}; |
143 |
|
|
} |
144 |
|
|
printf "result: %s\n", $msg; |
145 |
|
|
} |
146 |
|
|
|
147 |
|
|
sub print_paramsout($) { |
148 |
|
|
my $ret = shift; |
149 |
|
|
my @paramsout = $ret->paramsout; |
150 |
|
|
print "params: " . join(", ", @paramsout) . "\n"; |
151 |
|
|
} |
152 |
|
|
|
153 |
|
|
sub print_hash { |
154 |
|
|
my $hash = shift; |
155 |
|
|
my $in = shift; |
156 |
|
|
my $wi = shift; |
157 |
|
|
|
158 |
|
|
foreach my $item (sort keys %{$hash}) { |
159 |
|
|
if (ref($hash->{$item}) eq "HASH") { |
160 |
|
|
# printf "%*s%s\n", $in, "", $item; |
161 |
|
|
next; |
162 |
|
|
} |
163 |
|
|
printf "%*s%-*s%s\n", $in, "", $wi, $item, $hash->{$item}; |
164 |
|
|
} |
165 |
|
|
} |
166 |
|
|
|
167 |
|
|
sub print_hash_ipv4 { |
168 |
|
|
my $hash = shift; |
169 |
|
|
my $in = shift; |
170 |
|
|
my $wi = shift; |
171 |
|
|
|
172 |
|
|
foreach my $item (sort keys %{$hash}) { |
173 |
|
|
my $addr = sprintf("%d.%d.%d.%d", |
174 |
|
|
$hash->{$item} / 256 / 256 / 256, |
175 |
|
|
$hash->{$item} / 256 / 256 % 256, |
176 |
|
|
$hash->{$item} / 256 % 256, |
177 |
|
|
$hash->{$item} % 256); |
178 |
|
|
printf "%*s%-*s%s\n", $in, "", $wi, $item, $addr; |
179 |
|
|
} |
180 |
|
|
} |
181 |
|
|
|
182 |
|
|
sub do_soap { |
183 |
|
|
my $soap = shift; |
184 |
|
|
my $name = shift; |
185 |
|
|
my @args = @_; |
186 |
|
|
my $method; |
187 |
|
|
|
188 |
|
|
$method = SOAP::Data->name($name) |
189 |
|
|
->attr( { xmlns => $soap->ns } ); |
190 |
|
|
|
191 |
|
|
if ($amt_debug) { |
192 |
|
|
print "-- \n"; |
193 |
|
|
open XML, "| xmllint --format -"; |
194 |
|
|
print XML $soap->serializer->envelope(method => $method, @_); |
195 |
|
|
close XML; |
196 |
|
|
print "-- \n"; |
197 |
|
|
} |
198 |
|
|
|
199 |
|
|
my $ret = $soap->call($method, @args); |
200 |
|
|
print_result($ret); |
201 |
|
|
return $ret; |
202 |
|
|
} |
203 |
|
|
|
204 |
|
|
sub check_amt_version { |
205 |
|
|
my $major = shift; |
206 |
|
|
my $minor = shift; |
207 |
|
|
|
208 |
|
|
$amt_version =~ m/^(\d+).(\d+)/; |
209 |
|
|
return if $1 > $major; |
210 |
|
|
return if $1 == $major && $2 >= $minor; |
211 |
|
|
die "version mismatch (need >= $major.$minor, have $amt_version)"; |
212 |
|
|
} |
213 |
|
|
|
214 |
|
|
sub print_general_info() { |
215 |
|
|
printf "### AMT info on machine '%s' ###\n", $amt_host; |
216 |
|
|
|
217 |
|
|
printf "AMT version: %s\n", $amt_version; |
218 |
|
|
|
219 |
|
|
my $hostname = $nas->GetHostName()->paramsout; |
220 |
|
|
my $domainname = $nas->GetDomainName()->paramsout; |
221 |
|
|
printf "Hostname: %s.%s\n", $hostname, $domainname; |
222 |
|
|
|
223 |
|
|
my $powerstate = $rcs->GetSystemPowerState()->paramsout; |
224 |
|
|
printf "Powerstate: %s\n", $ps [ $powerstate & 0x0f ]; |
225 |
|
|
} |
226 |
dpavlin |
5 |
|
227 |
|
|
use Intel::AMT::RemoteControl; |
228 |
|
|
|
229 |
|
|
sub describe { |
230 |
|
|
warn 'describe ',dump( @_ ) if $amt_debug; |
231 |
|
|
my ( $value, $map ) = @_; |
232 |
|
|
my $out; |
233 |
|
|
foreach my $name ( keys %$map ) { |
234 |
|
|
push @$out, $name if $value & $map->{$name}; |
235 |
|
|
} |
236 |
|
|
push @$out, sprintf("%x", $value) unless $out; |
237 |
|
|
return $out; |
238 |
|
|
} |
239 |
|
|
|
240 |
|
|
sub RemoteControlCapabilities { |
241 |
dpavlin |
2 |
my @rccaps = $rcs->GetRemoteControlCapabilities()->paramsout; |
242 |
|
|
|
243 |
dpavlin |
5 |
my $return = { |
244 |
|
|
IanaOemNumber => $rccaps[0], |
245 |
|
|
OemDefinedCapabilities => |
246 |
|
|
describe( $rccaps[1], $Intel::AMT::RemoteControl::OemDefinedCapabilitiesSupported ), |
247 |
|
|
SpecialCommand => |
248 |
|
|
describe( $rccaps[2], $Intel::AMT::RemoteControl::SpecialCommandSupported ), |
249 |
|
|
SystemCapabilities => |
250 |
|
|
describe( $rccaps[3], $Intel::AMT::RemoteControl::SystemCapabilitiesSupported ), |
251 |
|
|
SystemFirmwareCapabilities => |
252 |
|
|
describe( $rccaps[4], $Intel::AMT::RemoteControl::SystemFirmwareCapabilitiesSupported ), |
253 |
|
|
}; |
254 |
dpavlin |
2 |
|
255 |
dpavlin |
5 |
warn '# RemoteControlCapabilities ',dump( $return ); |
256 |
|
|
return $return; |
257 |
|
|
} |
258 |
dpavlin |
2 |
|
259 |
dpavlin |
5 |
sub RemoteControl { |
260 |
|
|
my @args; |
261 |
|
|
|
262 |
|
|
my $hostname = $nas->GetHostName()->paramsout; |
263 |
|
|
my $domainname = $nas->GetDomainName()->paramsout; |
264 |
|
|
|
265 |
|
|
warn $hostname, '.', $domainname, ' execute: ', dump( @_ ); |
266 |
|
|
|
267 |
|
|
my $BootOptions; |
268 |
|
|
my $SpecialCommandParameter; |
269 |
|
|
|
270 |
|
|
foreach my $command ( @_ ) { |
271 |
|
|
|
272 |
|
|
my $i; |
273 |
|
|
|
274 |
|
|
if ( $i = $Intel::AMT::RemoteControl::BootOptions->{$command} ) { |
275 |
|
|
if ( $BootOptions ) { |
276 |
|
|
$BootOptions |= $i; |
277 |
|
|
next; |
278 |
|
|
} else { |
279 |
|
|
$BootOptions = $i; |
280 |
|
|
$command = 'SetBootOptions'; |
281 |
|
|
} |
282 |
|
|
} elsif ( $i = $Intel::AMT::RemoteControl::SpecialCommandParameters->{$command} ) { |
283 |
|
|
$SpecialCommandParameter |= $i; |
284 |
|
|
} elsif ( $i = $Intel::AMT::RemoteControl::RemoteControlCommand->{$command} ) { |
285 |
|
|
push @args, SOAP::Data->name( 'Command' => $i ); |
286 |
|
|
} elsif ( $i = $Intel::AMT::RemoteControl::SpecialCommand->{$command} ) { |
287 |
|
|
push @args, SOAP::Data->name( 'SpecialCommand' => $i ); |
288 |
|
|
} elsif ( $i = $Intel::AMT::RemoteControl::OEMParameters->{$command} ) { |
289 |
|
|
push @args, SOAP::Data->name( 'OEMParameters' => $i ); |
290 |
|
|
} else { |
291 |
|
|
die "can't find $command"; |
292 |
|
|
} |
293 |
|
|
|
294 |
|
|
} |
295 |
|
|
|
296 |
|
|
|
297 |
|
|
if ( $BootOptions ) { |
298 |
|
|
warn "invalid BootOptions $BootOptions" unless |
299 |
|
|
( $BootOptions & $Intel::AMT::RemoteControl::BootOptionsReservedBits ); |
300 |
|
|
push @args, SOAP::Data->name( 'BootOptions' => $BootOptions ); |
301 |
|
|
} |
302 |
|
|
|
303 |
|
|
if ( $SpecialCommandParameter ) { |
304 |
|
|
warn "invalid SpecialCommandParameter $SpecialCommandParameter" unless |
305 |
|
|
( $SpecialCommandParameter & $Intel::AMT::RemoteControl::SpecialCommandParametersReservedBits ); |
306 |
|
|
push @args, SOAP::Data->name( 'SpecialCommandParameter' => $SpecialCommandParameter ); |
307 |
|
|
} |
308 |
|
|
|
309 |
|
|
push @args, SOAP::Data->name( 'IanaOemNumber' => $Intel::AMT::RemoteControl::IanaNumbers->{IntelIanaNumber} ); |
310 |
|
|
warn "args ",dump( @args ); |
311 |
|
|
|
312 |
|
|
do_soap($rcs, "RemoteControl", @args); |
313 |
dpavlin |
2 |
} |
314 |
|
|
|
315 |
|
|
sub print_network_info() { |
316 |
|
|
my $ret; |
317 |
|
|
|
318 |
|
|
$ret = $nas->EnumerateInterfaces(); |
319 |
|
|
my @if = $ret->paramsout; |
320 |
|
|
foreach my $if (@if) { |
321 |
|
|
printf "Network Interface %s:\n", $if; |
322 |
|
|
my $arg = SOAP::Data->name('InterfaceHandle' => $if); |
323 |
|
|
$ret = $nas->GetInterfaceSettings($arg); |
324 |
|
|
my $desc = $ret->paramsout; |
325 |
|
|
print_hash($ret->paramsout, 4, 32); |
326 |
|
|
print_hash_ipv4($ret->paramsout->{'IPv4Parameters'}, 8, 28); |
327 |
|
|
} |
328 |
|
|
} |
329 |
|
|
|
330 |
|
|
sub ipv4_addr($$) { |
331 |
|
|
my $name = shift; |
332 |
|
|
my $ipv4 = shift; |
333 |
|
|
|
334 |
|
|
$ipv4 =~ m/(\d+).(\d+).(\d+).(\d+)/ or die "parse ipv4 address: $ipv4"; |
335 |
|
|
my $num = $1 * 256 * 256 * 256 + |
336 |
|
|
$2 * 256 * 246 + |
337 |
|
|
$3 * 256 + |
338 |
|
|
$4; |
339 |
|
|
printf STDERR "ipv4 %-24s: %-16s -> %d\n", $name, $ipv4, $num |
340 |
|
|
if $amt_debug; |
341 |
|
|
return SOAP::Data->name($name => $num); |
342 |
|
|
} |
343 |
|
|
|
344 |
|
|
sub configure_network { |
345 |
|
|
my $if = shift; |
346 |
|
|
my $link = shift; |
347 |
|
|
my $ip = shift; |
348 |
|
|
my $mask = shift; |
349 |
|
|
my $gw = shift; |
350 |
|
|
my $dns1 = shift; |
351 |
|
|
my $dns2 = shift; |
352 |
|
|
|
353 |
|
|
my $mode; |
354 |
|
|
my @ifdesc; |
355 |
|
|
my @ipv4; |
356 |
|
|
|
357 |
|
|
my $method; |
358 |
|
|
my @args; |
359 |
|
|
|
360 |
|
|
# build argument structs ... |
361 |
|
|
die "no interface" if !defined($if); |
362 |
|
|
die "no linkpolicy" if !defined($link); |
363 |
|
|
if (defined($ip)) { |
364 |
|
|
$mode = "SEPARATE_MAC_ADDRESS"; |
365 |
|
|
die "no ip mask" if !defined($mask); |
366 |
|
|
die "no default gw" if !defined($gw); |
367 |
|
|
$dns1 = $gw if !defined($dns1); |
368 |
|
|
$dns2 = "0.0.0.0" if !defined($dns2); |
369 |
|
|
push (@ipv4, ipv4_addr("LocalAddress", $ip)); |
370 |
|
|
push (@ipv4, ipv4_addr("SubnetMask", $mask)); |
371 |
|
|
push (@ipv4, ipv4_addr("DefaultGatewayAddress", $gw)); |
372 |
|
|
push (@ipv4, ipv4_addr("PrimaryDnsAddress", $dns1)); |
373 |
|
|
push (@ipv4, ipv4_addr("SecondaryDnsAddress", $dns2)); |
374 |
|
|
} else { |
375 |
|
|
$mode = "SHARED_MAC_ADDRESS"; |
376 |
|
|
# no ip info -- use DHCP |
377 |
|
|
} |
378 |
|
|
|
379 |
|
|
push (@ifdesc, SOAP::Data->name("InterfaceMode" => $mode)); |
380 |
|
|
push (@ifdesc, SOAP::Data->name("LinkPolicy" => $link)); |
381 |
|
|
push (@ifdesc, SOAP::Data->name("IPv4Parameters" => |
382 |
|
|
\SOAP::Data->value(@ipv4))) |
383 |
|
|
if @ipv4; |
384 |
|
|
|
385 |
|
|
push (@args, SOAP::Data->name("InterfaceHandle" => $if)); |
386 |
|
|
push (@args, SOAP::Data->name("InterfaceDescriptor" => |
387 |
|
|
\SOAP::Data->value(@ifdesc))); |
388 |
|
|
|
389 |
|
|
# perform call |
390 |
|
|
do_soap($nas, "SetInterfaceSettings", @args); |
391 |
|
|
} |
392 |
|
|
|
393 |
|
|
|
394 |
|
|
sub command { |
395 |
|
|
my ($amt_command,$amt_arg) = @_; |
396 |
|
|
|
397 |
dpavlin |
5 |
init; |
398 |
dpavlin |
2 |
|
399 |
|
|
if ($amt_command eq "info") { |
400 |
|
|
print_general_info; |
401 |
dpavlin |
5 |
RemoteControlCapabilities; |
402 |
dpavlin |
2 |
} elsif ($amt_command eq "netinfo") { |
403 |
|
|
check_amt_version(2,5); |
404 |
|
|
print_network_info; |
405 |
|
|
} elsif ($amt_command eq "netconf") { |
406 |
|
|
check_amt_version(2,5); |
407 |
dpavlin |
5 |
configure_network(@_); |
408 |
dpavlin |
2 |
} elsif ($amt_command =~ m/^(reset|powerup|powerdown|powercycle)$/) { |
409 |
|
|
remote_control($amt_command, $amt_arg); |
410 |
|
|
} else { |
411 |
|
|
print "unknown command: $amt_command\n"; |
412 |
|
|
} |
413 |
|
|
|
414 |
|
|
} |
415 |
|
|
|
416 |
|
|
warn 'loaded'; |
417 |
|
|
|
418 |
dpavlin |
5 |
warn 'init ', init; |
419 |
|
|
|
420 |
dpavlin |
2 |
1; |