meshcentral/agents/modules_meshcore_min/amt-apfclient.min.js

Web based remote computer management server

function CreateAPFClient(q,e){if((e.clientuuid==null)||(e.clientuuid.length!=36)){return null}var o={};o.parent=q;o.args=e;o.http=require("http");o.net=require("net");o.forwardClient=null;o.downlinks={};o.pfwd_idx=0;o.timer=null;function u(L,K){return(L.charCodeAt(K)*16777216)+(L.charCodeAt(K+1)<<16)+(L.charCodeAt(K+2)<<8)+L.charCodeAt(K+3)}function n(K){return String.fromCharCode((K>>24)&255,(K>>16)&255,(K>>8)&255,K&255)}function m(K){var M="",L=(""+K).match(/../g),N;while(N=L.shift()){M+=String.fromCharCode("0x"+N)}return M}function h(K){return(K+256).toString(16).substr(-2).toUpperCase()}function w(L){var M="",K;for(K=0;K<L.length;K++){M+=h(L.charCodeAt(K))}return M}function j(K){return(K/256+1/512).toString(16).substring(2,4)}function g(L){var M="",K;for(K=0;K<L.length;K++){M+=j(L[K])}return M}function k(K){if(o.parent.debug){console.log(K)}}function l(K){return K.substring(6,8)+K.substring(4,6)+K.substring(2,4)+K.substring(0,2)+"-"+K.substring(10,12)+K.substring(8,10)+"-"+K.substring(14,16)+K.substring(12,14)+"-"+K.substring(16,20)+"-"+K.substring(20)}function J(L){L=L.replace(/-/g,"");var K=L.substring(6,8)+L.substring(4,6)+L.substring(2,4)+L.substring(0,2)+L.substring(10,12)+L.substring(8,10)+L.substring(14,16)+L.substring(12,14)+L.substring(16,20)+L.substring(20);return K}function f(L){var M="";for(var K=0;K<L;K++){M+=String.fromCharCode(0&255)}return M}var i={INITIAL:0,PROTOCOL_VERSION_SENT:1,AUTH_SERVICE_REQUEST_SENT:2,AUTH_REQUEST_SENT:3,PFWD_SERVICE_REQUEST_SENT:4,GLOBAL_REQUEST_SENT:5,FAILED:-1};o.cirastate=i.INITIAL;var v={REDIR_UNKNOWN:0,REDIR_SOL:1,REDIR_KVM:2,REDIR_IDER:3};o.RedirectStartSol=String.fromCharCode(16,0,0,0,83,79,76,32);o.RedirectStartKvm=String.fromCharCode(16,1,0,0,75,86,77,82);o.RedirectStartIder=String.fromCharCode(16,0,0,0,73,68,69,82);var s=[16992,16993];var d={UNKNOWN:0,DISCONNECT:1,SERVICE_REQUEST:5,SERVICE_ACCEPT:6,USERAUTH_REQUEST:50,USERAUTH_FAILURE:51,USERAUTH_SUCCESS:52,GLOBAL_REQUEST:80,REQUEST_SUCCESS:81,REQUEST_FAILURE:82,CHANNEL_OPEN:90,CHANNEL_OPEN_CONFIRMATION:91,CHANNEL_OPEN_FAILURE:92,CHANNEL_WINDOW_ADJUST:93,CHANNEL_DATA:94,CHANNEL_CLOSE:97,PROTOCOLVERSION:192,KEEPALIVE_REQUEST:208,KEEPALIVE_REPLY:209,KEEPALIVE_OPTIONS_REQUEST:210,KEEPALIVE_OPTIONS_REPLY:211,JSON_CONTROL:250};var c={HOST_NOT_ALLOWED_TO_CONNECT:1,PROTOCOL_ERROR:2,KEY_EXCHANGE_FAILED:3,RESERVED:4,MAC_ERROR:5,COMPRESSION_ERROR:6,SERVICE_NOT_AVAILABLE:7,PROTOCOL_VERSION_NOT_SUPPORTED:8,HOST_KEY_NOT_VERIFIABLE:9,CONNECTION_LOST:10,BY_APPLICATION:11,TOO_MANY_CONNECTIONS:12,AUTH_CANCELLED_BY_USER:13,NO_MORE_AUTH_METHODS_AVAILABLE:14,INVALID_CREDENTIALS:15,CONNECTION_TIMED_OUT:16,BY_POLICY:17,TEMPORARILY_UNAVAILABLE:18};var a={ADMINISTRATIVELY_PROHIBITED:1,CONNECT_FAILED:2,UNKNOWN_CHANNEL_TYPE:3,RESOURCE_SHORTAGE:4,};var b={AdministrativelyProhibited:1,ConnectFailed:2,UnknownChannelType:3,ResourceShortage:4,};o.onSecureConnect=function p(L,M,K){k("APF Secure WebSocket connected.");o.forwardClient.tag={accumulator:[]};o.forwardClient.ws=M;o.forwardClient.ws.on("end",function(){k("APF: Connection is closing.");if(o.timer!=null){clearInterval(o.timer);o.timer=null}if(o.onChannelClosed){o.onChannelClosed(o)}});o.forwardClient.ws.on("data",function(N){o.forwardClient.tag.accumulator+=m(g(N));try{var P=0;do{P=t(o.forwardClient);if(P>0){o.forwardClient.tag.accumulator=o.forwardClient.tag.accumulator.slice(P)}if(o.cirastate==i.FAILED){k("APF: in a failed state, destroying socket.");o.forwardClient.ws.end()}}while(P>0)}catch(O){k(O)}});o.forwardClient.ws.on("error",function(N){k("APF: Connection error, ending connecting.");if(o.timer!=null){clearInterval(o.timer);o.timer=null}});o.state=i.INITIAL;if((typeof o.args.conntype=="number")&&(o.args.conntype!=0)){D(o.forwardClient.ws,{action:"connType",value:o.args.conntype});if(o.args.meiState!=null){D(o.forwardClient.ws,{action:"meiState",value:o.args.meiState})}}G(o.forwardClient.ws,o.args.clientuuid);H(o.forwardClient.ws,"auth@amt.intel.com")};o.updateMeiState=function(K){D(o.forwardClient.ws,{action:"meiState",value:K})};o.sendMeiDeactivationState=function(K){D(o.forwardClient.ws,{action:"deactivate",value:K})};o.sendStartTlsHostConfigResponse=function(K){D(o.forwardClient.ws,{action:"startTlsHostConfig",value:K})};o.sendStopConfigurationResponse=function(K){D(o.forwardClient.ws,{action:"stopConfiguration",value:K})};function D(M,L){var K=JSON.stringify(L);M.write(String.fromCharCode(d.JSON_CONTROL)+n(K.length)+K);k("APF: Send JSON control: "+K)}function G(L,M){var K=String.fromCharCode(d.PROTOCOLVERSION)+n(1)+n(0)+n(0)+m(J(M))+f(64);L.write(K);k("APF: Send protocol version 1 0 "+M);o.cirastate=i.PROTOCOL_VERSION_SENT}function H(M,L){var K=String.fromCharCode(d.SERVICE_REQUEST)+n(L.length)+L;M.write(K);k("APF: Send service request "+L);if(L=="auth@amt.intel.com"){o.cirastate=i.AUTH_SERVICE_REQUEST_SENT}else{if(L=="pfwd@amt.intel.com"){o.cirastate=i.PFWD_SERVICE_REQUEST_SENT}}}function I(N,O,L){var M="pfwd@amt.intel.com";var K=String.fromCharCode(d.USERAUTH_REQUEST)+n(O.length)+O+n(M.length)+M;K+=n(8)+"password";K+=f(1)+n(L.length)+L;N.write(K);k("APF: Send username password authentication to MPS");o.cirastate=i.AUTH_REQUEST_SENT}function C(N,K,L){var O="tcpip-forward";var M=String.fromCharCode(d.GLOBAL_REQUEST)+n(O.length)+O+f(1,1);M+=n(K.length)+K+n(L);N.write(M);k("APF: Send tcpip-forward "+K+":"+L);o.cirastate=i.GLOBAL_REQUEST_SENT}function F(K){K.write(String.fromCharCode(d.KEEPALIVE_REQUEST)+n(255));k("APF: Send keepalive request")}function E(L,K){L.write(String.fromCharCode(d.KEEPALIVE_REPLY)+n(K));k("APF: Send keepalive reply")}function t(X){var N=X.tag.accumulator.charCodeAt(0);var Q=X.tag.accumulator.length;var O=X.tag.accumulator;if(Q==0){return 0}switch(N){case d.SERVICE_ACCEPT:var W=u(O,1),V=O.substring(5,6+W);k("APF: Service request to "+V+" accepted.");if(V=="auth@amt.intel.com"){if(o.cirastate>=i.AUTH_SERVICE_REQUEST_SENT){I(X.ws,o.args.mpsuser,o.args.mpspass)}}else{if(V=="pfwd@amt.intel.com"){if(o.cirastate>=i.PFWD_SERVICE_REQUEST_SENT){C(X.ws,o.args.clientname,s[o.pfwd_idx++])}}}return 5+W;case d.REQUEST_SUCCESS:if(Q>=5){var T=u(O,1);k("APF: Request to port forward "+T+" successful.");if(o.pfwd_idx<s.length){C(X.ws,o.args.clientname,s[o.pfwd_idx++])}else{k("APF: Start keep alive for every "+o.args.mpskeepalive+" ms.");o.timer=setInterval(function(){F(o.forwardClient.ws)},o.args.mpskeepalive)}return 5}k("APF: Request successful.");return 1;case d.USERAUTH_SUCCESS:k("APF: User Authentication successful");H(X.ws,"pfwd@amt.intel.com");return 1;case d.USERAUTH_FAILURE:k("APF: User Authentication failed");o.cirastate=i.FAILED;return 14;case d.KEEPALIVE_REQUEST:k("APF: Keep Alive Request with cookie: "+u(O,1));E(X.ws,u(O,1));return 5;case d.KEEPALIVE_REPLY:k("APF: Keep Alive Reply with cookie: "+u(O,1));return 5;case d.CHANNEL_OPEN:var S=r(O);k("APF: CHANNEL_OPEN request: "+JSON.stringify(S));if(s.indexOf(S.target_port)>=0){var K=o.net.createConnection({host:o.args.clientaddress,port:S.target_port},function(){z(X.ws,S)});K.maxInWindow=S.window_size;K.curInWindow=0;K.on("data",function(Y){y(X.ws,S.sender_chan,Y)});K.on("error",function(Y){A(X.ws,S)});K.on("end",function(){var Y=o.downlinks[S.sender_chan];if(Y!=null){k("Socket ends.");try{x(X.ws,S.sender_chan)}catch(Z){}delete o.downlinks[S.sender_chan]}});o.downlinks[S.sender_chan]=K}else{A(X.ws,S)}return S.len;case d.CHANNEL_OPEN_CONFIRMATION:k("APF: CHANNEL_OPEN_CONFIRMATION");return 17;case d.CHANNEL_CLOSE:var U=u(O,1);k("APF: CHANNEL_CLOSE: "+U);try{o.downlinks[U].end()}catch(P){}return 5;case d.CHANNEL_DATA:k("APF: CHANNEL_DATA: "+JSON.stringify(w(O)));var U=u(O,1);var M=u(O,5);var L=O.substring(9,9+M);var K=o.downlinks[U];if(K!=null){K.curInWindow+=M;try{K.write(Buffer.from(L,"binary"),function(){k("Write completed.");if(this.curInWindow>(this.maxInWindow/2)){B(X.ws,U,this.curInWindow);this.curInWindow=0}})}catch(P){k("Cannot forward data to downlink socket.")}}return 9+M;case d.CHANNEL_WINDOW_ADJUST:k("APF: CHANNEL_WINDOW_ADJUST");return 9;case d.JSON_CONTROL:k("APF: JSON_CONTROL");var Q=u(O,1);if(o.onJsonControl){var R=null;try{R=JSON.parse(O.substring(5,5+Q))}catch(P){}if(R!=null){o.onJsonControl(R)}}return 5+Q;default:k("CMD: "+N+" is not implemented.");o.cirastate=i.FAILED;return 0}}function r(M){var O={cmd:d.CHANNEL_OPEN};var L=u(M,1);O.chan_type=M.substring(5,5+L);O.sender_chan=u(M,5+L);O.window_size=u(M,9+L);var K=u(M,17+L);O.target_address=M.substring(21+L,21+L+K);O.target_port=u(M,21+L+K);var N=u(M,25+L+K);O.origin_address=M.substring(29+L+K,29+L+K+N);O.origin_port=u(M,29+L+K+N);O.len=33+L+K+N;return O}function A(L,K){L.write(String.fromCharCode(d.CHANNEL_OPEN_FAILURE)+n(K.sender_chan)+n(2)+n(0)+n(0));k("APF: Send ChannelOpenFailure")}function z(L,K){L.write(String.fromCharCode(d.CHANNEL_OPEN_CONFIRMATION)+n(K.sender_chan)+n(K.sender_chan)+n(K.window_size)+n(4294967295));k("APF: Send ChannelOpenConfirmation")}function B(M,K,L){M.write(String.fromCharCode(d.CHANNEL_WINDOW_ADJUST)+n(K)+n(L));k("APF: Send ChannelWindowAdjust, channel: "+K+", size: "+L)}function y(M,K,L){M.write(Buffer.concat([Buffer.from(String.fromCharCode(d.CHANNEL_DATA)+n(K)+n(L.length),"binary"),L]));k("APF: Send ChannelData: "+L.toString("hex"))}function x(L,K){L.write(String.fromCharCode(d.CHANNEL_CLOSE)+n(K));k("APF: Send ChannelClose ")}o.connect=function(){if(o.forwardClient!=null){try{o.forwardClient.ws.end()}catch(K){k(K)}}o.cirastate=i.INITIAL;o.pfwd_idx=0;var L=o.http.parseUri(o.args.mpsurl);L.rejectUnauthorized=0;o.forwardClient=o.http.request(L);o.forwardClient.upgrade=o.onSecureConnect;o.forwardClient.end()};o.disconnect=function(){try{o.forwardClient.ws.end()}catch(K){k(K)}};return o}module.exports=CreateAPFClient;