ci: Protex only scan main

docs: add contributing guidelines

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,16 @@
+## PR Checklist
+<!-- Please check if your PR fulfills the following requirements: -->
+
+- [ ] Unit Tests have been added for new changes
+- [ ] API tests have been updated if applicable
+- [ ] All commented code has been removed
+- [ ] If you've added a dependency, you've ensured license is compatible with Apache 2.0 and clearly outlined the added dependency.
+
+
+## What are you changing?
+<!-- Please provide a short description of the updates that are in the PR -->
+
+
+## Anything the reviewer should know when reviewing this PR?
+
+### If the there are associated PRs in other repositories, please link them here (i.e. open-amt-cloud-toolkit/repo#365 )

.github/workflows/build_all.yml

@@ -24,7 +24,7 @@ jobs:
       - name: Create Build Dir
         run: mkdir build
       - name: Clone
-        run: git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+        run: git clone https://github.com/microsoft/vcpkg.git && cd vcpkg && git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
       - name: Build VCPKG
         run: cd vcpkg && bootstrap-vcpkg.bat
         shell: cmd
@@ -71,7 +71,7 @@ jobs:
       - name: Create Build Dir
         run: mkdir build
       - name: Clone
-        run: git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+        run: git clone https://github.com/microsoft/vcpkg.git && cd vcpkg && git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
       - name: Build VCPKG
         run: cd vcpkg && ./bootstrap-vcpkg.sh
         shell: bash

.github/workflows/changelog.yml

@@ -0,0 +1,20 @@
+name: Changelog Generator
+
+on:  
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with: 
+          fetch-depth: 0
+      - run: docker run -v $PWD:/workdir quay.io/git-chglog/git-chglog --next-tag vNext --output CHANGELOG-new.md vNext.. 
+      - name: GitHub Upload Release Artifacts
+        uses: actions/upload-artifact@v2
+        with:
+          name: CHANGELOG-new.md
+          path: |
+            ./CHANGELOG-new.md

.github/workflows/ci.yml

@@ -7,7 +7,7 @@ name: Build RPC (Native)
 
 on:
   pull_request:
-    branches: [ master ]
+    branches: [ main ]
    
 env:
   BUILD_TYPE: Release
@@ -21,7 +21,7 @@ jobs:
     - name: Create Build Dir
       run: mkdir build
     - name: Clone
-      run: git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+      run: git clone https://github.com/microsoft/vcpkg.git  && cd vcpkg && git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
     - name: Build VCPKG
       run: cd vcpkg && bootstrap-vcpkg.bat
       shell: cmd
@@ -41,8 +41,7 @@ jobs:
       run: cd build && cmake --build . --config Release
     - name: Build RPC (Debug)
       run: cd build && cmake --build . --config Debug
-
-
+        
   build-linux:
     runs-on: ${{ matrix.os }}
     strategy:
@@ -55,7 +54,7 @@ jobs:
     - name: Create Build Dir
       run: mkdir build
     - name: Clone
-      run: git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+      run: git clone https://github.com/microsoft/vcpkg.git && cd vcpkg && git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
     - name: Build VCPKG
       run: cd vcpkg && ./bootstrap-vcpkg.sh
       shell: bash

.github/workflows/docker-ci.yml

@@ -0,0 +1,29 @@
+#*********************************************************************
+# Copyright (c) Intel Corporation 2020
+# SPDX-License-Identifier: Apache-2.0
+#*********************************************************************/
+
+name: Docker Image CI
+
+on:
+  push:
+      branches: [ main ]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Build the Docker image
+        run: docker build -f "Dockerfile" --tag vprodemo.azurecr.io/rpc:${{ github.sha }} --tag vprodemo.azurecr.io/rpc:latest .
+      - name: Docker Login
+        uses: docker/login-action@v1.6.0
+        with:
+          registry: vprodemo.azurecr.io
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          logout: true
+      - name: Push the Docker image to the registry
+        run: docker push vprodemo.azurecr.io/rpc:${{ github.sha }}
+      - name: Push the Docker image to the registry
+        run: docker push vprodemo.azurecr.io/rpc:latest

Build.md

@@ -25,8 +25,9 @@ sudo apt install git cmake build-essential curl zip unzip tar pkg-config
 Open a Terminal window.
 
 ```
-git clone -b 2020.11-1 https://github.com/microsoft/vcpkg.git
+git clone https://github.com/microsoft/vcpkg.git
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 ./bootstrap-vcpkg.sh
 ./vcpkg install cpprestsdk[websockets]
 ```
@@ -68,8 +69,9 @@ Steps below are for Windows 10 and Visual Studio 2019 Professional.
 Open an x64 Native Tools Command Prompt for Visual Studio 2019.
 
 ```
-git clone -b 2020.11-1 https://github.com/microsoft/vcpkg.git
+git clone https://github.com/microsoft/vcpkg.git
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 bootstrap-vcpkg.bat
 vcpkg install cpprestsdk[websockets]:x64-windows-static
 ```

CHANGELOG.md

@@ -1,3 +1,62 @@
+<a name="v2.0.0"></a>
+## v2.0.0
+
+### Build
+- bump version to v1.3.0
+- bump version to v2.0.0
+
+### Ci
+- update scanning
+
+### Docs
+- **readme:** wording
+- **readme:** update readme
+- **security:** added SECURITY.md file
+
+### Feat
+- update to OpenSSL 1.1.1l
+- update workflows and Docker build.
+- Update to latest vcpkg
+- Update docs and scripts for Windows and Ubuntu.
+- format json status messages
+- add AMT wireless adapter info to amtinfo LAN settings.
+
+### Fix
+- klockwork reported success / failure check fix
+- **spelling:** lan inteface -> lan interface in amtinfo
+
+<a name="v1.2.2"></a>
+## [v1.2.2] - 2021-06-22
+### Ci
+- remove Jenkins chron
+- **changelog:** add automation for changelog generation
+
+### Fix
+- update examples text and version
+
+<a name="v1.2.1"></a>
+## [v1.2.1] - 2021-05-06
+
+### Fix
+**docker:** add missing ca-certs
+
+<a name="v1.2.0"></a>
+## v1.2.0
+
+### Ci
+- breakout docker build for merge only
+
+### Feat
+- update RPC version to 1.2.0.
+- BREAKING CHANGE: add heartbeat capability, bump RPC Protocol version to 4.0.0
+- add unit test framework
+- add hostname to activation info
+- **docker:** add dockerfile support for RPC
+
+### Fix
+- use message status instead, cleanup message fields.
+
+
 <a name="v1.1.0"></a>
 ## [v1.1.0] - 2021-02-09
 

CMakeLists.txt

@@ -1,6 +1,6 @@
 cmake_minimum_required (VERSION 3.1)
 
-project (rpc VERSION 1.1.0)
+project (rpc VERSION 2.0.0)
 
 set (CMAKE_CXX_STANDARD 11)
 
@@ -98,8 +98,8 @@ add_executable (rpc
   commands.cpp
   activation.h
   activation.cpp
-  shbc.h
-  shbc.cpp
+  heartbeat.h
+  heartbeat.cpp
   lms.h
   lms.cpp
   main.cpp

CONTRIBUTING.MD

@@ -0,0 +1,101 @@
+## <a name="commit"></a> Commit Message Guidelines
+
+We have precise rules over how our git commit messages should be formatted. This leads to more readable messages that are easy to follow when looking through the project history.
+
+### Commit Message Format
+Each commit message consists of a **header**, a **body** and a **footer**. The header has a special format that includes a **type**, a **scope** and a **subject**:
+
+```
+<type>(<scope>): <subject>
+<BLANK LINE>
+<body>
+<BLANK LINE>
+<footer>
+```
+
+The **header** with **type** is mandatory.  The **scope** of the header is optional as far as the automated PR checks are concerned, but be advised that PR reviewers **may request** you provide an applicable scope.
+
+Any line of the commit message should no be longer 72 characters! This allows the message to be easier to read on GitHub as well as in various git tools.
+
+The footer should contain a reference to an Azure Boards ticket (e.g. AB#[number]).
+
+Example 1:
+```
+feat(telemetry): Add new MQTT events
+
+Events are now emitted over various /mps topics on MQTT for success/failures 
+as they occur throughout the service.
+
+Resolves: AB#2222
+```
+
+
+### Revert
+If the commit reverts a previous commit, it should begin with `revert: `, followed by the header of the reverted commit. In the body it should say: `This reverts commit <hash>.`, where the hash is the SHA of the commit being reverted.
+
+### Type
+
+Must be one of the following:
+
+* **feat**: A new feature
+* **fix**: A bug fix
+* **docs**: Documentation only changes
+* **style**: Changes that do not affect the meaning of the code (white-space, formatting, etc)
+* **refactor**: A code change that neither fixes a bug nor adds a feature
+* **perf**: A code change that improves performance
+* **test**: Adding missing tests or correcting existing tests
+* **build**: Changes that affect the CI/CD pipeline or build system or external dependencies (example scopes: travis, jenkins, makefile)
+* **ci**: Changes provided by DevOps for CI purposes.
+* **revert**: Reverts a previous commit.
+
+### Scope
+
+Should be one of the following:
+Modules:
+* **common**: A change or addition to the common module
+* **tracker**: A change or addition to the tracker module
+* **server**: A change or addition to the server module
+* **msgs**: A change or addition to msgs module
+* **eval**: Any change to benchmark tools
+* **deps**: A change to any dependency or 3rd-party library
+* **all**: A change that affects all modules
+* *no scope*:  If no scope is provided, it is assumed the PR does not apply to the above scopes
+
+### Body
+Just as in the **subject**, use the imperative, present tense: "change" not "changed" nor "changes".
+Here is detailed guideline on how to write the body of the commit message ([Reference](https://chris.beams.io/posts/git-commit/)):
+```
+More detailed explanatory text, if necessary. Wrap it to about 72
+characters or so. In some contexts, the first line is treated as the
+subject of the commit and the rest of the text as the body. The
+blank line separating the summary from the body is critical (unless
+you omit the body entirely); various tools like `log`, `shortlog`
+and `rebase` can get confused if you run the two together.
+
+Explain the problem that this commit is solving. Focus on why you
+are making this change as opposed to how (the code explains that).
+Are there side effects or other unintuitive consequences of this
+change? Here's the place to explain them.
+
+Further paragraphs come after blank lines.
+
+ - Bullet points are okay, too
+
+ - Typically a hyphen or asterisk is used for the bullet, preceded
+   by a single space, with blank lines in between, but conventions
+   vary here
+```
+
+### Footer
+
+The footer should contain a reference to JIRA ticket (e.g. SL6-0000) that this commit **Closes** or **Resolves**.
+The footer should contain any information about **Breaking Changes**.
+
+**Breaking Changes** should start with the word `BREAKING CHANGE:` with a space or two newlines.
+
+
+### Pull Requests practices
+
+* PR author is responsible to merge its own PR after review has been done and CI has passed.
+* When merging, make sure git linear history is preserved. PR author should select a merge option (`Rebase and merge` or `Squash and merge`) based on which option will fit the best to the git linear history.
+* PR topic should follow the same guidelines as the header of the [Git Commit Message](#commit-message-format)

CentOS7.md

@@ -50,8 +50,9 @@ export PATH=/home/user/Downloads/git:$PATH
 Using a Terminal window with the PATH and devtoolset enabled per the Dependencies.
 
 ```
-git clone -b 2020.11-1 https://github.com/microsoft/vcpkg.git
+git clone https://github.com/microsoft/vcpkg.git
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 ./bootstrap-vcpkg.sh
 ./vcpkg install cpprestsdk[websockets]
 ```

CentOS8.md

@@ -28,8 +28,9 @@ sudo yum install cmake
 Using a Terminal window with the PATH and devtoolset enabled per the Dependencies.
 
 ```
-git clone -b 2020.11-1 https://github.com/microsoft/vcpkg.git
+git clone https://github.com/microsoft/vcpkg.git
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 ./bootstrap-vcpkg.sh
 ./vcpkg install cpprestsdk[websockets]
 ```

Dockerfile

@@ -0,0 +1,37 @@
+#*********************************************************************
+# Copyright (c) Intel Corporation 2021
+# SPDX-License-Identifier: Apache-2.0
+#*********************************************************************/
+
+FROM ubuntu:20.04 AS rpc-builder
+
+WORKDIR /
+ARG DEBIAN_FRONTEND=noninteractive
+RUN \
+  apt-get update -y -qq && \
+  apt install -y -qq \
+    git cmake build-essential libssl-dev zlib1g-dev \
+    curl unzip zip pkg-config ca-certificates
+RUN git clone https://github.com/open-amt-cloud-toolkit/rpc.git
+WORKDIR /rpc
+RUN mkdir -p build
+RUN git clone https://github.com/microsoft/vcpkg.git && cd vcpkg && git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
+RUN cd vcpkg && ./bootstrap-vcpkg.sh
+RUN ./vcpkg/vcpkg install cpprestsdk[websockets]
+
+WORKDIR /rpc/build
+RUN cmake -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=/rpc/vcpkg/scripts/buildsystems/vcpkg.cmake ..
+RUN cmake --build .
+
+FROM ubuntu:20.04 
+
+LABEL license='SPDX-License-Identifier: Apache-2.0' \
+      copyright='Copyright (c) 2021: Intel'
+
+WORKDIR /root
+RUN \
+  apt-get update -y -qq && \
+  apt install -y -qq \
+    libssl-dev
+COPY --from=rpc-builder /rpc/build/rpc .
+ENTRYPOINT ["/root/rpc"]

Jenkinsfile

@@ -0,0 +1,159 @@
+pipeline {
+    agent {
+        label 'docker-amt'
+    }
+    options {
+        buildDiscarder(logRotator(numToKeepStr: '5', daysToKeepStr: '30'))
+        timestamps()
+        timeout(unit: 'HOURS', time: 2)
+    }
+    
+    
+    stages {
+        stage ('Cloning Repository') {
+            steps {
+                script {
+                    scmCheckout {
+                        clean = true
+                    }
+                }
+            }
+        }
+        stage('Static Code Scan - Protex') {
+            environment{
+                PROJECT_NAME               = 'OpenAMT - RPC'
+                SCANNERS                   = 'protex'
+            }
+            when {
+                anyOf {
+                    branch 'main';
+                }
+            }
+            steps {
+                rbheStaticCodeScan()
+            }
+        }
+        stage ('Parallel Builds') {
+            parallel {
+                stage ('Linux') {
+                    agent { label 'docker-amt' }
+                    stages {
+                        stage('Build') {
+                            agent {
+                                docker {
+                                    image 'ubuntu:18.04'
+                                    reuseNode true
+                                }
+                            }
+                            steps {
+                                sh './scripts/jenkins-pre-build.sh'
+                                sh './scripts/jenkins-build.sh'
+                                stash includes: 'build/rpc', name: 'linux-rpc-app'
+                            }
+                        }
+                        stage ('Archive') {
+                            steps {
+                                archiveArtifacts allowEmptyArchive: true, artifacts: 'build/rpc', caseSensitive: false, onlyIfSuccessful: true
+                            }
+                        }
+                    }
+                }
+                stage ('Windows') {
+                    agent { label 'openamt-win' }
+                    stages{
+                        stage ('Build') {
+                            steps {
+                                bat 'scripts\\jenkins-pre-build.cmd'
+                                bat 'scripts\\jenkins-build.cmd'
+                                // prepare stash for the binary scan
+                                stash includes: '**/*.exe', name: 'win-rpc-app'
+                            }
+                        }
+                        stage ('Archive') {
+                            steps {
+                                archiveArtifacts allowEmptyArchive: true, artifacts: 'build\\Release\\rpc.exe', caseSensitive: false, onlyIfSuccessful: true
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        stage('Prep Binary') {
+            steps {
+                sh 'mkdir -p ./bin'
+                dir('./bin') {
+                    unstash 'linux-rpc-app'
+                    unstash 'win-rpc-app'
+                }
+            }
+        }
+        stage('Linux Scans') {
+            environment{
+                PROJECT_NAME               = 'OpenAMT - RPC - Linux'
+                SCANNERS                   = 'bdba,klocwork'
+
+                // protecode details
+                PROTECODE_BIN_DIR          = './bin'
+                PROTECODE_INCLUDE_SUB_DIRS = true
+                
+                // klocwork details
+                KLOCWORK_SCAN_TYPE             = 'c++'
+                KLOCWORK_PRE_BUILD_SCRIPT      = './scripts/jenkins-pre-build.sh'
+                KLOCWORK_BUILD_COMMAND         = './scripts/jenkins-build.sh'
+                KLOCWORK_IGNORE_COMPILE_ERRORS = true
+
+                // publishArtifacts details
+                PUBLISH_TO_ARTIFACTORY         = true
+            }
+            steps {
+                rbheStaticCodeScan()
+                dir('artifacts/Klockwork'){
+                    sh 'cp kw_report.html kw_report_linux.html'
+                    sh 'cp kw_report.csv kw_report_linux.csv'
+                    archiveArtifacts allowEmptyArchive: true, artifacts: 'kw_report_linux.html'
+                    archiveArtifacts allowEmptyArchive: true, artifacts: 'kw_report_linux.csv'
+                }
+                
+            }
+        }
+        stage('Windows Scans'){
+            agent { label 'openamt-win' }
+            stages{
+                stage ('Windows Scans - klocwork') {
+                    environment {
+                        PROJECT_NAME                   = 'OpenAMT - RPC - Windows'
+                        SCANNERS                       = 'klocwork'
+
+                        // klocwork details
+                        KLOCWORK_SCAN_TYPE             = 'c++'
+                        KLOCWORK_PRE_BUILD_SCRIPT      = 'scripts\\jenkins-pre-build.cmd'
+                        KLOCWORK_BUILD_COMMAND         = 'scripts\\jenkins-build.cmd'
+                        KLOCWORK_IGNORE_COMPILE_ERRORS = true
+
+                        // publishArtifacts details
+                        PUBLISH_TO_ARTIFACTORY         = true
+                    }
+                    steps {
+                        rbheStaticCodeScan()
+                        dir('artifacts\\Klockwork'){
+                            bat 'copy kw_report.html kw_report_windows.html'
+                            bat 'copy kw_report.csv kw_report_windows.csv'
+                            stash includes: 'kw_report_windows.*', name: 'win-kwreports'
+                            archiveArtifacts allowEmptyArchive: true, artifacts: 'kw_report_windows.html'
+                            archiveArtifacts allowEmptyArchive: true, artifacts: 'kw_report_windows.csv'
+                        }
+                    }
+                }
+            }
+        }
+        stage('Publish Artifacts'){
+            steps{
+                dir('artifacts/Klockwork'){
+                    unstash 'win-kwreports'
+                }
+                publishArtifacts()
+            }
+        }
+    }
+}

MicroLMS/heci/PTHICommand.c

@@ -171,10 +171,6 @@ const PTHI_MESSAGE_HEADER GET_UUID_REQUEST_HEADER = {
 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_UUID_REQUEST}}, 0
 };
 
-const PTHI_MESSAGE_HEADER GET_START_CONFIG_HBASED_REQUEST_HEADER = {
-	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_START_CONFIG_HBASED_REQUEST}}, 396
-};
-
 AMT_STATUS _call(const unsigned char *command, UINT32 command_size, UINT8 **readBuffer, UINT32 rcmd, unsigned int expSize)
 {
 	UINT32 inBuffSize;
@@ -1506,43 +1502,4 @@ AMT_STATUS pthi_GetUUID(AMT_UUID *uuid)
 	return status;
 }
 
-/*
- * Start Configuration Host Based 
- * Arguments:
- *	request - host based configuration input parameters provided by the caller
- *	response - host based configuration output parameters returned to the caller
- * Return values: (A status code returned in a response message that indicates whether the operation specified in the corresponding request message succeeded or failed. If the operation failed, this code indicates the specific reason for failure. Possible values described below.)
- *	AMT_STATUS_SUCCESS - Request succeeded.
- *  AMT_STATUS_INTERNAL_ERROR - An internal error to the AMT device has occurred. This may indicate an interface error, or a AMT application error.
- *  AMT_STATUS_INVALID_MESSAGE_LENGTH - Length field of header is invalid.
- * 
- */
-AMT_STATUS pthi_StartConfigHBased(CFG_START_CONFIG_HBASED_REQUEST_INFO *request, CFG_START_CONFIG_HBASED_RESPONSE_INFO *response)
-{
-	UINT8* readBuffer = NULL;
-	UINT32 command_size = sizeof(CFG_START_CONFIG_HBASED_REQUEST);
-	unsigned char command[sizeof(CFG_START_CONFIG_HBASED_REQUEST)];
-	AMT_STATUS status;
-	CFG_START_CONFIG_HBASED_RESPONSE* tmp_response;
-
-	memset(command, 0, sizeof(CFG_START_CONFIG_HBASED_REQUEST));
-	memcpy_s(command, sizeof(command), (char*)&(GET_START_CONFIG_HBASED_REQUEST_HEADER), sizeof(GET_START_CONFIG_HBASED_REQUEST_HEADER));
-
-	((CFG_START_CONFIG_HBASED_REQUEST*)command)->Info.ServerHashAlgorithm = request->ServerHashAlgorithm;
-	((CFG_START_CONFIG_HBASED_REQUEST*)command)->Info.HostVPNEnable = request->HostVPNEnable;
-	((CFG_START_CONFIG_HBASED_REQUEST*)command)->Info.SuffixListLen = request->SuffixListLen;
-	memcpy_s(((CFG_START_CONFIG_HBASED_REQUEST*)command)->Info.ServerCertHash, 64, request->ServerCertHash, 64);
-	memcpy_s(((CFG_START_CONFIG_HBASED_REQUEST*)command)->Info.NetworkDnsSuffixList, 320, request->NetworkDnsSuffixList, 320);
-
-	status = _call(command, command_size, &readBuffer, GET_START_CONFIG_HBASED_RESPONSE, sizeof(CFG_START_CONFIG_HBASED_RESPONSE));
-
-	if (status == AMT_STATUS_SUCCESS)
-	{
-		tmp_response = (CFG_START_CONFIG_HBASED_RESPONSE*)readBuffer;
-		memcpy_s(response, sizeof(CFG_START_CONFIG_HBASED_RESPONSE_INFO), &(tmp_response->Info), sizeof(CFG_START_CONFIG_HBASED_RESPONSE_INFO));
-	}
-	if (readBuffer != NULL) free(readBuffer);
-	return status;
-}
-
 #endif

MicroLMS/heci/PTHICommand.h

@@ -664,38 +664,6 @@ typedef struct _CFG_GET_UUID_RESPONSE
 	AMT_UUID 					 UUID;
 } CFG_GET_UUID_RESPONSE;
 
-typedef struct _CFG_START_CONFIG_HBASED_REQUEST_INFO
-{
-	CERT_HASH_ALGORITHM ServerHashAlgorithm;
-	UINT8               ServerCertHash[CERT_HASH_MAX_LENGTH];
-	AMT_BOOLEAN         HostVPNEnable;
-	UINT32              SuffixListLen;
-	CHAR                NetworkDnsSuffixList[320];
-	
-} CFG_START_CONFIG_HBASED_REQUEST_INFO;
-
-typedef struct _CFG_START_CONFIG_HBASED_REQUEST
-{
-	PTHI_MESSAGE_HEADER Header;
-	CFG_START_CONFIG_HBASED_REQUEST_INFO Info;
-
-} CFG_START_CONFIG_HBASED_REQUEST;
-
-typedef struct _CFG_START_CONFIG_HBASED_RESPONSE_INFO
-{
-	PTHI_RESPONSE_MESSAGE_HEADER Header;
-	AMT_STATUS			Status;
-	CERT_HASH_ALGORITHM HashAlgorithm;
-	UINT8 AMTCertHash[CERT_HASH_MAX_LENGTH];
-} CFG_START_CONFIG_HBASED_RESPONSE_INFO;
-
-
-typedef struct _CFG_START_CONFIG_HBASED_RESPONSE
-{
-	PTHI_RESPONSE_MESSAGE_HEADER Header;
-	CFG_START_CONFIG_HBASED_RESPONSE_INFO Info;
-} CFG_START_CONFIG_HBASED_RESPONSE;
-
 #pragma pack()
 
 
@@ -733,7 +701,6 @@ AMT_STATUS pthi_Unprovision(CFG_PROVISIONING_MODE provisionMode);
 AMT_STATUS pthi_GetStateEHBC(AMT_EHBC_STATE *state);
 AMT_STATUS pthi_GetControlMode(int *state);
 AMT_STATUS pthi_GetUUID(AMT_UUID *uuid);
-AMT_STATUS pthi_StartConfigHBased(CFG_START_CONFIG_HBASED_REQUEST_INFO* request, CFG_START_CONFIG_HBASED_RESPONSE_INFO* response);
 
 #define PROVISIONING_MODE_REQUEST 0x04000008
 #define PROVISIONING_MODE_RESPONSE 0x04800008
@@ -864,9 +831,6 @@ const PTHI_MESSAGE_HEADER GET_CONTROL_MODE_HEADER;
 #define GET_UUID_REQUEST 0x400005c
 #define GET_UUID_RESPONSE 0x480005c
 
-#define GET_START_CONFIG_HBASED_REQUEST 0x400008b
-#define GET_START_CONFIG_HBASED_RESPONSE 0x480008b
-
 #endif
 
 #endif

README.md

@@ -4,26 +4,43 @@
 
 The Remote Provisioning Client (RPC) is an application that enables remote capabilities for Intel® AMT, such as as device activation and configuration. To accomplish this, RPC communicates with the Remote Provisioning Server (RPS) to activate and connect the edge device.
 
+<br><br>
+
 **For detailed documentation** about RPC or other features of the Open AMT Cloud Toolkit, see the [docs](https://open-amt-cloud-toolkit.github.io/docs/).
 
+<br>
+
 ## Prerequisites
 
 We leverage GitHub Actions as a means to build RPC automatically leveraging Github's CI/CD Infrastructure. This avoids having to deal with the challenges of getting your build environment just right on your local machine and allows you to get up and running much faster. Read more about GitHub Actions [here](https://github.blog/2019-08-08-github-actions-now-supports-ci-cd/#:~:text=GitHub%20Actions%20is%20an%20API,every%20step%20along%20the%20way.)
 
-## Build the Remote Provisioning Client (RPC)
 
 <p align="center">
 <img src="assets/animations/forkandbuild.gif" width="650"  />
 </p>
 
-1. Create a fork of the rpc repository [here](https://github.com/open-amt-cloud-toolkit/rpc/fork) or via the Fork button in the top-right corner of the rpc repository.
+## Build the Remote Provisioning Client (RPC)
 
-2. Click on "Actions" and Select "Build RPC (Native)" Workflow.
+1. <a href="https://github.com/open-amt-cloud-toolkit/rpc/fork" target="_blank">Create a fork of rpc on GitHub.</a>
 
-3. Click "Run Workflow", select branch "master", and click "Run Workflow".
+2. Click on the **Actions** tab at the top and select **Build RPC (Native) Debug/Release**.
 
-4. Grab a coffee. The build for Windows will take approximately 30 minutes and the build for Linux will take approximately 5 minutes.
+3. Click the **Run Workflow** dropdown. 
 
-5. Once complete, click the completed job, and download the appropriate RPC for your OS under the "Artifacts" section.
+4. Select the **Branch: main**, or a preferred version, from the **Use workflow from** dropdown. 
 
-For detailed documentation about RPC and using it to activate a device, see the [docs](https://open-amt-cloud-toolkit.github.io/docs/)
+5. By default, the Build Type should be **release**.  
+
+6. Click the **Run Workflow** button. Grab a coffee and take a break! The build time ranges from 15 to 20 minutes.
+
+8. Once the download is complete, click the completed job which will feature a green checkmark.
+
+9. Download the appropriate RPC for your managed device's OS under the **Artifacts** section.
+
+### To Delete your workflow run
+
+1. Click the ellipsis ( **...** ) menu for the workflow. 
+
+2. Choose the **Delete workflow run** option.
+
+For detailed documentation about RPC and using it to activate a device, see the [docs](https://open-amt-cloud-toolkit.github.io/docs/)

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation. 
+
+## Reporting a Vulnerability
+Please report any security vulnerabilities in this project utilizing the guidelines [here](https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html).

activation.h

@@ -8,7 +8,7 @@
 
 #include <string>
 
-#define PROTOCOL_VERSION "3.0.0"
+#define PROTOCOL_VERSION "4.0.0"
 
 #ifdef _WIN32
 #define convertstring   to_utf16string

commands.cpp

@@ -32,9 +32,6 @@ bool cmd_is_admin()
 
 bool cmd_get_version(std::string& version)
 {
-    version = "14.0.0";                                     // FIXME: REMOVE WHEN HW AVAILABLE
-    return true;                                            // FIXME: REMOVE WHEN HW AVAILABLE
-
     version.clear();
 
     // initialize HECI interface
@@ -285,51 +282,54 @@ bool cmd_get_certificate_hashes(std::vector<cert_hash_entry>& hash_entries)
         for (int i = 0; i < (int) amt_hash_handles.Length; i++)
         {
             // get each entry
-            AMT_STATUS status = pthi_GetCertificateHashEntry(amt_hash_handles.Handles[i], &certhash_entry);
+            AMT_STATUS amt_status = pthi_GetCertificateHashEntry(amt_hash_handles.Handles[i], &certhash_entry);
 
-            int hashSize;
-            cert_hash_entry tmp;
-            switch (certhash_entry.HashAlgorithm) {
-            case 0: // MD5
-                hashSize = 16;
-                tmp.algorithm = "MD5";
-                break;
-            case 1: // SHA1
-                hashSize = 20;
-                tmp.algorithm = "SHA1";
-                break;
-            case 2: // SHA256
-                hashSize = 32;
-                tmp.algorithm = "SHA256";
-                break;
-            case 3: // SHA512
-                hashSize = 64;
-                tmp.algorithm = "SHA512";
-                break;
-            default:
-                hashSize = 0;
-                tmp.algorithm = "UNKNOWN";
-                break;
-            }
-
-            if (certhash_entry.IsActive == 1) 
+            if (amt_status == 0)
             {
-                std::string cert_name(certhash_entry.Name.Buffer, certhash_entry.Name.Length);
-                tmp.name = cert_name;
-                tmp.is_default = certhash_entry.IsDefault;
-                tmp.is_active = certhash_entry.IsActive;
-
-                std::string hashString;
-                for (int i = 0; i < hashSize; i++)
-                {
-                    char hex[10];
-                    snprintf(hex, 10, "%02x", certhash_entry.CertificateHash[i]);
-                    hashString += hex;
+                int hashSize;
+                cert_hash_entry tmp;
+                switch (certhash_entry.HashAlgorithm) {
+                case 0: // MD5
+                    hashSize = 16;
+                    tmp.algorithm = "MD5";
+                    break;
+                case 1: // SHA1
+                    hashSize = 20;
+                    tmp.algorithm = "SHA1";
+                    break;
+                case 2: // SHA256
+                    hashSize = 32;
+                    tmp.algorithm = "SHA256";
+                    break;
+                case 3: // SHA512
+                    hashSize = 64;
+                    tmp.algorithm = "SHA512";
+                    break;
+                default:
+                    hashSize = 0;
+                    tmp.algorithm = "UNKNOWN";
+                    break;
                 }
 
-                tmp.hash = hashString;
+                if (certhash_entry.IsActive == 1)
+                {
+                    std::string cert_name(certhash_entry.Name.Buffer, certhash_entry.Name.Length);
+                    tmp.name = cert_name;
+                    tmp.is_default = certhash_entry.IsDefault;
+                    tmp.is_active = certhash_entry.IsActive;
 
-                hash_entries.push_back(tmp);
+                    std::string hashString;
+                    for (int i = 0; i < hashSize; i++)
+                    {
+                        char hex[10];
+                        snprintf(hex, 10, "%02x", certhash_entry.CertificateHash[i]);
+                        hashString += hex;
+                    }
+
+                    tmp.hash = hashString;
+
+                    hash_entries.push_back(tmp);
+                }
             }
         }
 
@@ -380,14 +380,14 @@ bool cmd_get_remote_access_connection_status(int& network_status, int& remote_st
     return false;
 }
 
-bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings)
+bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings, bool wired_interface)
 {
     // initialize HECI interface
     if (heci_Init(NULL, PTHI_CLIENT) == 0) return false;
 
     // get wired interface
     LAN_SETTINGS lan_settings;
-    UINT32 interface_settings = 0; // wired=0, wireless=1
+    UINT32 interface_settings = (wired_interface) ? 0 : 1; // wired=0, wireless=1
     AMT_STATUS amt_status = pthi_GetLanInterfaceSettings(interface_settings, &lan_settings);
     if (amt_status == 0)
     {
@@ -396,11 +396,13 @@ bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settin
         lan_interface_settings.dhcp_enabled = lan_settings.DhcpEnabled;
         lan_interface_settings.link_status  = lan_settings.LinkStatus;
 
+        lan_interface_settings.ip_address.clear();
         lan_interface_settings.ip_address.push_back((lan_settings.Ipv4Address >> 24) & 0xff);
         lan_interface_settings.ip_address.push_back((lan_settings.Ipv4Address >> 16) & 0xff);
         lan_interface_settings.ip_address.push_back((lan_settings.Ipv4Address >> 8) & 0xff);
         lan_interface_settings.ip_address.push_back((lan_settings.Ipv4Address) & 0xff);
 
+        lan_interface_settings.mac_address.clear();
         lan_interface_settings.mac_address.push_back(lan_settings.MacAddress[0]);
         lan_interface_settings.mac_address.push_back(lan_settings.MacAddress[1]);
         lan_interface_settings.mac_address.push_back(lan_settings.MacAddress[2]);
@@ -413,76 +415,3 @@ bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settin
 
     return false;
 }
-
-bool cmd_start_config_host_based(config_host_based_settings& server_cert, config_host_based_settings& amt_cert)
-{
-    amt_cert.algorithm = "MD5";                              // FIXME: REMOVE WHEN HW AVAILABLE
-    amt_cert.hash = "000102030405060708090a0b0c0d0e0f";      // FIXME: REMOVE WHEN HW AVAILABLE
-    return true;                                             // FIXME: REMOVE WHEN HW AVAILABLE
-
-    // initialize HECI interface
-    if (heci_Init(NULL, PTHI_CLIENT) == 0) return false;
-
-    CFG_START_CONFIG_HBASED_REQUEST_INFO request;
-    CFG_START_CONFIG_HBASED_RESPONSE_INFO response;
-
-    memset(&request, 0, sizeof(CFG_START_CONFIG_HBASED_REQUEST_INFO));
-    memset(&response, 0, sizeof(CFG_START_CONFIG_HBASED_RESPONSE_INFO));
-
-    if (server_cert.algorithm == "MD5") 
-    {
-        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_MD5;
-    }
-    else if (server_cert.algorithm == "SHA1")
-    {
-        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA1;
-    }
-    else if (server_cert.algorithm == "SHA256")
-    {
-        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA256;
-    }
-    else if (server_cert.algorithm == "SHA512")
-    {
-        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA512;
-    }
-    else
-    {
-        return false;
-    }
-
-    std::vector<char> cert_bytes;
-    util_hex_string_to_bytes(server_cert.hash, cert_bytes);
-    std::copy(std::begin(cert_bytes), std::end(cert_bytes), request.ServerCertHash);
-
-    // start secure host based configuration
-    AMT_STATUS amt_status = pthi_StartConfigHBased(&request, &response);
-
-    if (amt_status == 0)
-    {
-        switch (response.HashAlgorithm)
-        {
-        case CERT_HASH_ALGORITHM_MD5:
-            amt_cert.algorithm = "MD5";
-            break;
-        case CERT_HASH_ALGORITHM_SHA1:
-            amt_cert.algorithm = "SHA1";
-            break;
-        case CERT_HASH_ALGORITHM_SHA256:
-            amt_cert.algorithm = "SHA256";
-            break;
-        case CERT_HASH_ALGORITHM_SHA512:
-            amt_cert.algorithm = "SHA512";
-            break;
-        default:
-            break;
-        }
-
-        std::vector<char> hash;
-        std::copy(std::begin(response.AMTCertHash), std::end(response.AMTCertHash), std::begin(hash));
-        util_bytes_to_hex_string(hash, amt_cert.hash);
-
-        return true;
-    }
-
-    return false;
-}

commands.h

@@ -37,12 +37,6 @@ struct fqdn_settings
     std::string fqdn;
 };
 
-struct config_host_based_settings
-{
-    std::string hash;
-    std::string algorithm;
-};
-
 bool cmd_is_admin();
 bool cmd_get_version(std::string& version);
 bool cmd_get_build_number(std::string& version);
@@ -55,7 +49,6 @@ bool cmd_get_dns_suffix(std::string& suffix);
 bool cmd_get_wired_mac_address(std::vector<unsigned char>& address);
 bool cmd_get_certificate_hashes(std::vector<cert_hash_entry>& hash_entries);
 bool cmd_get_remote_access_connection_status(int& network_status, int& remote_status, int& remote_trigger, std::string& mps_hostname);
-bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings);
-bool cmd_start_config_host_based(config_host_based_settings& server_cert, config_host_based_settings& amt_cert);
+bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings, bool wired_interface = true);
 
 #endif

heartbeat.cpp

@@ -3,41 +3,23 @@
 * SPDX-License-Identifier: Apache-2.0
 **********************************************************************/
 
-#include "activation.h"
+#include "heartbeat.h"
 #include <cpprest/ws_client.h>
 #include <cpprest/json.h>
 #include <cpprest/streams.h>
 #include <iostream>
 #include <string>
+#include "activation.h"
 #include "version.h"
 #include "commands.h"
 #include "network.h"
 #include "utils.h"
 
-bool get_response_payload(std::string cert_algo, std::string cert_hash, web::json::value& payload)
-{
-    web::json::value value;
-    utility::string_t tmp;
-    web::json::value configParams;
-
-    // get client string
-    tmp = utility::conversions::convertstring(cert_algo);
-    configParams[U("algorithm")] = web::json::value::string(tmp);
-
-    // get certificate hashes
-    tmp = utility::conversions::convertstring(cert_hash);
-    configParams[U("hash")] = web::json::value::string(tmp);
-
-    payload = configParams;
-
-    return true;
-}
-
-bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::string& response)
+bool heartbeat_create_response(std::string& response)
 {
     web::json::value msg;
 
-    utility::string_t tmp = utility::conversions::convertstring("secure_config_response");
+    utility::string_t tmp = utility::conversions::convertstring("heartbeat_response");
     msg[U("method")] = web::json::value::string(tmp);
 
     tmp = utility::conversions::convertstring("");
@@ -49,21 +31,15 @@ bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::str
     tmp = utility::conversions::convertstring(PROTOCOL_VERSION);
     msg[U("protocolVersion")] = web::json::value::string(tmp);
 
-    tmp = utility::conversions::convertstring("");
+    tmp = utility::conversions::convertstring("success");
     msg[U("status")] = web::json::value::string(tmp);
 
     tmp = utility::conversions::convertstring("");
     msg[U("message")] = web::json::value::string(tmp);
 
-    // get the activation payload
-    web::json::value responsePayload;
-    if (!get_response_payload(cert_algo, cert_hash, responsePayload)) return false;
-
-    // serialize payload
-    std::string serializedPayload = utility::conversions::to_utf8string(responsePayload.serialize());
-    std::string encodedPayload = util_encode_base64(serializedPayload);
-    utility::string_t payload = utility::conversions::to_string_t(encodedPayload);
-    msg[U("payload")] = web::json::value::string(payload);
+    // set empty payload
+    tmp = utility::conversions::convertstring("");
+    msg[U("payload")] = web::json::value::string(tmp);
 
     // serialize the entire message
     response = utility::conversions::to_utf8string(msg.serialize());

heartbeat.h

@@ -3,17 +3,11 @@
 * SPDX-License-Identifier: Apache-2.0
 **********************************************************************/
 
-#ifndef __SHBC_H__
-#define __SHBC_H__
+#ifndef __HEARTBEAT_H__
+#define __HEARTBEAT_H__
 
 #include <string>
 
-#ifdef _WIN32
-#define convertstring   to_utf16string
-#else
-#define convertstring   to_utf8string
-#endif
-
-bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::string& response);
+bool heartbeat_create_response(std::string& response);
 
 #endif 

info.cpp

@@ -20,7 +20,7 @@ void out_text(const std::string name, const std::vector<unsigned char> value, co
     for (unsigned char tmp : value)
     {
         (hex) ? std::cout << std::setfill('0') << std::setw(2) << std::hex << (unsigned int)tmp
-              : std::cout << (unsigned int)tmp;
+              : std::cout << std::dec << (unsigned int)tmp;
 
         if (char_count++ < value.size())
         {
@@ -270,15 +270,41 @@ bool info_get_lan_interface_settings()
     tmp.ip_address.clear();
     tmp.mac_address.clear();
 
-    if (!cmd_get_lan_interface_settings(tmp)) return false;
+    bool hasWired = cmd_get_lan_interface_settings(tmp);
+    if (hasWired)
+    {
+        out_text("LAN Interface", "wired");
+        out_text("DHCP Enabled", (tmp.dhcp_enabled) ? "true" : "false");
+        out_text("DHCP Mode", (tmp.dhcp_mode == 1) ? "active" : "passive");
+        out_text("Link Status", (tmp.link_status) ? "up" : "down");
+        out_text("IP Address", tmp.ip_address, '.', false);
+        out_text("MAC Address", tmp.mac_address, ':');
+    }
+    
+    tmp.is_enabled = false;
+    tmp.link_status = false;
+    tmp.dhcp_enabled = false;
+    tmp.dhcp_mode = 0;
+    tmp.ip_address.clear();
+    tmp.mac_address.clear();
 
-    out_text("DHCP Enabled", (tmp.dhcp_enabled) ? "true" : "false");
-    out_text("DHCP Mode", (tmp.dhcp_mode == 1) ? "active" : "passive");
-    out_text("Link Status", (tmp.link_status) ? "up" : "down");
-    out_text("IP Address", tmp.ip_address, '.', false);
-    out_text("MAC Address", tmp.mac_address, ':');
+    bool hasWireless = cmd_get_lan_interface_settings(tmp, false);
+    if (hasWireless)
+    {
+        out_text("LAN Interface", "wireless");
+        out_text("DHCP Enabled", (tmp.dhcp_enabled) ? "true" : "false");
+        out_text("DHCP Mode", (tmp.dhcp_mode == 1) ? "active" : "passive");
+        out_text("Link Status", (tmp.link_status) ? "up" : "down");
+        out_text("IP Address", tmp.ip_address, '.', false);
+        out_text("MAC Address", tmp.mac_address, ':');
+    }
 
-    return true;
+    if (hasWired || hasWireless)
+    {
+        return true;
+    }
+
+    return false;
 }
 
 bool info_get(const std::string info)
@@ -342,4 +368,4 @@ bool info_get_verify(const std::string info)
     }
 
     return false;
-}
+}

lms.cpp

@@ -15,22 +15,13 @@
 #include <netdb.h>
 #endif
 
-SOCKET lms_connect(bool securePort)
+SOCKET lms_connect()
 {
     std::string lmsAddress = "localhost";
-    std::string lmsPort;
+    std::string lmsPort = "16992";
     SOCKET s = INVALID_SOCKET;
     struct addrinfo *addr, hints;
 
-    if (securePort)
-    {
-        lmsPort = "16993";
-    }
-    else
-    {
-        lmsPort = "16992";
-    }
-
 #ifdef _WIN32
     WSADATA wsa;
     if (WSAStartup(MAKEWORD(2, 2), &wsa) != 0)

lms.h

@@ -28,6 +28,6 @@ static inline int closesocket(int fd)
 #define SD_BOTH SHUT_RDWR
 #endif
 
-SOCKET lms_connect(bool securePort = false);
+SOCKET lms_connect();
 
 #endif

main.cpp

@@ -7,11 +7,12 @@
 #include <thread>
 #include <cpprest/ws_client.h>
 #include <cpprest/json.h>
+#include <algorithm>
 #include "port.h"
 #include "lms.h"
 #include "commands.h"
 #include "activation.h"
-#include "shbc.h"
+#include "heartbeat.h"
 #include "utils.h"
 #include "usage.h"
 #include "args.h"
@@ -62,7 +63,6 @@ int main(int argc, char* argv[])
     std::string arg_info;
     bool arg_verbose = false;
     bool arg_nocertcheck = false;
-    bool secureHostBasedConfig = false;
 
     if (argc == 1)
     {
@@ -186,7 +186,7 @@ int main(int argc, char* argv[])
     memset(&lms_socket, 0, sizeof(SOCKET));
 
     // set receive handler
-    client.set_message_handler([&client, &mx, &cv, &lms_socket, arg_verbose, &secureHostBasedConfig](web::websockets::client::websocket_incoming_message ret_msg)
+    client.set_message_handler([&client, &mx, &cv, &lms_socket, arg_verbose](web::websockets::client::websocket_incoming_message ret_msg)
     {
         // kick the timer
         std::chrono::time_point<std::chrono::system_clock> now = std::chrono::system_clock::now();
@@ -248,56 +248,20 @@ int main(int argc, char* argv[])
                 return;
             }
 
-            if (msgMethod.compare("secure_config_request") == 0)
+            if (msgMethod.compare("heartbeat_request") == 0)
             {
-                std::string certAlgo;
-                std::string certHash;
+                // create the response
+                std::string response;
+                if (!heartbeat_create_response(response)) return;
 
-                // get server configuration
-                try
-                {
-                    tmp = parsed[U("payload")].as_string();
-                    web::json::value parsed_cert_info = web::json::value::parse(tmp);
-
-                    out = parsed_cert_info[U("algorithm")].as_string();
-                    certAlgo = utility::conversions::to_utf8string(out);
-
-                    out = parsed_cert_info[U("hash")].as_string();
-                    certHash = utility::conversions::to_utf8string(out);
-                }
-                catch (...)
-                {
-                    std::cerr << std::endl << "JSON format error. Unable to parse message." << std::endl;
-                    return;
-                }
-                
-                // send secure config request
-                config_host_based_settings server_cert;
-                config_host_based_settings amt_cert;
-                server_cert.algorithm = certAlgo;
-                server_cert.hash = certHash;
-                if (cmd_start_config_host_based(server_cert, amt_cert))
-                {
-                    // create the response
-                    std::string response;
-                    if (!shbc_create_response(amt_cert.algorithm, amt_cert.hash, response)) return;
-
-                    // send it
-                    web::websockets::client::websocket_outgoing_message send_websocket_msg;
-                    std::string send_websocket_buffer(response);
-                    send_websocket_msg.set_utf8_message(send_websocket_buffer);
-                    client.send(send_websocket_msg).wait();
-
-                    // use secure host post for LMS going forward
-                    secureHostBasedConfig = true;
-
-                    return;
-
-                }
+                // send it
+                web::websockets::client::websocket_outgoing_message send_websocket_msg;
+                std::string send_websocket_buffer(response);
+                send_websocket_msg.set_utf8_message(send_websocket_buffer);
+                client.send(send_websocket_msg).wait();
 
                 return;
             }
-            
 
             // process any messages we can
             //   - if success, done
@@ -308,7 +272,22 @@ int main(int argc, char* argv[])
                 g_timeout_val = 0;
 
                 // exit
-                std::cout << std::endl << msgMessage << std::endl;
+                try {
+                    std::cout << std::endl;
+                    utility::string_t tmp = utility::conversions::convertstring(msgMessage);
+                    web::json::value parsed = web::json::value::parse(tmp);
+                    for (const auto& obj : parsed.as_object()) {
+                        std::string key = utility::conversions::to_utf8string(obj.first);
+                        std::string value = utility::conversions::to_utf8string(obj.second.serialize());
+                        value.erase(std::remove(value.begin(), value.end(), '"'), value.end());
+                        std::cout << key << ": " << value << std::endl;
+                    }
+                }
+                catch (...)
+                {
+                    std::cout << std::endl << msgMessage << std::endl;
+                }
+
                 return;
             }
             else if (msgStatus.compare("failed")==0)
@@ -317,7 +296,22 @@ int main(int argc, char* argv[])
                 g_timeout_val = 0;
 
                 // exit
-                std::cout << std::endl << msgMessage << std::endl;
+                try {
+                    std::cout << std::endl;
+                    utility::string_t tmp = utility::conversions::convertstring(msgMessage);
+                    web::json::value parsed = web::json::value::parse(tmp);
+                    for (const auto& obj : parsed.as_object()) {
+                        std::string key = utility::conversions::to_utf8string(obj.first);
+                        std::string value = utility::conversions::to_utf8string(obj.second.serialize());
+                        value.erase(std::remove(value.begin(), value.end(), '"'), value.end());
+                        std::cout << key << ": " << value << std::endl;
+                    }
+                }
+                catch (...)
+                {
+                    std::cout << std::endl << msgMessage << std::endl;
+                }
+
                 return;
             }
 
@@ -349,7 +343,7 @@ int main(int argc, char* argv[])
             try
             {
                 // conntect to lms
-                lms_socket = lms_connect(secureHostBasedConfig);
+                lms_socket = lms_connect();
             }
             catch (...)
             {

scripts/jenkins-build.cmd

@@ -14,7 +14,7 @@ set BASE_DIR=%cd%
 set VCPKG_DIR=C:\opt\vcpkg-source
 
 REM build RPC
-cd %BASE_DIR%/rpc
+
 
 if exist "build" rd /q /s "build"
 
@@ -23,4 +23,4 @@ cd build
 echo %VCPKG_DIR%\vcpkg\scripts\buildsystems\vcpkg.cmake
 cmake -DVCPKG_TARGET_TRIPLET=x64-windows-static -DCMAKE_TOOLCHAIN_FILE=%VCPKG_DIR%\vcpkg\scripts\buildsystems\vcpkg.cmake ..
 cmake --build . --config Release
-dir %BASE_DIR%\rpc\build
+dir %BASE_DIR%\build

scripts/jenkins-build.sh

@@ -5,9 +5,9 @@ set -x
 # Jenkins Build script
 #   - Ubuntu 18.04
 #
-
+export BASE_DIR="$PWD"
 export CMAKE_CXX_FLAGS="-isystem /usr/lib/gcc/x86_64-linux-gnu/7/include"
-cd "$BASE_DIR"/rpc
+
 
 if [ -d "build" ]; then
   rm -rf build
@@ -15,5 +15,5 @@ fi
 
 mkdir build
 cd build
-cmake -DCMAKE_TOOLCHAIN_FILE="$BASE_DIR"/rpc/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_BUILD_TYPE=Release ..
+cmake -DCMAKE_TOOLCHAIN_FILE="$BASE_DIR"/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_BUILD_TYPE=Release ..
 cmake --build .

scripts/jenkins-pre-build.cmd

@@ -15,8 +15,9 @@ set VCPKG_DIR=C:\opt\vcpkg-source
 cd %VCPKG_DIR%
 
 REM build vcpkg
-git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+git clone https://github.com/microsoft/vcpkg.git
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 cmd /c bootstrap-vcpkg.bat
 
 REM install CPPRestSDK

scripts/jenkins-pre-build.sh

@@ -4,15 +4,17 @@
 #   - Ubuntu 18.04
 #
 
-sudo apt install git cmake build-essential curl zip unzip tar pkg-config
+apt update
+apt install git cmake build-essential curl zip unzip tar pkg-config -y
 
 ## current dir - RPC source directory
-export BASE_DIR="$PWD"
+#export BASE_DIR="$PWD"
 
-cd "$BASE_DIR"/rpc
+#cd "$BASE_DIR"/rpc
 ## build vcpkg
-git clone --branch 2020.11-1 https://github.com/microsoft/vcpkg.git
+git -C vcpkg pull || git clone https://github.com/microsoft/vcpkg.git vcpkg
 cd vcpkg
+git checkout 772d435ba18bf2f342458e0187ab7b48b84fe3f0
 ./bootstrap-vcpkg.sh
 
 ## install CPPRestSDK

usage.cpp

@@ -49,15 +49,15 @@ void usage_show_help()
     std::cout << "Examples:"                                                                        << std::endl;
     std::cout << "  # Activate platform using profile1"                                             << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " --url wss://localhost:8080 --cmd \"-t activate --profile profile1\""                       << std::endl;
+       " --url wss://192.168.86.100/activate --cmd \"-t activate --profile profile1\""              << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Activate platform using profile1 and override DNS detection" << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " --url wss://localhost:8080 --cmd \"-t activate --profile profile1\" --dns corp.com"        << std::endl;
+       " --url wss://mycloud.com/activate --cmd \"-t activate --profile profile1\" --dns corp.com"  << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Deactivate platform and connect through a proxy"                              << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " -u wss://localhost:8080 -c \"-t deactivate --password P@ssw0rd\" -p http://proxy.com:1000" << std::endl;
+       " -u wss://mycloud.com/activate -c \"-t deactivate --password P@ssw0rd\" -p http://proxy.com:1000" << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Show all informational items"                                                 << std::endl;
     std::cout << "  " << PROJECT_NAME << " --amtinfo all"                                           << std::endl;

utils.cpp

@@ -57,30 +57,3 @@ bool util_format_uuid(std::vector<unsigned char> uuid_bytes, std::string& uuid_s
     return true;
 }
 
-bool util_hex_string_to_bytes(std::string hex_string, std::vector<char>& hex_bytes)
-{
-    hex_bytes.clear();
-
-    for (int i = 0; i < hex_string.length(); i += 2) 
-    {
-        std::string byte_string = hex_string.substr(i, 2);
-        char value = (char)strtol(byte_string.c_str(), NULL, 16);
-        hex_bytes.push_back(value);
-    }
-    
-    return true;
-}
-
-bool util_bytes_to_hex_string(std::vector<char> hex_bytes, std::string& hex_string)
-{
-    hex_string.clear();
-
-    for (char hex_char : hex_bytes)
-    {
-        char hex[10];
-        snprintf(hex, 10, "%02x", hex_char);
-        hex_string += hex;
-    }
-    
-    return true;
-}

utils.h

@@ -13,7 +13,5 @@ std::string util_encode_base64(std::string str);
 std::string util_decode_base64(std::string str);
 bool util_is_printable(std::string str);
 bool util_format_uuid(std::vector<unsigned char> uuid_bytes, std::string& uuid_string);
-bool util_hex_string_to_bytes(std::string hex_string, std::vector<char>& hex_bytes);
-bool util_bytes_to_hex_string(std::vector<char> hex_bytes, std::string& hex_string);
 
 #endif