├── server
    ├── problems.py
    ├── favicon.ico
    ├── static
    │   ├── dist
    │   │   ├── fonts
    │   │   │   ├── glyphicons-halflings-regular.eot
    │   │   │   ├── glyphicons-halflings-regular.ttf
    │   │   │   └── glyphicons-halflings-regular.woff
    │   │   ├── css
    │   │   │   ├── site-template.css
    │   │   │   ├── bootstrap-theme.min.css
    │   │   │   ├── bootstrap-theme.css
    │   │   │   └── bootstrap-theme.css.map
    │   │   ├── js
    │   │   │   ├── setup.js
    │   │   │   ├── main.js
    │   │   │   ├── populate.js
    │   │   │   ├── mustache.min.js
    │   │   │   └── bootstrap.min.js
    │   │   └── LICENSE
    │   ├── devices.mustache.html
    │   └── index.html
    ├── xactn.log
    ├── Manifest.plist.template
    ├── LICENSE
    ├── README
    ├── Example.mobileconfig
    ├── device.py
    └── server.py
├── images
    ├── certPortal.png
    ├── deviceEnroll.jpg
    ├── enrollConfig.png
    ├── enrollExport.png
    └── commandSuccess.png
├── .gitmodules
├── references
    ├── InsideAppleMDM.pdf
    └── CommandReference.pdf
├── scripts
    ├── vendor_signing.bat
    ├── vendor_signing.sh
    ├── server.cnf
    ├── README_WINDOWS.txt
    ├── make_certs.bat
    └── make_certs.sh
├── client-reporting
    ├── client-reporting.xcodeproj
    │   ├── xcuserdata
    │   │   └── gblack.xcuserdatad
    │   │   │   ├── xcdebugger
    │   │   │       └── Breakpoints.xcbkptlist
    │   │   │   └── xcschemes
    │   │   │       ├── xcschememanagement.plist
    │   │   │       └── client-reporting.xcscheme
    │   ├── project.xcworkspace
    │   │   ├── contents.xcworkspacedata
    │   │   └── xcuserdata
    │   │   │   └── gblack.xcuserdatad
    │   │   │       └── UserInterfaceState.xcuserstate
    │   └── project.pbxproj
    └── client-reporting
    │   ├── client-reporting-Prefix.pch
    │   ├── client_reporting.h
    │   └── client_reporting.m
├── .gitignore
└── README.md


/server/problems.py:
--------------------------------------------------------------------------------
1 | problems = []
2 | 


--------------------------------------------------------------------------------
/server/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/server/favicon.ico


--------------------------------------------------------------------------------
/images/certPortal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/images/certPortal.png


--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "vendor"]
2 | 	path = vendor
3 | 	url = git://github.com/grinich/mdmvendorsign
4 | 


--------------------------------------------------------------------------------
/images/deviceEnroll.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/images/deviceEnroll.jpg


--------------------------------------------------------------------------------
/images/enrollConfig.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/images/enrollConfig.png


--------------------------------------------------------------------------------
/images/enrollExport.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/images/enrollExport.png


--------------------------------------------------------------------------------
/images/commandSuccess.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/images/commandSuccess.png


--------------------------------------------------------------------------------
/references/InsideAppleMDM.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/references/InsideAppleMDM.pdf


--------------------------------------------------------------------------------
/references/CommandReference.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/references/CommandReference.pdf


--------------------------------------------------------------------------------
/server/static/dist/fonts/glyphicons-halflings-regular.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/server/static/dist/fonts/glyphicons-halflings-regular.eot


--------------------------------------------------------------------------------
/server/static/dist/fonts/glyphicons-halflings-regular.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/server/static/dist/fonts/glyphicons-halflings-regular.ttf


--------------------------------------------------------------------------------
/server/static/dist/fonts/glyphicons-halflings-regular.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/server/static/dist/fonts/glyphicons-halflings-regular.woff


--------------------------------------------------------------------------------
/scripts/vendor_signing.bat:
--------------------------------------------------------------------------------
1 | cd ../vendor-signing/com/softhinker
2 | javac -cp "../../lib/dom4j-1.6.1.jar;./" Test.java 
3 | cd ../../
4 | java -cp "./lib/dom4j-1.6.1.jar;./" com.softhinker.Test
5 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/xcuserdata/gblack.xcuserdatad/xcdebugger/Breakpoints.xcbkptlist:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <Bucket
3 |    type = "1"
4 |    version = "1.0">
5 | </Bucket>
6 | 


--------------------------------------------------------------------------------
/scripts/vendor_signing.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | cd ../vendor-signing/com/softhinker
4 | javac -cp "../../lib/dom4j-1.6.1.jar:./" Test.java 
5 | cd ../../
6 | java -cp "./lib/dom4j-1.6.1.jar:./" com.softhinker.Test
7 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting/client-reporting-Prefix.pch:
--------------------------------------------------------------------------------
1 | //
2 | // Prefix header for all source files of the 'client-reporting' target in the 'client-reporting' project
3 | //
4 | 
5 | #ifdef __OBJC__
6 |     #import <Foundation/Foundation.h>
7 | #endif
8 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/project.xcworkspace/contents.xcworkspacedata:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <Workspace
3 |    version = "1.0">
4 |    <FileRef
5 |       location = "self:client-reporting.xcodeproj">
6 |    </FileRef>
7 | </Workspace>
8 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/project.xcworkspace/xcuserdata/gblack.xcuserdatad/UserInterfaceState.xcuserstate:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/project-imas/mdm-server/HEAD/client-reporting/client-reporting.xcodeproj/project.xcworkspace/xcuserdata/gblack.xcuserdatad/UserInterfaceState.xcuserstate


--------------------------------------------------------------------------------
/server/static/dist/css/site-template.css:
--------------------------------------------------------------------------------
 1 | body {
 2 |     padding-top: 50px;
 3 | }
 4 | .success{
 5 |     color: #468847;
 6 | }
 7 | .warning{
 8 |     color: #F89406;
 9 | }
10 | .danger{
11 |     color: #B94A48;
12 | }
13 | .site-template {
14 |     padding: 40px 15px;
15 |     text-align: center;
16 | }
17 | 


--------------------------------------------------------------------------------
/scripts/server.cnf:
--------------------------------------------------------------------------------
1 | [ ssl_server ]
2 | basicConstraints        = CA:FALSE
3 | nsCertType              = server
4 | keyUsage                = digitalSignature, keyEncipherment
5 | extendedKeyUsage        = serverAuth, nsSGC, msSGC
6 | #nsComment               = "OpenSSL Certificate for SSL Web Server"
7 | subjectAltName          = IP:<SERVER_IP>,DNS:<SERVER_IP>,URI:https://<SERVER_IP>:8080/
8 | 
9 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # Python related files
 2 | server/*.pyc
 3 | 
 4 | # Logs/storage with possible sensitive information
 5 | server/xactn.log
 6 | server/devicelist.pickle
 7 | 
 8 | # Certs with sensitive information
 9 | server/CA.crt
10 | server/Enroll.mobileconfig
11 | server/Identity.p12
12 | server/PushCert.pem
13 | server/Server.*
14 | server/identity.crt
15 | 
16 | # Custom payloads
17 | server/Manifest.plist
18 | server/MyApp.*
19 | 


--------------------------------------------------------------------------------
/scripts/README_WINDOWS.txt:
--------------------------------------------------------------------------------
 1 | STEP 1) Download Openssl and add the folder to system path.
 2 | Make sure that openSSL can be executed from any directory
 3 | 
 4 | STEP 2) Update server.cnf with your IP address or hostname.  Replace <SERVER_IP> with this information.
 5 | 
 6 | Step 3)
 7 | Run make_certs.bat
 8 | 
 9 | You will be guided with 8 different steps.
10 | 
11 | After this you could follow the other guidelines give. There is no more OS dependancy.
12 | 
13 | 


--------------------------------------------------------------------------------
/server/xactn.log:
--------------------------------------------------------------------------------
 1 | ## transaction log
 2 | ## this will get filled up with timestamped JSON strings showing commands
 3 | ##    issued by the server, and requests/responses from the client.
 4 | ## 
 5 | ## Be careful, this will likely include sensitive information, like
 6 | ##   * Device Tokens
 7 | ##   * Devie Unlock Tokens
 8 | ##   * Push Certificate Topic (not super sensitive, but still)
 9 | ##   * Device information (UDID, phone numbers, blah blah blah)
10 | ##
11 | ## So if you want to send this to anyone, SCRUB IT FIRST
12 | ##
13 | 
14 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting/client_reporting.h:
--------------------------------------------------------------------------------
 1 | //
 2 | //  client_reporting.h
 3 | //  client-reporting
 4 | //
 5 | //  Created by Black, Gavin S. on 12/20/13.
 6 | //  Copyright (c) 2013 Black, Gavin S. All rights reserved.
 7 | //
 8 | 
 9 | #import <Foundation/Foundation.h>
10 | #import <CoreLocation/CoreLocation.h>
11 | 
12 | 
13 | @interface client_reporting : NSObject
14 | +(void) setHostAddress: (NSString*) host;
15 | +(void) setPause : (BOOL) toggle;
16 | 
17 | 
18 | +(void) reportJailbreak;
19 | +(void) reportDebugger;
20 | +(void) reportLocation : (CLLocationCoordinate2D*) coords;
21 | 
22 | 
23 | @end
24 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/xcuserdata/gblack.xcuserdatad/xcschemes/xcschememanagement.plist:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 3 | <plist version="1.0">
 4 | <dict>
 5 | 	<key>SchemeUserState</key>
 6 | 	<dict>
 7 | 		<key>client-reporting.xcscheme</key>
 8 | 		<dict>
 9 | 			<key>orderHint</key>
10 | 			<integer>0</integer>
11 | 		</dict>
12 | 	</dict>
13 | 	<key>SuppressBuildableAutocreation</key>
14 | 	<dict>
15 | 		<key>3E90E0181864F60400155CB7</key>
16 | 		<dict>
17 | 			<key>primary</key>
18 | 			<true/>
19 | 		</dict>
20 | 	</dict>
21 | </dict>
22 | </plist>
23 | 


--------------------------------------------------------------------------------
/server/static/dist/js/setup.js:
--------------------------------------------------------------------------------
 1 | function update_cmds(){
 2 |   // Populate command list
 3 |   $.post("/getcommands", function(cmd_list){
 4 |     cmds = JSON.parse(cmd_list);
 5 |     x = document.getElementById("commands");
 6 |     x.options.length = 0
 7 |     x.options[x.options.length] = new Option("Select Command", "", true, false);
 8 |     for(i=0;i<cmds.length;i++){
 9 |       x.options[x.options.length] = new Option(cmds[i][0], cmds[i][1]);
10 |     }
11 |   });
12 | }
13 | 
14 | function checkDevice(){
15 |   // Returns true if site is accessed using an iDevice
16 |   var agent = navigator.userAgent;
17 |   if (agent.match(/(iPhone|iPod|iPad)/)){
18 |     return true;
19 |   }
20 |   return false;
21 | }
22 | 


--------------------------------------------------------------------------------
/server/Manifest.plist.template:
--------------------------------------------------------------------------------
 1 | <plist version="1.0">
 2 |   <dict>
 3 |     <key>items</key>
 4 |     <array>
 5 |       <dict>
 6 |         <key>assets</key>
 7 |         <array>
 8 |           <dict>
 9 |             <key>kind</key>
10 |             <string>software-package</string>
11 |             <key>url</key>
12 |             <string>https://*** SERVER_IP ***:8080/app</string>
13 |           </dict>
14 |         </array>
15 |         <key>metadata</key>
16 |         <dict>
17 |           <key>bundle-identifier</key>
18 |           <string>*** APPLICATION BUNDLE ID (like com.example.myapp) ***</string>
19 |           <key>bundle-version</key>
20 |           <string>1.0.0</string>
21 |           <key>kind</key>
22 |           <string>software</string>
23 |           <key>subtitle</key>
24 |           <string></string>
25 |           <key>title</key>
26 |           <string>*** APP NAME ***</string>
27 |         </dict>
28 |       </dict>
29 |     </array>
30 |   </dict>
31 | </plist>
32 | 


--------------------------------------------------------------------------------
/server/static/dist/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2011-2014 Twitter, Inc
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in
13 | all copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | THE SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/server/static/dist/js/main.js:
--------------------------------------------------------------------------------
 1 | $(document).ready(function(){
 2 |   // Initial setup
 3 |   update_cmds()
 4 | 
 5 |   // Start polling
 6 |   populate_devices();
 7 |   setInterval(populate_devices, 2000);
 8 | 
 9 |   // Check for device-specific content and enable if applicable
10 |   if(checkDevice()){
11 |     document.getElementById("showEnroll").style.display="block";
12 |     document.getElementById("showCert").style.display="block";
13 |   }
14 | 
15 |   // Submit button functionality
16 |   $("#submitcmd").click(function(event){
17 |     var checked_devices = [];
18 | 
19 |     // Get all selected devices
20 |     $(".row_box").each(function(){
21 |       if(this.checked){
22 |         checked_devices.push($(this).closest(".panel").attr("id"));
23 |       }
24 |     });
25 | 
26 |     // Input checking.
27 |     if ($("#commands").val()==0){
28 |       alert("Please choose a command.");
29 |     }
30 |     else if (checked_devices.length==0){
31 |       alert("Please choose one or more devices.");
32 |     }
33 |     else{
34 |       // Send AJAX request
35 |       // Variable to pass all necessary data to server
36 |       var parameters = {
37 |         "cmd":$("#commands").val(),
38 |         "dev[]":checked_devices
39 |       };
40 | 
41 |       // Use stringify to fix odd error with passing just parameters
42 |       $.post("/queue", JSON.stringify(parameters), function(){});
43 |     }
44 |   });
45 | });
46 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting/client_reporting.m:
--------------------------------------------------------------------------------
 1 | //
 2 | //  client_reporting.m
 3 | //  client-reporting
 4 | //
 5 | //  Created by Black, Gavin S. on 12/20/13.
 6 | //  Copyright (c) 2013 Black, Gavin S. All rights reserved.
 7 | //
 8 | 
 9 | #import "client_reporting.h"
10 | 
11 | @implementation client_reporting
12 | 
13 | static NSString* mdmAddress = @"";
14 | static BOOL doPause = NO;
15 | 
16 | +(void) setHostAddress: (NSString*) host {
17 |    mdmAddress = [NSString stringWithFormat:@"https://%@/reporting/?type=", host];
18 | }
19 | 
20 | +(void) setPause : (BOOL) toggle {
21 |     doPause = toggle;
22 | }
23 | 
24 | +(void) makeCall : (NSString*) urlStr {
25 |     NSURL* url = [NSURL URLWithString:urlStr];
26 |     [NSURLRequest requestWithURL:url];
27 |     if(doPause) [NSThread sleepForTimeInterval:2.5];
28 | }
29 | 
30 | +(void) reportJailbreak {
31 |     [self makeCall:[NSString stringWithFormat:@"%@jailbreak", mdmAddress]];
32 | }
33 | 
34 | +(void) reportDebugger {
35 |     [self makeCall:[NSString stringWithFormat:@"%@debugger", mdmAddress]];
36 | }
37 | 
38 | +(void) reportLocation : (CLLocationCoordinate2D*) coords {
39 |     NSString *latitude = [NSString stringWithFormat:@"%f", coords->latitude];
40 |     NSString *longitude = [NSString stringWithFormat:@"%f", coords->longitude];
41 |     
42 |     [self makeCall:[NSString stringWithFormat:@"%@location&lat=%@&lon=%@", mdmAddress, latitude, longitude]];
43 | }
44 | 
45 | 
46 | 
47 | 
48 | @end
49 | 


--------------------------------------------------------------------------------
/server/LICENSE:
--------------------------------------------------------------------------------
 1 | Copyright (c) 2011-2012, Intrepidus Group
 2 | All rights reserved.
 3 | 
 4 | Redistribution and use in source and binary forms, with or without 
 5 | modification, are permitted provided that the following conditions are met:
 6 | 
 7 | Redistributions of source code must retain the above copyright notice, this 
 8 | list of conditions and the following disclaimer.
 9 | 
10 | Redistributions in binary form must reproduce the above copyright notice, 
11 | this list of conditions and the following disclaimer in the documentation 
12 | and/or other materials provided with the distribution.
13 | 
14 | Neither the name of the authors, nor Intrepidus Group, nor the names of its 
15 | contributors may be used to endorse or promote products derived from this 
16 | software without specific prior written permission.
17 | 
18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
21 | ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 
22 | LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
23 | CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
24 | SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
25 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
26 | CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
27 | ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
28 | POSSIBILITY OF SUCH DAMAGE.
29 | 
30 | 


--------------------------------------------------------------------------------
/server/README:
--------------------------------------------------------------------------------
 1 | For more documentation, please see the README file located in the root directory of this repository.
 2 | 
 3 | 
 4 |  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 5 |                               Important  Files
 6 |  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 7 | 
 8 | 
 9 | [required, included]
10 | favicon.ico             Replace with your website's icon
11 | server.py               The server itself
12 | device.py               A device class to support the server
13 | xactn.log               Log of commands and responses [initially empty]
14 | 
15 | certs/make_certs.sh     Script to create the various certs and
16 |                         keys you'll need (uses OpenSSL)
17 | 
18 | [required, need to get/create manually]
19 | PushCert.pem            Certificate and private key (no passphrase) for APNS
20 |                         See README in root directory for more instructions
21 | Enroll.mobileconfig     Use IPCU to create profile with MDM payload,
22 |                         used to enroll devices
23 | 
24 | 
25 | [required, created by make_cert.sh]
26 | CA.crt                  CA certificate used to sign the server cert
27 |                         [load onto device]
28 | Server.key              Private key (no passphrase) for SSL server
29 | Server.crt              Certificate for SSL server
30 | Identity.p12            Device identity cert (for MDM enrollment profile)
31 | 
32 | 
33 | [optional, to test installing custom apps]
34 | Example.mobileconfig    Sample profile to install (disables certain apps, etc.)
35 | MyApp.ipa               Bundle for a custom iOS app
36 | MyApp.mobileprovision   Mobile provisioning profile for the custom app
37 | Manifest.plist          Simple manifest for custom app 
38 |                         [Manifest.plist.template provided]
39 | 


--------------------------------------------------------------------------------
/server/static/dist/js/populate.js:
--------------------------------------------------------------------------------
 1 | // Global variable to avoid changing device list if there are no changes to it
 2 | var checksum = ''
 3 | 
 4 | function populate_devices(){
 5 |   // Populates device accordion using data from server
 6 |   $.post("/devices", function(raw){
 7 | 
 8 |     //  Check if any changes have been made        
 9 |     if(checksum == JSON.stringify(raw)){
10 |       return;
11 |     }
12 |     else{
13 |       checksum = JSON.stringify(raw);
14 |     }
15 | 
16 |     // Use mustache to populate the accordion
17 |     $.get("devices.mustache.html", function(template){
18 |       var rendered = Mustache.render(template, jQuery.parseJSON(raw));
19 |       $('#accordion').html(rendered);
20 | 
21 |       // Set response button on click to update the modal
22 |       $(".response-btn").click(function(event){
23 |         // Get device UDID and command UUID
24 |         var udid = $(this).closest(".panel").attr("id");
25 |         var uuid = $(this).attr("id");
26 | 
27 |         // Access /response to get the response string
28 |         $.post("/response", JSON.stringify({"UDID":udid, "UUID":uuid}), function(data){
29 |           $("#modal_body").html(data);
30 |         });
31 |       });
32 | 
33 |       // Puts HTML content inside the popover
34 |       $(".trigger").popover({
35 |         html: true,
36 |         title: function () {
37 |           return $(this).parent().find('.head').html();
38 |         },
39 |         content: function () {
40 |           return $(this).parent().find('.content').html();
41 |         }
42 |       });
43 | 
44 |       // Submit input group when submit button clicked
45 |       $('body').on('click', '.popover-submit', function(){
46 |         // Get UDID and form values
47 |         var udid = $(this).attr("id");
48 |         var name = $(this).parent().find("#input-name").val();
49 |         var owner = $(this).parent().find("#owner-name").val();
50 |         var location = $(this).parent().find("#location-name").val();
51 | 
52 |         // POST data to /metadata endpoint
53 |         $.post("/metadata", JSON.stringify({"UDID":udid,"name":name,"owner":owner,"location":location}), function(){});
54 | 
55 |         $("#metadatapopover".concat(udid)).popover("hide");
56 |       });
57 | 
58 |     });
59 |   });
60 | }
61 | 


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/xcuserdata/gblack.xcuserdatad/xcschemes/client-reporting.xcscheme:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <Scheme
 3 |    LastUpgradeVersion = "0460"
 4 |    version = "1.3">
 5 |    <BuildAction
 6 |       parallelizeBuildables = "YES"
 7 |       buildImplicitDependencies = "YES">
 8 |       <BuildActionEntries>
 9 |          <BuildActionEntry
10 |             buildForTesting = "YES"
11 |             buildForRunning = "YES"
12 |             buildForProfiling = "YES"
13 |             buildForArchiving = "YES"
14 |             buildForAnalyzing = "YES">
15 |             <BuildableReference
16 |                BuildableIdentifier = "primary"
17 |                BlueprintIdentifier = "3E90E0181864F60400155CB7"
18 |                BuildableName = "libclient-reporting.a"
19 |                BlueprintName = "client-reporting"
20 |                ReferencedContainer = "container:client-reporting.xcodeproj">
21 |             </BuildableReference>
22 |          </BuildActionEntry>
23 |       </BuildActionEntries>
24 |    </BuildAction>
25 |    <TestAction
26 |       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
27 |       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
28 |       shouldUseLaunchSchemeArgsEnv = "YES"
29 |       buildConfiguration = "Debug">
30 |       <Testables>
31 |       </Testables>
32 |    </TestAction>
33 |    <LaunchAction
34 |       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
35 |       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
36 |       launchStyle = "0"
37 |       useCustomWorkingDirectory = "NO"
38 |       buildConfiguration = "Debug"
39 |       ignoresPersistentStateOnLaunch = "NO"
40 |       debugDocumentVersioning = "YES"
41 |       allowLocationSimulation = "YES">
42 |       <AdditionalOptions>
43 |       </AdditionalOptions>
44 |    </LaunchAction>
45 |    <ProfileAction
46 |       shouldUseLaunchSchemeArgsEnv = "YES"
47 |       savedToolIdentifier = ""
48 |       useCustomWorkingDirectory = "NO"
49 |       buildConfiguration = "Release"
50 |       debugDocumentVersioning = "YES">
51 |    </ProfileAction>
52 |    <AnalyzeAction
53 |       buildConfiguration = "Debug">
54 |    </AnalyzeAction>
55 |    <ArchiveAction
56 |       buildConfiguration = "Release"
57 |       revealArchiveInOrganizer = "YES">
58 |    </ArchiveAction>
59 | </Scheme>
60 | 


--------------------------------------------------------------------------------
/server/Example.mobileconfig:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 3 | <plist version="1.0">
 4 | <dict>
 5 | 	<key>PayloadContent</key>
 6 | 	<array>
 7 | 		<dict>
 8 | 			<key>PayloadDescription</key>
 9 | 			<string>Configures device restrictions.</string>
10 | 			<key>PayloadDisplayName</key>
11 | 			<string>Restrictions</string>
12 | 			<key>PayloadIdentifier</key>
13 | 			<string>com.intrepidusgroup.djs.test.simple.restrictions</string>
14 | 			<key>PayloadOrganization</key>
15 | 			<string></string>
16 | 			<key>PayloadType</key>
17 | 			<string>com.apple.applicationaccess</string>
18 | 			<key>PayloadUUID</key>
19 | 			<string>77D2FFB1-C010-4220-A3D9-BFE4B3EF99FD</string>
20 | 			<key>PayloadVersion</key>
21 | 			<integer>1</integer>
22 | 			<key>allowAddingGameCenterFriends</key>
23 | 			<true/>
24 | 			<key>allowAppInstallation</key>
25 | 			<true/>
26 | 			<key>allowCamera</key>
27 | 			<true/>
28 | 			<key>allowExplicitContent</key>
29 | 			<true/>
30 | 			<key>allowGlobalBackgroundFetchWhenRoaming</key>
31 | 			<true/>
32 | 			<key>allowInAppPurchases</key>
33 | 			<true/>
34 | 			<key>allowMultiplayerGaming</key>
35 | 			<true/>
36 | 			<key>allowSafari</key>
37 | 			<true/>
38 | 			<key>allowScreenShot</key>
39 | 			<false/>
40 | 			<key>allowVideoConferencing</key>
41 | 			<true/>
42 | 			<key>allowVoiceDialing</key>
43 | 			<true/>
44 | 			<key>allowYouTube</key>
45 | 			<true/>
46 | 			<key>allowiTunes</key>
47 | 			<true/>
48 | 			<key>forceEncryptedBackup</key>
49 | 			<false/>
50 | 			<key>ratingApps</key>
51 | 			<integer>1000</integer>
52 | 			<key>ratingMovies</key>
53 | 			<integer>1000</integer>
54 | 			<key>ratingRegion</key>
55 | 			<string>us</string>
56 | 			<key>ratingTVShows</key>
57 | 			<integer>1000</integer>
58 | 		</dict>
59 | 	</array>
60 | 	<key>PayloadDescription</key>
61 | 	<string>Very simple profile to test restrictions.</string>
62 | 	<key>PayloadDisplayName</key>
63 | 	<string>Very Simple Restriction Test</string>
64 | 	<key>PayloadIdentifier</key>
65 | 	<string>com.intrepidusgroup.djs.test.simple</string>
66 | 	<key>PayloadOrganization</key>
67 | 	<string></string>
68 | 	<key>PayloadRemovalDisallowed</key>
69 | 	<false/>
70 | 	<key>PayloadType</key>
71 | 	<string>Configuration</string>
72 | 	<key>PayloadUUID</key>
73 | 	<string>2D9490F4-E890-4B37-9062-7095FEF0E482</string>
74 | 	<key>PayloadVersion</key>
75 | 	<integer>1</integer>
76 | </dict>
77 | </plist>
78 | 


--------------------------------------------------------------------------------
/scripts/make_certs.bat:
--------------------------------------------------------------------------------
 1 | @echo off
 2 | choice /m "Do you have CA?"
 3 | IF ERRORLEVEL 2 GOTO BUILDCA
 4 | IF ERRORLEVEL 1 GOTO INBUILTCA
 5 | :BUILDCA
 6 | 
 7 | echo 1. Creating Certificate Authority (CA)
 8 | echo For 'Common Name' enter something like 'MDM Test CA
 9 | openssl req -new -x509 -extensions v3_ca -keyout cakey.key -out cacert.crt -days 365
10 | 
11 | :CONT
12 | echo 2. Creating the Web Server private key and certificate request
13 | echo  For 'Common Name' enter your server's IP address
14 | openssl genrsa 2048 > server.key
15 | openssl req -new -key server.key -out server.csr 
16 | 
17 | echo 3. Signing the server key with the CA. You'll the CA passphrase from step 1.
18 | openssl x509 -req -days 365 -in server.csr -CA cacert.crt -CAkey cakey.key -CAcreateserial -out server.crt -extfile .\server.cnf -extensions ssl_server
19 | 
20 | echo 4. Creating the device Identity key and certificate request.
21 | openssl genrsa 2048 > identity.key
22 | openssl req -new -key identity.key -out identity.csr
23 | 
24 | echo 5. Signing the identity key with the CA. You'll the CA passphrase from step 1.
25 | echo ** Give it a passphrase. You'll need to include that in the IPCU profile.
26 | openssl x509 -req -days 365 -in identity.csr -CA cacert.crt -CAkey cakey.key -CAcreateserial -out identity.crt
27 | openssl pkcs12 -export -out identity.p12 -inkey identity.key -in identity.crt -certfile cacert.crt
28 | 
29 | 
30 | echo 6. Copying keys and certs to server folder
31 | copy server.key ..\server\Server.key
32 | copy server.crt ..\server\Server.crt
33 | copy cacert.crt ..\server\CA.crt
34 | copy identity.crt ..\server\identity.crt
35 | copy identity.p12 ..\server\Identity.p12
36 | 
37 | 
38 | #echo  7. Generating keys and certs for plist generation
39 | #openssl req -inform pem -outform der -in identity.csr -out customer.der
40 | ## Rename identity.csr to be used with the iOS Provisioning Portal
41 | #rename identity.csr customer.csr
42 | 
43 | #copy Identity.p12 ..\vendor-signing\com\softhinker\vendor.p12
44 | #copy customer.der ..\vendor-signing\com\softhinker\customer.der
45 | 
46 | #echo 8. Making the Apple Certificate useble by python
47 | #openssl x509 -inform der -in AppleWWDRCA.cer -out intermediate.pem
48 | #openssl x509 -inform der -in AppleIncRootCertificate.cer -out root.pem
49 | 
50 | #cp intermediate.pem ..\..\vendor-signing\com\softhinker\intermediate.pem
51 | #cp root.pem ..\..\vendor-signing\com\softhinker\root.pem
52 | 
53 | echo DONE!!
54 | goto end
55 | 
56 | :INBUILTCA
57 | echo place CA Certificate and CA Key and then press enter. NOTE: you should have the password of the certificate.
58 | 
59 | @pause
60 | goto CONT
61 | 
62 | :end
63 | @pause
64 | 


--------------------------------------------------------------------------------
/server/static/devices.mustache.html:
--------------------------------------------------------------------------------
 1 | {{#devices}}
 2 | <div class="panel panel-{{status}}" id="{{UDID}}">
 3 |   <div class="panel-heading">
 4 |     <h4 class="panel-title">
 5 |       <div class="col-sm-1">
 6 |         <input class="row_box" UDID="{{UDID}}" type="checkbox" name="box" />
 7 |       </div>
 8 |       <a data-toggle="collapse" data-parent="#accordion" href="#collapse{{UDID}}">
 9 |         <div class="row">
10 |           <div class="col-sm-4 {{status}}">{{name}}</div>
11 |           <div class="col-sm-3 {{status}}">{{owner}}</div>
12 |           <div class="col-sm-2 {{status}}">{{location}}</div>
13 |           <div class="col-sm-1">
14 |             <a data-toggle="popover" data-container="body" href="#popover{{UDID}}" id="metadatapopover{{UDID}}" class="trigger">
15 |               <span class="glyphicon glyphicon-pencil"/>
16 |             </a>
17 |             <div class="popover-markup" id="popover{{UDID}}">
18 |               <div class="head hide">Edit Metadata:</div>
19 |               <div class="content hide">
20 |                 <div class="form-group">
21 |                   Device name:<input type="text" class="form-control" id="input-name" value="{{name}}" maxlength="32"/>
22 |                   Device owner:<input type="text" class="form-control" id="owner-name" value="{{owner}}" maxlength="32"/>
23 |                   Assigned location:<input type="text" class="form-control" id="location-name" value="{{location}}" maxlength="32"/>
24 |                 </div>
25 |                 <button type="submit" class="btn btn-sm btn-primary popover-submit" id="{{UDID}}">Submit</button>
26 |                 <button data-toggle="clickover" class="btn btn-sm btn-primary" onclick='$("#metadatapopover{{UDID}}").popover("hide");'>Cancel</button>
27 |               </div>
28 |             </div>
29 |           </div><!--End col-sm-1-->
30 |         </div>
31 |       </a>
32 |     </h4>
33 |   </div>
34 |   <div class="panel-collapse collapse" id="collapse{{UDID}}">
35 |     <div class="panel-body">
36 |       <div class="col-sm-1"></div>
37 |       <div class="col-sm-4">UDID:<br>{{UDID}}</div>
38 |       <div class="col-sm-3">IP:<br>{{ip}}</div>
39 |       <div class="col-sm-3"><span class="glyphicon glyphicon-globe"></span> {{geo}}</div>
40 |     </div>
41 | 
42 |     <table class="table table-condensed">
43 |       <thead>
44 |         <tr>
45 |           <th>Status</th>
46 |           <th>Command</th>
47 |           <th>Options</th>
48 |         </tr>
49 |       </thead>
50 |       <tbody>
51 | {{#commands}}
52 |         <tr id="command{{response.CommandUUID}}">
53 |           <td><span class="glyphicon {{status}} glyphicon-certificate"></span></td>
54 |           <td>{{cmd.Command.RequestType}}</td>
55 |           <td><button type="button" class="btn btn-xs btn-primary response-btn" id="{{response.CommandUUID}}" data-toggle="modal" data-target="#modal">Response</button></td>
56 |         </tr>
57 | {{/commands}}
58 |       </tbody>
59 |     </table>
60 |   </div>
61 | </div>
62 | {{/devices}}
63 | 


--------------------------------------------------------------------------------
/scripts/make_certs.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | echo ""
 4 | echo "Setting up server.cnf."
 5 | echo "Please enter the Hostname or IP address of your server."
 6 | read IP
 7 | sed -i -e "s/<SERVER_IP>/$IP/g" server.cnf
 8 | echo "Done."
 9 | echo ""
10 | 
11 | echo ""
12 | echo "Setting up certificates for MDM server testing!"
13 | echo ""
14 | echo "1. Creating Certificate Authority (CA)"
15 | echo " ** For 'Common Name' enter something like 'MDM Test CA'"
16 | echo " ** Create and a remember the PEM pass phrase for use later on"
17 | echo ""
18 | openssl req -new -x509 -extensions v3_ca -keyout cakey.key -out cacert.crt -days 365
19 | 
20 | echo ""
21 | echo "2. Creating the Web Server private key and certificate request"
22 | echo " ** For 'Common Name' enter your server's IP address **"
23 | echo ""
24 | openssl genrsa 2048 > server.key
25 | openssl req -new -key server.key -out server.csr 
26 | 
27 | echo ""
28 | echo "3. Signing the server key with the CA. You'll use the PEM pass phrase from step 1."
29 | echo ""
30 | openssl x509 -req -days 365 -in server.csr -CA cacert.crt -CAkey cakey.key -CAcreateserial -out server.crt -extfile ./server.cnf -extensions ssl_server
31 | 
32 | 
33 | 
34 | echo ""
35 | echo "4. Creating the device Identity key and certificate request"
36 | echo " ** For 'Common Name' enter something like 'my device'"
37 | echo ""
38 | openssl genrsa 2048 > identity.key
39 | openssl req -new -key identity.key -out identity.csr
40 | 
41 | echo ""
42 | echo "5. Signing the identity key with the CA. You'll the PEM pass phrase from step 1."
43 | echo " ** Create an export passphrase. You'll need to include it in the IPCU profile."
44 | echo ""
45 | openssl x509 -req -days 365 -in identity.csr -CA cacert.crt -CAkey cakey.key -CAcreateserial -out identity.crt
46 | openssl pkcs12 -export -out identity.p12 -inkey identity.key -in identity.crt -certfile cacert.crt
47 | 
48 | 
49 | 
50 | echo ""
51 | echo "6. Copying keys and certs to server folder"
52 | # Move relevant certs to the /server/ directory
53 | mv server.key ../server/Server.key
54 | mv server.crt ../server/Server.crt
55 | mv cacert.crt ../server/CA.crt
56 | mv identity.crt ../server/identity.crt
57 | cp identity.p12 ../server/Identity.p12
58 | 
59 | #######################################
60 | # Removed with softhinker vendor code #
61 | #######################################
62 | 
63 | #echo "7. Generating keys and certs for plist generation"
64 | #echo ""
65 | #openssl req -inform pem -outform der -in identity.csr -out customer.der
66 | # Rename identity.csr to be used with the iOS Provisioning Portal
67 | #mv identity.csr customer.csr
68 | 
69 | #echo ""
70 | #echo "8. Getting Apple certificates online"
71 | #curl https://developer.apple.com/certificationauthority/AppleWWDRCA.cer -ko AppleWWDRCA.cer
72 | #curl http://www.apple.com/appleca/AppleIncRootCertificate.cer -o AppleIncRootCertificate.cer
73 | #openssl x509 -inform der -in AppleWWDRCA.cer -out intermediate.pem
74 | #openssl x509 -inform der -in AppleIncRootCertificate.cer -out root.pem
75 | 
76 | # Move relevant files for use in softhinker vendor-signing
77 | # Need to manually generate and move mdm.pem
78 | #mv intermediate.pem ../vendor-signing/com/softhinker/intermediate.pem
79 | #mv root.pem ../vendor-signing/com/softhinker/root.pem
80 | #mv identity.p12 ../vendor-signing/com/softhinker/vendor.p12
81 | #mv customer.der ../vendor-signing/com/softhinker/customer.der
82 | 


--------------------------------------------------------------------------------
/server/static/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="en">
 3 |   <head>
 4 |     <meta charset="utf-8">
 5 |     <meta http-equiv="X-UA-Compatible" content="IE=edge">
 6 |     <meta name="viewport" content="width=device-width, initial-scale=1">
 7 |     <meta name="description" content="MDM Server Control">
 8 |     <meta name="author" content="Rory Thrasher">
 9 |     <link rel="shortcut icon" href="../../assets/ico/favicon.ico">
10 | 
11 |     <title>Open Source MDM Server</title>
12 | 
13 |     <!-- Bootstrap core CSS -->
14 |     <link href="./dist/css/bootstrap.min.css" rel="stylesheet">
15 | 
16 |     <!-- Custom styles for this template -->
17 |     <link href="./dist/css/site-template.css" rel="stylesheet">
18 | 
19 |     <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
20 |     <!--[if lt IE 9]>
21 |       <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
22 |       <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
23 |     <![endif]-->
24 |   </head>
25 | 
26 |   <body>
27 |     <div class="container">    
28 |       <div id="showEnroll" style="display:none" class="row col-sm-6" align="center">Tap <a href='/enroll'>here</a> to <br/>enroll in MDM</div>
29 |       <div id="showCert" style="display:none" class="row col-sm-6" align="center">Tap <a href='/ca'>here</a> to install the <br/> CA Cert (for Server/Identity)</div>
30 | 
31 |       <div class="site-template">
32 |         <h1>Open Source Mobile Device Management Server</h1>
33 |         <p class="lead">Choose a command to send to one or more enrolled devices.</p>
34 |       </div>
35 | 
36 |       <div class="row">
37 |         <div class="col-md-4 text-center">
38 |           <br>
39 |           <select class="form-control" id="commands" name="command">
40 |             <span class="col-md-4"></span>
41 |             <option value=''>Select command</option>
42 |           </select>
43 |         </div><!-- /.col-md-4 -->
44 | 
45 |         <div class="col-md-4 text-center">
46 |         <!--Hidden dropdown for selecting payload will goes here-->
47 |         </div><!-- /.col-md-4 -->
48 | 
49 | 
50 |         <div class="col-md-4 text-center">
51 |           <br>
52 |           <input class="btn btn-large btn-primary" id="submitcmd" type="submit"/>
53 |         </div><!-- /.col-md-4 -->
54 |       </div><!-- /.row -->
55 | 
56 |       <br><br><br>
57 | 
58 |       <div class="panel-group" id="accordion"></div>
59 | 
60 | 
61 |       <!-- Modal to hold response or other command-specific info -->
62 |       <div class="modal fade" id="modal" tabindex="-1" role="dialog" aria-labelledby="modalLabel" aria-hidden="true">
63 |         <div class="modal-dialog">
64 |           <div class="modal-content">
65 |             <div class="modal-header">
66 |               <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
67 |                 <h4 class="modal-title" id="myModalLabel">Response:</h4>
68 |             </div>
69 |             <div class="modal-body" id="modal_body">
70 |               ...
71 |             </div>
72 |             <div class="modal-footer">
73 |               <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
74 |             </div>
75 |           </div>
76 |         </div>
77 |       </div>
78 |     </div><!-- /.container -->
79 | 
80 | 
81 |     <!-- Javascript libraries and scripts -->
82 |     <!-- Placed at the end of the document so the pages load faster -->
83 |     <script src="./dist/js/jquery-1.11.0.min.js"></script>
84 |     <script src="./dist/js/bootstrap.min.js"></script>
85 |     <script src="./dist/js/mustache.min.js"></script>
86 |     <script type="text/javascript" src="dist/js/setup.js"></script>
87 |     <script type="text/javascript" src="dist/js/populate.js"></script>
88 |     <script type="text/javascript" src="dist/js/main.js"></script>
89 | 
90 |   </body>
91 | </html>
92 | 


--------------------------------------------------------------------------------
/server/static/dist/js/mustache.min.js:
--------------------------------------------------------------------------------
1 | (function(root,factory){if(typeof exports==="object"&&exports){module.exports=factory}else if(typeof define==="function"&&define.amd){define(factory)}else{root.Mustache=factory}})(this,function(){var exports={};exports.name="mustache.js";exports.version="0.7.2";exports.tags=["{{","}}"];exports.Scanner=Scanner;exports.Context=Context;exports.Writer=Writer;var whiteRe=/\s*/;var spaceRe=/\s+/;var nonSpaceRe=/\S/;var eqRe=/\s*=/;var curlyRe=/\s*\}/;var tagRe=/#|\^|\/|>|\{|&|=|!/;function testRe(re,string){return RegExp.prototype.test.call(re,string)}function isWhitespace(string){return!testRe(nonSpaceRe,string)}var isArray=Array.isArray||function(obj){return Object.prototype.toString.call(obj)==="[object Array]"};function escapeRe(string){return string.replace(/[\-\[\]{}()*+?.,\\\^$|#\s]/g,"\\$&")}var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;"};function escapeHtml(string){return String(string).replace(/[&<>"'\/]/g,function(s){return entityMap[s]})}exports.escape=escapeHtml;function Scanner(string){this.string=string;this.tail=string;this.pos=0}Scanner.prototype.eos=function(){return this.tail===""};Scanner.prototype.scan=function(re){var match=this.tail.match(re);if(match&&match.index===0){this.tail=this.tail.substring(match[0].length);this.pos+=match[0].length;return match[0]}return""};Scanner.prototype.scanUntil=function(re){var match,pos=this.tail.search(re);switch(pos){case-1:match=this.tail;this.pos+=this.tail.length;this.tail="";break;case 0:match="";break;default:match=this.tail.substring(0,pos);this.tail=this.tail.substring(pos);this.pos+=pos}return match};function Context(view,parent){this.view=view;this.parent=parent;this.clearCache()}Context.make=function(view){return view instanceof Context?view:new Context(view)};Context.prototype.clearCache=function(){this._cache={}};Context.prototype.push=function(view){return new Context(view,this)};Context.prototype.lookup=function(name){var value=this._cache[name];if(!value){if(name==="."){value=this.view}else{var context=this;while(context){if(name.indexOf(".")>0){var names=name.split("."),i=0;value=context.view;while(value&&i<names.length){value=value[names[i++]]}}else{value=context.view[name]}if(value!=null){break}context=context.parent}}this._cache[name]=value}if(typeof value==="function"){value=value.call(this.view)}return value};function Writer(){this.clearCache()}Writer.prototype.clearCache=function(){this._cache={};this._partialCache={}};Writer.prototype.compile=function(template,tags){var fn=this._cache[template];if(!fn){var tokens=exports.parse(template,tags);fn=this._cache[template]=this.compileTokens(tokens,template)}return fn};Writer.prototype.compilePartial=function(name,template,tags){var fn=this.compile(template,tags);this._partialCache[name]=fn;return fn};Writer.prototype.compileTokens=function(tokens,template){var fn=compileTokens(tokens);var self=this;return function(view,partials){if(partials){if(typeof partials==="function"){self._loadPartial=partials}else{for(var name in partials){self.compilePartial(name,partials[name])}}}return fn(self,Context.make(view),template)}};Writer.prototype.render=function(template,view,partials){return this.compile(template)(view,partials)};Writer.prototype._section=function(name,context,text,callback){var value=context.lookup(name);switch(typeof value){case"object":if(isArray(value)){var buffer="";for(var i=0,len=value.length;i<len;++i){buffer+=callback(this,context.push(value[i]))}return buffer}return value?callback(this,context.push(value)):"";case"function":var self=this;var scopedRender=function(template){return self.render(template,context)};var result=value.call(context.view,text,scopedRender);return result!=null?result:"";default:if(value){return callback(this,context)}}return""};Writer.prototype._inverted=function(name,context,callback){var value=context.lookup(name);if(!value||isArray(value)&&value.length===0){return callback(this,context)}return""};Writer.prototype._partial=function(name,context){if(!(name in this._partialCache)&&this._loadPartial){this.compilePartial(name,this._loadPartial(name))}var fn=this._partialCache[name];return fn?fn(context):""};Writer.prototype._name=function(name,context){var value=context.lookup(name);if(typeof value==="function"){value=value.call(context.view)}return value==null?"":String(value)};Writer.prototype._escaped=function(name,context){return exports.escape(this._name(name,context))};function compileTokens(tokens){var subRenders={};function subRender(i,tokens,template){if(!subRenders[i]){var fn=compileTokens(tokens);subRenders[i]=function(writer,context){return fn(writer,context,template)}}return subRenders[i]}return function(writer,context,template){var buffer="";var token,sectionText;for(var i=0,len=tokens.length;i<len;++i){token=tokens[i];switch(token[0]){case"#":sectionText=template.slice(token[3],token[5]);buffer+=writer._section(token[1],context,sectionText,subRender(i,token[4],template));break;case"^":buffer+=writer._inverted(token[1],context,subRender(i,token[4],template));break;case">":buffer+=writer._partial(token[1],context);break;case"&":buffer+=writer._name(token[1],context);break;case"name":buffer+=writer._escaped(token[1],context);break;case"text":buffer+=token[1];break}}return buffer}}function nestTokens(tokens){var tree=[];var collector=tree;var sections=[];var token;for(var i=0,len=tokens.length;i<len;++i){token=tokens[i];switch(token[0]){case"#":case"^":sections.push(token);collector.push(token);collector=token[4]=[];break;case"/":var section=sections.pop();section[5]=token[2];collector=sections.length>0?sections[sections.length-1][4]:tree;break;default:collector.push(token)}}return tree}function squashTokens(tokens){var squashedTokens=[];var token,lastToken;for(var i=0,len=tokens.length;i<len;++i){token=tokens[i];if(token[0]==="text"&&lastToken&&lastToken[0]==="text"){lastToken[1]+=token[1];lastToken[3]=token[3]}else{lastToken=token;squashedTokens.push(token)}}return squashedTokens}function escapeTags(tags){return[new RegExp(escapeRe(tags[0])+"\\s*"),new RegExp("\\s*"+escapeRe(tags[1]))]}exports.parse=function(template,tags){template=template||"";tags=tags||exports.tags;if(typeof tags==="string")tags=tags.split(spaceRe);if(tags.length!==2){throw new Error("Invalid tags: "+tags.join(", "))}var tagRes=escapeTags(tags);var scanner=new Scanner(template);var sections=[];var tokens=[];var spaces=[];var hasTag=false;var nonSpace=false;function stripSpace(){if(hasTag&&!nonSpace){while(spaces.length){tokens.splice(spaces.pop(),1)}}else{spaces=[]}hasTag=false;nonSpace=false}var start,type,value,chr;while(!scanner.eos()){start=scanner.pos;value=scanner.scanUntil(tagRes[0]);if(value){for(var i=0,len=value.length;i<len;++i){chr=value.charAt(i);if(isWhitespace(chr)){spaces.push(tokens.length)}else{nonSpace=true}tokens.push(["text",chr,start,start+1]);start+=1;if(chr==="\n"){stripSpace()}}}start=scanner.pos;if(!scanner.scan(tagRes[0])){break}hasTag=true;type=scanner.scan(tagRe)||"name";scanner.scan(whiteRe);if(type==="="){value=scanner.scanUntil(eqRe);scanner.scan(eqRe);scanner.scanUntil(tagRes[1])}else if(type==="{"){var closeRe=new RegExp("\\s*"+escapeRe("}"+tags[1]));value=scanner.scanUntil(closeRe);scanner.scan(curlyRe);scanner.scanUntil(tagRes[1]);type="&"}else{value=scanner.scanUntil(tagRes[1])}if(!scanner.scan(tagRes[1])){throw new Error("Unclosed tag at "+scanner.pos)}if(type==="/"){if(sections.length===0){throw new Error('Unopened section "'+value+'" at '+start)}var section=sections.pop();if(section[1]!==value){throw new Error('Unclosed section "'+section[1]+'" at '+start)}}var token=[type,value,start,scanner.pos];tokens.push(token);if(type==="#"||type==="^"){sections.push(token)}else if(type==="name"||type==="{"||type==="&"){nonSpace=true}else if(type==="="){tags=value.split(spaceRe);if(tags.length!==2){throw new Error("Invalid tags at "+start+": "+tags.join(", "))}tagRes=escapeTags(tags)}}var section=sections.pop();if(section){throw new Error('Unclosed section "'+section[1]+'" at '+scanner.pos)}return nestTokens(squashTokens(tokens))};var _writer=new Writer;exports.clearCache=function(){return _writer.clearCache()};exports.compile=function(template,tags){return _writer.compile(template,tags)};exports.compilePartial=function(name,template,tags){return _writer.compilePartial(name,template,tags)};exports.compileTokens=function(tokens,template){return _writer.compileTokens(tokens,template)};exports.render=function(template,view,partials){return _writer.render(template,view,partials)};exports.to_html=function(template,view,partials,send){var result=exports.render(template,view,partials);if(typeof send==="function"){send(result)}else{return result}};return exports}());


--------------------------------------------------------------------------------
/client-reporting/client-reporting.xcodeproj/project.pbxproj:
--------------------------------------------------------------------------------
  1 | // !$*UTF8*$!
  2 | {
  3 | 	archiveVersion = 1;
  4 | 	classes = {
  5 | 	};
  6 | 	objectVersion = 46;
  7 | 	objects = {
  8 | 
  9 | /* Begin PBXBuildFile section */
 10 | 		3E90E01D1864F60400155CB7 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 3E90E01C1864F60400155CB7 /* Foundation.framework */; };
 11 | 		3E90E0221864F60400155CB7 /* client_reporting.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 3E90E0211864F60400155CB7 /* client_reporting.h */; };
 12 | 		3E90E0241864F60400155CB7 /* client_reporting.m in Sources */ = {isa = PBXBuildFile; fileRef = 3E90E0231864F60400155CB7 /* client_reporting.m */; };
 13 | /* End PBXBuildFile section */
 14 | 
 15 | /* Begin PBXCopyFilesBuildPhase section */
 16 | 		3E90E0171864F60400155CB7 /* CopyFiles */ = {
 17 | 			isa = PBXCopyFilesBuildPhase;
 18 | 			buildActionMask = 2147483647;
 19 | 			dstPath = "include/${PRODUCT_NAME}";
 20 | 			dstSubfolderSpec = 16;
 21 | 			files = (
 22 | 				3E90E0221864F60400155CB7 /* client_reporting.h in CopyFiles */,
 23 | 			);
 24 | 			runOnlyForDeploymentPostprocessing = 0;
 25 | 		};
 26 | /* End PBXCopyFilesBuildPhase section */
 27 | 
 28 | /* Begin PBXFileReference section */
 29 | 		3E90E0191864F60400155CB7 /* libclient-reporting.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libclient-reporting.a"; sourceTree = BUILT_PRODUCTS_DIR; };
 30 | 		3E90E01C1864F60400155CB7 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
 31 | 		3E90E0201864F60400155CB7 /* client-reporting-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "client-reporting-Prefix.pch"; sourceTree = "<group>"; };
 32 | 		3E90E0211864F60400155CB7 /* client_reporting.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = client_reporting.h; sourceTree = "<group>"; };
 33 | 		3E90E0231864F60400155CB7 /* client_reporting.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = client_reporting.m; sourceTree = "<group>"; };
 34 | /* End PBXFileReference section */
 35 | 
 36 | /* Begin PBXFrameworksBuildPhase section */
 37 | 		3E90E0161864F60400155CB7 /* Frameworks */ = {
 38 | 			isa = PBXFrameworksBuildPhase;
 39 | 			buildActionMask = 2147483647;
 40 | 			files = (
 41 | 				3E90E01D1864F60400155CB7 /* Foundation.framework in Frameworks */,
 42 | 			);
 43 | 			runOnlyForDeploymentPostprocessing = 0;
 44 | 		};
 45 | /* End PBXFrameworksBuildPhase section */
 46 | 
 47 | /* Begin PBXGroup section */
 48 | 		3E90E0101864F60400155CB7 = {
 49 | 			isa = PBXGroup;
 50 | 			children = (
 51 | 				3E90E01E1864F60400155CB7 /* client-reporting */,
 52 | 				3E90E01B1864F60400155CB7 /* Frameworks */,
 53 | 				3E90E01A1864F60400155CB7 /* Products */,
 54 | 			);
 55 | 			sourceTree = "<group>";
 56 | 		};
 57 | 		3E90E01A1864F60400155CB7 /* Products */ = {
 58 | 			isa = PBXGroup;
 59 | 			children = (
 60 | 				3E90E0191864F60400155CB7 /* libclient-reporting.a */,
 61 | 			);
 62 | 			name = Products;
 63 | 			sourceTree = "<group>";
 64 | 		};
 65 | 		3E90E01B1864F60400155CB7 /* Frameworks */ = {
 66 | 			isa = PBXGroup;
 67 | 			children = (
 68 | 				3E90E01C1864F60400155CB7 /* Foundation.framework */,
 69 | 			);
 70 | 			name = Frameworks;
 71 | 			sourceTree = "<group>";
 72 | 		};
 73 | 		3E90E01E1864F60400155CB7 /* client-reporting */ = {
 74 | 			isa = PBXGroup;
 75 | 			children = (
 76 | 				3E90E0211864F60400155CB7 /* client_reporting.h */,
 77 | 				3E90E0231864F60400155CB7 /* client_reporting.m */,
 78 | 				3E90E01F1864F60400155CB7 /* Supporting Files */,
 79 | 			);
 80 | 			path = "client-reporting";
 81 | 			sourceTree = "<group>";
 82 | 		};
 83 | 		3E90E01F1864F60400155CB7 /* Supporting Files */ = {
 84 | 			isa = PBXGroup;
 85 | 			children = (
 86 | 				3E90E0201864F60400155CB7 /* client-reporting-Prefix.pch */,
 87 | 			);
 88 | 			name = "Supporting Files";
 89 | 			sourceTree = "<group>";
 90 | 		};
 91 | /* End PBXGroup section */
 92 | 
 93 | /* Begin PBXNativeTarget section */
 94 | 		3E90E0181864F60400155CB7 /* client-reporting */ = {
 95 | 			isa = PBXNativeTarget;
 96 | 			buildConfigurationList = 3E90E0271864F60400155CB7 /* Build configuration list for PBXNativeTarget "client-reporting" */;
 97 | 			buildPhases = (
 98 | 				3E90E0151864F60400155CB7 /* Sources */,
 99 | 				3E90E0161864F60400155CB7 /* Frameworks */,
100 | 				3E90E0171864F60400155CB7 /* CopyFiles */,
101 | 			);
102 | 			buildRules = (
103 | 			);
104 | 			dependencies = (
105 | 			);
106 | 			name = "client-reporting";
107 | 			productName = "client-reporting";
108 | 			productReference = 3E90E0191864F60400155CB7 /* libclient-reporting.a */;
109 | 			productType = "com.apple.product-type.library.static";
110 | 		};
111 | /* End PBXNativeTarget section */
112 | 
113 | /* Begin PBXProject section */
114 | 		3E90E0111864F60400155CB7 /* Project object */ = {
115 | 			isa = PBXProject;
116 | 			attributes = {
117 | 				LastUpgradeCheck = 0460;
118 | 				ORGANIZATIONNAME = "Black, Gavin S.";
119 | 			};
120 | 			buildConfigurationList = 3E90E0141864F60400155CB7 /* Build configuration list for PBXProject "client-reporting" */;
121 | 			compatibilityVersion = "Xcode 3.2";
122 | 			developmentRegion = English;
123 | 			hasScannedForEncodings = 0;
124 | 			knownRegions = (
125 | 				en,
126 | 			);
127 | 			mainGroup = 3E90E0101864F60400155CB7;
128 | 			productRefGroup = 3E90E01A1864F60400155CB7 /* Products */;
129 | 			projectDirPath = "";
130 | 			projectRoot = "";
131 | 			targets = (
132 | 				3E90E0181864F60400155CB7 /* client-reporting */,
133 | 			);
134 | 		};
135 | /* End PBXProject section */
136 | 
137 | /* Begin PBXSourcesBuildPhase section */
138 | 		3E90E0151864F60400155CB7 /* Sources */ = {
139 | 			isa = PBXSourcesBuildPhase;
140 | 			buildActionMask = 2147483647;
141 | 			files = (
142 | 				3E90E0241864F60400155CB7 /* client_reporting.m in Sources */,
143 | 			);
144 | 			runOnlyForDeploymentPostprocessing = 0;
145 | 		};
146 | /* End PBXSourcesBuildPhase section */
147 | 
148 | /* Begin XCBuildConfiguration section */
149 | 		3E90E0251864F60400155CB7 /* Debug */ = {
150 | 			isa = XCBuildConfiguration;
151 | 			buildSettings = {
152 | 				ALWAYS_SEARCH_USER_PATHS = NO;
153 | 				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
154 | 				CLANG_CXX_LIBRARY = "libc++";
155 | 				CLANG_ENABLE_OBJC_ARC = YES;
156 | 				CLANG_WARN_CONSTANT_CONVERSION = YES;
157 | 				CLANG_WARN_EMPTY_BODY = YES;
158 | 				CLANG_WARN_ENUM_CONVERSION = YES;
159 | 				CLANG_WARN_INT_CONVERSION = YES;
160 | 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
161 | 				COPY_PHASE_STRIP = NO;
162 | 				GCC_C_LANGUAGE_STANDARD = gnu99;
163 | 				GCC_DYNAMIC_NO_PIC = NO;
164 | 				GCC_OPTIMIZATION_LEVEL = 0;
165 | 				GCC_PREPROCESSOR_DEFINITIONS = (
166 | 					"DEBUG=1",
167 | 					"$(inherited)",
168 | 				);
169 | 				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
170 | 				GCC_WARN_ABOUT_RETURN_TYPE = YES;
171 | 				GCC_WARN_UNINITIALIZED_AUTOS = YES;
172 | 				GCC_WARN_UNUSED_VARIABLE = YES;
173 | 				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
174 | 				ONLY_ACTIVE_ARCH = YES;
175 | 				SDKROOT = iphoneos;
176 | 			};
177 | 			name = Debug;
178 | 		};
179 | 		3E90E0261864F60400155CB7 /* Release */ = {
180 | 			isa = XCBuildConfiguration;
181 | 			buildSettings = {
182 | 				ALWAYS_SEARCH_USER_PATHS = NO;
183 | 				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
184 | 				CLANG_CXX_LIBRARY = "libc++";
185 | 				CLANG_ENABLE_OBJC_ARC = YES;
186 | 				CLANG_WARN_CONSTANT_CONVERSION = YES;
187 | 				CLANG_WARN_EMPTY_BODY = YES;
188 | 				CLANG_WARN_ENUM_CONVERSION = YES;
189 | 				CLANG_WARN_INT_CONVERSION = YES;
190 | 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
191 | 				COPY_PHASE_STRIP = YES;
192 | 				GCC_C_LANGUAGE_STANDARD = gnu99;
193 | 				GCC_WARN_ABOUT_RETURN_TYPE = YES;
194 | 				GCC_WARN_UNINITIALIZED_AUTOS = YES;
195 | 				GCC_WARN_UNUSED_VARIABLE = YES;
196 | 				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
197 | 				SDKROOT = iphoneos;
198 | 				VALIDATE_PRODUCT = YES;
199 | 			};
200 | 			name = Release;
201 | 		};
202 | 		3E90E0281864F60400155CB7 /* Debug */ = {
203 | 			isa = XCBuildConfiguration;
204 | 			buildSettings = {
205 | 				DSTROOT = /tmp/client_reporting.dst;
206 | 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
207 | 				GCC_PREFIX_HEADER = "client-reporting/client-reporting-Prefix.pch";
208 | 				OTHER_LDFLAGS = "-ObjC";
209 | 				PRODUCT_NAME = "$(TARGET_NAME)";
210 | 				SKIP_INSTALL = YES;
211 | 			};
212 | 			name = Debug;
213 | 		};
214 | 		3E90E0291864F60400155CB7 /* Release */ = {
215 | 			isa = XCBuildConfiguration;
216 | 			buildSettings = {
217 | 				DSTROOT = /tmp/client_reporting.dst;
218 | 				GCC_PRECOMPILE_PREFIX_HEADER = YES;
219 | 				GCC_PREFIX_HEADER = "client-reporting/client-reporting-Prefix.pch";
220 | 				OTHER_LDFLAGS = "-ObjC";
221 | 				PRODUCT_NAME = "$(TARGET_NAME)";
222 | 				SKIP_INSTALL = YES;
223 | 			};
224 | 			name = Release;
225 | 		};
226 | /* End XCBuildConfiguration section */
227 | 
228 | /* Begin XCConfigurationList section */
229 | 		3E90E0141864F60400155CB7 /* Build configuration list for PBXProject "client-reporting" */ = {
230 | 			isa = XCConfigurationList;
231 | 			buildConfigurations = (
232 | 				3E90E0251864F60400155CB7 /* Debug */,
233 | 				3E90E0261864F60400155CB7 /* Release */,
234 | 			);
235 | 			defaultConfigurationIsVisible = 0;
236 | 			defaultConfigurationName = Release;
237 | 		};
238 | 		3E90E0271864F60400155CB7 /* Build configuration list for PBXNativeTarget "client-reporting" */ = {
239 | 			isa = XCConfigurationList;
240 | 			buildConfigurations = (
241 | 				3E90E0281864F60400155CB7 /* Debug */,
242 | 				3E90E0291864F60400155CB7 /* Release */,
243 | 			);
244 | 			defaultConfigurationIsVisible = 0;
245 | 		};
246 | /* End XCConfigurationList section */
247 | 	};
248 | 	rootObject = 3E90E0111864F60400155CB7 /* Project object */;
249 | }
250 | 


--------------------------------------------------------------------------------
/server/device.py:
--------------------------------------------------------------------------------
  1 | from collections import deque
  2 | from plistlib import *
  3 | from operator import itemgetter
  4 | import time, datetime, copy
  5 | 
  6 | class device:
  7 |     TIMEOUT = 20    # Number of seconds before command times out
  8 |     WHITELIST = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 "
  9 |     def __init__(self, newUDID, tuple):
 10 |         self.UDID = newUDID
 11 |         self.IP = tuple[0]
 12 |         self.pushMagic = tuple[1]
 13 |         self.deviceToken = tuple[2]
 14 |         self.unlockToken = tuple[3]
 15 | 
 16 |         # Hard coded information to show possible features
 17 |         self.GEO = "42*21'29''N 71*03'49''W"
 18 | 
 19 |         # Owner and location default to unassigned
 20 |         self.owner = 'Unassigned'
 21 |         self.location = 'Unassigned'
 22 | 
 23 |         self.status = 0 # 0=ready for command (green? gray?)
 24 |                         # 1=command in queue (yellow)
 25 |                         # 2=error/timeout (red)
 26 |                         # maybe have green (last command successful?)
 27 | 
 28 |         # Possible additional parameters based on query commands
 29 |         #self.availableCapacity
 30 |         #self.totalCapacity
 31 |         #self.installedApps
 32 | 
 33 |         self.name = ''
 34 |         self.customName = ''
 35 |         self.model = ''
 36 |         self.OS = ''
 37 | 
 38 |         # Dictionary to hold commands and responses that HAVE been sent
 39 |         # Keys are Command UUID, value is a dictionary
 40 |         # {'command', 'response', 'order', 'status'}
 41 |         self.cmdList = {}
 42 | 
 43 |         # Queue to hold commands that HAVE NOT been sent
 44 |         self.queue = deque()
 45 | 
 46 | 
 47 |     def getUDID(self):
 48 |         return self.UDID
 49 | 
 50 |     def getQueueInfo(self):
 51 |         # Returns information needed by queue function
 52 |         return self.pushMagic, self.deviceToken
 53 | 
 54 |     def getResponse(self, cmdUUID):
 55 |         return self.cmdList[cmdUUID]['response']
 56 | 
 57 |     def sortCommands(self):
 58 |         temp = []
 59 |         for key in self.cmdList:
 60 |             temp.append((self.cmdList[key]['order'], key))
 61 |         return sorted(temp, reverse=True)
 62 | 
 63 | 
 64 |     def populate(self):
 65 |         # Returns info as a dictionary for use with mustache
 66 |         d = {}
 67 |         d['UDID'] = self.UDID
 68 |         if self.customName:
 69 |             d['name'] = self.customName
 70 |         else:
 71 |             d['name'] = self.name
 72 |         d['ip'] = self.IP
 73 |         d['owner'] = self.owner
 74 |         d['location'] = self.location
 75 |         d['geo'] = self.GEO
 76 |         d['status'] = ['success', 'warning', 'danger'][self.status]
 77 |         #d['icon'] = ['ok', 'refresh', 'remove'][self.status] # possible glyphicon functionality
 78 | 
 79 |         # Send back 5 most recent commands
 80 |         temp = self.sortCommands()
 81 |         d['commands'] = []
 82 |         for tuple in temp[:5]:
 83 |             # Check for commands with variables that are not JSON serializable
 84 |             if 'UnlockToken' in self.cmdList[tuple[1]]['cmd']['Command']:
 85 |                 # Remove unlocktoken from output
 86 |                 temp_cmd = copy.deepcopy(self.cmdList[tuple[1]])
 87 |                 temp_cmd['cmd']['Command']['UnlockToken'] = 'Redacted by server'
 88 |                 d['commands'].append(temp_cmd)
 89 |             elif 'CertificateList' in self.cmdList[tuple[1]]['response']:
 90 |                 # Remove CertificateList data from output
 91 |                 # TODO: Possibly implement some other method of delivering certificate data
 92 |                 temp_cmd = copy.deepcopy(self.cmdList[tuple[1]])
 93 |                 for i in range(len(temp_cmd['response']['CertificateList'])):
 94 |                    temp_cmd['response']['CertificateList'][i]['Data'] = 'Redacted by server'
 95 |                 d['commands'].append(temp_cmd)
 96 |             elif 'ProfileList' in self.cmdList[tuple[1]]['response']:
 97 |                 # Remove SignerCertificates data from output
 98 |                 # Note that some profiles may not have SignerCertificates, in which case this
 99 |                 # will add it to the ProfileList, though only for response output on server
100 |                 temp_cmd = copy.deepcopy(self.cmdList[tuple[1]])
101 |                 for i in range(len(temp_cmd['response']['ProfileList'])):
102 |                     temp_cmd['response']['ProfileList'][i]['SignerCertificates'] = 'Redacted by server'
103 |                 d['commands'].append(temp_cmd)
104 |             elif 'ProvisioningProfileList' in self.cmdList[tuple[1]]['response']:
105 |                 # Change ExpiryDate datetime objects to UTC strings for output
106 |                 temp_cmd = copy.deepcopy(self.cmdList[tuple[1]])
107 |                 for i in range(len(temp_cmd['response']['ProvisioningProfileList'])):
108 |                     temp_cmd['response']['ProvisioningProfileList'][i]['ExpiryDate'] = temp_cmd['response']['ProvisioningProfileList'][i]['ExpiryDate'].strftime("%Y-%m-%d %H:%M:%S") + " UTC"
109 |                 d['commands'].append(temp_cmd)
110 |             elif 'InstallProfile' == self.cmdList[tuple[1]]['cmd']['Command']['RequestType']:
111 |                 #Remove payload data from output
112 |                 temp_cmd = copy.deepcopy(self.cmdList[tuple[1]])
113 |                 temp_cmd['cmd']['Command']['Payload'] = 'Redacted by server'
114 |                 d['commands'].append(temp_cmd)
115 | 
116 |             else:
117 |                 d['commands'].append(self.cmdList[tuple[1]])
118 | 
119 |         return d
120 | 
121 |     def sanitize(self, string):
122 |         # Function to remove any non-alphanumeric characters from input
123 |         wl = set(self.WHITELIST)
124 | 
125 |         for char in set(string)-wl:
126 |             string = string.replace(char, '');
127 | 
128 |         return string[:32]
129 | 
130 |     def updateMetadata(self, newName, newOwner, newLocation):
131 |         # Fuction for customizable metadata
132 |         if newName:
133 |             self.customName = self.sanitize(newName.strip())
134 |         if newOwner:
135 |             self.owner = self.sanitize(newOwner.strip())
136 |         if newLocation:
137 |             self.location = self.sanitize(newLocation.strip())
138 | 
139 | 
140 |     def updateInfo(self, newName, newModel, newOS):
141 |         # Update class variables with data from DeviceInformation
142 |         self.name = newName
143 |         self.model = newModel
144 |         self.OS = newOS
145 | 
146 |     def reenroll(self, newIP, newPush, newUnlock):
147 |         self.IP = newIP
148 |         self.pushMagic = newPush
149 |         self.unlockToken = newUnlock
150 | 
151 |     def addCommand(self, cmd):
152 |         # Add a new command to the queue
153 |         # Update status to show command pending
154 |         self.status = 1
155 |         cmd['TimeStamp'] = time.time()
156 | 
157 |         # Update command with unlockToken if necessary
158 |         if cmd['Command']['RequestType'] == 'ClearPasscode':
159 |             cmd['Command']['UnlockToken'] = Data(self.unlockToken)
160 | 
161 |         print "ADDED COMMAND TO QUEUE:", cmd['CommandUUID']
162 |         self.queue.append(cmd)
163 | 
164 |     def sendCommand(self):
165 |         # Pop command off queue to be sent to the device
166 |         if len(self.queue) == 0:
167 |             print "**No commands left in queue"
168 |             return ''
169 | 
170 |         cmd = self.queue.popleft()
171 |         self.cmdList[cmd['CommandUUID']] = {}
172 |         self.cmdList[cmd['CommandUUID']]['cmd'] = cmd
173 |         self.cmdList[cmd['CommandUUID']]['response'] = ''
174 |         self.cmdList[cmd['CommandUUID']]['status'] = 'warning'
175 |         self.cmdList[cmd['CommandUUID']]['order'] = len(self.cmdList.keys())
176 |         print "**Sending command", cmd['CommandUUID'], "and moving it from queue**"
177 |         return cmd
178 | 
179 | 
180 |     def addResponse(self, cmdUUID, response):
181 |         # Add a response to correspond with a previous command
182 |         print "**ADDING RESPONSE TO CMD:", cmdUUID
183 |         self.cmdList[cmdUUID]['response'] = response
184 |         # Check response for success/failure
185 |         if response['Status'] == 'Acknowledged':
186 |             self.cmdList[cmdUUID]['status'] = 'success'
187 |             self.status = 0
188 |         elif response['Status'] == 'Error':
189 |             self.cmdList[cmdUUID]['status'] = 'danger'
190 |             self.status = 2
191 | 
192 |     def checkTimeout(self):
193 |         # Checks for command timeout
194 |         now = time.time()
195 | 
196 |         # If we have no commands waiting, we're good
197 |         if self.status != 1:
198 |             return
199 |         
200 |         # Check queue for timed out commands
201 |         if len(self.queue) > 0:
202 |             for cmd in self.queue:
203 |                 if now - cmd['TimeStamp'] > self.TIMEOUT:
204 |                     # Command has time out, add it to cmd list with an error
205 |                     self.status = 2
206 |                     self.queue.remove(cmd)
207 |                     self.cmdList[cmd['CommandUUID']] = {}
208 |                     self.cmdList[cmd['CommandUUID']]['cmd'] = cmd
209 |                     self.cmdList[cmd['CommandUUID']]['response'] = {'Status':'TimeoutError'}
210 |                     self.cmdList[cmd['CommandUUID']]['status'] = 'danger'
211 |                     self.cmdList[cmd['CommandUUID']]['order'] = len(self.cmdList.keys())
212 |                     return
213 | 
214 |         # Check command list for timed out commands
215 |         for commandUUID in self.cmdList:
216 |             if self.cmdList[commandUUID]['response'] == "" and now-self.cmdList[commandUUID]['cmd']['TimeStamp'] > self.TIMEOUT:
217 |                 self.status = 2
218 |                 self.cmdList[command['cmd']['CommandUUID']]['status'] = 'danger'
219 |                 self.cmdList[command['cmd']['CommandUUID']]['response'] = {'Status':'TimeoutError'}
220 | 


--------------------------------------------------------------------------------
/server/static/dist/css/bootstrap-theme.min.css:
--------------------------------------------------------------------------------
1 | /*!
2 |  * Bootstrap v3.1.1 (http://getbootstrap.com)
3 |  * Copyright 2011-2014 Twitter, Inc.
4 |  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
5 |  */
6 | 
7 | .btn-default,.btn-primary,.btn-success,.btn-info,.btn-warning,.btn-danger{text-shadow:0 -1px 0 rgba(0,0,0,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px 1px rgba(0,0,0,.075)}.btn-default:active,.btn-primary:active,.btn-success:active,.btn-info:active,.btn-warning:active,.btn-danger:active,.btn-default.active,.btn-primary.active,.btn-success.active,.btn-info.active,.btn-warning.active,.btn-danger.active{-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,.125);box-shadow:inset 0 3px 5px rgba(0,0,0,.125)}.btn:active,.btn.active{background-image:none}.btn-default{background-image:-webkit-linear-gradient(top,#fff 0,#e0e0e0 100%);background-image:linear-gradient(to bottom,#fff 0,#e0e0e0 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe0e0e0', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#dbdbdb;text-shadow:0 1px 0 #fff;border-color:#ccc}.btn-default:hover,.btn-default:focus{background-color:#e0e0e0;background-position:0 -15px}.btn-default:active,.btn-default.active{background-color:#e0e0e0;border-color:#dbdbdb}.btn-primary{background-image:-webkit-linear-gradient(top,#428bca 0,#2d6ca2 100%);background-image:linear-gradient(to bottom,#428bca 0,#2d6ca2 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff2d6ca2', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#2b669a}.btn-primary:hover,.btn-primary:focus{background-color:#2d6ca2;background-position:0 -15px}.btn-primary:active,.btn-primary.active{background-color:#2d6ca2;border-color:#2b669a}.btn-success{background-image:-webkit-linear-gradient(top,#5cb85c 0,#419641 100%);background-image:linear-gradient(to bottom,#5cb85c 0,#419641 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff419641', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#3e8f3e}.btn-success:hover,.btn-success:focus{background-color:#419641;background-position:0 -15px}.btn-success:active,.btn-success.active{background-color:#419641;border-color:#3e8f3e}.btn-info{background-image:-webkit-linear-gradient(top,#5bc0de 0,#2aabd2 100%);background-image:linear-gradient(to bottom,#5bc0de 0,#2aabd2 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff2aabd2', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#28a4c9}.btn-info:hover,.btn-info:focus{background-color:#2aabd2;background-position:0 -15px}.btn-info:active,.btn-info.active{background-color:#2aabd2;border-color:#28a4c9}.btn-warning{background-image:-webkit-linear-gradient(top,#f0ad4e 0,#eb9316 100%);background-image:linear-gradient(to bottom,#f0ad4e 0,#eb9316 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffeb9316', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#e38d13}.btn-warning:hover,.btn-warning:focus{background-color:#eb9316;background-position:0 -15px}.btn-warning:active,.btn-warning.active{background-color:#eb9316;border-color:#e38d13}.btn-danger{background-image:-webkit-linear-gradient(top,#d9534f 0,#c12e2a 100%);background-image:linear-gradient(to bottom,#d9534f 0,#c12e2a 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc12e2a', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);background-repeat:repeat-x;border-color:#b92c28}.btn-danger:hover,.btn-danger:focus{background-color:#c12e2a;background-position:0 -15px}.btn-danger:active,.btn-danger.active{background-color:#c12e2a;border-color:#b92c28}.thumbnail,.img-thumbnail{-webkit-box-shadow:0 1px 2px rgba(0,0,0,.075);box-shadow:0 1px 2px rgba(0,0,0,.075)}.dropdown-menu>li>a:hover,.dropdown-menu>li>a:focus{background-image:-webkit-linear-gradient(top,#f5f5f5 0,#e8e8e8 100%);background-image:linear-gradient(to bottom,#f5f5f5 0,#e8e8e8 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0);background-color:#e8e8e8}.dropdown-menu>.active>a,.dropdown-menu>.active>a:hover,.dropdown-menu>.active>a:focus{background-image:-webkit-linear-gradient(top,#428bca 0,#357ebd 100%);background-image:linear-gradient(to bottom,#428bca 0,#357ebd 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);background-color:#357ebd}.navbar-default{background-image:-webkit-linear-gradient(top,#fff 0,#f8f8f8 100%);background-image:linear-gradient(to bottom,#fff 0,#f8f8f8 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#fff8f8f8', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px 5px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px 5px rgba(0,0,0,.075)}.navbar-default .navbar-nav>.active>a{background-image:-webkit-linear-gradient(top,#ebebeb 0,#f3f3f3 100%);background-image:linear-gradient(to bottom,#ebebeb 0,#f3f3f3 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff3f3f3', GradientType=0);-webkit-box-shadow:inset 0 3px 9px rgba(0,0,0,.075);box-shadow:inset 0 3px 9px rgba(0,0,0,.075)}.navbar-brand,.navbar-nav>li>a{text-shadow:0 1px 0 rgba(255,255,255,.25)}.navbar-inverse{background-image:-webkit-linear-gradient(top,#3c3c3c 0,#222 100%);background-image:linear-gradient(to bottom,#3c3c3c 0,#222 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff3c3c3c', endColorstr='#ff222222', GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false)}.navbar-inverse .navbar-nav>.active>a{background-image:-webkit-linear-gradient(top,#222 0,#282828 100%);background-image:linear-gradient(to bottom,#222 0,#282828 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff222222', endColorstr='#ff282828', GradientType=0);-webkit-box-shadow:inset 0 3px 9px rgba(0,0,0,.25);box-shadow:inset 0 3px 9px rgba(0,0,0,.25)}.navbar-inverse .navbar-brand,.navbar-inverse .navbar-nav>li>a{text-shadow:0 -1px 0 rgba(0,0,0,.25)}.navbar-static-top,.navbar-fixed-top,.navbar-fixed-bottom{border-radius:0}.alert{text-shadow:0 1px 0 rgba(255,255,255,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.25),0 1px 2px rgba(0,0,0,.05);box-shadow:inset 0 1px 0 rgba(255,255,255,.25),0 1px 2px rgba(0,0,0,.05)}.alert-success{background-image:-webkit-linear-gradient(top,#dff0d8 0,#c8e5bc 100%);background-image:linear-gradient(to bottom,#dff0d8 0,#c8e5bc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffc8e5bc', GradientType=0);border-color:#b2dba1}.alert-info{background-image:-webkit-linear-gradient(top,#d9edf7 0,#b9def0 100%);background-image:linear-gradient(to bottom,#d9edf7 0,#b9def0 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffb9def0', GradientType=0);border-color:#9acfea}.alert-warning{background-image:-webkit-linear-gradient(top,#fcf8e3 0,#f8efc0 100%);background-image:linear-gradient(to bottom,#fcf8e3 0,#f8efc0 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fff8efc0', GradientType=0);border-color:#f5e79e}.alert-danger{background-image:-webkit-linear-gradient(top,#f2dede 0,#e7c3c3 100%);background-image:linear-gradient(to bottom,#f2dede 0,#e7c3c3 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffe7c3c3', GradientType=0);border-color:#dca7a7}.progress{background-image:-webkit-linear-gradient(top,#ebebeb 0,#f5f5f5 100%);background-image:linear-gradient(to bottom,#ebebeb 0,#f5f5f5 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff5f5f5', GradientType=0)}.progress-bar{background-image:-webkit-linear-gradient(top,#428bca 0,#3071a9 100%);background-image:linear-gradient(to bottom,#428bca 0,#3071a9 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0)}.progress-bar-success{background-image:-webkit-linear-gradient(top,#5cb85c 0,#449d44 100%);background-image:linear-gradient(to bottom,#5cb85c 0,#449d44 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0)}.progress-bar-info{background-image:-webkit-linear-gradient(top,#5bc0de 0,#31b0d5 100%);background-image:linear-gradient(to bottom,#5bc0de 0,#31b0d5 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0)}.progress-bar-warning{background-image:-webkit-linear-gradient(top,#f0ad4e 0,#ec971f 100%);background-image:linear-gradient(to bottom,#f0ad4e 0,#ec971f 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0)}.progress-bar-danger{background-image:-webkit-linear-gradient(top,#d9534f 0,#c9302c 100%);background-image:linear-gradient(to bottom,#d9534f 0,#c9302c 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0)}.list-group{border-radius:4px;-webkit-box-shadow:0 1px 2px rgba(0,0,0,.075);box-shadow:0 1px 2px rgba(0,0,0,.075)}.list-group-item.active,.list-group-item.active:hover,.list-group-item.active:focus{text-shadow:0 -1px 0 #3071a9;background-image:-webkit-linear-gradient(top,#428bca 0,#3278b3 100%);background-image:linear-gradient(to bottom,#428bca 0,#3278b3 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3278b3', GradientType=0);border-color:#3278b3}.panel{-webkit-box-shadow:0 1px 2px rgba(0,0,0,.05);box-shadow:0 1px 2px rgba(0,0,0,.05)}.panel-default>.panel-heading{background-image:-webkit-linear-gradient(top,#f5f5f5 0,#e8e8e8 100%);background-image:linear-gradient(to bottom,#f5f5f5 0,#e8e8e8 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0)}.panel-primary>.panel-heading{background-image:-webkit-linear-gradient(top,#428bca 0,#357ebd 100%);background-image:linear-gradient(to bottom,#428bca 0,#357ebd 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0)}.panel-success>.panel-heading{background-image:-webkit-linear-gradient(top,#dff0d8 0,#d0e9c6 100%);background-image:linear-gradient(to bottom,#dff0d8 0,#d0e9c6 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffd0e9c6', GradientType=0)}.panel-info>.panel-heading{background-image:-webkit-linear-gradient(top,#d9edf7 0,#c4e3f3 100%);background-image:linear-gradient(to bottom,#d9edf7 0,#c4e3f3 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffc4e3f3', GradientType=0)}.panel-warning>.panel-heading{background-image:-webkit-linear-gradient(top,#fcf8e3 0,#faf2cc 100%);background-image:linear-gradient(to bottom,#fcf8e3 0,#faf2cc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fffaf2cc', GradientType=0)}.panel-danger>.panel-heading{background-image:-webkit-linear-gradient(top,#f2dede 0,#ebcccc 100%);background-image:linear-gradient(to bottom,#f2dede 0,#ebcccc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffebcccc', GradientType=0)}.well{background-image:-webkit-linear-gradient(top,#e8e8e8 0,#f5f5f5 100%);background-image:linear-gradient(to bottom,#e8e8e8 0,#f5f5f5 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe8e8e8', endColorstr='#fff5f5f5', GradientType=0);border-color:#dcdcdc;-webkit-box-shadow:inset 0 1px 3px rgba(0,0,0,.05),0 1px 0 rgba(255,255,255,.1);box-shadow:inset 0 1px 3px rgba(0,0,0,.05),0 1px 0 rgba(255,255,255,.1)}


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Overview[![analytics](http://www.google-analytics.com/collect?v=1&t=pageview&_s=1&dl=https%3A%2F%2Fgithub.com%2Fproject-imas%2Fmdm-server&_u=MAC~&cid=1757014354.1393964045&tid=UA-38868530-1)]()
  2 | 
  3 | Instructions and code for setting up a simple iOS Mobile Device Management (MDM) server.  MDM allows for OS level control of multiple devices from a centralized location.  A remote administrator can install/remove apps, install/revoke certificates, lock the device, change password requirements, etc.  
  4 | 
  5 | # Prerequisites
  6 | 
  7 |  * Publicly accessible Linux/Unix server
  8 |  * Apple Enterprise Account
  9 |  * Apple Developer Account
 10 |  * Python 2.7 (See Server Setup for libraries)
 11 |  * openssl command-line
 12 |  * Java SDK (java/javac)
 13 |  * Apple's iPhone Configuration Utility
 14 |     * [OS X Version](http://support.apple.com/kb/dl1465)
 15 |     * [Windows Version](http://support.apple.com/kb/DL1466)
 16 | 
 17 | # Setup
 18 | 
 19 |  1. Create MDM Vendor CSR
 20 |     * Open Keychain Access.
 21 |     * Go to the menu bar: Keychain Access -> Certificate Assistant -> Request a Certificate From a Certificate Authority.
 22 |     * Use the same email as the developer account that will be used.  Enter in a common name as well.
 23 |     * Select *Saved to disk*.  
 24 | 
 25 |  2. Upload CSR to Apple
 26 |     * Go to [Apple's Certificates, Identifiers & Profiles page](https://developer.apple.com/account/ios/certificate/certificateCreate.action).
 27 |     * Select MDM CSR under Production.  If this option is disabled, you will need to contact apple to enable it.  You can either email apple at devprograms@apple.com or go through the [online contact menu](http://developer.apple.com/contact/).  In your message, indicate that you are looking to create an MDM Vendor Certificate and need the MDM CSR option enabled on the certificate creation page.  Apple should respond within one business day according to their contact page.  
 28 |     * When you have the MDM CSR option available, select it and hit continue.  Hit continue again through Apple's description of how to create a CSR file (we already have one).
 29 |     * Upload the .certSigningRequest file we created in step 1 and then hit generate.  A .cer file should be downloaded. Name it something like mdmvendor.cer.
 30 | 
 31 |  3. Export MDM private key
 32 |     * Open your mdmvendor.cer file in Keychain Access.
 33 |     * Select Certificates from the left side.
 34 |     * You should find your certificate listed as *MDM Vendor: Common Name*.
 35 |     * There should be an arrow on that line that opens up show the MDM private key.
 36 |     * Right-click the private key, select *Export...*, and save as private.p12
 37 |     * Remember where you save this file, we will use it in step 5.
 38 | 
 39 |  4. Create Push Certificate CSR
 40 |     * In Keychain Access, again select from the menu bar: Keychain Access -> Certificate Assistant -> Request a Certificate From a Certificate Authority.
 41 |     * Enter your email (can be a different email) and a common name.
 42 |     * Select *Saved to disk* and name it something like push.csr.
 43 | 
 44 |  5. Extract MDM private key and MDM Vendor Certificate
 45 |     * Extract private key using the following command:
 46 | 
 47 |     openssl pkcs12 -in private.p12 -nocerts -out key.pem
 48 | 
 49 |     * Strip the password from the private key using the following command:
 50 | 
 51 |     openssl rsa -in key.pem out private.key
 52 | 
 53 |     * Extract certificate using the following command:
 54 | 
 55 |     openssl pkcs12 -in private.p12 -clcerts -nokeys -out cert.pem
 56 | 
 57 |     * Convert certificate to DES using the following command:
 58 | 
 59 |     openssl x509 -in cert.pem -inform PEM -out mdm.cer -outform DES
 60 | 
 61 |     * These files will be used in the next step.
 62 | 
 63 |  6. Use the mdmvendorsign tool to create applepush.csr
 64 |     * We're going to use the python code located in /vendor/.  If /vendor/ is currently empty, you probably forgot to init and update submodules
 65 | 
 66 |     git submodule init 
 67 |     git submodule update
 68 |     
 69 |     * Copy private.key, push.csr, and mdm.cer into /vendor/
 70 | 
 71 |     * Run the following command while in that directory:
 72 | 
 73 |     python mdm_vendorpython mdm_vendor_sign.py –key private.key –csr push.csr –mdm mdm.cer –out applepush.csr
 74 | 
 75 |     * This should generate applepush.csr.
 76 | 
 77 |  7. Get Push Certificate from Apple
 78 |     * Go to [Apple's Push Certificates Portal](https://identity.apple.com/pushcert/) and click the Create a Certificate button.
 79 |     * Upload applepush.csr to create a new entry in the table.
 80 |     * Download the resulting push certificate.
 81 |     * Open the push certificate in Keychain Access.
 82 | 
 83 |  8. Prepare Push Certificate
 84 |     * Find the push certificate in Keychain Access.  It should look like *APSP:hexstuffhere*.
 85 |     * Right-click the certificate and select *Get Info*.
 86 |     * Copy down the User ID which should look like com.apple.mgmt.External.hexstuffhere...  We will use it later on in step 9.
 87 |     * Right-click the certificate and select *Export...* and save it as mdm.p12
 88 |     * Run the following command to convert it to a pem file:
 89 | 
 90 |     openssl pkcs12 -in mdm.p12 -out PushCert.pem -nodes
 91 | 
 92 |     * Move the resulting PushCert.pem file to /server/
 93 | 
 94 |  9. Generate additional certs
 95 |     * Go to the scripts directory and run make_certs.sh.
 96 |     * This will generate a number of necessary certs to move forward.
 97 |     * Certs will be automatically moved to their proper location in /server.
 98 |     * We'll use identity.p12 in step 10 to create an Enroll.mobileconfig file
 99 | 
100 |  10. Create Enroll.mobileconfig
101 |     * Open the iPhone Configuration Utilities program, select *Configuration Profiles*, and then click the *New* button.
102 |     * In the General category: Pick a name to identify the cert.  For Identifier, use the com.apple.mgmt.External.hexstuffhere that you copied down earlier.
103 |     * In the Credentials category, click configure and find your scripts/identity.p12 file generated in step 9. For password, we either use the PEM password or the export password - if the profile does not install, try the other option.  Please leave feedback with which worked. 
104 |     * For Mobile Device Management:
105 |       * Server URL: https://YOUR_HOSTNAME_OR_IP:8080/server
106 |       * Check In URL: https://YOUR_HOSTNAME_OR_IP:8080/checkin
107 |       * Topic: com.apple.mgmt... string (same as General->Identifier)
108 |       * Identity: identity.p12
109 |       * Sign messages: Checked
110 |       * Check out when removed: Unchecked
111 |       * Query device for: Check all that you want
112 |       * Add / Remove: Check all that you want
113 |       * Security: Check all that you want
114 |       * Use Development APNS server: Uncheck
115 |     * When done, click Export.  Choose None for security and then Export....
116 |     * Save the file as **Enroll**.  You will now have an Enroll.mobileconfig file - move it to the /server directory.
117 | 
118 |  11. Cleanup
119 |     * Any additional files that are not in /server/ generated during this process are not necessary for running the server.  Some of them may have/be private keys or other unique information, so it is probably a good idea to protect or destroy those files.
120 |     * Most certs will be located in the /scripts/ folder.  There may be some generated from Keychain Access that were saved by the user and may be saved elsewhere.
121 |     * Please secure these files and prevent others from being able to access them.
122 | 
123 | NOTE: UPDATING CERTIFICATE INSTRUCTIONS - WORK IN PROGRESS
124 | 
125 | 
126 | # Server Setup
127 | 
128 | The server code is based on and heavily takes from [Intrepidus Group's blackhat presentation](https://intrepidusgroup.com/).  Copy over the **mdm-server/server** directory you put the enrollment profile and certificates in to your server.
129 | 
130 | You must have the following installed on the server:
131 |   * Openssl
132 |     * Recommend downloading and compiling yourself
133 |     * Some Debian-based distros disable features needed by M2Crypto
134 |     * Source available at [http://www.openssl.org/source/](http://www.openssl.org/source/)
135 |   * Python 2.7, with the following libraries
136 |      * [web.py](http://webpy.org/)
137 |      * [M2Crypto](https://pypi.python.org/pypi/M2Crypto)
138 |      * [PyOpenSSL](https://pypi.python.org/pypi/pyOpenSSL)
139 |      * [APNSWrapper](https://pypi.python.org/pypi/APNSWrapper)
140 |        * APNSWrapper appears to be inactive
141 |        * On 22 October 2014, [Apple removed support for SSLv3](https://developer.apple.com/news/?id=10222014a), which APNSWrapper uses, due to the poodle vulnerability
142 |        * As a temporary solution, users need to edit line 131 of connections.py of the source code of APNSWrapper
143 |        * Change "SSLv3" to "TLSv1", so that the line reads:
144 |        ```python
145 |          ssl_version = self.ssl_module.PROTOCOL_TLSv1,
146 |        ```
147 |        * After making the change, users should install the library using:
148 | 
149 |        ```bash
150 |          python setup.py install
151 |        ```
152 |        
153 |        * More information will follow as we find a better solution
154 | 
155 | Network Settings
156 |   * Outbound access to gateway.push.apple.com:2195
157 |   * Inbound access to port 8080
158 |   * iOS device must also have outbound access to gateway.push.apple.com:5223
159 | 
160 | If everything is setup appropriately, simply navigate to the **/server** directory and run <code>python server.py</code>.
161 | 
162 | On the device navigate to: **https://YOUR_HOST:8080/**
163 | Once there you need to, in order: 
164 |  1. Tap *here* to install the CA Cert (for Server/Identity)
165 |  2. Tap *here* to enroll in MDM (the device should appear after this step) 
166 |  3. Select Command (DeviceLock is a good one to test) and check your device.  Click Submit to send the command.
167 |  4. If everything works, the device should lock and you're good to go!  As of right now some of the commands aren't fully implemented.  Feel free to experiment with different commands!
168 | 
169 | ---
170 | ![Device Enrollment Steps](images/deviceEnroll.jpg)
171 | ---
172 | 
173 | You can now run those commands from any web browser, a successfull command will often looks something like the following:
174 | 
175 | ---
176 | ![Command Success](images/commandSuccess.png)
177 | ---
178 | 
179 | Click the "Response" button to see the plist response from apple.  Click the pencil to edit the device name, device owner, and device location.
180 | 
181 | 
182 | When stopping the server, the standard control-c doesn't usually work.  Instead use control-z to suspend the process and then use a kill command to end the process.
183 | 
184 |     ^z
185 |     [1]+  Stopped                 python server.py
186 |     user:~/mdm-server/server$ kill %1
187 |     [1]+  Terminated              python server.py
188 |     user:~/mdm-server/server$ 
189 | 
190 | The server uses the pickle library to save devices.  When the device class is updated, the pickle format may be invalidated, causing the server to error.  In order to fix this, remove the devicelist.pickle file (make a backup just in case!) and re-enroll all devices.
191 | 
192 | # Client Reporting
193 | 
194 | The MDM server also has REST endpoints for reporting issues and geolocation data from the enrolled clients.  This functionality may be used at a later point in time by a security app. The API can be imported into any project as follows:
195 | 
196 | * Click on the top level Project item and add files ("option-command-a")
197 | * Navigate to client-reporting/
198 | * Highlight the client-reporting subdirectory
199 | * Click the Add button
200 | 
201 | The library provides the following functions:
202 | 
203 |     +(void) setHostAddress: (NSString*) host; // Set where the MDM server lives
204 |     +(void) setPause : (BOOL) toggle; // Toggle whether to add a thread execution pause to allow requests to finish
205 |     +(void) reportJailbreak;  // Report that the device has been jailbroken
206 |     +(void) reportDebugger; // Report that the application has a debugger attached
207 |     +(void) reportLocation : (CLLocationCoordinate2D*) coords; // Report the lat/lon location of the device
208 |     
209 | "setHostAddress" and "setPause" are meant to be set once only, and effect all "report" calls.  An example usage may look like:
210 | 
211 |     // Code in application init
212 |     [client_reporting setHostAddress:@"192.168.0.0"];
213 |     [client_reporting setPause:YES];
214 |     
215 |     // Later code during execution
216 |     [client_reporting reportDebugger]
217 | 
218 | This client API can be coupled with the [iMAS security-check controls](git@github.com:project-imas/security-check.git) to provide accurate reporting of jailbreak and debugger detection.  
219 | 
220 | 
221 | Apologies for the long and complex setup, we hope to eventually make things easier and simpler.  Please post questions to github if you get stuck and we'll do our best to help.  Enjoy!
222 | 
223 | 
224 | 
225 | # LICENSE AND ATTRIBUTION
226 | 
227 | Copyright 2013-2014 The MITRE Corporation, All Rights Reserved.
228 | 
229 | Licensed under the Apache License, Version 2.0 (the "License"); you may not use this work except in compliance with the License. You may obtain a copy of the License at
230 | 
231 |     http://www.apache.org/licenses/LICENSE-2.0
232 | 
233 | Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
234 | 
235 | 
236 | This project also uses code from various sources under various licenses.
237 | 
238 | [The original code from the Intrepidus Group's python server is under the BSD License found here.](server/LICENSE)
239 | 
240 | [The python vendor signing code is located here and is under the MIT license.](https://github.com/grinich/mdmvendorsign)
241 | 
242 | [The Softhinker certificate signing code is under the Apache License found here.](vendor-signing/LICENSE)
243 | 
244 | [The website's Bootstrap code is under the MIT License found here.](server/static/dist/LICENSE)
245 | 
246 | The certificate setup instructions were based on [this blog post](http://www.blueboxmoon.com/wordpress/?p=877).  Our thanks to Daniel.
247 | 
248 | Finally we use some free [glyphicons](http://glyphicons.com/) that are included with bootstrap.
249 | 


--------------------------------------------------------------------------------
/server/static/dist/css/bootstrap-theme.css:
--------------------------------------------------------------------------------
  1 | /*!
  2 |  * Bootstrap v3.1.1 (http://getbootstrap.com)
  3 |  * Copyright 2011-2014 Twitter, Inc.
  4 |  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
  5 |  */
  6 | 
  7 | .btn-default,
  8 | .btn-primary,
  9 | .btn-success,
 10 | .btn-info,
 11 | .btn-warning,
 12 | .btn-danger {
 13 |   text-shadow: 0 -1px 0 rgba(0, 0, 0, .2);
 14 |   -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 1px rgba(0, 0, 0, .075);
 15 |           box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 1px rgba(0, 0, 0, .075);
 16 | }
 17 | .btn-default:active,
 18 | .btn-primary:active,
 19 | .btn-success:active,
 20 | .btn-info:active,
 21 | .btn-warning:active,
 22 | .btn-danger:active,
 23 | .btn-default.active,
 24 | .btn-primary.active,
 25 | .btn-success.active,
 26 | .btn-info.active,
 27 | .btn-warning.active,
 28 | .btn-danger.active {
 29 |   -webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, .125);
 30 |           box-shadow: inset 0 3px 5px rgba(0, 0, 0, .125);
 31 | }
 32 | .btn:active,
 33 | .btn.active {
 34 |   background-image: none;
 35 | }
 36 | .btn-default {
 37 |   text-shadow: 0 1px 0 #fff;
 38 |   background-image: -webkit-linear-gradient(top, #fff 0%, #e0e0e0 100%);
 39 |   background-image:         linear-gradient(to bottom, #fff 0%, #e0e0e0 100%);
 40 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe0e0e0', GradientType=0);
 41 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
 42 |   background-repeat: repeat-x;
 43 |   border-color: #dbdbdb;
 44 |   border-color: #ccc;
 45 | }
 46 | .btn-default:hover,
 47 | .btn-default:focus {
 48 |   background-color: #e0e0e0;
 49 |   background-position: 0 -15px;
 50 | }
 51 | .btn-default:active,
 52 | .btn-default.active {
 53 |   background-color: #e0e0e0;
 54 |   border-color: #dbdbdb;
 55 | }
 56 | .btn-primary {
 57 |   background-image: -webkit-linear-gradient(top, #428bca 0%, #2d6ca2 100%);
 58 |   background-image:         linear-gradient(to bottom, #428bca 0%, #2d6ca2 100%);
 59 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff2d6ca2', GradientType=0);
 60 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
 61 |   background-repeat: repeat-x;
 62 |   border-color: #2b669a;
 63 | }
 64 | .btn-primary:hover,
 65 | .btn-primary:focus {
 66 |   background-color: #2d6ca2;
 67 |   background-position: 0 -15px;
 68 | }
 69 | .btn-primary:active,
 70 | .btn-primary.active {
 71 |   background-color: #2d6ca2;
 72 |   border-color: #2b669a;
 73 | }
 74 | .btn-success {
 75 |   background-image: -webkit-linear-gradient(top, #5cb85c 0%, #419641 100%);
 76 |   background-image:         linear-gradient(to bottom, #5cb85c 0%, #419641 100%);
 77 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff419641', GradientType=0);
 78 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
 79 |   background-repeat: repeat-x;
 80 |   border-color: #3e8f3e;
 81 | }
 82 | .btn-success:hover,
 83 | .btn-success:focus {
 84 |   background-color: #419641;
 85 |   background-position: 0 -15px;
 86 | }
 87 | .btn-success:active,
 88 | .btn-success.active {
 89 |   background-color: #419641;
 90 |   border-color: #3e8f3e;
 91 | }
 92 | .btn-info {
 93 |   background-image: -webkit-linear-gradient(top, #5bc0de 0%, #2aabd2 100%);
 94 |   background-image:         linear-gradient(to bottom, #5bc0de 0%, #2aabd2 100%);
 95 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff2aabd2', GradientType=0);
 96 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
 97 |   background-repeat: repeat-x;
 98 |   border-color: #28a4c9;
 99 | }
100 | .btn-info:hover,
101 | .btn-info:focus {
102 |   background-color: #2aabd2;
103 |   background-position: 0 -15px;
104 | }
105 | .btn-info:active,
106 | .btn-info.active {
107 |   background-color: #2aabd2;
108 |   border-color: #28a4c9;
109 | }
110 | .btn-warning {
111 |   background-image: -webkit-linear-gradient(top, #f0ad4e 0%, #eb9316 100%);
112 |   background-image:         linear-gradient(to bottom, #f0ad4e 0%, #eb9316 100%);
113 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffeb9316', GradientType=0);
114 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
115 |   background-repeat: repeat-x;
116 |   border-color: #e38d13;
117 | }
118 | .btn-warning:hover,
119 | .btn-warning:focus {
120 |   background-color: #eb9316;
121 |   background-position: 0 -15px;
122 | }
123 | .btn-warning:active,
124 | .btn-warning.active {
125 |   background-color: #eb9316;
126 |   border-color: #e38d13;
127 | }
128 | .btn-danger {
129 |   background-image: -webkit-linear-gradient(top, #d9534f 0%, #c12e2a 100%);
130 |   background-image:         linear-gradient(to bottom, #d9534f 0%, #c12e2a 100%);
131 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc12e2a', GradientType=0);
132 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
133 |   background-repeat: repeat-x;
134 |   border-color: #b92c28;
135 | }
136 | .btn-danger:hover,
137 | .btn-danger:focus {
138 |   background-color: #c12e2a;
139 |   background-position: 0 -15px;
140 | }
141 | .btn-danger:active,
142 | .btn-danger.active {
143 |   background-color: #c12e2a;
144 |   border-color: #b92c28;
145 | }
146 | .thumbnail,
147 | .img-thumbnail {
148 |   -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, .075);
149 |           box-shadow: 0 1px 2px rgba(0, 0, 0, .075);
150 | }
151 | .dropdown-menu > li > a:hover,
152 | .dropdown-menu > li > a:focus {
153 |   background-color: #e8e8e8;
154 |   background-image: -webkit-linear-gradient(top, #f5f5f5 0%, #e8e8e8 100%);
155 |   background-image:         linear-gradient(to bottom, #f5f5f5 0%, #e8e8e8 100%);
156 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0);
157 |   background-repeat: repeat-x;
158 | }
159 | .dropdown-menu > .active > a,
160 | .dropdown-menu > .active > a:hover,
161 | .dropdown-menu > .active > a:focus {
162 |   background-color: #357ebd;
163 |   background-image: -webkit-linear-gradient(top, #428bca 0%, #357ebd 100%);
164 |   background-image:         linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
165 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
166 |   background-repeat: repeat-x;
167 | }
168 | .navbar-default {
169 |   background-image: -webkit-linear-gradient(top, #fff 0%, #f8f8f8 100%);
170 |   background-image:         linear-gradient(to bottom, #fff 0%, #f8f8f8 100%);
171 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#fff8f8f8', GradientType=0);
172 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
173 |   background-repeat: repeat-x;
174 |   border-radius: 4px;
175 |   -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 5px rgba(0, 0, 0, .075);
176 |           box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 5px rgba(0, 0, 0, .075);
177 | }
178 | .navbar-default .navbar-nav > .active > a {
179 |   background-image: -webkit-linear-gradient(top, #ebebeb 0%, #f3f3f3 100%);
180 |   background-image:         linear-gradient(to bottom, #ebebeb 0%, #f3f3f3 100%);
181 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff3f3f3', GradientType=0);
182 |   background-repeat: repeat-x;
183 |   -webkit-box-shadow: inset 0 3px 9px rgba(0, 0, 0, .075);
184 |           box-shadow: inset 0 3px 9px rgba(0, 0, 0, .075);
185 | }
186 | .navbar-brand,
187 | .navbar-nav > li > a {
188 |   text-shadow: 0 1px 0 rgba(255, 255, 255, .25);
189 | }
190 | .navbar-inverse {
191 |   background-image: -webkit-linear-gradient(top, #3c3c3c 0%, #222 100%);
192 |   background-image:         linear-gradient(to bottom, #3c3c3c 0%, #222 100%);
193 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff3c3c3c', endColorstr='#ff222222', GradientType=0);
194 |   filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
195 |   background-repeat: repeat-x;
196 | }
197 | .navbar-inverse .navbar-nav > .active > a {
198 |   background-image: -webkit-linear-gradient(top, #222 0%, #282828 100%);
199 |   background-image:         linear-gradient(to bottom, #222 0%, #282828 100%);
200 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff222222', endColorstr='#ff282828', GradientType=0);
201 |   background-repeat: repeat-x;
202 |   -webkit-box-shadow: inset 0 3px 9px rgba(0, 0, 0, .25);
203 |           box-shadow: inset 0 3px 9px rgba(0, 0, 0, .25);
204 | }
205 | .navbar-inverse .navbar-brand,
206 | .navbar-inverse .navbar-nav > li > a {
207 |   text-shadow: 0 -1px 0 rgba(0, 0, 0, .25);
208 | }
209 | .navbar-static-top,
210 | .navbar-fixed-top,
211 | .navbar-fixed-bottom {
212 |   border-radius: 0;
213 | }
214 | .alert {
215 |   text-shadow: 0 1px 0 rgba(255, 255, 255, .2);
216 |   -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, .25), 0 1px 2px rgba(0, 0, 0, .05);
217 |           box-shadow: inset 0 1px 0 rgba(255, 255, 255, .25), 0 1px 2px rgba(0, 0, 0, .05);
218 | }
219 | .alert-success {
220 |   background-image: -webkit-linear-gradient(top, #dff0d8 0%, #c8e5bc 100%);
221 |   background-image:         linear-gradient(to bottom, #dff0d8 0%, #c8e5bc 100%);
222 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffc8e5bc', GradientType=0);
223 |   background-repeat: repeat-x;
224 |   border-color: #b2dba1;
225 | }
226 | .alert-info {
227 |   background-image: -webkit-linear-gradient(top, #d9edf7 0%, #b9def0 100%);
228 |   background-image:         linear-gradient(to bottom, #d9edf7 0%, #b9def0 100%);
229 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffb9def0', GradientType=0);
230 |   background-repeat: repeat-x;
231 |   border-color: #9acfea;
232 | }
233 | .alert-warning {
234 |   background-image: -webkit-linear-gradient(top, #fcf8e3 0%, #f8efc0 100%);
235 |   background-image:         linear-gradient(to bottom, #fcf8e3 0%, #f8efc0 100%);
236 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fff8efc0', GradientType=0);
237 |   background-repeat: repeat-x;
238 |   border-color: #f5e79e;
239 | }
240 | .alert-danger {
241 |   background-image: -webkit-linear-gradient(top, #f2dede 0%, #e7c3c3 100%);
242 |   background-image:         linear-gradient(to bottom, #f2dede 0%, #e7c3c3 100%);
243 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffe7c3c3', GradientType=0);
244 |   background-repeat: repeat-x;
245 |   border-color: #dca7a7;
246 | }
247 | .progress {
248 |   background-image: -webkit-linear-gradient(top, #ebebeb 0%, #f5f5f5 100%);
249 |   background-image:         linear-gradient(to bottom, #ebebeb 0%, #f5f5f5 100%);
250 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff5f5f5', GradientType=0);
251 |   background-repeat: repeat-x;
252 | }
253 | .progress-bar {
254 |   background-image: -webkit-linear-gradient(top, #428bca 0%, #3071a9 100%);
255 |   background-image:         linear-gradient(to bottom, #428bca 0%, #3071a9 100%);
256 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0);
257 |   background-repeat: repeat-x;
258 | }
259 | .progress-bar-success {
260 |   background-image: -webkit-linear-gradient(top, #5cb85c 0%, #449d44 100%);
261 |   background-image:         linear-gradient(to bottom, #5cb85c 0%, #449d44 100%);
262 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0);
263 |   background-repeat: repeat-x;
264 | }
265 | .progress-bar-info {
266 |   background-image: -webkit-linear-gradient(top, #5bc0de 0%, #31b0d5 100%);
267 |   background-image:         linear-gradient(to bottom, #5bc0de 0%, #31b0d5 100%);
268 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0);
269 |   background-repeat: repeat-x;
270 | }
271 | .progress-bar-warning {
272 |   background-image: -webkit-linear-gradient(top, #f0ad4e 0%, #ec971f 100%);
273 |   background-image:         linear-gradient(to bottom, #f0ad4e 0%, #ec971f 100%);
274 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0);
275 |   background-repeat: repeat-x;
276 | }
277 | .progress-bar-danger {
278 |   background-image: -webkit-linear-gradient(top, #d9534f 0%, #c9302c 100%);
279 |   background-image:         linear-gradient(to bottom, #d9534f 0%, #c9302c 100%);
280 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0);
281 |   background-repeat: repeat-x;
282 | }
283 | .list-group {
284 |   border-radius: 4px;
285 |   -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, .075);
286 |           box-shadow: 0 1px 2px rgba(0, 0, 0, .075);
287 | }
288 | .list-group-item.active,
289 | .list-group-item.active:hover,
290 | .list-group-item.active:focus {
291 |   text-shadow: 0 -1px 0 #3071a9;
292 |   background-image: -webkit-linear-gradient(top, #428bca 0%, #3278b3 100%);
293 |   background-image:         linear-gradient(to bottom, #428bca 0%, #3278b3 100%);
294 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3278b3', GradientType=0);
295 |   background-repeat: repeat-x;
296 |   border-color: #3278b3;
297 | }
298 | .panel {
299 |   -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, .05);
300 |           box-shadow: 0 1px 2px rgba(0, 0, 0, .05);
301 | }
302 | .panel-default > .panel-heading {
303 |   background-image: -webkit-linear-gradient(top, #f5f5f5 0%, #e8e8e8 100%);
304 |   background-image:         linear-gradient(to bottom, #f5f5f5 0%, #e8e8e8 100%);
305 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0);
306 |   background-repeat: repeat-x;
307 | }
308 | .panel-primary > .panel-heading {
309 |   background-image: -webkit-linear-gradient(top, #428bca 0%, #357ebd 100%);
310 |   background-image:         linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
311 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
312 |   background-repeat: repeat-x;
313 | }
314 | .panel-success > .panel-heading {
315 |   background-image: -webkit-linear-gradient(top, #dff0d8 0%, #d0e9c6 100%);
316 |   background-image:         linear-gradient(to bottom, #dff0d8 0%, #d0e9c6 100%);
317 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffd0e9c6', GradientType=0);
318 |   background-repeat: repeat-x;
319 | }
320 | .panel-info > .panel-heading {
321 |   background-image: -webkit-linear-gradient(top, #d9edf7 0%, #c4e3f3 100%);
322 |   background-image:         linear-gradient(to bottom, #d9edf7 0%, #c4e3f3 100%);
323 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffc4e3f3', GradientType=0);
324 |   background-repeat: repeat-x;
325 | }
326 | .panel-warning > .panel-heading {
327 |   background-image: -webkit-linear-gradient(top, #fcf8e3 0%, #faf2cc 100%);
328 |   background-image:         linear-gradient(to bottom, #fcf8e3 0%, #faf2cc 100%);
329 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fffaf2cc', GradientType=0);
330 |   background-repeat: repeat-x;
331 | }
332 | .panel-danger > .panel-heading {
333 |   background-image: -webkit-linear-gradient(top, #f2dede 0%, #ebcccc 100%);
334 |   background-image:         linear-gradient(to bottom, #f2dede 0%, #ebcccc 100%);
335 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffebcccc', GradientType=0);
336 |   background-repeat: repeat-x;
337 | }
338 | .well {
339 |   background-image: -webkit-linear-gradient(top, #e8e8e8 0%, #f5f5f5 100%);
340 |   background-image:         linear-gradient(to bottom, #e8e8e8 0%, #f5f5f5 100%);
341 |   filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe8e8e8', endColorstr='#fff5f5f5', GradientType=0);
342 |   background-repeat: repeat-x;
343 |   border-color: #dcdcdc;
344 |   -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, .05), 0 1px 0 rgba(255, 255, 255, .1);
345 |           box-shadow: inset 0 1px 3px rgba(0, 0, 0, .05), 0 1px 0 rgba(255, 255, 255, .1);
346 | }
347 | /*# sourceMappingURL=bootstrap-theme.css.map */
348 | 


--------------------------------------------------------------------------------
/server/server.py:
--------------------------------------------------------------------------------
  1 | import web, os, json, uuid, sys
  2 | import cPickle as pickle
  3 | from device import device # Custom device class
  4 | from plistlib import *
  5 | from APNSWrapper import *
  6 | from problems import *
  7 | from datetime import datetime
  8 | # needed to handle verification of signed messages from devices
  9 | from M2Crypto import SMIME, X509, BIO
 10 | 
 11 | #
 12 | # Simple, basic, bare-bones example test server
 13 | # Implements Apple's Mobile Device Management (MDM) protocol
 14 | # Compatible with iOS 4.x devices
 15 | # 
 16 | #
 17 | # David Schuetz, Senior Consultant, Intrepidus Group
 18 | #
 19 | # Copyright 2011, Intrepidus Group
 20 | # http://intrepidusgroup.com
 21 | 
 22 | # Reuse permitted under terms of BSD License (see LICENSE file).
 23 | # No warranties, expressed or implied.
 24 | # This is experimental software, for research only. Use at your own risk.
 25 | 
 26 | #
 27 | # Revision History:
 28 | #  
 29 | # * August 2011    - initial release, Black Hat USA
 30 | # * January 2012   - minor tweaks, including favicon, useful README, and 
 31 | #                    scripts to create certs, log file, etc.
 32 | # * January 2012   - Added support for some iOS 5 functions. ShmooCon 8.
 33 | # * February 2012  - Can now verify signed messages from devices
 34 | #                  - Tweaks to CherryPy startup to avoid errors on console  
 35 | # * January 2014   - Support for multiple enrollments
 36 | #                  - Supports reporting problems
 37 | # * April 2014     - Support for new front end
 38 | #                  - Tweaks and bug fixes
 39 | # * May 2014       - New device class
 40 | #                  - Rework server to use device class
 41 | #                  - Fixes a number of problems with using multiple devices
 42 | #                  - Support for new device-based front end
 43 | 
 44 | 
 45 | # Global variable setup
 46 | LOGFILE = 'xactn.log'
 47 | 
 48 | # Dummy socket to get the hostname
 49 | s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
 50 | s.connect(('8.8.8.8', 0))
 51 | 
 52 | # NOTE: Will need to overwrite this if behind a firewall
 53 | MY_ADDR = s.getsockname()[0] + ":8080"
 54 | 
 55 | # Set up some smime objects to verify signed messages coming from devices
 56 | sm_obj = SMIME.SMIME()
 57 | x509 = X509.load_cert('identity.crt')
 58 | sk = X509.X509_Stack()
 59 | sk.push(x509)
 60 | sm_obj.set_x509_stack(sk)
 61 | 
 62 | st = X509.X509_Store()
 63 | st.load_info('CA.crt')
 64 | sm_obj.set_x509_store(st)
 65 |     
 66 | 
 67 | ###########################################################################
 68 | # Update this to match the UUID in the test provisioning profiles, in order 
 69 | #   to demonstrate removal of the profile
 70 | 
 71 | my_test_provisioning_uuid = 'REPLACE-ME-WITH-REAL-UUIDSTRING'
 72 | 
 73 | from web.wsgiserver import CherryPyWSGIServer
 74 | 
 75 | # Python 2.7 requires the PyOpenSSL library
 76 | # Python 3.x should use be able to use the default python SSL
 77 | try:
 78 |     from OpenSSL import SSL 
 79 |     from OpenSSL import crypto 
 80 | except ImportError: 
 81 |     SSL = None 
 82 | 
 83 | 
 84 | CherryPyWSGIServer.ssl_certificate = "Server.crt"
 85 | CherryPyWSGIServer.ssl_private_key = "Server.key"
 86 | 
 87 | ###########################################################################
 88 | 
 89 | device_list = dict()
 90 | 
 91 | global mdm_commands
 92 | 
 93 | urls = (
 94 |     '/', 'root',
 95 |     '/queue', 'queue_cmd_post',
 96 |     '/checkin', 'do_mdm',
 97 |     '/server', 'do_mdm',
 98 |     '/ServerURL', 'do_mdm',
 99 |     '/CheckInURL', 'do_mdm',
100 |     '/enroll', 'enroll_profile',
101 |     '/ca', 'mdm_ca',
102 |     '/favicon.ico', 'favicon',
103 |     '/manifest', 'app_manifest',
104 |     '/app', 'app_ipa',
105 |     '/problem', 'do_problem',
106 |     '/problemjb', 'do_problem',
107 |     '/poll', 'poll',
108 |     '/getcommands', 'get_commands',
109 |     '/devices', 'dev_tab',
110 |     '/response', 'get_response',
111 |     '/metadata', 'metadata',
112 | )
113 | 
114 | 
115 | 
116 | def setup_commands():
117 |     # Function to generate dictionary of valid commands
118 |     global my_test_provisioning_uuid
119 | 
120 |     ret_list = dict()
121 | 
122 |     for cmd in ['DeviceLock', 'ProfileList', 'Restrictions',
123 |     'CertificateList', 'InstalledApplicationList', 
124 |     'ProvisioningProfileList', 
125 |     # new for iOS 5:
126 |     'ManagedApplicationList',]:
127 |         ret_list[cmd] = dict( Command = dict( RequestType = cmd ))
128 | 
129 |     ret_list['SecurityInfo'] = dict(
130 |         Command = dict(
131 |             RequestType = 'SecurityInfo',
132 |             Queries = [
133 |                 'HardwareEncryptionCaps', 'PasscodePresent', 
134 |                 'PasscodeCompliant', 'PasscodeCompliantWithProfiles',
135 |             ]
136 |         )
137 |     )
138 | 
139 |     ret_list['DeviceInformation'] = dict(
140 |         Command = dict(
141 |             RequestType = 'DeviceInformation',
142 |             Queries = [
143 |                 'AvailableDeviceCapacity', 'BluetoothMAC', 'BuildVersion', 
144 |                 'CarrierSettingsVersion', 'CurrentCarrierNetwork', 
145 |                 'CurrentMCC', 'CurrentMNC', 'DataRoamingEnabled', 
146 |                 'DeviceCapacity', 'DeviceName', 'ICCID', 'IMEI', 'IsRoaming', 
147 |                 'Model', 'ModelName', 'ModemFirmwareVersion', 'OSVersion', 
148 |                 'PhoneNumber', 'Product', 'ProductName', 'SIMCarrierNetwork', 
149 |                 'SIMMCC', 'SIMMNC', 'SerialNumber', 'UDID', 'WiFiMAC', 'UDID',
150 |                 'UnlockToken', 'MEID', 'CellularTechnology', 'BatteryLevel', 
151 |                 'SubscriberCarrierNetwork', 'VoiceRoamingEnabled', 
152 |                 'SubscriberMCC', 'SubscriberMNC', 'DataRoaming', 'VoiceRoaming',
153 |                 'JailbreakDetected'
154 |             ]
155 |         )
156 |     )
157 | 
158 |     ret_list['ClearPasscode'] = dict(
159 |         Command = dict(
160 |             RequestType = 'ClearPasscode',
161 |             # When ClearPasscode is used, the device specific unlock token needs to be added
162 |             # UnlockToken = Data(my_UnlockToken)
163 |         )
164 |     )
165 | 
166 | # commented out, and command string changed, to avoid accidentally
167 | # erasing test devices.
168 | #
169 | #    ret_list['EraseDevice'] = dict(
170 | #        Command = dict(
171 | #            RequestType = 'DONT_EraseDevice',
172 | #        )
173 | #    )
174 | #
175 |     if 'Example.mobileconfig' in os.listdir('.'):
176 |         my_test_cfg_profile = open('Example.mobileconfig', 'rb').read()
177 |         pl = readPlistFromString(my_test_cfg_profile)
178 | 
179 |         ret_list['InstallProfile'] = dict(
180 |             Command = dict(
181 |                 RequestType = 'InstallProfile', 
182 |                 Payload = Data(my_test_cfg_profile)
183 |             )
184 |         )
185 | 
186 |         ret_list['RemoveProfile'] = dict(
187 |             Command = dict(
188 |                 RequestType = 'RemoveProfile',
189 |                 Identifier = pl['PayloadIdentifier']
190 |             )
191 |         )
192 | 
193 |     else:
194 |         print "Can't find Example.mobileconfig in current directory."
195 | 
196 | 
197 |     if 'MyApp.mobileprovision' in os.listdir('.'):
198 |         my_test_prov_profile = open('MyApp.mobileprovision', 'rb').read()
199 | 
200 |         ret_list['InstallProvisioningProfile'] = dict(
201 |             Command = dict(
202 |                 RequestType = 'InstallProvisioningProfile', 
203 |                 ProvisioningProfile = Data(my_test_prov_profile)
204 |             )
205 |         )
206 | 
207 |         ret_list['RemoveProvisioningProfile'] = dict(
208 |             Command = dict(
209 |                 RequestType = 'RemoveProvisioningProfile',
210 |                 # need an ASN.1 parser to snarf the UUID out of the signed profile
211 |                 UUID = my_test_provisioning_uuid
212 |             )
213 |         )
214 | 
215 |     else:
216 |         print "Can't find MyApp.mobileprovision in current directory."
217 | 
218 | #
219 | # iOS 5:
220 | #
221 |     ret_list['InstallApplication'] = dict(
222 |     Command = dict(
223 |         RequestType = 'InstallApplication',
224 |         ManagementFlags = 4,  # do not delete app when unenrolling from MDM
225 |         iTunesStoreID=471966214,  # iTunes Movie Trailers
226 |     ))
227 | 
228 |     if ('MyApp.ipa' in os.listdir('.')) and ('Manifest.plist' in os.listdir('.')):
229 |         ret_list['InstallCustomApp'] = dict(
230 |         Command = dict(
231 |             RequestType = 'InstallApplication',
232 |             ManifestURL = 'https://%s/manifest' % MY_ADDR,
233 |             ManagementFlags = 1,  # delete app when unenrolling from MDM
234 |         ))
235 |         print ret_list['InstallCustomApp']
236 |     else:
237 |         print "Need both MyApp.ipa and Manifest.plist to enable InstallCustomApp."
238 | 
239 | 
240 |     ret_list['RemoveApplication'] = dict(
241 |     Command = dict(
242 |         RequestType = 'RemoveApplication',
243 |         Identifier = 'com.apple.movietrailers',
244 |     ))
245 | 
246 |     ret_list['RemoveCustomApplication'] = dict(
247 |     Command = dict(
248 |         RequestType = 'RemoveApplication',
249 |         Identifier = 'mitre.managedTest',
250 |     ))
251 | 
252 | #
253 | # on an ipad, you'll likely get errors for the "VoiceRoaming" part.
254 | # Since, you know...it's not a phone.
255 | #
256 |     ret_list['Settings'] = dict(
257 |     Command = dict(
258 |         RequestType = 'Settings',
259 |         Settings = [
260 |             dict(
261 |                 Item = 'DataRoaming',
262 |                 Enabled = False,
263 |             ),
264 |             dict(
265 |                 Item = 'VoiceRoaming',
266 |                 Enabled = True,
267 |             ),
268 |         ]
269 |         ))
270 | 
271 | #
272 | # haven't figured out how to make this one work yet. :(
273 | #
274 | #    ret_list['ApplyRedemptionCode'] = dict(
275 | #    Command = dict(
276 | #        RequestType = 'ApplyRedemptionCode',
277 | ## do I maybe need to add an iTunesStoreID in here?
278 | #        RedemptionCode = '3WABCDEFGXXX',
279 | #        iTunesStoreID=471966214,  # iTunes Movie Trailers
280 | #        ManagementFlags = 1,
281 | #    ))
282 | 
283 | 
284 | 
285 |     return ret_list
286 | 
287 | class root:
288 |     def GET(self):
289 |         return web.redirect("/static/index.html")
290 | 
291 | def queue(cmd, dev_UDID):
292 |     # Function to add a command to a device queue
293 |     global device_list, mdm_commands
294 | 
295 |     mylocal_PushMagic, mylocal_DeviceToken = device_list[dev_UDID].getQueueInfo()
296 | 
297 |     cmd_data = mdm_commands[cmd]
298 |     cmd_data['CommandUUID'] = str(uuid.uuid4())
299 | 
300 |     # Have to search through device_list using pushmagic or devtoken to get UDID
301 |     for key in device_list:
302 |         if device_list[key].UDID == dev_UDID:
303 |             device_list[key].addCommand(cmd_data)
304 |             print "*Adding CMD:", cmd_data['CommandUUID'], "to device:", key
305 |             break
306 | 
307 |     store_devices()
308 | 
309 | 
310 |     # Send request to Apple
311 |     wrapper = APNSNotificationWrapper('PushCert.pem', False)
312 |     message = APNSNotification()
313 |     message.token(mylocal_DeviceToken)
314 |     message.appendProperty(APNSProperty('mdm', mylocal_PushMagic))
315 |     wrapper.append(message)
316 |     wrapper.notify()
317 | 
318 |     
319 | 
320 | class queue_cmd_post:
321 |     def POST(self):
322 |         global device_list
323 |         
324 |         i = json.loads(web.data())
325 |         cmd = i.pop("cmd", [])
326 |         dev = i.pop("dev[]", [])
327 | 
328 |         for UDID in dev:
329 |             queue(cmd, UDID)
330 | 
331 |         # Update page - currently not using update()
332 |         #return update()
333 |         return
334 | 
335 | class do_mdm:        
336 |     def PUT(self):
337 |         global sm_obj, device_list
338 |         HIGH=''
339 |         LOW=''
340 |         NORMAL=''
341 | 
342 |         i = web.data()
343 |         pl = readPlistFromString(i)
344 | 
345 |         if 'HTTP_MDM_SIGNATURE' in web.ctx.environ:
346 |             raw_sig = web.ctx.environ['HTTP_MDM_SIGNATURE']
347 |             cooked_sig = '\n'.join(raw_sig[pos:pos+76] for pos in xrange(0, len(raw_sig), 76))
348 | 
349 |             signature = '\n-----BEGIN PKCS7-----\n%s\n-----END PKCS7-----\n' % cooked_sig
350 | 
351 |             # Verify client signature - necessary?
352 |             buf = BIO.MemoryBuffer(signature)
353 |             p7 = SMIME.load_pkcs7_bio(buf)
354 |             data_bio = BIO.MemoryBuffer(i)
355 |             try:
356 |                 v = sm_obj.verify(p7, data_bio)
357 |                 if v:
358 |                     print "Client signature verified."
359 |             except:
360 |                 print "*** INVALID CLIENT MESSAGE SIGNATURE ***"
361 | 
362 |         print "%sReceived %4d bytes: %s" % (HIGH, len(web.data()), NORMAL),
363 | 
364 |         if pl.get('Status') == 'Idle':
365 |             print HIGH + "Idle Status" + NORMAL
366 |             
367 |             print "*FETCHING CMD TO BE SENT FROM DEVICE:", pl['UDID']
368 |             rd = device_list[pl['UDID']].sendCommand()
369 | 
370 |             # If no commands in queue, return empty string to avoid infinite idle loop
371 |             if(not rd):
372 |                 return ''
373 | 
374 |             print "%sSent: %s%s" % (HIGH, rd['Command']['RequestType'], NORMAL)
375 | 
376 |         elif pl.get('MessageType') == 'TokenUpdate':
377 |             print HIGH+"Token Update"+NORMAL
378 |             rd = do_TokenUpdate(pl)
379 |             print HIGH+"Device Enrolled!"+NORMAL
380 | 
381 |         elif pl.get('Status') == 'Acknowledged':
382 |             print HIGH+"Acknowledged"+NORMAL
383 |             rd = dict()
384 |             # A command has returned a response
385 |             # Add the response to the given device
386 |             print "*CALLING ADD RESPONSE TO CMD:", pl['CommandUUID']
387 |             device_list[pl['UDID']].addResponse(pl['CommandUUID'], pl)
388 | 
389 |             # If we grab device information, we should also update the device info
390 |             if pl.get('QueryResponses'):
391 |                 print "DeviceInformation should update here..."
392 |                 p = pl['QueryResponses']
393 |                 device_list[pl['UDID']].updateInfo(p['DeviceName'], p['ModelName'], p['OSVersion'])
394 | 
395 |             # Update pickle file with new response
396 |             store_devices()
397 |         else:
398 |             rd = dict()
399 |             if pl.get('MessageType') == 'Authenticate':
400 |                 print HIGH+"Authenticate"+NORMAL
401 |             elif pl.get('MessageType') == 'CheckOut':
402 |                 print HIGH+"Device leaving MDM"+ NORMAL
403 |             elif pl.get('Status') == 'Error':
404 |                 print "*CALLING ADD RESPONSE WITH ERROR TO CMD:", pl['CommandUUID']
405 |                 device_list[pl['UDID']].addResponse(pl['CommandUUID'], pl)
406 |             else:
407 |                 print HIGH+"(other)"+NORMAL
408 |                 print HIGH, pl, NORMAL
409 |         log_data(pl)
410 |         log_data(rd)
411 | 
412 |         out = writePlistToString(rd)
413 |         #print LOW, out, NORMAL
414 | 
415 |         return out
416 | 
417 | class get_commands:
418 |     def POST(self):
419 |         # Function to return static list of commands to the front page
420 |         # Should be called once by document.ready
421 |         global mdm_commands
422 | 
423 |         drop_list = []
424 |         for key in sorted(mdm_commands.iterkeys()):
425 |             drop_list.append([key, key])    
426 |         return json.dumps(drop_list)
427 | 
428 | def update():
429 | 
430 |     # DEPRICATED
431 |     # Current polling endpoint is /devices
432 |     # May be updated later on for intelligent updating of devices
433 | 
434 |     # Function to update devices on the frontend
435 |     # Is called on page load and polling
436 | 
437 |     global problems, device_list
438 |     
439 |     # Create list of devices
440 |     dev_list_out = []
441 |     for UDID in device_list:
442 |         dev_list_out.append([device_list[UDID].IP, device_list[UDID].pushMagic])
443 |     
444 |     # Format output as a dict and then return as JSON
445 |     out = dict()
446 |     out['dev_list'] = dev_list_out
447 |     out['problems'] = '<br>'.join(problems)
448 | 
449 |     return json.dumps(out)
450 | 
451 | 
452 | class poll:
453 |     def POST(self):
454 | 
455 |     # DEPRICATED
456 |     # Current polling endpoint is /devices
457 |     # May be updated later on for intelligent updating of devices
458 | 
459 | 
460 |         # Polling function to update page with new data
461 |         return update()
462 | 
463 | class get_response:
464 |     def POST(self):
465 |         # Endpoint to return a reponse given a UDID and command UUID
466 |         global device_list
467 |         
468 |         i = json.loads(web.data())
469 |         try:
470 |             return device_list[i['UDID']].getResponse(i['UUID'])
471 |         except:
472 |             print "ERROR: Unable to lookup response by command UUID"
473 |             return "ERROR: Unable to retrieve response"
474 | 
475 | 
476 | class dev_tab:
477 |     def POST(self):
478 |         # Endpoint to return list of devices with a list of device info
479 |         global device_list
480 |         devices = []
481 | 
482 |         for key in device_list:
483 |             device_list[key].checkTimeout()
484 |             devices.append(device_list[key].populate())
485 | 
486 |         # A device-sorting functionality could happen here
487 | 
488 |         out = {}
489 |         out['devices'] = devices
490 | 
491 |         # return JSON
492 |         return json.dumps(out)
493 | 
494 | class metadata:
495 |     def POST(self):
496 |         # Endpoint to update device metadata
497 |         global device_list
498 | 
499 |         i = json.loads(web.data())
500 | 
501 |         device_list[i['UDID']].updateMetadata(i['name'], i['owner'], i['location'])
502 | 
503 |         store_devices()
504 | 
505 |         return
506 | 
507 | def store_devices():
508 |     # Function to convert the device list and write to a file
509 |     global device_list
510 | 
511 |     print "STORING DEVICES..."
512 |     
513 |     # Use pickle to store list of devices
514 |     pickle.dump(device_list, file('devicelist.pickle', 'w'))
515 | 
516 | def read_devices():
517 |     # Function to open and read the device list
518 |     # Is called when the server loads
519 |     global device_list
520 | 
521 |     try:
522 |         device_list = pickle.load(file('devicelist.pickle'))
523 |         print "LOADED PICKLE"
524 |     except:
525 |         print "NO DATA IN PICKLE FILE or PICKLE FILE DOES NOT EXIST"
526 |         # Creating new pickle file if need be
527 |         open('devicelist.pickle', 'a').close()
528 | 
529 | 
530 | def do_TokenUpdate(pl):
531 |     global mdm_commands
532 | 
533 |     my_PushMagic = pl['PushMagic']
534 |     my_DeviceToken = pl['Token'].data
535 |     my_UnlockToken = pl['UnlockToken'].data
536 | 
537 |     newTuple = (web.ctx.ip, my_PushMagic, my_DeviceToken, my_UnlockToken)
538 | 
539 |     print "NEW DEVICE UDID:", pl.get('UDID')
540 |     # A new device has enrolled, add a new device
541 |     if pl.get('UDID') not in device_list:
542 |         # Device does not already exist, create new instance of device
543 |         device_list[pl.get('UDID')] = device(pl['UDID'], newTuple)
544 |         print "ADDING DEVICE TO DEVICE_LIST"
545 |     else:
546 |         # Device exists, update information - token stays the same
547 |         device_list[pl['UDID']].reenroll(web.ctx.ip, my_PushMagic, my_UnlockToken)
548 |         print "DEVICE ALREADY EXISTS, UPDATE INFORMATION"
549 | 
550 | 
551 |     # Queue a DeviceInformation command to populate fields in device_list
552 |     # Is this command causing an off-by-one error with commands?
553 |     queue('DeviceInformation', pl['UDID'])
554 | 
555 |     # Store devices in a file for persistence
556 |     store_devices()
557 | 
558 |     # Return empty dictionary for use in do_mdm 
559 |     return dict()
560 | 
561 | 
562 | class enroll_profile:
563 |     def GET(self):
564 |         # Enroll an iPad/iPhone/iPod when requested
565 |         if 'Enroll.mobileconfig' in os.listdir('.'):
566 |             web.header('Content-Type', 'application/x-apple-aspen-config;charset=utf-8')
567 |             web.header('Content-Disposition', 'attachment;filename="Enroll.mobileconfig"')
568 |             return open('Enroll.mobileconfig', "rb").read()
569 |         else:
570 |             raise web.notfound()
571 | 
572 | class do_problem:
573 |     # DEBUG
574 |     # DEPRICATED?
575 |     # TODO: Problems may need to be reworked a bit
576 |     #       Stop storing in a .py file
577 |     #       What is the purpose of problems? Whats the end goal?
578 |     def GET(self):
579 |         global problems
580 |         problem_detect = ' ('
581 |         problem_detect += datetime.now().strftime("%Y-%m-%d %H:%M:%S")
582 |         if web.ctx.path == "/problem":
583 |             problem_detect += ') Debugger attached to '
584 |         elif web.ctx.path == "/problemjb":
585 |             problem_detect += ') Jailbreak detected for ' 
586 |         problem_detect += web.ctx.ip
587 | 
588 |         problems.insert(0, problem_detect)
589 |         out = "\nproblems = %s" % problems
590 |         fd = open('problems.py', 'w')
591 |         fd.write(out)
592 |         fd.close()
593 | 
594 | class mdm_ca:
595 |     def GET(self):
596 | 
597 |         if 'CA.crt' in os.listdir('.'):
598 |             web.header('Content-Type', 'application/octet-stream;charset=utf-8')
599 |             web.header('Content-Disposition', 'attachment;filename="CA.crt"')
600 |             return open('CA.crt', "rb").read()
601 |         else:
602 |             raise web.notfound()
603 | 
604 | 
605 | class favicon:
606 |     def GET(self):
607 |         if 'favicon.ico' in os.listdir('.'):
608 |             web.header('Content-Type', 'image/x-icon;charset=utf-8')
609 |             return open('favicon.ico', "rb").read()
610 |         elif 'favicon.ico' in os.listdir('./static/'):
611 |             web.header('Content-Type', 'image/x-icon;charset=utf-8')
612 |             return open('/static/favicon.ico', "rb").read()
613 |         else:
614 |             raise web.ok
615 | 
616 | 
617 | class app_manifest:
618 |     def GET(self):
619 | 
620 |         if 'Manifest.plist' in os.listdir('.'):
621 |             web.header('Content-Type', 'text/xml;charset=utf-8')
622 |             return open('Manifest.plist', "rb").read()
623 |         else:
624 |             raise web.notfound()
625 | 
626 | 
627 | class app_ipa:
628 |     def GET(self):
629 | 
630 |         if 'MyApp.ipa' in os.listdir('.'):
631 |             web.header('Content-Type', 'application/octet-stream;charset=utf-8')
632 |             web.header('Content-Disposition', 'attachment;filename="MyApp.ipa"')
633 |             return open('MyApp.ipa', "rb").read()
634 |         else:
635 |             return web.ok
636 | 
637 | 
638 | def log_data(out):
639 |     fd = open(LOGFILE, "a")
640 |     fd.write(datetime.now().ctime())
641 |     fd.write(" %s\n" % repr(out))
642 |     fd.close()
643 | 
644 | 
645 | if __name__ == "__main__":
646 |     print "Starting Server" 
647 |     app = web.application(urls, globals())
648 |     app.internalerror = web.debugerror
649 | 
650 |     try:
651 |         app.run()
652 |     except:
653 |         sys.exit(0)
654 | else:
655 |     # app.run() seems to use server.py as a module
656 |     # Placing these in main causes them not to run
657 |     # Placing these above main causes them to run twice
658 |     mdm_commands = setup_commands()
659 |     read_devices()
660 | 
661 | 


--------------------------------------------------------------------------------
/server/static/dist/js/bootstrap.min.js:
--------------------------------------------------------------------------------
1 | /*!
2 |  * Bootstrap v3.1.1 (http://getbootstrap.com)
3 |  * Copyright 2011-2014 Twitter, Inc.
4 |  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
5 |  */
6 | if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one(a.support.transition.end,function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b()})}(jQuery),+function(a){"use strict";var b='[data-dismiss="alert"]',c=function(c){a(c).on("click",b,this.close)};c.prototype.close=function(b){function c(){f.trigger("closed.bs.alert").remove()}var d=a(this),e=d.attr("data-target");e||(e=d.attr("href"),e=e&&e.replace(/.*(?=#[^\s]*$)/,""));var f=a(e);b&&b.preventDefault(),f.length||(f=d.hasClass("alert")?d:d.parent()),f.trigger(b=a.Event("close.bs.alert")),b.isDefaultPrevented()||(f.removeClass("in"),a.support.transition&&f.hasClass("fade")?f.one(a.support.transition.end,c).emulateTransitionEnd(150):c())};var d=a.fn.alert;a.fn.alert=function(b){return this.each(function(){var d=a(this),e=d.data("bs.alert");e||d.data("bs.alert",e=new c(this)),"string"==typeof b&&e[b].call(d)})},a.fn.alert.Constructor=c,a.fn.alert.noConflict=function(){return a.fn.alert=d,this},a(document).on("click.bs.alert.data-api",b,c.prototype.close)}(jQuery),+function(a){"use strict";var b=function(c,d){this.$element=a(c),this.options=a.extend({},b.DEFAULTS,d),this.isLoading=!1};b.DEFAULTS={loadingText:"loading..."},b.prototype.setState=function(b){var c="disabled",d=this.$element,e=d.is("input")?"val":"html",f=d.data();b+="Text",f.resetText||d.data("resetText",d[e]()),d[e](f[b]||this.options[b]),setTimeout(a.proxy(function(){"loadingText"==b?(this.isLoading=!0,d.addClass(c).attr(c,c)):this.isLoading&&(this.isLoading=!1,d.removeClass(c).removeAttr(c))},this),0)},b.prototype.toggle=function(){var a=!0,b=this.$element.closest('[data-toggle="buttons"]');if(b.length){var c=this.$element.find("input");"radio"==c.prop("type")&&(c.prop("checked")&&this.$element.hasClass("active")?a=!1:b.find(".active").removeClass("active")),a&&c.prop("checked",!this.$element.hasClass("active")).trigger("change")}a&&this.$element.toggleClass("active")};var c=a.fn.button;a.fn.button=function(c){return this.each(function(){var d=a(this),e=d.data("bs.button"),f="object"==typeof c&&c;e||d.data("bs.button",e=new b(this,f)),"toggle"==c?e.toggle():c&&e.setState(c)})},a.fn.button.Constructor=b,a.fn.button.noConflict=function(){return a.fn.button=c,this},a(document).on("click.bs.button.data-api","[data-toggle^=button]",function(b){var c=a(b.target);c.hasClass("btn")||(c=c.closest(".btn")),c.button("toggle"),b.preventDefault()})}(jQuery),+function(a){"use strict";var b=function(b,c){this.$element=a(b),this.$indicators=this.$element.find(".carousel-indicators"),this.options=c,this.paused=this.sliding=this.interval=this.$active=this.$items=null,"hover"==this.options.pause&&this.$element.on("mouseenter",a.proxy(this.pause,this)).on("mouseleave",a.proxy(this.cycle,this))};b.DEFAULTS={interval:5e3,pause:"hover",wrap:!0},b.prototype.cycle=function(b){return b||(this.paused=!1),this.interval&&clearInterval(this.interval),this.options.interval&&!this.paused&&(this.interval=setInterval(a.proxy(this.next,this),this.options.interval)),this},b.prototype.getActiveIndex=function(){return this.$active=this.$element.find(".item.active"),this.$items=this.$active.parent().children(),this.$items.index(this.$active)},b.prototype.to=function(b){var c=this,d=this.getActiveIndex();return b>this.$items.length-1||0>b?void 0:this.sliding?this.$element.one("slid.bs.carousel",function(){c.to(b)}):d==b?this.pause().cycle():this.slide(b>d?"next":"prev",a(this.$items[b]))},b.prototype.pause=function(b){return b||(this.paused=!0),this.$element.find(".next, .prev").length&&a.support.transition&&(this.$element.trigger(a.support.transition.end),this.cycle(!0)),this.interval=clearInterval(this.interval),this},b.prototype.next=function(){return this.sliding?void 0:this.slide("next")},b.prototype.prev=function(){return this.sliding?void 0:this.slide("prev")},b.prototype.slide=function(b,c){var d=this.$element.find(".item.active"),e=c||d[b](),f=this.interval,g="next"==b?"left":"right",h="next"==b?"first":"last",i=this;if(!e.length){if(!this.options.wrap)return;e=this.$element.find(".item")[h]()}if(e.hasClass("active"))return this.sliding=!1;var j=a.Event("slide.bs.carousel",{relatedTarget:e[0],direction:g});return this.$element.trigger(j),j.isDefaultPrevented()?void 0:(this.sliding=!0,f&&this.pause(),this.$indicators.length&&(this.$indicators.find(".active").removeClass("active"),this.$element.one("slid.bs.carousel",function(){var b=a(i.$indicators.children()[i.getActiveIndex()]);b&&b.addClass("active")})),a.support.transition&&this.$element.hasClass("slide")?(e.addClass(b),e[0].offsetWidth,d.addClass(g),e.addClass(g),d.one(a.support.transition.end,function(){e.removeClass([b,g].join(" ")).addClass("active"),d.removeClass(["active",g].join(" ")),i.sliding=!1,setTimeout(function(){i.$element.trigger("slid.bs.carousel")},0)}).emulateTransitionEnd(1e3*d.css("transition-duration").slice(0,-1))):(d.removeClass("active"),e.addClass("active"),this.sliding=!1,this.$element.trigger("slid.bs.carousel")),f&&this.cycle(),this)};var c=a.fn.carousel;a.fn.carousel=function(c){return this.each(function(){var d=a(this),e=d.data("bs.carousel"),f=a.extend({},b.DEFAULTS,d.data(),"object"==typeof c&&c),g="string"==typeof c?c:f.slide;e||d.data("bs.carousel",e=new b(this,f)),"number"==typeof c?e.to(c):g?e[g]():f.interval&&e.pause().cycle()})},a.fn.carousel.Constructor=b,a.fn.carousel.noConflict=function(){return a.fn.carousel=c,this},a(document).on("click.bs.carousel.data-api","[data-slide], [data-slide-to]",function(b){var c,d=a(this),e=a(d.attr("data-target")||(c=d.attr("href"))&&c.replace(/.*(?=#[^\s]+$)/,"")),f=a.extend({},e.data(),d.data()),g=d.attr("data-slide-to");g&&(f.interval=!1),e.carousel(f),(g=d.attr("data-slide-to"))&&e.data("bs.carousel").to(g),b.preventDefault()}),a(window).on("load",function(){a('[data-ride="carousel"]').each(function(){var b=a(this);b.carousel(b.data())})})}(jQuery),+function(a){"use strict";var b=function(c,d){this.$element=a(c),this.options=a.extend({},b.DEFAULTS,d),this.transitioning=null,this.options.parent&&(this.$parent=a(this.options.parent)),this.options.toggle&&this.toggle()};b.DEFAULTS={toggle:!0},b.prototype.dimension=function(){var a=this.$element.hasClass("width");return a?"width":"height"},b.prototype.show=function(){if(!this.transitioning&&!this.$element.hasClass("in")){var b=a.Event("show.bs.collapse");if(this.$element.trigger(b),!b.isDefaultPrevented()){var c=this.$parent&&this.$parent.find("> .panel > .in");if(c&&c.length){var d=c.data("bs.collapse");if(d&&d.transitioning)return;c.collapse("hide"),d||c.data("bs.collapse",null)}var e=this.dimension();this.$element.removeClass("collapse").addClass("collapsing")[e](0),this.transitioning=1;var f=function(){this.$element.removeClass("collapsing").addClass("collapse in")[e]("auto"),this.transitioning=0,this.$element.trigger("shown.bs.collapse")};if(!a.support.transition)return f.call(this);var g=a.camelCase(["scroll",e].join("-"));this.$element.one(a.support.transition.end,a.proxy(f,this)).emulateTransitionEnd(350)[e](this.$element[0][g])}}},b.prototype.hide=function(){if(!this.transitioning&&this.$element.hasClass("in")){var b=a.Event("hide.bs.collapse");if(this.$element.trigger(b),!b.isDefaultPrevented()){var c=this.dimension();this.$element[c](this.$element[c]())[0].offsetHeight,this.$element.addClass("collapsing").removeClass("collapse").removeClass("in"),this.transitioning=1;var d=function(){this.transitioning=0,this.$element.trigger("hidden.bs.collapse").removeClass("collapsing").addClass("collapse")};return a.support.transition?void this.$element[c](0).one(a.support.transition.end,a.proxy(d,this)).emulateTransitionEnd(350):d.call(this)}}},b.prototype.toggle=function(){this[this.$element.hasClass("in")?"hide":"show"]()};var c=a.fn.collapse;a.fn.collapse=function(c){return this.each(function(){var d=a(this),e=d.data("bs.collapse"),f=a.extend({},b.DEFAULTS,d.data(),"object"==typeof c&&c);!e&&f.toggle&&"show"==c&&(c=!c),e||d.data("bs.collapse",e=new b(this,f)),"string"==typeof c&&e[c]()})},a.fn.collapse.Constructor=b,a.fn.collapse.noConflict=function(){return a.fn.collapse=c,this},a(document).on("click.bs.collapse.data-api","[data-toggle=collapse]",function(b){var c,d=a(this),e=d.attr("data-target")||b.preventDefault()||(c=d.attr("href"))&&c.replace(/.*(?=#[^\s]+$)/,""),f=a(e),g=f.data("bs.collapse"),h=g?"toggle":d.data(),i=d.attr("data-parent"),j=i&&a(i);g&&g.transitioning||(j&&j.find('[data-toggle=collapse][data-parent="'+i+'"]').not(d).addClass("collapsed"),d[f.hasClass("in")?"addClass":"removeClass"]("collapsed")),f.collapse(h)})}(jQuery),+function(a){"use strict";function b(b){a(d).remove(),a(e).each(function(){var d=c(a(this)),e={relatedTarget:this};d.hasClass("open")&&(d.trigger(b=a.Event("hide.bs.dropdown",e)),b.isDefaultPrevented()||d.removeClass("open").trigger("hidden.bs.dropdown",e))})}function c(b){var c=b.attr("data-target");c||(c=b.attr("href"),c=c&&/#[A-Za-z]/.test(c)&&c.replace(/.*(?=#[^\s]*$)/,""));var d=c&&a(c);return d&&d.length?d:b.parent()}var d=".dropdown-backdrop",e="[data-toggle=dropdown]",f=function(b){a(b).on("click.bs.dropdown",this.toggle)};f.prototype.toggle=function(d){var e=a(this);if(!e.is(".disabled, :disabled")){var f=c(e),g=f.hasClass("open");if(b(),!g){"ontouchstart"in document.documentElement&&!f.closest(".navbar-nav").length&&a('<div class="dropdown-backdrop"/>').insertAfter(a(this)).on("click",b);var h={relatedTarget:this};if(f.trigger(d=a.Event("show.bs.dropdown",h)),d.isDefaultPrevented())return;f.toggleClass("open").trigger("shown.bs.dropdown",h),e.focus()}return!1}},f.prototype.keydown=function(b){if(/(38|40|27)/.test(b.keyCode)){var d=a(this);if(b.preventDefault(),b.stopPropagation(),!d.is(".disabled, :disabled")){var f=c(d),g=f.hasClass("open");if(!g||g&&27==b.keyCode)return 27==b.which&&f.find(e).focus(),d.click();var h=" li:not(.divider):visible a",i=f.find("[role=menu]"+h+", [role=listbox]"+h);if(i.length){var j=i.index(i.filter(":focus"));38==b.keyCode&&j>0&&j--,40==b.keyCode&&j<i.length-1&&j++,~j||(j=0),i.eq(j).focus()}}}};var g=a.fn.dropdown;a.fn.dropdown=function(b){return this.each(function(){var c=a(this),d=c.data("bs.dropdown");d||c.data("bs.dropdown",d=new f(this)),"string"==typeof b&&d[b].call(c)})},a.fn.dropdown.Constructor=f,a.fn.dropdown.noConflict=function(){return a.fn.dropdown=g,this},a(document).on("click.bs.dropdown.data-api",b).on("click.bs.dropdown.data-api",".dropdown form",function(a){a.stopPropagation()}).on("click.bs.dropdown.data-api",e,f.prototype.toggle).on("keydown.bs.dropdown.data-api",e+", [role=menu], [role=listbox]",f.prototype.keydown)}(jQuery),+function(a){"use strict";var b=function(b,c){this.options=c,this.$element=a(b),this.$backdrop=this.isShown=null,this.options.remote&&this.$element.find(".modal-content").load(this.options.remote,a.proxy(function(){this.$element.trigger("loaded.bs.modal")},this))};b.DEFAULTS={backdrop:!0,keyboard:!0,show:!0},b.prototype.toggle=function(a){return this[this.isShown?"hide":"show"](a)},b.prototype.show=function(b){var c=this,d=a.Event("show.bs.modal",{relatedTarget:b});this.$element.trigger(d),this.isShown||d.isDefaultPrevented()||(this.isShown=!0,this.escape(),this.$element.on("click.dismiss.bs.modal",'[data-dismiss="modal"]',a.proxy(this.hide,this)),this.backdrop(function(){var d=a.support.transition&&c.$element.hasClass("fade");c.$element.parent().length||c.$element.appendTo(document.body),c.$element.show().scrollTop(0),d&&c.$element[0].offsetWidth,c.$element.addClass("in").attr("aria-hidden",!1),c.enforceFocus();var e=a.Event("shown.bs.modal",{relatedTarget:b});d?c.$element.find(".modal-dialog").one(a.support.transition.end,function(){c.$element.focus().trigger(e)}).emulateTransitionEnd(300):c.$element.focus().trigger(e)}))},b.prototype.hide=function(b){b&&b.preventDefault(),b=a.Event("hide.bs.modal"),this.$element.trigger(b),this.isShown&&!b.isDefaultPrevented()&&(this.isShown=!1,this.escape(),a(document).off("focusin.bs.modal"),this.$element.removeClass("in").attr("aria-hidden",!0).off("click.dismiss.bs.modal"),a.support.transition&&this.$element.hasClass("fade")?this.$element.one(a.support.transition.end,a.proxy(this.hideModal,this)).emulateTransitionEnd(300):this.hideModal())},b.prototype.enforceFocus=function(){a(document).off("focusin.bs.modal").on("focusin.bs.modal",a.proxy(function(a){this.$element[0]===a.target||this.$element.has(a.target).length||this.$element.focus()},this))},b.prototype.escape=function(){this.isShown&&this.options.keyboard?this.$element.on("keyup.dismiss.bs.modal",a.proxy(function(a){27==a.which&&this.hide()},this)):this.isShown||this.$element.off("keyup.dismiss.bs.modal")},b.prototype.hideModal=function(){var a=this;this.$element.hide(),this.backdrop(function(){a.removeBackdrop(),a.$element.trigger("hidden.bs.modal")})},b.prototype.removeBackdrop=function(){this.$backdrop&&this.$backdrop.remove(),this.$backdrop=null},b.prototype.backdrop=function(b){var c=this.$element.hasClass("fade")?"fade":"";if(this.isShown&&this.options.backdrop){var d=a.support.transition&&c;if(this.$backdrop=a('<div class="modal-backdrop '+c+'" />').appendTo(document.body),this.$element.on("click.dismiss.bs.modal",a.proxy(function(a){a.target===a.currentTarget&&("static"==this.options.backdrop?this.$element[0].focus.call(this.$element[0]):this.hide.call(this))},this)),d&&this.$backdrop[0].offsetWidth,this.$backdrop.addClass("in"),!b)return;d?this.$backdrop.one(a.support.transition.end,b).emulateTransitionEnd(150):b()}else!this.isShown&&this.$backdrop?(this.$backdrop.removeClass("in"),a.support.transition&&this.$element.hasClass("fade")?this.$backdrop.one(a.support.transition.end,b).emulateTransitionEnd(150):b()):b&&b()};var c=a.fn.modal;a.fn.modal=function(c,d){return this.each(function(){var e=a(this),f=e.data("bs.modal"),g=a.extend({},b.DEFAULTS,e.data(),"object"==typeof c&&c);f||e.data("bs.modal",f=new b(this,g)),"string"==typeof c?f[c](d):g.show&&f.show(d)})},a.fn.modal.Constructor=b,a.fn.modal.noConflict=function(){return a.fn.modal=c,this},a(document).on("click.bs.modal.data-api",'[data-toggle="modal"]',function(b){var c=a(this),d=c.attr("href"),e=a(c.attr("data-target")||d&&d.replace(/.*(?=#[^\s]+$)/,"")),f=e.data("bs.modal")?"toggle":a.extend({remote:!/#/.test(d)&&d},e.data(),c.data());c.is("a")&&b.preventDefault(),e.modal(f,this).one("hide",function(){c.is(":visible")&&c.focus()})}),a(document).on("show.bs.modal",".modal",function(){a(document.body).addClass("modal-open")}).on("hidden.bs.modal",".modal",function(){a(document.body).removeClass("modal-open")})}(jQuery),+function(a){"use strict";var b=function(a,b){this.type=this.options=this.enabled=this.timeout=this.hoverState=this.$element=null,this.init("tooltip",a,b)};b.DEFAULTS={animation:!0,placement:"top",selector:!1,template:'<div class="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>',trigger:"hover focus",title:"",delay:0,html:!1,container:!1},b.prototype.init=function(b,c,d){this.enabled=!0,this.type=b,this.$element=a(c),this.options=this.getOptions(d);for(var e=this.options.trigger.split(" "),f=e.length;f--;){var g=e[f];if("click"==g)this.$element.on("click."+this.type,this.options.selector,a.proxy(this.toggle,this));else if("manual"!=g){var h="hover"==g?"mouseenter":"focusin",i="hover"==g?"mouseleave":"focusout";this.$element.on(h+"."+this.type,this.options.selector,a.proxy(this.enter,this)),this.$element.on(i+"."+this.type,this.options.selector,a.proxy(this.leave,this))}}this.options.selector?this._options=a.extend({},this.options,{trigger:"manual",selector:""}):this.fixTitle()},b.prototype.getDefaults=function(){return b.DEFAULTS},b.prototype.getOptions=function(b){return b=a.extend({},this.getDefaults(),this.$element.data(),b),b.delay&&"number"==typeof b.delay&&(b.delay={show:b.delay,hide:b.delay}),b},b.prototype.getDelegateOptions=function(){var b={},c=this.getDefaults();return this._options&&a.each(this._options,function(a,d){c[a]!=d&&(b[a]=d)}),b},b.prototype.enter=function(b){var c=b instanceof this.constructor?b:a(b.currentTarget)[this.type](this.getDelegateOptions()).data("bs."+this.type);return clearTimeout(c.timeout),c.hoverState="in",c.options.delay&&c.options.delay.show?void(c.timeout=setTimeout(function(){"in"==c.hoverState&&c.show()},c.options.delay.show)):c.show()},b.prototype.leave=function(b){var c=b instanceof this.constructor?b:a(b.currentTarget)[this.type](this.getDelegateOptions()).data("bs."+this.type);return clearTimeout(c.timeout),c.hoverState="out",c.options.delay&&c.options.delay.hide?void(c.timeout=setTimeout(function(){"out"==c.hoverState&&c.hide()},c.options.delay.hide)):c.hide()},b.prototype.show=function(){var b=a.Event("show.bs."+this.type);if(this.hasContent()&&this.enabled){if(this.$element.trigger(b),b.isDefaultPrevented())return;var c=this,d=this.tip();this.setContent(),this.options.animation&&d.addClass("fade");var e="function"==typeof this.options.placement?this.options.placement.call(this,d[0],this.$element[0]):this.options.placement,f=/\s?auto?\s?/i,g=f.test(e);g&&(e=e.replace(f,"")||"top"),d.detach().css({top:0,left:0,display:"block"}).addClass(e),this.options.container?d.appendTo(this.options.container):d.insertAfter(this.$element);var h=this.getPosition(),i=d[0].offsetWidth,j=d[0].offsetHeight;if(g){var k=this.$element.parent(),l=e,m=document.documentElement.scrollTop||document.body.scrollTop,n="body"==this.options.container?window.innerWidth:k.outerWidth(),o="body"==this.options.container?window.innerHeight:k.outerHeight(),p="body"==this.options.container?0:k.offset().left;e="bottom"==e&&h.top+h.height+j-m>o?"top":"top"==e&&h.top-m-j<0?"bottom":"right"==e&&h.right+i>n?"left":"left"==e&&h.left-i<p?"right":e,d.removeClass(l).addClass(e)}var q=this.getCalculatedOffset(e,h,i,j);this.applyPlacement(q,e),this.hoverState=null;var r=function(){c.$element.trigger("shown.bs."+c.type)};a.support.transition&&this.$tip.hasClass("fade")?d.one(a.support.transition.end,r).emulateTransitionEnd(150):r()}},b.prototype.applyPlacement=function(b,c){var d,e=this.tip(),f=e[0].offsetWidth,g=e[0].offsetHeight,h=parseInt(e.css("margin-top"),10),i=parseInt(e.css("margin-left"),10);isNaN(h)&&(h=0),isNaN(i)&&(i=0),b.top=b.top+h,b.left=b.left+i,a.offset.setOffset(e[0],a.extend({using:function(a){e.css({top:Math.round(a.top),left:Math.round(a.left)})}},b),0),e.addClass("in");var j=e[0].offsetWidth,k=e[0].offsetHeight;if("top"==c&&k!=g&&(d=!0,b.top=b.top+g-k),/bottom|top/.test(c)){var l=0;b.left<0&&(l=-2*b.left,b.left=0,e.offset(b),j=e[0].offsetWidth,k=e[0].offsetHeight),this.replaceArrow(l-f+j,j,"left")}else this.replaceArrow(k-g,k,"top");d&&e.offset(b)},b.prototype.replaceArrow=function(a,b,c){this.arrow().css(c,a?50*(1-a/b)+"%":"")},b.prototype.setContent=function(){var a=this.tip(),b=this.getTitle();a.find(".tooltip-inner")[this.options.html?"html":"text"](b),a.removeClass("fade in top bottom left right")},b.prototype.hide=function(){function b(){"in"!=c.hoverState&&d.detach(),c.$element.trigger("hidden.bs."+c.type)}var c=this,d=this.tip(),e=a.Event("hide.bs."+this.type);return this.$element.trigger(e),e.isDefaultPrevented()?void 0:(d.removeClass("in"),a.support.transition&&this.$tip.hasClass("fade")?d.one(a.support.transition.end,b).emulateTransitionEnd(150):b(),this.hoverState=null,this)},b.prototype.fixTitle=function(){var a=this.$element;(a.attr("title")||"string"!=typeof a.attr("data-original-title"))&&a.attr("data-original-title",a.attr("title")||"").attr("title","")},b.prototype.hasContent=function(){return this.getTitle()},b.prototype.getPosition=function(){var b=this.$element[0];return a.extend({},"function"==typeof b.getBoundingClientRect?b.getBoundingClientRect():{width:b.offsetWidth,height:b.offsetHeight},this.$element.offset())},b.prototype.getCalculatedOffset=function(a,b,c,d){return"bottom"==a?{top:b.top+b.height,left:b.left+b.width/2-c/2}:"top"==a?{top:b.top-d,left:b.left+b.width/2-c/2}:"left"==a?{top:b.top+b.height/2-d/2,left:b.left-c}:{top:b.top+b.height/2-d/2,left:b.left+b.width}},b.prototype.getTitle=function(){var a,b=this.$element,c=this.options;return a=b.attr("data-original-title")||("function"==typeof c.title?c.title.call(b[0]):c.title)},b.prototype.tip=function(){return this.$tip=this.$tip||a(this.options.template)},b.prototype.arrow=function(){return this.$arrow=this.$arrow||this.tip().find(".tooltip-arrow")},b.prototype.validate=function(){this.$element[0].parentNode||(this.hide(),this.$element=null,this.options=null)},b.prototype.enable=function(){this.enabled=!0},b.prototype.disable=function(){this.enabled=!1},b.prototype.toggleEnabled=function(){this.enabled=!this.enabled},b.prototype.toggle=function(b){var c=b?a(b.currentTarget)[this.type](this.getDelegateOptions()).data("bs."+this.type):this;c.tip().hasClass("in")?c.leave(c):c.enter(c)},b.prototype.destroy=function(){clearTimeout(this.timeout),this.hide().$element.off("."+this.type).removeData("bs."+this.type)};var c=a.fn.tooltip;a.fn.tooltip=function(c){return this.each(function(){var d=a(this),e=d.data("bs.tooltip"),f="object"==typeof c&&c;(e||"destroy"!=c)&&(e||d.data("bs.tooltip",e=new b(this,f)),"string"==typeof c&&e[c]())})},a.fn.tooltip.Constructor=b,a.fn.tooltip.noConflict=function(){return a.fn.tooltip=c,this}}(jQuery),+function(a){"use strict";var b=function(a,b){this.init("popover",a,b)};if(!a.fn.tooltip)throw new Error("Popover requires tooltip.js");b.DEFAULTS=a.extend({},a.fn.tooltip.Constructor.DEFAULTS,{placement:"right",trigger:"click",content:"",template:'<div class="popover"><div class="arrow"></div><h3 class="popover-title"></h3><div class="popover-content"></div></div>'}),b.prototype=a.extend({},a.fn.tooltip.Constructor.prototype),b.prototype.constructor=b,b.prototype.getDefaults=function(){return b.DEFAULTS},b.prototype.setContent=function(){var a=this.tip(),b=this.getTitle(),c=this.getContent();a.find(".popover-title")[this.options.html?"html":"text"](b),a.find(".popover-content")[this.options.html?"string"==typeof c?"html":"append":"text"](c),a.removeClass("fade top bottom left right in"),a.find(".popover-title").html()||a.find(".popover-title").hide()},b.prototype.hasContent=function(){return this.getTitle()||this.getContent()},b.prototype.getContent=function(){var a=this.$element,b=this.options;return a.attr("data-content")||("function"==typeof b.content?b.content.call(a[0]):b.content)},b.prototype.arrow=function(){return this.$arrow=this.$arrow||this.tip().find(".arrow")},b.prototype.tip=function(){return this.$tip||(this.$tip=a(this.options.template)),this.$tip};var c=a.fn.popover;a.fn.popover=function(c){return this.each(function(){var d=a(this),e=d.data("bs.popover"),f="object"==typeof c&&c;(e||"destroy"!=c)&&(e||d.data("bs.popover",e=new b(this,f)),"string"==typeof c&&e[c]())})},a.fn.popover.Constructor=b,a.fn.popover.noConflict=function(){return a.fn.popover=c,this}}(jQuery),+function(a){"use strict";function b(c,d){var e,f=a.proxy(this.process,this);this.$element=a(a(c).is("body")?window:c),this.$body=a("body"),this.$scrollElement=this.$element.on("scroll.bs.scroll-spy.data-api",f),this.options=a.extend({},b.DEFAULTS,d),this.selector=(this.options.target||(e=a(c).attr("href"))&&e.replace(/.*(?=#[^\s]+$)/,"")||"")+" .nav li > a",this.offsets=a([]),this.targets=a([]),this.activeTarget=null,this.refresh(),this.process()}b.DEFAULTS={offset:10},b.prototype.refresh=function(){var b=this.$element[0]==window?"offset":"position";this.offsets=a([]),this.targets=a([]);{var c=this;this.$body.find(this.selector).map(function(){var d=a(this),e=d.data("target")||d.attr("href"),f=/^#./.test(e)&&a(e);return f&&f.length&&f.is(":visible")&&[[f[b]().top+(!a.isWindow(c.$scrollElement.get(0))&&c.$scrollElement.scrollTop()),e]]||null}).sort(function(a,b){return a[0]-b[0]}).each(function(){c.offsets.push(this[0]),c.targets.push(this[1])})}},b.prototype.process=function(){var a,b=this.$scrollElement.scrollTop()+this.options.offset,c=this.$scrollElement[0].scrollHeight||this.$body[0].scrollHeight,d=c-this.$scrollElement.height(),e=this.offsets,f=this.targets,g=this.activeTarget;if(b>=d)return g!=(a=f.last()[0])&&this.activate(a);if(g&&b<=e[0])return g!=(a=f[0])&&this.activate(a);for(a=e.length;a--;)g!=f[a]&&b>=e[a]&&(!e[a+1]||b<=e[a+1])&&this.activate(f[a])},b.prototype.activate=function(b){this.activeTarget=b,a(this.selector).parentsUntil(this.options.target,".active").removeClass("active");var c=this.selector+'[data-target="'+b+'"],'+this.selector+'[href="'+b+'"]',d=a(c).parents("li").addClass("active");d.parent(".dropdown-menu").length&&(d=d.closest("li.dropdown").addClass("active")),d.trigger("activate.bs.scrollspy")};var c=a.fn.scrollspy;a.fn.scrollspy=function(c){return this.each(function(){var d=a(this),e=d.data("bs.scrollspy"),f="object"==typeof c&&c;e||d.data("bs.scrollspy",e=new b(this,f)),"string"==typeof c&&e[c]()})},a.fn.scrollspy.Constructor=b,a.fn.scrollspy.noConflict=function(){return a.fn.scrollspy=c,this},a(window).on("load",function(){a('[data-spy="scroll"]').each(function(){var b=a(this);b.scrollspy(b.data())})})}(jQuery),+function(a){"use strict";var b=function(b){this.element=a(b)};b.prototype.show=function(){var b=this.element,c=b.closest("ul:not(.dropdown-menu)"),d=b.data("target");if(d||(d=b.attr("href"),d=d&&d.replace(/.*(?=#[^\s]*$)/,"")),!b.parent("li").hasClass("active")){var e=c.find(".active:last a")[0],f=a.Event("show.bs.tab",{relatedTarget:e});if(b.trigger(f),!f.isDefaultPrevented()){var g=a(d);this.activate(b.parent("li"),c),this.activate(g,g.parent(),function(){b.trigger({type:"shown.bs.tab",relatedTarget:e})})}}},b.prototype.activate=function(b,c,d){function e(){f.removeClass("active").find("> .dropdown-menu > .active").removeClass("active"),b.addClass("active"),g?(b[0].offsetWidth,b.addClass("in")):b.removeClass("fade"),b.parent(".dropdown-menu")&&b.closest("li.dropdown").addClass("active"),d&&d()}var f=c.find("> .active"),g=d&&a.support.transition&&f.hasClass("fade");g?f.one(a.support.transition.end,e).emulateTransitionEnd(150):e(),f.removeClass("in")};var c=a.fn.tab;a.fn.tab=function(c){return this.each(function(){var d=a(this),e=d.data("bs.tab");e||d.data("bs.tab",e=new b(this)),"string"==typeof c&&e[c]()})},a.fn.tab.Constructor=b,a.fn.tab.noConflict=function(){return a.fn.tab=c,this},a(document).on("click.bs.tab.data-api",'[data-toggle="tab"], [data-toggle="pill"]',function(b){b.preventDefault(),a(this).tab("show")})}(jQuery),+function(a){"use strict";var b=function(c,d){this.options=a.extend({},b.DEFAULTS,d),this.$window=a(window).on("scroll.bs.affix.data-api",a.proxy(this.checkPosition,this)).on("click.bs.affix.data-api",a.proxy(this.checkPositionWithEventLoop,this)),this.$element=a(c),this.affixed=this.unpin=this.pinnedOffset=null,this.checkPosition()};b.RESET="affix affix-top affix-bottom",b.DEFAULTS={offset:0},b.prototype.getPinnedOffset=function(){if(this.pinnedOffset)return this.pinnedOffset;this.$element.removeClass(b.RESET).addClass("affix");var a=this.$window.scrollTop(),c=this.$element.offset();return this.pinnedOffset=c.top-a},b.prototype.checkPositionWithEventLoop=function(){setTimeout(a.proxy(this.checkPosition,this),1)},b.prototype.checkPosition=function(){if(this.$element.is(":visible")){var c=a(document).height(),d=this.$window.scrollTop(),e=this.$element.offset(),f=this.options.offset,g=f.top,h=f.bottom;"top"==this.affixed&&(e.top+=d),"object"!=typeof f&&(h=g=f),"function"==typeof g&&(g=f.top(this.$element)),"function"==typeof h&&(h=f.bottom(this.$element));var i=null!=this.unpin&&d+this.unpin<=e.top?!1:null!=h&&e.top+this.$element.height()>=c-h?"bottom":null!=g&&g>=d?"top":!1;if(this.affixed!==i){this.unpin&&this.$element.css("top","");var j="affix"+(i?"-"+i:""),k=a.Event(j+".bs.affix");this.$element.trigger(k),k.isDefaultPrevented()||(this.affixed=i,this.unpin="bottom"==i?this.getPinnedOffset():null,this.$element.removeClass(b.RESET).addClass(j).trigger(a.Event(j.replace("affix","affixed"))),"bottom"==i&&this.$element.offset({top:c-h-this.$element.height()}))}}};var c=a.fn.affix;a.fn.affix=function(c){return this.each(function(){var d=a(this),e=d.data("bs.affix"),f="object"==typeof c&&c;e||d.data("bs.affix",e=new b(this,f)),"string"==typeof c&&e[c]()})},a.fn.affix.Constructor=b,a.fn.affix.noConflict=function(){return a.fn.affix=c,this},a(window).on("load",function(){a('[data-spy="affix"]').each(function(){var b=a(this),c=b.data();c.offset=c.offset||{},c.offsetBottom&&(c.offset.bottom=c.offsetBottom),c.offsetTop&&(c.offset.top=c.offsetTop),b.affix(c)})})}(jQuery);


--------------------------------------------------------------------------------
/server/static/dist/css/bootstrap-theme.css.map:
--------------------------------------------------------------------------------
1 | {"version":3,"sources":["less/theme.less","less/mixins.less"],"names":[],"mappings":"AAeA;AACA;AACA;AACA;AACA;AACA;EACE,wCAAA;ECoGA,2FAAA;EACQ,mFAAA;;ADhGR,YAAC;AAAD,YAAC;AAAD,YAAC;AAAD,SAAC;AAAD,YAAC;AAAD,WAAC;AACD,YAAC;AAAD,YAAC;AAAD,YAAC;AAAD,SAAC;AAAD,YAAC;AAAD,WAAC;EC8FD,wDAAA;EACQ,gDAAA;;ADnER,IAAC;AACD,IAAC;EACC,sBAAA;;AAKJ;EC4PI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;EAyB2C,yBAAA;EAA2B,kBAAA;;AAvBtE,YAAC;AACD,YAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,YAAC;AACD,YAAC;EACC,yBAAA;EACA,qBAAA;;AAeJ;EC2PI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;;AAEA,YAAC;AACD,YAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,YAAC;AACD,YAAC;EACC,yBAAA;EACA,qBAAA;;AAgBJ;EC0PI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;;AAEA,YAAC;AACD,YAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,YAAC;AACD,YAAC;EACC,yBAAA;EACA,qBAAA;;AAiBJ;ECyPI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;;AAEA,SAAC;AACD,SAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,SAAC;AACD,SAAC;EACC,yBAAA;EACA,qBAAA;;AAkBJ;ECwPI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;;AAEA,YAAC;AACD,YAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,YAAC;AACD,YAAC;EACC,yBAAA;EACA,qBAAA;;AAmBJ;ECuPI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EAEA,sHAAA;EAoCF,mEAAA;ED7TA,2BAAA;EACA,qBAAA;;AAEA,WAAC;AACD,WAAC;EACC,yBAAA;EACA,4BAAA;;AAGF,WAAC;AACD,WAAC;EACC,yBAAA;EACA,qBAAA;;AA2BJ;AACA;EC6CE,kDAAA;EACQ,0CAAA;;ADpCV,cAAe,KAAK,IAAG;AACvB,cAAe,KAAK,IAAG;ECmOnB,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;EDpOF,yBAAA;;AAEF,cAAe,UAAU;AACzB,cAAe,UAAU,IAAG;AAC5B,cAAe,UAAU,IAAG;EC6NxB,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED9NF,yBAAA;;AAUF;ECiNI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;EAoCF,mEAAA;EDrPA,kBAAA;ECaA,2FAAA;EACQ,mFAAA;;ADjBV,eAOE,YAAY,UAAU;EC0MpB,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;EApMF,wDAAA;EACQ,gDAAA;;ADLV;AACA,WAAY,KAAK;EACf,8CAAA;;AAIF;EC+LI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;EAoCF,mEAAA;;ADtOF,eAIE,YAAY,UAAU;EC2LpB,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;EApMF,uDAAA;EACQ,+CAAA;;ADCV,eASE;AATF,eAUE,YAAY,KAAK;EACf,yCAAA;;AAKJ;AACA;AACA;EACE,gBAAA;;AAUF;EACE,6CAAA;EChCA,0FAAA;EACQ,kFAAA;;AD2CV;ECqJI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED5JF,qBAAA;;AAKF;ECoJI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED5JF,qBAAA;;AAMF;ECmJI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED5JF,qBAAA;;AAOF;ECkJI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED5JF,qBAAA;;AAgBF;ECyII,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADlIJ;EC+HI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADjIJ;EC8HI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADhIJ;EC6HI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;AD/HJ;EC4HI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;AD9HJ;EC2HI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADtHJ;EACE,kBAAA;EC/EA,kDAAA;EACQ,0CAAA;;ADiFV,gBAAgB;AAChB,gBAAgB,OAAO;AACvB,gBAAgB,OAAO;EACrB,6BAAA;EC4GE,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED7GF,qBAAA;;AAUF;ECjGE,iDAAA;EACQ,yCAAA;;AD0GV,cAAe;ECsFX,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADxFJ,cAAe;ECqFX,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADvFJ,cAAe;ECoFX,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADtFJ,WAAY;ECmFR,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADrFJ,cAAe;ECkFX,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;ADpFJ,aAAc;ECiFV,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;;AD5EJ;ECyEI,kBAAkB,sDAAlB;EACA,kBAAkB,oDAAlB;EACA,2BAAA;EACA,sHAAA;ED1EF,qBAAA;EC1HA,yFAAA;EACQ,iFAAA","sourcesContent":["\n//\n// Load core variables and mixins\n// --------------------------------------------------\n\n@import \"variables.less\";\n@import \"mixins.less\";\n\n\n\n//\n// Buttons\n// --------------------------------------------------\n\n// Common styles\n.btn-default,\n.btn-primary,\n.btn-success,\n.btn-info,\n.btn-warning,\n.btn-danger {\n  text-shadow: 0 -1px 0 rgba(0,0,0,.2);\n  @shadow: inset 0 1px 0 rgba(255,255,255,.15), 0 1px 1px rgba(0,0,0,.075);\n  .box-shadow(@shadow);\n\n  // Reset the shadow\n  &:active,\n  &.active {\n    .box-shadow(inset 0 3px 5px rgba(0,0,0,.125));\n  }\n}\n\n// Mixin for generating new styles\n.btn-styles(@btn-color: #555) {\n  #gradient > .vertical(@start-color: @btn-color; @end-color: darken(@btn-color, 12%));\n  .reset-filter(); // Disable gradients for IE9 because filter bleeds through rounded corners\n  background-repeat: repeat-x;\n  border-color: darken(@btn-color, 14%);\n\n  &:hover,\n  &:focus  {\n    background-color: darken(@btn-color, 12%);\n    background-position: 0 -15px;\n  }\n\n  &:active,\n  &.active {\n    background-color: darken(@btn-color, 12%);\n    border-color: darken(@btn-color, 14%);\n  }\n}\n\n// Common styles\n.btn {\n  // Remove the gradient for the pressed/active state\n  &:active,\n  &.active {\n    background-image: none;\n  }\n}\n\n// Apply the mixin to the buttons\n.btn-default { .btn-styles(@btn-default-bg); text-shadow: 0 1px 0 #fff; border-color: #ccc; }\n.btn-primary { .btn-styles(@btn-primary-bg); }\n.btn-success { .btn-styles(@btn-success-bg); }\n.btn-info    { .btn-styles(@btn-info-bg); }\n.btn-warning { .btn-styles(@btn-warning-bg); }\n.btn-danger  { .btn-styles(@btn-danger-bg); }\n\n\n\n//\n// Images\n// --------------------------------------------------\n\n.thumbnail,\n.img-thumbnail {\n  .box-shadow(0 1px 2px rgba(0,0,0,.075));\n}\n\n\n\n//\n// Dropdowns\n// --------------------------------------------------\n\n.dropdown-menu > li > a:hover,\n.dropdown-menu > li > a:focus {\n  #gradient > .vertical(@start-color: @dropdown-link-hover-bg; @end-color: darken(@dropdown-link-hover-bg, 5%));\n  background-color: darken(@dropdown-link-hover-bg, 5%);\n}\n.dropdown-menu > .active > a,\n.dropdown-menu > .active > a:hover,\n.dropdown-menu > .active > a:focus {\n  #gradient > .vertical(@start-color: @dropdown-link-active-bg; @end-color: darken(@dropdown-link-active-bg, 5%));\n  background-color: darken(@dropdown-link-active-bg, 5%);\n}\n\n\n\n//\n// Navbar\n// --------------------------------------------------\n\n// Default navbar\n.navbar-default {\n  #gradient > .vertical(@start-color: lighten(@navbar-default-bg, 10%); @end-color: @navbar-default-bg);\n  .reset-filter(); // Remove gradient in IE<10 to fix bug where dropdowns don't get triggered\n  border-radius: @navbar-border-radius;\n  @shadow: inset 0 1px 0 rgba(255,255,255,.15), 0 1px 5px rgba(0,0,0,.075);\n  .box-shadow(@shadow);\n\n  .navbar-nav > .active > a {\n    #gradient > .vertical(@start-color: darken(@navbar-default-bg, 5%); @end-color: darken(@navbar-default-bg, 2%));\n    .box-shadow(inset 0 3px 9px rgba(0,0,0,.075));\n  }\n}\n.navbar-brand,\n.navbar-nav > li > a {\n  text-shadow: 0 1px 0 rgba(255,255,255,.25);\n}\n\n// Inverted navbar\n.navbar-inverse {\n  #gradient > .vertical(@start-color: lighten(@navbar-inverse-bg, 10%); @end-color: @navbar-inverse-bg);\n  .reset-filter(); // Remove gradient in IE<10 to fix bug where dropdowns don't get triggered\n\n  .navbar-nav > .active > a {\n    #gradient > .vertical(@start-color: @navbar-inverse-bg; @end-color: lighten(@navbar-inverse-bg, 2.5%));\n    .box-shadow(inset 0 3px 9px rgba(0,0,0,.25));\n  }\n\n  .navbar-brand,\n  .navbar-nav > li > a {\n    text-shadow: 0 -1px 0 rgba(0,0,0,.25);\n  }\n}\n\n// Undo rounded corners in static and fixed navbars\n.navbar-static-top,\n.navbar-fixed-top,\n.navbar-fixed-bottom {\n  border-radius: 0;\n}\n\n\n\n//\n// Alerts\n// --------------------------------------------------\n\n// Common styles\n.alert {\n  text-shadow: 0 1px 0 rgba(255,255,255,.2);\n  @shadow: inset 0 1px 0 rgba(255,255,255,.25), 0 1px 2px rgba(0,0,0,.05);\n  .box-shadow(@shadow);\n}\n\n// Mixin for generating new styles\n.alert-styles(@color) {\n  #gradient > .vertical(@start-color: @color; @end-color: darken(@color, 7.5%));\n  border-color: darken(@color, 15%);\n}\n\n// Apply the mixin to the alerts\n.alert-success    { .alert-styles(@alert-success-bg); }\n.alert-info       { .alert-styles(@alert-info-bg); }\n.alert-warning    { .alert-styles(@alert-warning-bg); }\n.alert-danger     { .alert-styles(@alert-danger-bg); }\n\n\n\n//\n// Progress bars\n// --------------------------------------------------\n\n// Give the progress background some depth\n.progress {\n  #gradient > .vertical(@start-color: darken(@progress-bg, 4%); @end-color: @progress-bg)\n}\n\n// Mixin for generating new styles\n.progress-bar-styles(@color) {\n  #gradient > .vertical(@start-color: @color; @end-color: darken(@color, 10%));\n}\n\n// Apply the mixin to the progress bars\n.progress-bar            { .progress-bar-styles(@progress-bar-bg); }\n.progress-bar-success    { .progress-bar-styles(@progress-bar-success-bg); }\n.progress-bar-info       { .progress-bar-styles(@progress-bar-info-bg); }\n.progress-bar-warning    { .progress-bar-styles(@progress-bar-warning-bg); }\n.progress-bar-danger     { .progress-bar-styles(@progress-bar-danger-bg); }\n\n\n\n//\n// List groups\n// --------------------------------------------------\n\n.list-group {\n  border-radius: @border-radius-base;\n  .box-shadow(0 1px 2px rgba(0,0,0,.075));\n}\n.list-group-item.active,\n.list-group-item.active:hover,\n.list-group-item.active:focus {\n  text-shadow: 0 -1px 0 darken(@list-group-active-bg, 10%);\n  #gradient > .vertical(@start-color: @list-group-active-bg; @end-color: darken(@list-group-active-bg, 7.5%));\n  border-color: darken(@list-group-active-border, 7.5%);\n}\n\n\n\n//\n// Panels\n// --------------------------------------------------\n\n// Common styles\n.panel {\n  .box-shadow(0 1px 2px rgba(0,0,0,.05));\n}\n\n// Mixin for generating new styles\n.panel-heading-styles(@color) {\n  #gradient > .vertical(@start-color: @color; @end-color: darken(@color, 5%));\n}\n\n// Apply the mixin to the panel headings only\n.panel-default > .panel-heading   { .panel-heading-styles(@panel-default-heading-bg); }\n.panel-primary > .panel-heading   { .panel-heading-styles(@panel-primary-heading-bg); }\n.panel-success > .panel-heading   { .panel-heading-styles(@panel-success-heading-bg); }\n.panel-info > .panel-heading      { .panel-heading-styles(@panel-info-heading-bg); }\n.panel-warning > .panel-heading   { .panel-heading-styles(@panel-warning-heading-bg); }\n.panel-danger > .panel-heading    { .panel-heading-styles(@panel-danger-heading-bg); }\n\n\n\n//\n// Wells\n// --------------------------------------------------\n\n.well {\n  #gradient > .vertical(@start-color: darken(@well-bg, 5%); @end-color: @well-bg);\n  border-color: darken(@well-bg, 10%);\n  @shadow: inset 0 1px 3px rgba(0,0,0,.05), 0 1px 0 rgba(255,255,255,.1);\n  .box-shadow(@shadow);\n}\n","//\n// Mixins\n// --------------------------------------------------\n\n\n// Utilities\n// -------------------------\n\n// Clearfix\n// Source: http://nicolasgallagher.com/micro-clearfix-hack/\n//\n// For modern browsers\n// 1. The space content is one way to avoid an Opera bug when the\n//    contenteditable attribute is included anywhere else in the document.\n//    Otherwise it causes space to appear at the top and bottom of elements\n//    that are clearfixed.\n// 2. The use of `table` rather than `block` is only necessary if using\n//    `:before` to contain the top-margins of child elements.\n.clearfix() {\n  &:before,\n  &:after {\n    content: \" \"; // 1\n    display: table; // 2\n  }\n  &:after {\n    clear: both;\n  }\n}\n\n// WebKit-style focus\n.tab-focus() {\n  // Default\n  outline: thin dotted;\n  // WebKit\n  outline: 5px auto -webkit-focus-ring-color;\n  outline-offset: -2px;\n}\n\n// Center-align a block level element\n.center-block() {\n  display: block;\n  margin-left: auto;\n  margin-right: auto;\n}\n\n// Sizing shortcuts\n.size(@width; @height) {\n  width: @width;\n  height: @height;\n}\n.square(@size) {\n  .size(@size; @size);\n}\n\n// Placeholder text\n.placeholder(@color: @input-color-placeholder) {\n  &::-moz-placeholder           { color: @color;   // Firefox\n                                  opacity: 1; } // See https://github.com/twbs/bootstrap/pull/11526\n  &:-ms-input-placeholder       { color: @color; } // Internet Explorer 10+\n  &::-webkit-input-placeholder  { color: @color; } // Safari and Chrome\n}\n\n// Text overflow\n// Requires inline-block or block for proper styling\n.text-overflow() {\n  overflow: hidden;\n  text-overflow: ellipsis;\n  white-space: nowrap;\n}\n\n// CSS image replacement\n//\n// Heads up! v3 launched with with only `.hide-text()`, but per our pattern for\n// mixins being reused as classes with the same name, this doesn't hold up. As\n// of v3.0.1 we have added `.text-hide()` and deprecated `.hide-text()`. Note\n// that we cannot chain the mixins together in Less, so they are repeated.\n//\n// Source: https://github.com/h5bp/html5-boilerplate/commit/aa0396eae757\n\n// Deprecated as of v3.0.1 (will be removed in v4)\n.hide-text() {\n  font: ~\"0/0\" a;\n  color: transparent;\n  text-shadow: none;\n  background-color: transparent;\n  border: 0;\n}\n// New mixin to use as of v3.0.1\n.text-hide() {\n  .hide-text();\n}\n\n\n\n// CSS3 PROPERTIES\n// --------------------------------------------------\n\n// Single side border-radius\n.border-top-radius(@radius) {\n  border-top-right-radius: @radius;\n   border-top-left-radius: @radius;\n}\n.border-right-radius(@radius) {\n  border-bottom-right-radius: @radius;\n     border-top-right-radius: @radius;\n}\n.border-bottom-radius(@radius) {\n  border-bottom-right-radius: @radius;\n   border-bottom-left-radius: @radius;\n}\n.border-left-radius(@radius) {\n  border-bottom-left-radius: @radius;\n     border-top-left-radius: @radius;\n}\n\n// Drop shadows\n//\n// Note: Deprecated `.box-shadow()` as of v3.1.0 since all of Bootstrap's\n//   supported browsers that have box shadow capabilities now support the\n//   standard `box-shadow` property.\n.box-shadow(@shadow) {\n  -webkit-box-shadow: @shadow; // iOS <4.3 & Android <4.1\n          box-shadow: @shadow;\n}\n\n// Transitions\n.transition(@transition) {\n  -webkit-transition: @transition;\n          transition: @transition;\n}\n.transition-property(@transition-property) {\n  -webkit-transition-property: @transition-property;\n          transition-property: @transition-property;\n}\n.transition-delay(@transition-delay) {\n  -webkit-transition-delay: @transition-delay;\n          transition-delay: @transition-delay;\n}\n.transition-duration(@transition-duration) {\n  -webkit-transition-duration: @transition-duration;\n          transition-duration: @transition-duration;\n}\n.transition-transform(@transition) {\n  -webkit-transition: -webkit-transform @transition;\n     -moz-transition: -moz-transform @transition;\n       -o-transition: -o-transform @transition;\n          transition: transform @transition;\n}\n\n// Transformations\n.rotate(@degrees) {\n  -webkit-transform: rotate(@degrees);\n      -ms-transform: rotate(@degrees); // IE9 only\n          transform: rotate(@degrees);\n}\n.scale(@ratio; @ratio-y...) {\n  -webkit-transform: scale(@ratio, @ratio-y);\n      -ms-transform: scale(@ratio, @ratio-y); // IE9 only\n          transform: scale(@ratio, @ratio-y);\n}\n.translate(@x; @y) {\n  -webkit-transform: translate(@x, @y);\n      -ms-transform: translate(@x, @y); // IE9 only\n          transform: translate(@x, @y);\n}\n.skew(@x; @y) {\n  -webkit-transform: skew(@x, @y);\n      -ms-transform: skewX(@x) skewY(@y); // See https://github.com/twbs/bootstrap/issues/4885; IE9+\n          transform: skew(@x, @y);\n}\n.translate3d(@x; @y; @z) {\n  -webkit-transform: translate3d(@x, @y, @z);\n          transform: translate3d(@x, @y, @z);\n}\n\n.rotateX(@degrees) {\n  -webkit-transform: rotateX(@degrees);\n      -ms-transform: rotateX(@degrees); // IE9 only\n          transform: rotateX(@degrees);\n}\n.rotateY(@degrees) {\n  -webkit-transform: rotateY(@degrees);\n      -ms-transform: rotateY(@degrees); // IE9 only\n          transform: rotateY(@degrees);\n}\n.perspective(@perspective) {\n  -webkit-perspective: @perspective;\n     -moz-perspective: @perspective;\n          perspective: @perspective;\n}\n.perspective-origin(@perspective) {\n  -webkit-perspective-origin: @perspective;\n     -moz-perspective-origin: @perspective;\n          perspective-origin: @perspective;\n}\n.transform-origin(@origin) {\n  -webkit-transform-origin: @origin;\n     -moz-transform-origin: @origin;\n      -ms-transform-origin: @origin; // IE9 only\n          transform-origin: @origin;\n}\n\n// Animations\n.animation(@animation) {\n  -webkit-animation: @animation;\n          animation: @animation;\n}\n.animation-name(@name) {\n  -webkit-animation-name: @name;\n          animation-name: @name;\n}\n.animation-duration(@duration) {\n  -webkit-animation-duration: @duration;\n          animation-duration: @duration;\n}\n.animation-timing-function(@timing-function) {\n  -webkit-animation-timing-function: @timing-function;\n          animation-timing-function: @timing-function;\n}\n.animation-delay(@delay) {\n  -webkit-animation-delay: @delay;\n          animation-delay: @delay;\n}\n.animation-iteration-count(@iteration-count) {\n  -webkit-animation-iteration-count: @iteration-count;\n          animation-iteration-count: @iteration-count;\n}\n.animation-direction(@direction) {\n  -webkit-animation-direction: @direction;\n          animation-direction: @direction;\n}\n\n// Backface visibility\n// Prevent browsers from flickering when using CSS 3D transforms.\n// Default value is `visible`, but can be changed to `hidden`\n.backface-visibility(@visibility){\n  -webkit-backface-visibility: @visibility;\n     -moz-backface-visibility: @visibility;\n          backface-visibility: @visibility;\n}\n\n// Box sizing\n.box-sizing(@boxmodel) {\n  -webkit-box-sizing: @boxmodel;\n     -moz-box-sizing: @boxmodel;\n          box-sizing: @boxmodel;\n}\n\n// User select\n// For selecting text on the page\n.user-select(@select) {\n  -webkit-user-select: @select;\n     -moz-user-select: @select;\n      -ms-user-select: @select; // IE10+\n          user-select: @select;\n}\n\n// Resize anything\n.resizable(@direction) {\n  resize: @direction; // Options: horizontal, vertical, both\n  overflow: auto; // Safari fix\n}\n\n// CSS3 Content Columns\n.content-columns(@column-count; @column-gap: @grid-gutter-width) {\n  -webkit-column-count: @column-count;\n     -moz-column-count: @column-count;\n          column-count: @column-count;\n  -webkit-column-gap: @column-gap;\n     -moz-column-gap: @column-gap;\n          column-gap: @column-gap;\n}\n\n// Optional hyphenation\n.hyphens(@mode: auto) {\n  word-wrap: break-word;\n  -webkit-hyphens: @mode;\n     -moz-hyphens: @mode;\n      -ms-hyphens: @mode; // IE10+\n       -o-hyphens: @mode;\n          hyphens: @mode;\n}\n\n// Opacity\n.opacity(@opacity) {\n  opacity: @opacity;\n  // IE8 filter\n  @opacity-ie: (@opacity * 100);\n  filter: ~\"alpha(opacity=@{opacity-ie})\";\n}\n\n\n\n// GRADIENTS\n// --------------------------------------------------\n\n#gradient {\n\n  // Horizontal gradient, from left to right\n  //\n  // Creates two color stops, start and end, by specifying a color and position for each color stop.\n  // Color stops are not available in IE9 and below.\n  .horizontal(@start-color: #555; @end-color: #333; @start-percent: 0%; @end-percent: 100%) {\n    background-image: -webkit-linear-gradient(left, color-stop(@start-color @start-percent), color-stop(@end-color @end-percent)); // Safari 5.1-6, Chrome 10+\n    background-image:  linear-gradient(to right, @start-color @start-percent, @end-color @end-percent); // Standard, IE10, Firefox 16+, Opera 12.10+, Safari 7+, Chrome 26+\n    background-repeat: repeat-x;\n    filter: e(%(\"progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=1)\",argb(@start-color),argb(@end-color))); // IE9 and down\n  }\n\n  // Vertical gradient, from top to bottom\n  //\n  // Creates two color stops, start and end, by specifying a color and position for each color stop.\n  // Color stops are not available in IE9 and below.\n  .vertical(@start-color: #555; @end-color: #333; @start-percent: 0%; @end-percent: 100%) {\n    background-image: -webkit-linear-gradient(top, @start-color @start-percent, @end-color @end-percent);  // Safari 5.1-6, Chrome 10+\n    background-image: linear-gradient(to bottom, @start-color @start-percent, @end-color @end-percent); // Standard, IE10, Firefox 16+, Opera 12.10+, Safari 7+, Chrome 26+\n    background-repeat: repeat-x;\n    filter: e(%(\"progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)\",argb(@start-color),argb(@end-color))); // IE9 and down\n  }\n\n  .directional(@start-color: #555; @end-color: #333; @deg: 45deg) {\n    background-repeat: repeat-x;\n    background-image: -webkit-linear-gradient(@deg, @start-color, @end-color); // Safari 5.1-6, Chrome 10+\n    background-image: linear-gradient(@deg, @start-color, @end-color); // Standard, IE10, Firefox 16+, Opera 12.10+, Safari 7+, Chrome 26+\n  }\n  .horizontal-three-colors(@start-color: #00b3ee; @mid-color: #7a43b6; @color-stop: 50%; @end-color: #c3325f) {\n    background-image: -webkit-linear-gradient(left, @start-color, @mid-color @color-stop, @end-color);\n    background-image: linear-gradient(to right, @start-color, @mid-color @color-stop, @end-color);\n    background-repeat: no-repeat;\n    filter: e(%(\"progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=1)\",argb(@start-color),argb(@end-color))); // IE9 and down, gets no color-stop at all for proper fallback\n  }\n  .vertical-three-colors(@start-color: #00b3ee; @mid-color: #7a43b6; @color-stop: 50%; @end-color: #c3325f) {\n    background-image: -webkit-linear-gradient(@start-color, @mid-color @color-stop, @end-color);\n    background-image: linear-gradient(@start-color, @mid-color @color-stop, @end-color);\n    background-repeat: no-repeat;\n    filter: e(%(\"progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)\",argb(@start-color),argb(@end-color))); // IE9 and down, gets no color-stop at all for proper fallback\n  }\n  .radial(@inner-color: #555; @outer-color: #333) {\n    background-image: -webkit-radial-gradient(circle, @inner-color, @outer-color);\n    background-image: radial-gradient(circle, @inner-color, @outer-color);\n    background-repeat: no-repeat;\n  }\n  .striped(@color: rgba(255,255,255,.15); @angle: 45deg) {\n    background-image: -webkit-linear-gradient(@angle, @color 25%, transparent 25%, transparent 50%, @color 50%, @color 75%, transparent 75%, transparent);\n    background-image: linear-gradient(@angle, @color 25%, transparent 25%, transparent 50%, @color 50%, @color 75%, transparent 75%, transparent);\n  }\n}\n\n// Reset filters for IE\n//\n// When you need to remove a gradient background, do not forget to use this to reset\n// the IE filter for IE9 and below.\n.reset-filter() {\n  filter: e(%(\"progid:DXImageTransform.Microsoft.gradient(enabled = false)\"));\n}\n\n\n\n// Retina images\n//\n// Short retina mixin for setting background-image and -size\n\n.img-retina(@file-1x; @file-2x; @width-1x; @height-1x) {\n  background-image: url(\"@{file-1x}\");\n\n  @media\n  only screen and (-webkit-min-device-pixel-ratio: 2),\n  only screen and (   min--moz-device-pixel-ratio: 2),\n  only screen and (     -o-min-device-pixel-ratio: 2/1),\n  only screen and (        min-device-pixel-ratio: 2),\n  only screen and (                min-resolution: 192dpi),\n  only screen and (                min-resolution: 2dppx) {\n    background-image: url(\"@{file-2x}\");\n    background-size: @width-1x @height-1x;\n  }\n}\n\n\n// Responsive image\n//\n// Keep images from scaling beyond the width of their parents.\n\n.img-responsive(@display: block) {\n  display: @display;\n  max-width: 100%; // Part 1: Set a maximum relative to the parent\n  height: auto; // Part 2: Scale the height according to the width, otherwise you get stretching\n}\n\n\n// COMPONENT MIXINS\n// --------------------------------------------------\n\n// Horizontal dividers\n// -------------------------\n// Dividers (basically an hr) within dropdowns and nav lists\n.nav-divider(@color: #e5e5e5) {\n  height: 1px;\n  margin: ((@line-height-computed / 2) - 1) 0;\n  overflow: hidden;\n  background-color: @color;\n}\n\n// Panels\n// -------------------------\n.panel-variant(@border; @heading-text-color; @heading-bg-color; @heading-border) {\n  border-color: @border;\n\n  & > .panel-heading {\n    color: @heading-text-color;\n    background-color: @heading-bg-color;\n    border-color: @heading-border;\n\n    + .panel-collapse .panel-body {\n      border-top-color: @border;\n    }\n  }\n  & > .panel-footer {\n    + .panel-collapse .panel-body {\n      border-bottom-color: @border;\n    }\n  }\n}\n\n// Alerts\n// -------------------------\n.alert-variant(@background; @border; @text-color) {\n  background-color: @background;\n  border-color: @border;\n  color: @text-color;\n\n  hr {\n    border-top-color: darken(@border, 5%);\n  }\n  .alert-link {\n    color: darken(@text-color, 10%);\n  }\n}\n\n// Tables\n// -------------------------\n.table-row-variant(@state; @background) {\n  // Exact selectors below required to override `.table-striped` and prevent\n  // inheritance to nested tables.\n  .table > thead > tr,\n  .table > tbody > tr,\n  .table > tfoot > tr {\n    > td.@{state},\n    > th.@{state},\n    &.@{state} > td,\n    &.@{state} > th {\n      background-color: @background;\n    }\n  }\n\n  // Hover states for `.table-hover`\n  // Note: this is not available for cells or rows within `thead` or `tfoot`.\n  .table-hover > tbody > tr {\n    > td.@{state}:hover,\n    > th.@{state}:hover,\n    &.@{state}:hover > td,\n    &.@{state}:hover > th {\n      background-color: darken(@background, 5%);\n    }\n  }\n}\n\n// List Groups\n// -------------------------\n.list-group-item-variant(@state; @background; @color) {\n  .list-group-item-@{state} {\n    color: @color;\n    background-color: @background;\n\n    a& {\n      color: @color;\n\n      .list-group-item-heading { color: inherit; }\n\n      &:hover,\n      &:focus {\n        color: @color;\n        background-color: darken(@background, 5%);\n      }\n      &.active,\n      &.active:hover,\n      &.active:focus {\n        color: #fff;\n        background-color: @color;\n        border-color: @color;\n      }\n    }\n  }\n}\n\n// Button variants\n// -------------------------\n// Easily pump out default styles, as well as :hover, :focus, :active,\n// and disabled options for all buttons\n.button-variant(@color; @background; @border) {\n  color: @color;\n  background-color: @background;\n  border-color: @border;\n\n  &:hover,\n  &:focus,\n  &:active,\n  &.active,\n  .open .dropdown-toggle& {\n    color: @color;\n    background-color: darken(@background, 8%);\n        border-color: darken(@border, 12%);\n  }\n  &:active,\n  &.active,\n  .open .dropdown-toggle& {\n    background-image: none;\n  }\n  &.disabled,\n  &[disabled],\n  fieldset[disabled] & {\n    &,\n    &:hover,\n    &:focus,\n    &:active,\n    &.active {\n      background-color: @background;\n          border-color: @border;\n    }\n  }\n\n  .badge {\n    color: @background;\n    background-color: @color;\n  }\n}\n\n// Button sizes\n// -------------------------\n.button-size(@padding-vertical; @padding-horizontal; @font-size; @line-height; @border-radius) {\n  padding: @padding-vertical @padding-horizontal;\n  font-size: @font-size;\n  line-height: @line-height;\n  border-radius: @border-radius;\n}\n\n// Pagination\n// -------------------------\n.pagination-size(@padding-vertical; @padding-horizontal; @font-size; @border-radius) {\n  > li {\n    > a,\n    > span {\n      padding: @padding-vertical @padding-horizontal;\n      font-size: @font-size;\n    }\n    &:first-child {\n      > a,\n      > span {\n        .border-left-radius(@border-radius);\n      }\n    }\n    &:last-child {\n      > a,\n      > span {\n        .border-right-radius(@border-radius);\n      }\n    }\n  }\n}\n\n// Labels\n// -------------------------\n.label-variant(@color) {\n  background-color: @color;\n  &[href] {\n    &:hover,\n    &:focus {\n      background-color: darken(@color, 10%);\n    }\n  }\n}\n\n// Contextual backgrounds\n// -------------------------\n.bg-variant(@color) {\n  background-color: @color;\n  a&:hover {\n    background-color: darken(@color, 10%);\n  }\n}\n\n// Typography\n// -------------------------\n.text-emphasis-variant(@color) {\n  color: @color;\n  a&:hover {\n    color: darken(@color, 10%);\n  }\n}\n\n// Navbar vertical align\n// -------------------------\n// Vertically center elements in the navbar.\n// Example: an element has a height of 30px, so write out `.navbar-vertical-align(30px);` to calculate the appropriate top margin.\n.navbar-vertical-align(@element-height) {\n  margin-top: ((@navbar-height - @element-height) / 2);\n  margin-bottom: ((@navbar-height - @element-height) / 2);\n}\n\n// Progress bars\n// -------------------------\n.progress-bar-variant(@color) {\n  background-color: @color;\n  .progress-striped & {\n    #gradient > .striped();\n  }\n}\n\n// Responsive utilities\n// -------------------------\n// More easily include all the states for responsive-utilities.less.\n.responsive-visibility() {\n  display: block !important;\n  table&  { display: table; }\n  tr&     { display: table-row !important; }\n  th&,\n  td&     { display: table-cell !important; }\n}\n\n.responsive-invisibility() {\n  display: none !important;\n}\n\n\n// Grid System\n// -----------\n\n// Centered container element\n.container-fixed() {\n  margin-right: auto;\n  margin-left: auto;\n  padding-left:  (@grid-gutter-width / 2);\n  padding-right: (@grid-gutter-width / 2);\n  &:extend(.clearfix all);\n}\n\n// Creates a wrapper for a series of columns\n.make-row(@gutter: @grid-gutter-width) {\n  margin-left:  (@gutter / -2);\n  margin-right: (@gutter / -2);\n  &:extend(.clearfix all);\n}\n\n// Generate the extra small columns\n.make-xs-column(@columns; @gutter: @grid-gutter-width) {\n  position: relative;\n  float: left;\n  width: percentage((@columns / @grid-columns));\n  min-height: 1px;\n  padding-left:  (@gutter / 2);\n  padding-right: (@gutter / 2);\n}\n.make-xs-column-offset(@columns) {\n  @media (min-width: @screen-xs-min) {\n    margin-left: percentage((@columns / @grid-columns));\n  }\n}\n.make-xs-column-push(@columns) {\n  @media (min-width: @screen-xs-min) {\n    left: percentage((@columns / @grid-columns));\n  }\n}\n.make-xs-column-pull(@columns) {\n  @media (min-width: @screen-xs-min) {\n    right: percentage((@columns / @grid-columns));\n  }\n}\n\n\n// Generate the small columns\n.make-sm-column(@columns; @gutter: @grid-gutter-width) {\n  position: relative;\n  min-height: 1px;\n  padding-left:  (@gutter / 2);\n  padding-right: (@gutter / 2);\n\n  @media (min-width: @screen-sm-min) {\n    float: left;\n    width: percentage((@columns / @grid-columns));\n  }\n}\n.make-sm-column-offset(@columns) {\n  @media (min-width: @screen-sm-min) {\n    margin-left: percentage((@columns / @grid-columns));\n  }\n}\n.make-sm-column-push(@columns) {\n  @media (min-width: @screen-sm-min) {\n    left: percentage((@columns / @grid-columns));\n  }\n}\n.make-sm-column-pull(@columns) {\n  @media (min-width: @screen-sm-min) {\n    right: percentage((@columns / @grid-columns));\n  }\n}\n\n\n// Generate the medium columns\n.make-md-column(@columns; @gutter: @grid-gutter-width) {\n  position: relative;\n  min-height: 1px;\n  padding-left:  (@gutter / 2);\n  padding-right: (@gutter / 2);\n\n  @media (min-width: @screen-md-min) {\n    float: left;\n    width: percentage((@columns / @grid-columns));\n  }\n}\n.make-md-column-offset(@columns) {\n  @media (min-width: @screen-md-min) {\n    margin-left: percentage((@columns / @grid-columns));\n  }\n}\n.make-md-column-push(@columns) {\n  @media (min-width: @screen-md-min) {\n    left: percentage((@columns / @grid-columns));\n  }\n}\n.make-md-column-pull(@columns) {\n  @media (min-width: @screen-md-min) {\n    right: percentage((@columns / @grid-columns));\n  }\n}\n\n\n// Generate the large columns\n.make-lg-column(@columns; @gutter: @grid-gutter-width) {\n  position: relative;\n  min-height: 1px;\n  padding-left:  (@gutter / 2);\n  padding-right: (@gutter / 2);\n\n  @media (min-width: @screen-lg-min) {\n    float: left;\n    width: percentage((@columns / @grid-columns));\n  }\n}\n.make-lg-column-offset(@columns) {\n  @media (min-width: @screen-lg-min) {\n    margin-left: percentage((@columns / @grid-columns));\n  }\n}\n.make-lg-column-push(@columns) {\n  @media (min-width: @screen-lg-min) {\n    left: percentage((@columns / @grid-columns));\n  }\n}\n.make-lg-column-pull(@columns) {\n  @media (min-width: @screen-lg-min) {\n    right: percentage((@columns / @grid-columns));\n  }\n}\n\n\n// Framework grid generation\n//\n// Used only by Bootstrap to generate the correct number of grid classes given\n// any value of `@grid-columns`.\n\n.make-grid-columns() {\n  // Common styles for all sizes of grid columns, widths 1-12\n  .col(@index) when (@index = 1) { // initial\n    @item: ~\".col-xs-@{index}, .col-sm-@{index}, .col-md-@{index}, .col-lg-@{index}\";\n    .col((@index + 1), @item);\n  }\n  .col(@index, @list) when (@index =< @grid-columns) { // general; \"=<\" isn't a typo\n    @item: ~\".col-xs-@{index}, .col-sm-@{index}, .col-md-@{index}, .col-lg-@{index}\";\n    .col((@index + 1), ~\"@{list}, @{item}\");\n  }\n  .col(@index, @list) when (@index > @grid-columns) { // terminal\n    @{list} {\n      position: relative;\n      // Prevent columns from collapsing when empty\n      min-height: 1px;\n      // Inner gutter via padding\n      padding-left:  (@grid-gutter-width / 2);\n      padding-right: (@grid-gutter-width / 2);\n    }\n  }\n  .col(1); // kickstart it\n}\n\n.float-grid-columns(@class) {\n  .col(@index) when (@index = 1) { // initial\n    @item: ~\".col-@{class}-@{index}\";\n    .col((@index + 1), @item);\n  }\n  .col(@index, @list) when (@index =< @grid-columns) { // general\n    @item: ~\".col-@{class}-@{index}\";\n    .col((@index + 1), ~\"@{list}, @{item}\");\n  }\n  .col(@index, @list) when (@index > @grid-columns) { // terminal\n    @{list} {\n      float: left;\n    }\n  }\n  .col(1); // kickstart it\n}\n\n.calc-grid-column(@index, @class, @type) when (@type = width) and (@index > 0) {\n  .col-@{class}-@{index} {\n    width: percentage((@index / @grid-columns));\n  }\n}\n.calc-grid-column(@index, @class, @type) when (@type = push) {\n  .col-@{class}-push-@{index} {\n    left: percentage((@index / @grid-columns));\n  }\n}\n.calc-grid-column(@index, @class, @type) when (@type = pull) {\n  .col-@{class}-pull-@{index} {\n    right: percentage((@index / @grid-columns));\n  }\n}\n.calc-grid-column(@index, @class, @type) when (@type = offset) {\n  .col-@{class}-offset-@{index} {\n    margin-left: percentage((@index / @grid-columns));\n  }\n}\n\n// Basic looping in LESS\n.loop-grid-columns(@index, @class, @type) when (@index >= 0) {\n  .calc-grid-column(@index, @class, @type);\n  // next iteration\n  .loop-grid-columns((@index - 1), @class, @type);\n}\n\n// Create grid for specific class\n.make-grid(@class) {\n  .float-grid-columns(@class);\n  .loop-grid-columns(@grid-columns, @class, width);\n  .loop-grid-columns(@grid-columns, @class, pull);\n  .loop-grid-columns(@grid-columns, @class, push);\n  .loop-grid-columns(@grid-columns, @class, offset);\n}\n\n// Form validation states\n//\n// Used in forms.less to generate the form validation CSS for warnings, errors,\n// and successes.\n\n.form-control-validation(@text-color: #555; @border-color: #ccc; @background-color: #f5f5f5) {\n  // Color the label and help text\n  .help-block,\n  .control-label,\n  .radio,\n  .checkbox,\n  .radio-inline,\n  .checkbox-inline  {\n    color: @text-color;\n  }\n  // Set the border and box shadow on specific inputs to match\n  .form-control {\n    border-color: @border-color;\n    .box-shadow(inset 0 1px 1px rgba(0,0,0,.075)); // Redeclare so transitions work\n    &:focus {\n      border-color: darken(@border-color, 10%);\n      @shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 6px lighten(@border-color, 20%);\n      .box-shadow(@shadow);\n    }\n  }\n  // Set validation states also for addons\n  .input-group-addon {\n    color: @text-color;\n    border-color: @border-color;\n    background-color: @background-color;\n  }\n  // Optional feedback icon\n  .form-control-feedback {\n    color: @text-color;\n  }\n}\n\n// Form control focus state\n//\n// Generate a customized focus state and for any input with the specified color,\n// which defaults to the `@input-focus-border` variable.\n//\n// We highly encourage you to not customize the default value, but instead use\n// this to tweak colors on an as-needed basis. This aesthetic change is based on\n// WebKit's default styles, but applicable to a wider range of browsers. Its\n// usability and accessibility should be taken into account with any change.\n//\n// Example usage: change the default blue border and shadow to white for better\n// contrast against a dark gray background.\n\n.form-control-focus(@color: @input-border-focus) {\n  @color-rgba: rgba(red(@color), green(@color), blue(@color), .6);\n  &:focus {\n    border-color: @color;\n    outline: 0;\n    .box-shadow(~\"inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px @{color-rgba}\");\n  }\n}\n\n// Form control sizing\n//\n// Relative text size, padding, and border-radii changes for form controls. For\n// horizontal sizing, wrap controls in the predefined grid classes. `<select>`\n// element gets special love because it's special, and that's a fact!\n\n.input-size(@input-height; @padding-vertical; @padding-horizontal; @font-size; @line-height; @border-radius) {\n  height: @input-height;\n  padding: @padding-vertical @padding-horizontal;\n  font-size: @font-size;\n  line-height: @line-height;\n  border-radius: @border-radius;\n\n  select& {\n    height: @input-height;\n    line-height: @input-height;\n  }\n\n  textarea&,\n  select[multiple]& {\n    height: auto;\n  }\n}\n"]}


--------------------------------------------------------------------------------