From 427b5263baca7fe6ca71c056783fe8535d939dd5 Mon Sep 17 00:00:00 2001 From: Joko Sastriawan Date: Tue, 15 Nov 2022 15:05:18 -0700 Subject: [PATCH] fix: AMT WSMAN comm Direct TLS to allow unsafe legacy negotiation --- amt/amt-wsman-comm.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/amt/amt-wsman-comm.js b/amt/amt-wsman-comm.js index d9522c3a..689250d0 100644 --- a/amt/amt-wsman-comm.js +++ b/amt/amt-wsman-comm.js @@ -274,7 +274,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mpsConn obj.socket.connect(obj.port, obj.host, obj.xxOnSocketConnected); } else { // Direct connect with TLS - var options = { ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false }; + var options = { ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: obj.constants.SSL_OP_NO_SSLv2 | obj.constants.SSL_OP_NO_SSLv3 | obj.constants.SSL_OP_NO_COMPRESSION | obj.constants.SSL_OP_CIPHER_SERVER_PREFERENCE | obj.constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, rejectUnauthorized: false }; if (obj.xtlsMethod != 0) { options.secureProtocol = 'TLSv1_method'; } if (obj.xtlsoptions) { if (obj.xtlsoptions.ca) { options.ca = obj.xtlsoptions.ca; }