MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-11-07 21:02:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

use minversion tlsv1 to fix older amt issues (#6983)

Browse Source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
Simon Smith
2025-04-18 22:22:18 +01:00
committed by GitHub
parent f029abb1f8
commit 95e1796844
4 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
amtscanner.js
View File

@@ -387,8 +387,8 @@ module.exports.CreateAmtScanner = function (parent) {
} else {
// Connect using TLS, we will switch from default TLS to TLS1-only and back if we get a connection error to support older Intel AMT.
if (scaninfo.tlsoption == null) { scaninfo.tlsoption = 0; }
const tlsOptions = { rejectUnauthorized: false, ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_COMPRESSION | constants.SSL_OP_CIPHER_SERVER_PREFERENCE };
if (scaninfo.tlsoption == 1) { tlsOptions.secureProtocol = 'TLSv1_method'; }
const tlsOptions = { minVersion: 'TLSv1', rejectUnauthorized: false, ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_COMPRESSION | constants.SSL_OP_CIPHER_SERVER_PREFERENCE | constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION };
// if (scaninfo.tlsoption == 1) { tlsOptions.secureProtocol = 'TLSv1_method'; }
client = obj.tls.connect(port, host, tlsOptions, function () { this.write('GET / HTTP/1.1\r\nhost: ' + host + '\r\n\r\n'); });
}
client.scaninfo = scaninfo;