fix amt notls always using tls, fix tls undefined, amt timeout shortened, commander typo fix

Signed-off-by: si458 <simonsmith5521@gmail.com>
2025-05-05 16:48:09 -04:00 · 2025-05-05 01:34:50 +01:00 · 2025-05-05 01:34:50 +01:00 · fa7f194ed1
commit fa7f194ed1
parent d9f2f869a2
5 changed files with 6 additions and 5 deletions
--- a/amt/amt-wsman-comm.js
+++ b/amt/amt-wsman-comm.js
@ -291,7 +291,7 @@ var CreateWsmanComm = function (host, port, user, pass, tls, tlsoptions, mpsConn
                }
                obj.socket = obj.tls.connect(obj.port, obj.host, options, obj.xxOnSocketConnected);
                obj.socket.setEncoding('binary');
-                obj.socket.setTimeout(60000); // Set socket idle timeout
+                obj.socket.setTimeout(28000); // Set socket idle timeout of 28 seconds
                obj.socket.on('data', obj.xxOnSocketData);
                obj.socket.on('close', obj.xxOnSocketClosed);
                obj.socket.on('timeout', obj.destroy);
--- a/amtmanager.js
+++ b/amtmanager.js
@ -638,7 +638,7 @@ module.exports.CreateAmtManager = function (parent) {

                // Connect now
                var comm;
-                if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false)) {
+                if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false) && (dev.intelamt.tls == 1)) {
                    parent.debug('amt', dev.name, (dev.connType == 1) ? 'Relay-Connect' : 'LMS-Connect', "TLS", user);
                    comm = CreateWsmanComm(dev.nodeid, 16993, user, pass, 1, null, ciraconn); // Perform TLS
                    comm.xtlsFingerprint = 0; // Perform no certificate checking
@ -670,7 +670,7 @@ module.exports.CreateAmtManager = function (parent) {

                    // Connect now
                    var comm;
-                    if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false)) {
+                    if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false) && (dev.intelamt.tls == 1)) {
                        parent.debug('amt', dev.name, 'Direct-Connect', "TLS", dev.host, user);
                        comm = CreateWsmanComm(dev.host, 16993, user, pass, 1); // Always try with TLS first
                        comm.xtlsFingerprint = 0; // Perform no certificate checking
--- a/public/commander.htm
+++ b/public/commander.htm
@ -1155,7 +1155,7 @@ function addWifiProfile(){var b,c,a,d={__parameterType:"instance",__namespace:am
 32769==c25.value)b={__parameterType:"instance",__namespace:amtstack.CompleteName("CIM_IEEE8021xSettings"),ElementName:"8021x-"+c22.value,InstanceID:"8021x-"+c22.value,ActiveInS0:1==Q("c54").value,AuthenticationProtocol:Q("c32").value},""!=Q("c44").value&&(b.RoamingIdentity=Q("c44").value),""!=Q("c34").value&&(b.ServerCertificateName=Q("c34").value,b.ServerCertificateNameComparison=Q("c36").value),
 ""!=Q("c40").value&&(b.Username=Q("c40").value),""!=Q("c42").value&&(b.Password=Q("c42").value),""!=Q("c38").value&&(b.Domain=Q("c38").value),3<Q("c32").value&&(b.ProtectedAccessCredential=Q("c46").value,b.PACPassword=Q("c48").value),0<=parseInt(Q("c50").value)&&(c='<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><ResourceURI xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://intel.com/wbem/wscim/1/amt-schema/1/AMT_PublicKeyCertificate</ResourceURI><SelectorSet xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd"><Selector Name="InstanceID">'+
 xxCertificates[parseInt(Q("c50").value)].InstanceID+"</Selector></SelectorSet></ReferenceParameters>"),0<=parseInt(Q("c52").value)&&(a='<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><ResourceURI xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://intel.com/wbem/wscim/1/amt-schema/1/AMT_PublicKeyCertificate</ResourceURI><SelectorSet xmlns="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd"><Selector Name="InstanceID">'+
-xxCertificates[parseInt(Q("c52").value)].InstanceID+"</Selector></SelectorSet></ReferenceParameters>");console.log("wifiepsettinginput",JSON.sstringify(d,null,2));console.log("netAuthProfile",JSON.sstringify(b,null,2));console.log("netAuthSettingsClientCert",c);console.log("netAuthSettingsServerCaCert",a);amtstack.AMT_WiFiPortConfigurationService_AddWiFiSettings({__parameterType:"reference",__resourceUri:amtstack.CompleteName("CIM_WiFiEndpoint"),Name:"WiFi Endpoint 0"},d,b,c,a,removeWifiEntryResponse)}
+xxCertificates[parseInt(Q("c52").value)].InstanceID+"</Selector></SelectorSet></ReferenceParameters>");console.log("wifiepsettinginput",JSON.stringify(d,null,2));console.log("netAuthProfile",JSON.stringify(b,null,2));console.log("netAuthSettingsClientCert",c);console.log("netAuthSettingsServerCaCert",a);amtstack.AMT_WiFiPortConfigurationService_AddWiFiSettings({__parameterType:"reference",__resourceUri:amtstack.CompleteName("CIM_WiFiEndpoint"),Name:"WiFi Endpoint 0"},d,b,c,a,removeWifiEntryResponse)}
 function updateWifiDialog(){var b=!0,c=c25.value,a=c26.value;4>c&&(3==a||4==a)&&(c26.value=2);3<c&&(2==a||5==a)&&(c26.value=3);if(32768==c||32769==c)c26.value=4;QV("c27",4==c||6==c);QV("c30",5==c||7==c||32768==c||32769==c);for(var d in xxWireless.CIM_WiFiEndpointSettings.responses)xxWireless.CIM_WiFiEndpointSettings.responses[d].ElementName==c22.value&&(b=!1);0==c22.value.length&&0==c23.value.length&&(b=!1);4!=c&&6!=c||
 !(8>c28.value.length||63<c28.value.length||c28.value!=c29.value)||(b=!1);QE("c106",b);updateNetAuthDialog()}function updateNetAuth2Dialog(){QV("c35",""!=Q("c33").value);QV("c45",3<Q("c32").value);QV("c47",3<Q("c32").value)}
 function editNetAuthProfile(){if(!xxdialogMode){var b="<option value=-1>"+EscapeHtml("None")+"</option>",c="<option value=-1>"+EscapeHtml("None")+"</option>",a;for(a in xxCertificates)xxCertificates[a].TrustedRootCertficate?c+='<option value="'+a+'">'+EscapeHtml(xxCertificates[a].XSubject.CN)+"</option>":xxCertificates[a].XPrivateKey&&(b+='<option value="'+a+'">'+EscapeHtml(xxCertificates[a].XSubject.CN)+"</option>");QH("c98",b);QH("c100",c);b=amtsysstate.AMT_8021XProfile.responses.Body;
--- a/public/scripts/amt-redir-ws-0.1.0-min.js
+++ b/public/scripts/amt-redir-ws-0.1.0-min.js
--- a/public/scripts/amt-redir-ws-0.1.0.js
+++ b/public/scripts/amt-redir-ws-0.1.0.js
@ -36,6 +36,7 @@ var CreateAmtRedirect = function (module, authCookie) {
        obj.port = port;
        obj.user = user;
        obj.pass = pass;
+        obj.tls = tls;
        obj.connectstate = 0;
        obj.inDataCount = 0;
        var url = window.location.protocol.replace('http', 'ws') + '//' + window.location.host + window.location.pathname.substring(0, window.location.pathname.lastIndexOf('/')) + '/webrelay.ashx?p=2&host=' + host + '&port=' + port + '&tls=' + tls + ((user == '*') ? '&serverauth=1' : '') + ((typeof pass === 'undefined') ? ('&serverauth=1&user=' + user) : ''); // The 'p=2' indicates to the relay that this is a REDIRECTION session